• 专利附录
  • 专利说明
  • 权利要求
  • 类似技术
  • 同族专利
  • 引用文献
  • 法律状态
  • 优先权
    • 专利摘要:
    The invention relates to a method of data transmission between a server (S) and an electronic control unit (U) of a home automation installation (I) comprising the following steps: a first reception step (E5) by the electronic control unit (U) of a connection opening request message (Mopen) from the server (S) according to a first communication protocol (P1); a step of setting (E6) a connection (Cnx) to the server (S) at the initiative of the electronic control unit (U) according to a second connection protocol (P2); - A second receiving step (E8) by the electronic control unit (U) of a downlink message (MRp) from the server (S) according to the second communication protocol (P2). The invention also relates to a server and an electronic control unit implementing the method.
    公开号:FR3031260A1
    申请号:FR1463300
    申请日:2014-12-24
    公开日:2016-07-01
    发明作者:Sylvain Pognant
    申请人:Overkiz SAS;
    IPC主号:
    专利说明:

    [0001] The present invention relates to a method of data transmission between a server and an electronic control unit of a home automation system. It is known to exchange data between a server and a plurality of home automation control units. Each electronic control unit of a home automation system is disposed on a private network, whose access is usually protected by a firewall. It may be desirable to carry out these data exchanges in particular to operate a remote control of the installations by the server, for example in the case where the server receives instructions from a user interface allowing the user to remotely control his installation. Consequently, the exchange of data between the server and all the electronic control units must take into account the presence of this firewall. In particular, the establishment of a connection at the initiative of a server outside the private network is usually prohibited by a firewall or can be made difficult by the use of address translation mechanism (NAT ). According to a first possibility, a specific configuration of the firewall can be made to allow connection establishment at the initiative of the server. However, it appears that this requires an intervention on each firewall and an authorization to perform the intervention. According to a second possibility, a connection mechanism at the initiative of the electronic unit may be used, the connections thus established being maintained by the server in order to route the data from the server to the electronic control unit. It appears, however, that this second possibility leads to a significant use of resources on the server which must maintain the data relating to all the connections corresponding to each electronic unit. The present invention aims to solve all or some of the disadvantages mentioned above. For this purpose, the present invention relates to a method for transmitting data between a server and an electronic control unit of a home automation installation comprising the following steps: a first reception step according to a first communication protocol by the electronic control unit for a connection request request message from the server; a step of establishing a connection to the server on the initiative of the electronic control unit according to a second connection protocol; - A second step of reception by the electronic control unit of a downward message from the server according to the second communication protocol.
    [0002] Thanks to the arrangements according to the invention, the establishment of the connection according to the second communication protocol is carried out at the initiative of the electronic control unit to the server, following the request for connection opening formulated by the server according to the first protocol. Thus, the establishment of the connection will be authorized by the firewall because it is the initiative of the electronic control unit. The server can then use the connection according to the second protocol to communicate the useful data corresponding to its request to open a connection in the message down. These arrangements make it possible to carry out the communication of information between the server and the electronic unit in a descending manner by using only a connection establishment on the initiative of the electronic control unit. Furthermore, the use of two communication protocols makes it possible to use a simpler first protocol involving a low resource utilization on the server, and a second connected protocol involving a greater use of resources only when information needs to be communicated. by the server. In particular, the first protocol is a non-connected mode protocol. The second protocol corresponds to a communication in connected mode. The first protocol used may be of various types so as not to be subject to the constraints imposed by the firewall. According to one embodiment, the first communication protocol is a protocol comprising sending a message from the server 35 to the electronic control unit, in particular an SMS message.
