(19)
(11) EP 3 166 086 A1

(12) EUROPEAN PATENT APPLICATION

(43) Date of publication:
10.05.2017 Bulletin 2017/19

(21) Application number: 15425094.8

(22) Date of filing: 09.11.2015
(51) International Patent Classification (IPC): 
G07C 5/00(2006.01)
 G07C 5/08(2006.01)
(84) Designated Contracting States:
AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR
Designated Extension States:
BA ME
Designated Validation States:
MA MD

(71) Applicant: Cacciotti, Angelo
00133 Rome (IT)

(72) Inventors:
  • Tommasi, Marcello
    00189 Roma (IT)
  • Guglielmo, Davide
    00018 Palombara Sabina (Roma) (IT)

(74) Representative: Zizzari, Massimo 
Studio Zizzari P.le Roberto Ardigò, 42
I-00142 Roma
I-00142 Roma (IT)

   


(54) ELECTRONIC DEVICE HAVING HIGH LEVEL OF SECURITY AND ABLE TO ACHIEVE THE ACQUISITION, STORAGE AND TRANSMISSION OF REAL DYNAMIC DATA AND LOCATION DATA RELATED TO THE MOTION OF A VEHICLE


(57) Electronic and processing device (100), called "STM Box", and a related inner computing process, able to achieve the certain acquisition and secure recording of dynamic data and location data related to the motion of a road vehicle (200), or motion of an aerial or sea vehicle, on which the same device (100) is steadily jointed, and able to transmit the same data to a remote site, or to a remote server (400), by using a radio communication network (300), that is further connected to a service headquarter (500), characterized in that:
- said electronic device (100), called "STM Box", is composed of a power supply module (101), a rechargeable battery (102), a processing unit (103), means of data acquisition from local sensors, including a satellite receiver (108) able to detect the current geographic coordinates, sensors of direction (106), sensors of rotation and acceleration (105) along the mechanical axis of the device, means of local data storage (109), means of data communication and local data transmission (104) to the outer side of the vehicle, means of data communication and local data transmission (104) to a radio communication network (107), further comprising: means of digital signature of said data including a public key algorithm so that the source and integrity of information is guaranteed; means of digital encoding of said data by using a set of public key algorithms and private key algorithms, so that the confidentiality of the same data is guaranteed during the transmission; means of real time processing of said data detected by sensors, so that significant statistical data can be extracted in order to evaluate the driving behavior of the driver and to detect unusual dynamic situations that can be related to possible accidents in reference of which the device (100) generates respective automatic alarm messages.




Description


[0001] The present invention regards an electronic and processing device, and a related inner computing process able to achieve the certain acquisition and secure storage of real dynamic data and location data related to the motion of a road vehicle, or motion of an aerial or sea vehicle, on which the same device is steadily jointed.

[0002] The certain acquisition and secure storage of data related to the motion of a vehicle permits to achieve, by the inner data processing, the evaluation of the style of use of the vehicle and the detection of unusual dynamic situations that can be related to possible accidents, in reference of which the device records the sequence in time of the dynamic forces detected on the vehicle and generates respective automatic alarm messages that are transmitted to a remote server.

[0003] As known, in the automotive industry the use of the so called "black boxes" on board of vehicles is proposed as an opportunity of gaining discounts on the insurance costs, giving in change a better control by insurance companies on the "driving behavior" of drivers, and on the dynamics of car accidents involving vehicles covered by insurance contracts. Considering the existing devices on the market, there has been a poor attention to aspects connected to "data security" with reference to confidentiality, integrity and genuinity of data, because most part of devices manages the location data "in clear", that means that anybody having access to them can read them, and further there is no process that guarantees the "integrity" of data (that is that no information has been hidden or deleted), that guarantees the "certain source" (that is that no information can be generated outside the device that is installed on board of the vehicle covered by insurance).

[0004] Furthermore, the different standards in the different products do not permit to compare data coming from a specific device in respect to data coming from another device and, consequently, the interpretation of data recorded during an accident cannot be univocal.

[0005] Therefore, as a consequence, data coming from "black boxes" are hard to be used as evidence to be produced in front of a court because they depend on interpretation that is "subjective" and not "objective".

[0006] Another matter, usually neglected, is that of "survival" of devices in respect to damage due to serious accidents: large part of devices available on the market are capable to provide data only in case they are kept undamaged, and in case that data have not been transfered to a remote control center before an accident, data are definitely lost because of broken device due to the accident.

[0007] Furthermore, up to date the environmental compatibility of devices has not been considered a critical matter, even considering that many devices cannot work properly in very hard situations or under the water, and they are not designed to operate in fire risk environments (according to ATEX rules).