    [0003] According to another embodiment, the first protocol corresponds to data provided in an audio and / or video stream, for example an MPEG stream. It should be noted that the term amount relates to the messages 5 transmitted by the electronic control unit to the server and that the term descendant concerns the messages transmitted by the server to the electronic control unit. According to one aspect of the invention, the method comprises a first step of periodically transmitting an uplink message according to the first communication protocol by the electronic control unit to the server; the first step of receiving a connection opening request message comprising a reception step according to the first protocol of at least one descending message subsequent to the first transmission step. Since the electronic unit is disposed on a private network whose access is usually protected by a firewall, the sending of a rising message enables the server to respond to this message with a message that can reach the message. electronic unit as it will be considered as a response to the message amount. Thus, the periodic sending of the amount message offers windows of time to the server to communicate connection opening requests. By choosing a periodicity of the messages below the window of time allowed by the firewall to respond to a rising message, it is possible to permanently maintain a possibility of communication from the server to the electronic control unit; ie an open communication channel. In addition, a periodic transmission makes it possible to know the state of the network link between the electronic control unit and the server. According to one aspect of the invention, the method comprises, prior to the first step of receiving a connection opening request, a reception step according to the first communication protocol by the electronic control unit of a downlink message from the server corresponding to an accessibility response; The prior and second steps may be simultaneous, successive and / or have a time recovery period. In particular, the prior reception step corresponds to the reception of an accessibility response according to a first delay after the transmission step, in order to maintain the possibility of receiving a second frame according to a second delay. The second step corresponds to receiving a connection request during said second delay.
    [0004] 5 It appears that the operation of a conventional firewall can prevent the passage of a descending message to the extent that it is received beyond a first time after sending a message rising . Also in the usual manner, since a first downstream message is received, a second, larger delay is allowed to receive one or more other downstream messages. According to one aspect of the invention, the method comprises a step of monitoring at least a delay of reception of a downlink message from the server following the first transmission step, the triggering of a new first transmission step. being triggered if the at least one reception delay is exceeded. These arrangements make it possible to keep communication windows open so that the server can communicate. According to one aspect of the invention, the method comprises a step of transmitting an upstream message to the server according to the second communication protocol following the connection establishment step and previously to the second step of receiving a downlink message; In response to the uplink message of the electronic control unit, the server may in a downlink message response according to the second protocol communicate the payload corresponding to its request to open a connection. These arrangements make it possible to carry out the communication of information between the server and the electronic unit in a descending manner by using a request and response mode in the form of upstream and downstream messages at the initiative of the electronic control unit. For example, a communication type HTTP or HTTPS can be implemented. It should be noted that not all upstream and downstream messages necessarily contain useful data. Thus, in a request and answer exchange in the form of a rising or falling message, only the response or only the request may contain useful data. According to one aspect of the invention, the method comprises a step of releasing and / or accepting the release of the connection according to the second communication protocol after a given number of transmissions of upstream messages and / or of receiving downstream messages according to the second communication protocol or after a determined delay after the step establishment of the communication. With these provisions, the resources used on the server 10 to maintain the session data are limited because the number of concurrent connections is low since the connections are closed after exchange of some information. This mode of communication is suitable for home automation applications in which a large number of electronic control units are connected to a server with a small volume of data to be exchanged therewith. The release of the connection can be made according to the case on the initiative of the server or the electronic control unit. According to one embodiment, a single exchange according to the second protocol comprising an upstream application message and a downward application message is provided before releasing the connection. According to another embodiment, a single downstream application message is received before the connection is released. According to one aspect of the invention, the method comprises a step of transmitting an encryption key by the electronic control unit to the server, so as to enable a signature of the upstream and / or downstream messages according to the first communication protocol and / or according to the second communication protocol. These arrangements make it possible to perform a signature of the exchanges between the server and the electronic control unit in order to authenticate the two entities in the presence, namely the server and the electronic control unit. According to one aspect of the invention, the method comprises a step of receiving an invalid or expired key indication from the server, and in response a new step of transmitting an encryption key.