[0008] The approach followed to design the device of the present invention, called STM Box, is focused instead to important matters as security, reliability, environmental compatibility and possibility to data comparison of different devices, achieving an instrument that can provide the best data protection in any operative and environmental situation.

[0009] In particular, the STM Box is able to enable the following functions:
  • detection of data concerning positioning and dynamic forces (accelerations and rotations) to which the vehicle has been submitted;
  • recording of data concerning a geographic path followed;
  • processing of dynamic data and recognition of conditions that are typically associated to an accident;
  • decoding of data received from the remote server and verifying of their genuinity comparing their digital signature;
  • providing digital signature to data to be transmitted to the remote server and encoding of the same data in order to protect them from a non authorized access;
  • autonomous processing of data that characterize the "driving behavior" of the driver and real time processing of a "synoptic dashboard" of the risk indexes.


[0010] Even in case of malfunctioning, or manipulation or damage of the device on board, the STM Box would save its integrity and it would not be possible to change the processing or modifying the data stored inside.

[0011] The data stored inside permit to reconstruct, with good approximation, the trajectory followed by the vehicle at the time immediately before and after the instant of an impact, giving the acceleration data, the angular velocity data, and the GPS data with the best possible accuracy, further providing the elements that permit to estimate the position and seriousness of damage in different parts of the vehicle, and permit to estimate the entity of the possible damage to persons transported within the vehicle.

[0012] The original aspects of the STM Box can be enlisted in the following:

Personal Data Protection:

  • transmission to the remote server of the data only related to the accidents;
  • data of travelling path and events (accidents) within the STM Box (not accessible);
  • data transmitted in encryption mode (guaranteed to be protected);
  • data with digital signature (guaranteed the integrity and genuinity);
  • data physically protected in front of possible malfunction by damage (IP.68 protection);
  • data can be read even in case of damage of the device.



[0013] Use of Recorded Data:
  • 30 seconds of dynamic recording in case of "relevant events" (real or possible accidents);
  • sending of an "alert" message in case of recorded events recognized as accidents;
  • possible enquiry later "ex post" in case of recorded events not recognized as accidents;
  • processing of synthetic indexes revealing the level of risk in driving behavior (processing within the STM Box).

Real-Time Functions:



[0014] 
  • sending of alert messages to the remote server in case of accident;
  • sending of alert messages in case of "custom" events chosen by client (going beyond a level of velocity, or level of time, going outside a geographical area, etc.);
  • check and control of the use of the vehicle during interruption of the insurance contract;
  • automatic call to the service headquarter (in case of accident);

Compatibility and Portability:



[0015] 
  • protocols, algorithms, file formats and message formats are open and public;
  • it is possible to integrate STM Box in networks of third parties;
  • it is possible to integrate STM Box within new vehicles at the factory;
  • encryption and digital signature methods based on public algorithms (RSA, AES);
  • data property;
  • device movable from a vehicle to another in case of change of vehicle;
  • device movable from a company to another in case of change of insurance company;
  • possibility of insurance surrender of the device on board by the client.


[0016] Therefore, the present invention concerns an electronic and processing device, called "STM Box", and a related inner computing process, able to achieve the certain acquisition and secure recording of dynamic data and location data related to the motion of a road vehicle, or motion of an aerial or sea vehicle, on which the same device is steadily jointed, and able to transmit the same data to a remote site, or to a remote server, by using a radio communication network, that is further connected to a service headquarter, characterized in that:
  • said electronic device, called "STM Box", is composed of a power supply module, a rechargeable battery, a processing unit, means of data acquisition from local sensors, including a satellite receiver able to detect the current geographic coordinates, sensors of direction, sensors of rotation and acceleration along the mechanical axis of the device, means of local data storage, means of data communication and local data transmission to the outer side of the vehicle, means of data communication and local data transmission to a radio communication network, further comprising: means of digital signature of said data including a public key algorithm so that the source and integrity of information is guaranteed; means of digital encoding of said data by using a set of public key algorithms and private key algorithms, so that the confidentiality of the same data is guaranteed during the transmission; means of real time processing of said data detected by sensors, so that significant statistical data can be extracted in order to evaluate the driving behavior of the driver and to detect unusual dynamic situations that can be related to possible accidents in reference of which the device generates respective automatic alarm messages.


[0017] The certainty of the acquisition of dynamic data is assured by the fact that the device contains inside, in a physically inaccessible manner: a satellite receiver that is able to detect the current geographical coordinates in real time, sensors of direction, rotation and acceleration along the three mechanical axis if the same device, and a storage memory in order to save the data. The security of the database is assured by the fact that, as soon as detected, data are saved in the storage memory and are digitally signed using a public key algorithm, so that the integrity and origin are certified. In fact, the association of a digital signature guarantees that, when the data are read later, they are exactly the same as they were saved and signed, instead the check of the digital signature with a public key guarantees that the read data have been effectively produced by the associated device.

[0018] In a preferred embodiment of the present invention, the device is composed of an electronic circuit comprising a microprocessor with respective RAM and ROM memories, a storage memory, a GPS receiver of satellite signals, three acceleration sensors, three gyroscopic sensors, three sensors of intensity of magnetic field, two bi-directional interfaces able to carry binary electric signals, a modem for radio data transmission to a remote server and a couple of power supply conductors, all the above said components being housed in a sealed container that is mechanically protected in respect to access to the components inside and in respect to shocks or other mechanical stress.

[0019] The device, installed steadily to any vehicle, is able to detect and record the intensity of the magnetic field, the accelerations and the rotations, to which the vehicle is submitted in respect to its axis, and it is further able to detect the current GPS coordinates of the same vehicle.

[0020] The detected data are sampled by the microprocessor at a regular clock time, then they are digitized and saved in the RAM memory with their time corresponding to the instant of sample. At regular clock times data saved in RAM are digitally signed and transfered in the storage memory as data files, the signature is provided applying a RSA public key algorithm where the device knows its private key.

[0021] By using its program the microprocessor checks in real time the saved data in order to extract some significant statistical data and to define the driving behavior, making this information available to be accessed by the data transmission channel or by modem.

[0022] By using its program the microprocessor checks the saved data in real time in order to detect the occurrence of unusual dynamic situations, like in example unusual values of accelerations or rotation velocities, that can be related to possible accidents in reference of which the device generates respective automatic alarm messages to be sent to a remote server through the data transmission modem.

[0023] The present invention will now be described for illustrative but not limitative purposes, according to its preferred embodiments, with particular reference to figures of the enclosed drawings, wherein:

figure 1 is a schematic view of a block diagram of the device of the present invention achieving the certain acquisition, the secure recording and the transmission of dynamic data and position data related to motion of a vehicle;

figure 2 is a schematic view of an architectural diagram of a system, based on the device for data acquisition, for the supervision and management of a series of devices like that of the present invention, installed on respective vehicles located on a territory of interest;

figure 3 is a perspective view of a device, like that of the present invention, as it appears according to one of the preferred embodiments.



[0024] It is here underlined that only few of the many conceivable embodiments of the present invention are described, which are just some specific non-limiting examples, having the possibility to describe many other embodiments based on the disclosed technical solutions of the present invention.

[0025] Figure 3 shows an example of how a device 100 called STM Box, like that of the present invention, appears. It comprises a watertight and explosion-proof container, to be installed inside road vehicles, aerial vehicles or sea vehicles. At one side of the container there are six wire connections including: the power supply, two on/off signals related to input/output data transfer, and a bi-directional data channel in order to exchange messages with the outside.

[0026] The device is power supplied by a continuous voltage between 8 - 24 Volts and it includes an inner battery that, when it is started, permits the circuit to work even in case of lack of primary power supply. This specific device is able to resist to environments having temperatures within class T6 (that is max temperature of 85 °C) and it is characterized by a level of protection IP.68 in respect to penetration of dust and water (that is total protection against dust, watertight protection even in case of immersion in water to a depth no more than 3 meters for a time up to 30 minutes). The watertight container permits to use the device even in case of adverse environmental situations caused by water, snow or in an atmosphere with risk of explosion. The container is built so that it can resist without damage to a range of outer pressures between 600 hPa e 1.200 hPa.

Functions:



[0027] After the device 100, called STM Box, has been started and tested, power supplying it at no more than 11 Volts, it is left in a "off' state and it stays in that condition until it is power supplied again. Once it is switched on at a voltage of more than 12 Volts, the device 100 is "on" and stays in that condition, possibly using its inner battery if necessary in case of interruption in the external power supply. The device switches off only when the inner battery runs down below the minimum threshold voltage.

[0028] The device enables data security using respectively public key (RSA) and private key (AES) encryption algorithms, coupled to a non-linear generator of random sequences with proprietary logic. The pair of keys (SKey and PKey) of the RSA algorithm is generated only one time during the start up of the device and, once it has been generated, it would be not possible to extract the SKey that is saved only inside the inner memory of the control microprocessor of the device. Instead, the Pkey can be read at any time just enquiring the device by using the local serial line or by using the available radio communication.