    [0005] These provisions make it possible to restore a communication by the first communication mode in the event of expiration of the encryption key. The present invention also relates to a method for transmitting data between a server and an electronic control unit 5 of a home automation installation comprising the following steps: a first transmission step according to a first communication protocol by the server of a message connection request request to the electronic control unit; a step of accepting the establishment of a connection by the server at the initiative of the electronic control unit according to a second connection protocol; A second transmission step according to the second communication protocol by the server of a downlink message to the electronic control unit according to the second communication protocol. According to one aspect of the invention, the method comprises a first step of periodically receiving a rising message according to the first communication protocol by the server from the electronic control unit; the first step of transmitting a connection opening request message comprising a step of transmitting at least one subsequent downlink message to the first receiving step. According to one aspect of the invention, the method comprises, prior to the first step of transmitting a connection opening request, a prior step of transmission by the server to the electronic control unit of a computer. downlink message corresponding to an accessibility response. According to one aspect of the invention, the method comprises a step of receiving a message originating from the server from the electronic control unit according to the second communication protocol following the establishment establishment acceptance step. connection and previously to the second step of transmitting a descending message; According to one aspect of the invention, the method comprises a step of releasing and / or accepting the release of the connection according to the second communication protocol after a determined number of reception of uplinks and / or downlink messages. according to the second communication protocol or after a delay determined after the communication establishment acceptance step. According to one aspect of the invention, the first communication protocol is the UDP protocol.
    [0006] According to one aspect of the invention, the second communication protocol is the TCP protocol. According to another aspect of the invention, the first and / or the second protocol may be of the Raw IP or other protocol type above IP. The present invention also relates to a computer program product comprising portions of program code for executing the steps of a method of data transmission by an electronic control unit as described above. The present invention also relates to an electronic control unit of a home automation installation comprising a processing unit 15 arranged to contain and execute the computer program product according to the preceding claim, the electronic control unit further comprising at least one interface communication device for controlling and / or controlling at least one actuator, in particular a movable element of a building, or other equipment that can be controlled or controlled electrically or electronically, such as for example a control system. alarm, or at least one sensor, and a communication interface for communication according to the first communication protocol or the second communication protocol with a server. The present invention also relates to a computer program product comprising portions of program code for executing the steps of a data transmission method by a server as described above. The present invention also relates to a server for remote control and / or control of at least one electronic control unit of a home automation installation comprising a processing unit arranged to contain and execute the computer program product according to the preceding claim the server further comprising at least one communication interface for communication according to the first communication protocol or the second communication protocol with at least one electronic control unit.
    [0007] In one aspect of the invention, the server may also include a communication interface for communication with a user interface. These arrangements allow remote control of the home automation system by the user, and the sending of commands via the server to the electronic control unit, or obtaining data on the state of the home. installation. The user interface may for example be formed by a web server communicating with a user terminal, for example a computer, a mobile phone or a tablet. The present invention also relates to a distributed system comprising at least one server and a plurality of electronic control units arranged to communicate with the server so as to implement the method as described above.
    [0008] The invention will be better understood from the detailed description which is set forth below with reference to the accompanying drawings, in which: FIG. 1 is a diagram illustrating the structure of a system intended for the implementation of a method of transmitting data between a server and a set of home automation control units. Figure 2 is a diagram illustrating an embodiment of a data transmission method. Figure 3 is a diagram illustrating an additional step of the method of Figure 2.
    [0009] FIG. 4 is a diagram illustrating the structure of a second system for implementing a method of transmitting data between a server and a set of home automation control electronics units. In the following detailed description of the figures defined above, the same elements or elements fulfilling identical functions may retain the same references so as to simplify the understanding of the invention. As shown in FIG. 1, a distributed system comprises at least one S server and a plurality of home automation control U control units arranged to communicate with the server S so as to implement a method data transmission. Each electronic control unit of a home automation installation is disposed on a private network PN, PN ', whose access is generally protected by a firewall FW. The server S is also arranged on a private network NS. The private networks PN, PN ', SN are connected to an extended network N, for example the Internet. In particular, an electronic control unit U of a home automation installation comprises a processing unit 2 arranged to contain and execute a first computer program. For example, the processing unit 2 comprises a processor, a storage flash memory and a random access memory, and an Ethernet chip PHY.
    [0010] The electronic control unit U furthermore comprises at least one communication interface 3 intended for controlling / controlling movable element actuators of a building, sensors, or else other electrical or electronic control equipment such as than an alarm system.
    [0011] By way of example, as shown in FIG. 1, the communication interface 3 makes it possible to control and control at least one actuator 5, 5 'of a movable element of a building, such as by For example, a roller shutter 6 or a sunshade 6 'or the reception of information of a sensor 7 providing information of presence of a user or values of the surrounding parameters such as temperature, humidity, humidity brightness. Similarly, the interface may allow the control / command of an alarm system 8. In particular, the communication interface 3 may include a radio frequency chip lo-homecontrol and / or Zwave and / or WM-Bus 30 communicating at a frequency of 868Mhz, and / or a radio frequency chip RTS / RTD / RTD + communicating at a frequency of 433 Mhz. The electronic control unit U furthermore comprises a battery and / or a mains power supply, as well as physical connection ports such as, for example, USB host, RJ45 and micro-USB.
    [0012] The electronic control unit U also includes interface elements such as reset buttons, configuration buttons, touch screen launch buttons, and / or operating indicator lights, such as LEDs for example. . The electronic control unit U furthermore comprises a communication interface 4 intended for communication according to the first communication protocol P1 or the second communication protocol P2 with a server S. The server S which allows the command and / or the remote control of the plurality of electronic control units U of a home automation installation comprises a processing unit 102 arranged to contain and execute a second program. The server S further comprises at least one communication interface 104 intended for communication according to the first communication protocol P1 or the second communication protocol P2 with the plurality of electronic control units U.
    [0013] The server S may also comprise a communication interface 106 intended for communication with a user interface 107. The user interface 107 may for example be formed by a web server communicating with a user terminal 108 via the network N, for example a computer, mobile phone or tablet.
    [0014] FIG. 2 represents an implementation diagram of the data transmission processes executed on the server S and on an electronic control unit U of a home automation system I. According to the embodiment described in FIG. the method comprises a first phase PhO negotiation of a secret key, a second phase Ph1 performed according to the first communication protocol for collecting a connection request from the server S and a third phase Ph2 data transmission more establishing a connection according to the second communication protocol initiated by the electronic control unit.
    [0015] The negotiation phase of a secret key PhO comprises a step of transmission E0 of an encryption key in a message Mkey by the electronic control unit U to the server S which receives it during a step E0 ', of in order to enable a signature of the upstream and / or downstream messages according to the first communication protocol P1 and / or according to the second communication protocol P2. The encryption key may in particular be chosen randomly by the electronic control unit U. The server acknowledges receipt of the key and validates that it has taken into account the new key by a MkeyAck downlink message transmitted in 5. a step El 'which is received by the electronic control unit U during a reception step E1. The exchanges between the electronic control unit U during the negotiation phase can be carried out according to a communication protocol that is distinct or similar to the first communication protocol and to the second communication protocol PI and P2. As an example, an HTTPS type protocol can be chosen which makes it possible to communicate the key in a secure manner. It should be noted that this exchange is not done frequently, and therefore does not represent a significant resource consumption. For example, a periodicity of several days can be provided for the validity of the keys. The second communication phase Phi according to the first protocol PI comprises a first step E2 periodic transmission of a message Mping up according to the first communication protocol PI by the electronic control unit U to the server S which receives it in a step E2 '. For example, a periodicity of the order of ten seconds can be provided for the periodicity of the transmission, and in particular of the order of 20s. In response to this up message, the server S transmits in a step E4 'a Mpong downlink message to the electronic control unit U which is received in a prior reception step E4 within a first delay period D0 after transmission. the message amount Mping. For example, the delay OD may be of the order of a few seconds, and in particular of the order of 5 s.