[0029] Data related to position and tracing, associated to respective travels, are saved in respective files saved in the internal memory of the device.

[0030] In case that the device detects to be submitted to unusual forces, it sends to a remote server 400, through a telecommunication network 300, an "event" message that describes the type of detected anomaly, saving in a file detailed information about the dynamics of forces and locations of the vehicle at times that are close to the instant when the event has been detected.

[0031] When the device is turned on and in "active" state, it checks the state of the dynamic sensors and, in case it does not detect any activity it goes in a "idle" state, decreasing therefore the use of energy from the inner battery. As soon as it detects activity from the dynamic sensors or it is forced to go in a "active" state from a signal in one of the two digital inputs, it returns to the "active" state.

[0032] With reference to figure 2, the STM Boxes 100 installed on vehicles 200 communicate with a server 400 through a telecommunication network 300, sending "state" messages or "alarm" messages, according to respective normal or alarm conditions.

[0033] In case that "alarm" conditions are communicated by a STM Box, the remote server 400 sends the detected information to the operative Headquarter 500, so that the same Headquarter 500 can visualize the location of the vehicle and the dynamics of forces to which the same vehicle has been submitted and that have been recognized as alarm conditions.

[0034] In case it is necessary, or according to a request, the operative Headquarter 500 can ask the server 400 to enquiry the STM Boxes 100, in order to acquire the sequence of positions of the vehicle corresponding to a specific sequence of time; in that case the respective STM Box sends, through the radio network 300, a file containing the geographical coordinates of the sequence of points where the vehicle has been detected at the time of interest, permitting to trace the path run by the vehicle on a geo-referenced cartography.

[0035] The present invention has been described for illustrative but not limitative purposes, according to its preferred embodiments, but it is clear that modifications and/or changes can be introduced by those skilled in the art without departing from the relevant scope, as defined in the enclosed claims.


Claims

1. Electronic and processing device (100), called "STM Box", able to achieve the acquisition and storage of real dynamic data and location data related to the motion of a road vehicle (200), or motion of an aerial or sea vehicle, on which the same device (100) is steadily jointed, and able to transmit the same data to a remote site, or to a remote server (400), by using a radio communication network (300), that is further connected to a service headquarter (500), characterized in that:

- said electronic device (100), called "STM Box", is composed of a power supply module (101), a rechargeable battery (102), a processing unit (103), means of data acquisition from local sensors, including a satellite receiver (108) able to detect the current geographic coordinates, sensors of direction, (106), sensors of rotation and acceleration (105) along the mechanical axis of the device, means of local data storage (109), means of data communication and local data transmission (104) to the outer side of the vehicle, means of data communication and local data transmission (104) to a radio communication network (107), further comprising: means of digital signature of said data including a public key algorithm so that the source and integrity of information is guaranteed; means of digital encoding of said data by using a set of public key algorithms and private key algorithms, so that the confidentiality of the same data is guaranteed during the transmission; means of real time processing of said data detected by sensors, so that significant statistical data can be extracted in order to evaluate the driving behavior of the driver and to detect unusual dynamic situations that can be related to possible accidents in reference of which the device (100) generates respective automatic alarm messages.


 
2. Electronic and processing device (100), called "STM Box", able to achieve the certain acquisition, the secure recording and the remote transmission of dynamic data and location data related to the motion of a vehicle, on which the same device (100) is steadily jointed, according to previous claim, characterized in that:

- said device (100), called STM Box, is composed of an electronic circuit including a power supply module (101), a rechargeable battery (102), a processing module (103) including respective RAM and ROM memories necessary to execution of programs, means of data acquisition from local sensors comprising a satellite receiver (108) able to detect the current GPS coordinates, sensors of direction (106), sensors of rotation and acceleration (105) according to the mechanical axis of device, means of local data storage (109), means of local communication and transmission (104) to the outside of the vehicle, means of communication and transmission through a radio communication network (107), being said components housed inside a watertight and mechanical protected container, in respect to the access to the inner parts, to shocks and to other dynamic forces, so that the device (100) when steadily installed to a vehicle (200) is able to detect and record the intensity and direction of the earth magnetic field, of the accelerations and rotations to which the device, and therefore the vehicle (200), is submitted, and further the current GPS coordinates of the place where the vehicle (200) is located.


 
3. Process embedded in an electronic and processing device (100), as that described in previous claims 1 or 2, characterized in that:

- said detected data are sampled by the processing module (103) at some specific clock times, then they are digitally encoded with their sampling time and saved in the RAM memory contained in the same module (103); at specific clock times data saved in RAM memory are transferred as data file in the internal storage memory (109) and they are digitally signed by applying a RSA public key encryption algorithm where the device (100) knows its private key.