    [0016] This first message Mpong down keeps the communication channel open for a second delay Dr2 greater than the first delay OD. It appears that the operation of a conventional firewall can prevent the passage of a descending message to the extent that it is received beyond a first time after sending a message 35 amount . Also in the usual way, since a first downstream message is received, a second, larger delay is given for receiving one or more other downstream messages. In particular, it is possible to choose to trigger a new transmission of the message Mping before the expiry of the delay Dr2. Subsequently, in the case where the server S has useful data DU to be transmitted to the electronic control unit U, the latter transmits according to the first communication protocol PI during a step E5 'a request message. Mopen connection opening, which is received by the electronic control unit U during a step E5. The second communication phase Phi according to the first protocol PI comprises a monitoring step E3 of a reception delay Dr of a downlink message from the server S following the first transmission step Mping, the triggering of a new one. first transmission step E2 being performed in case of exceeding the reception time. During this phase, the exchanges are signed with the secret key 15 communicated during the first PhO communication phase. As illustrated in FIG. 3, during the second communication phase Phi according to the first communication protocol P1, the server can perform a transmission step ERO 'of an invalid or expired key indication Minvalidkey from the server S and in response to a new step of transmitting an encryption key E0. Typically, this situation can occur during the transmission of a message amount MPing, the server having found that the message has a correct format but is not signed with a valid key. It should be noted that when the electronic control unit is restarted, the first PhO communication phase with communication of the key is performed again. During the second phase of Phi communication, the first communication protocol may in particular be the UDP protocol. The third phase Ph2 of the method is performed following the reception of the connection opening request received by the electronic control unit in the second phase in step E5. In a first step, an establishment step E6 of a connection Cnx to the server S which accepts this connection in a corresponding step E6 'is performed, on the initiative of the electronic control unit U according to a second protocol of P2 connection. In particular, the communication protocol may be the TCP protocol. In this case, the establishment step E6 may comprise several exchanges between the server and the unit U, and in particular exchanges of connection management messages, such as the TCP SYN, SYN / ACK protocol messages, ACK. Once the connection Cnx has been established, a transmission step E7 of an amount message MRq is carried out according to the second communication protocol P2 intended for the server S which receives this message in a step E7 '. In particular, the MRq message may be a message without useful data but constituting an amount message to which a response may be sent by the server.
    [0017] Thus, the server transmits a downlink message MRp in a transmission step E8 'to the electronic control unit U. This downlink message contains the payload data DU that the server was to transmit to the electronic control unit. Following this exchange, a release or acceptance step of the release E9, E9 'of the connection Cnx is performed. The second communication protocol used may be in particular the TCP protocol. The exchanges of the steps E7 / E7 'and E8 / E8' can in particular be made in the form of a request and a response according to the HTTPS protocol that uses TCP.
    [0018] According to alternative embodiments, the release of the connection can take place after several exchanges of uplink messages and / or messages receiving messages according to the second communication protocol or after a specified delay after the step of setting up the connection. E6 communication.
    [0019] According to a second embodiment of a system embodying the invention shown in FIG. 4, the first communication protocol is an SMS-type protocol comprising sending a message from the server to the unit. electronic control U identified in this case by a telephone number. This second protocol is used on a N2 telephone type network, for example a GSM or wired telephone network on the Internet, with a digital message management function. For this purpose, the server S comprises a communication interface 107 on the network N2, such as for example a GSM card, just like the electronic control unit, which also comprises a communication interface 7 on the network N2, such as a card GSM or an Internet telephony hardware and software module, which can be integrated in the firewall or in the electronic control unit U. Thus, the exchange according to the first protocol and the step of receiving a request opening of connection corresponds to a simple sending of 5 SMS between the server S and the electronic control unit U. FIG. 4 represents only an electronic control unit, but this second embodiment of course applies communication with a multitude of electronic control units. According to alternative embodiments, the first protocol used may be of various types making it possible not to be subject to the constraints imposed by the firewall. According to a second variant, the first protocol corresponds to data provided in an audio and / or video stream, for example an MPEG stream. According to this variant, the electronic control unit U comprises or is associated with a decoding interface of the corresponding audio and / or video stream. According to another variant, the first and / or the second protocol may be Raw IP type or other protocol above IP. According to variants of the third Ph2 communication phase, it is possible for the application exchanges to follow the transaction model, including a request and a response. Queries are sent as upstream messages, and responses as descendant messages. Thus, in a request and answer exchange in the form of a rising or falling message, only the response or only the request may contain useful data. An upstream message and the downlinked return message may contain useful data that does not necessarily correspond to the same transaction. For example, a request in progress requiring application processing is transmitted as a rising message, and may trigger the transmission of a downlink message without payload, or containing payload data relating to a previous request. In the same way, the application response corresponding to the current request can be sent during a subsequent message sinking message / subsequent message exchange. This exchange may include a rising message without useful data. According to a variant of the third communication phase Ph2, it is possible that following the establishment of the connection E6, only a downlink message is transmitted by the server S, without transmission of a message 3031260 amount by the unit. electronic control. In this case, a separate protocol of HTTPS can be used, while relying on the reliable services provided by a transport protocol operating in connected mode, such as TCP. It should be noted that the above description describes methods for enabling transmission of data from the server S to the electronic control unit U. The transmission of data in the direction of the electronic control unit to the server can be carried out for example according to the second communication protocol without difficulty since It is possible to establish a connection directly at the initiative of the electronic control unit. For example, a request and a response according to the HTTPS protocol can be performed, then the established connection released to limit the use of server resources.
    [0020] EXAMPLE We will now describe by way of example a format of the messages used in the method as described above according to the first embodiment in the configuration of the system shown in FIG. 1. In the example under consideration, the first protocol is the UDP protocol. The messages are transmitted in UDP datagrams. In particular, a message may correspond to a UDP datagram. The body of the UDP datagram consists of a single frame encoded in UTF-8. The general form of the frame format comprises a first block called BODY, a second SEQUENCE block and a last SIGNATURE BLOCK, these blocks being separated by / and% separators as shown below: <BODY> / <SEQUENCE >% <SIGNATURE> It should be noted, however, that the message or the Minvalidkey or INVALIDKEY frame has neither sequence nor signature, and therefore only the BODY block.
    [0021] 35 We detail below the different blocks identified.
    [0022] 3031260 16 The BODY block has the following general form: <TYPE> # <SERIAL> # <TIMESTAMP> # .... The TYPE field contains message type information that can be: PING (for a Mping message), PONG (for a 5 Mpong message), OPEN (for a Mopen message), INVALIDKEY (for a Minvalidkey message). The SERIAL field comprises the serial number of the electronic control unit U. The TIMESTAMP field comprises a time stamp, for example a UNIX timestamp corresponding to the number of seconds since EPOCH, calculated by the sender of the message. Other fields may be present depending on the type of message as described below. In particular, in the case of a message Mping, transmitted from the electronic control unit U to the server S, the block BODY has the following structure: PING # <SERIAL> # <TIMESTAMP> # <ACTIVITY_INTERVAL> The field ACTIVITY_INTERVAL corresponds to the maximum number of seconds between two activities of the electronic control unit U, that is to say a transmission to the server according to the first or the second communication protocol. The electronic control unit U must send a Mping message immediately after it has been started and then must then regularly: either send a new Mping message or establish a Cnx connection to confirm its presence with the server. The maximum duration between one of these two activities is: - Retrieved by the electronic control unit U in its configuration at startup; Transmitted by the electronic control unit U in each Mping message to inform the server that it is its current period of activity. - Can be modified by a Mpong message returned by the server as described below. In the case of a Mpong message transmitted from the server S to the control electronic unit U, the BODY block has the following structure: PONG # <SERIAL> # <TIMESTAMP> # <NEW ACTIVITY _INTERVAL The field NEW_ACTIVITY_INTERVAL comprises a new value (in seconds) of the desired activity period.
    [0023] 5 The server must return a Mpong message for each Mping message received. If the activity period value of the electronic control unit U is different from that provided in the Mpong message, the electronic control unit U must update its value accordingly.
    [0024] In the case of a Mopen message transmitted from the server S to the electronic control unit U, the block BODY has the following structure: OPEN # <SERIAL> # <TIMESTAMP> The server sends a message Mopen to the electronic unit control U when it wants it to connect to the server as soon as possible through the HTTPs channel. In the case of a message Minvalidkey transmitted from the server S to the electronic control unit U, the block BODY has the following structure: INVALIDKEY # <SERIAL> # <TIMESTAMP> # <REJECTED SIGNAT URE> 20 The server sends a message Minvalidkey when it receives a Mping message in valid format but whose signature is incorrect or when it has exhausted its source of sequence number. When the electronic control unit U receives a message Minvalidkey, a renegotiate phase of a new secret key is performed with the server S. The electronic control unit U must check that REJECTED_SIGNATURE corresponds to the signature of the last message Mping sent, otherwise he can silently ignore the message.