 
4. Process embedded in an electronic and processing device (100), as that described in previous claims 1 or 2, characterized in that:

- the processing module (103) processes in real time the recorded data in order to extract some significant statistical parameters associated to the driving behavior, then it makes said data available to be read by communication through the local data transmission module (104).


 
5. Process embedded in an electronic and processing device (100), as that described in previous claims 1 or 2, characterized in that:

- the processing module (103) processes in real time the recorded data in order to extract some significant statistical parameters associated to the driving behavior, then it sends said data periodically through the data transmission module (107) to a remote server (400), by using a telecommunication network (300).


 
6. Process embedded in an electronic and processing device (100), as that described in previous claims 1 or 2, characterized in that:

- the processing module (103) processes in real time the recorded data in order to detect the occurrence of unusual dynamic situations, like in example unusual values of accelerations or velocities of rotation, that can be associated to the detection of accidents in respect of which the device (100) generates alarm messages to be sent to the outside through the local data transmission module (104).


 
7. Process embedded in an electronic and processing device (100), as that described in previous claims 1 or 2, characterized in that:

- the processing module (103) processes in real time the recorded data in order to detect the occurrence of unusual dynamic situations, like in example unusual values of accelerations or velocities of rotation, that can be associated to the detection of accidents in respect of which the device (100) generates alarm messages to be sent to the outside through the data transmission module (107) to a remote server (400), by using a telecommunication network (300).


 
8. Process embedded in an electronic and processing device (100), as that described in previous claims 1 or 2, characterized in that:

- the processing module (103) provides protection of data transmitted through the data transmission module (107) by encryption of the content of transmitted messages using a RSA public key algorithm and using as encryption key the public key of the addressee.


 
9. Process embedded in an electronic and processing device (100), as that described in previous claims 1 or 2, characterized in that:

- the processing module (103) provides protection of data transmitted through the data transmission module (107) by encryption of the content of transmitted messages using a AES private key algorithm and including the private key used for encryption in the messages, that is in turn encrypted using a RSA public key algorithm and using as encryption key the public key of the addressee.


 
10. Process embedded in an electronic and processing device (100), as that described in previous claims 1 or 2, characterized in that:

- the processing module (103) provides authentication of data transmitted through the data transmission module (107) by sending, together with the content of transmitted messages, a verification code obtained by processing of the same content of messages using a secure Hashing algorithm and encryption of the code by RSA public key encryption using as encoding key the private key of the same device (100).


 
11. Process embedded in an electronic and processing device (100), as that described in previous claims 1 or 2, characterized in that:

- the processing module (103) provides authentication of data transmitted through the data transmission module (107) by sending, together with the content of transmitted messages, a verification code obtained by processing of the same content of messages using a secure Hashing SHA-1 algorithm and encryption of the code by RSA public key encryption using as encoding key the private key of the same device (100).


 
12. Electronic and processing device (100), able to achieve the certain acquisition, the secure recording and the remote transmission of dynamic data and location data related to the motion of a road vehicle (200), or aerial vehicle or sea vehicle, on which the same device (100) is steadily jointed, according to previous claims 1 or 2, characterized in that:

- said device (100), called STM Box, is housed in a watertight and explosion-proof container, so that the achieved instrument is able to resist to environmental conditions up to a temperature of 85 °C, and presenting a IP.68 protection level.


 
13. Electronic and processing device (100), able to achieve the certain acquisition, the secure recording and the remote transmission of dynamic data and location data related to the motion of a road vehicle (200), or aerial vehicle or sea vehicle, on which the same device (100) is steadily jointed, according to previous claims 1 or 2, characterized in that:

- said device (100), called STM Box, includes an internal battery (102) that said processing module (103) switches on in order to self power the device (100), but only after that the same device (100) has been power supplied at least one time with a voltage higher to a specific minimum threshold voltage, with the same internal battery (102) being off line when the power supply voltage is kept under said threshold voltage.


 
14. Electronic and processing device (100), able to achieve the certain acquisition, the secure recording and the remote transmission of dynamic data and location data related to the motion of a road vehicle (200), or aerial vehicle or sea vehicle, on which the same device (100) is steadily jointed, according to previous claims 1 or 2, characterized in that:

- said device (100), called STM Box, includes a storage memory (109) that the processing module (103) uses to save files inside related to the travels run by the vehicle (200), to the dynamic forces detected in a time close to the detection of events considered unusual; said storage memory (109) being composed by an element that can be removed from the device (100) after that the watertight container housing the whole device (100) has been removed.


 




Drawing










Search report









Search report