    [0025] The SEQUENCE block corresponds to an integer value (32 bits) representing the sequence number of the transmitted frame. Each transmitted message must contain a strictly increasing sequence number in order to avoid REPLAY attacks. Each actor of communication (electronic control units and server) has his own sequence counter which he uses to number the message he sends.
    [0026] The first message transmitted must have a sequence number equal to 1. The following messages must have a strictly increasing sequence number, incremented by 1 for each message (ie 2, 3, 4,5, ...). Sequence counters must be reset each time a new secret key is negotiated. Since the UDP protocol does not guarantee the arrival order of transmitted packets, the sequence number control must use a sliding window mechanism, in particular by applying the following control algorithm: received sequence is equal to the last number received, it is considered invalid; - If the sequence number received is strictly greater than the last number received, it is considered valid; This number 15 then replaces the last value received and the sliding window shifts to make room for this new value; If the sequence number received is strictly less than the last number received: If the difference between the two values is strictly less than the size of the window If the new value does not already appear in the window, the number of sequence is considered valid; the sliding window shifts to make room for this new value; 25 ^ If the new value already appears in the window, the sequence number is considered invalid; o If the difference between the two values is greater than or equal to the size of the window; the sequence number is considered invalid. Control windows must be reset each time a new secret key is negotiated. Any message with an invalid sequence number must be silently ignored.
    [0027] The SIGNATURE block corresponds to a signature of the message, arranged at the end of the message after the% separator in hexadecimal notation.
    [0028] 3031260 19 Each message transmitted must have a signature The signature covers the entire contents of the message before the% non-included separator. The algorithm and the secret signature key must be negotiated beforehand via an HTTPS channel.
    [0029] 5 Message signing is always checked except for Minvalidkey messages. Any message with an invalid signature is silently ignored. The signature of a frame must be verified before checking the sequence number. It goes without saying that the invention is not limited to the sole form of execution of this method and of the system, described above by way of example, it encompasses all the variant embodiments.
    权利要求:
    Claims (15)
    [0001]
    CLAIMS1 A method of data transmission between a server (S) and an electronic control unit (U) of a home automation installation (I) comprising the following steps - A first reception step (E5) according to a first communication protocol (P1 ) by the electronic control unit (U) of a connection opening request message (Mopen) from the server (S); a step of setting (E6) a connection (Cnx) to the server (S) at the initiative of the electronic control unit (U) according to a second connection protocol (P2); A second reception step (E8) by the electronic control unit (U) of a downlink message (MRp) from the server (S) according to the second communication protocol (P2).
    [0002]
    2. Method according to claim 1, comprising: a first step of periodic transmission (E2) of a rising message (Mping) according to the first communication protocol (P1) by the electronic control unit (U) destined for the server (S); and wherein the first step of receiving (E5) a connection opening request message (Mopen) comprises a receiving step according to the first protocol (P1) of at least one downlink message (Mopen) subsequent to the first transmission step (E2). 25
    [0003]
    3. Method according to one of the preceding claims, comprising, prior to the first step of receiving (E5) a connection opening request (Mopen) A prior receiving step (E4) according to the first communication protocol (PI) by the electronic control unit (U) of a downlink message from the server (S) corresponding to an accessibility response (Mpong);
    [0004]
    4. Method according to one of claims 2 or 3, comprising a step 35 of monitoring (E3) of at least one reception delay (Dr) of a downlink message from the server (S) following the first step transmission (Mping), the triggering of a new first transmission step (E2) being triggered if the at least one reception delay is exceeded. 5
    [0005]
    5. Method according to one of the preceding claims, comprising: a step of transmission (E7) of a rising message (MRq) to the server (S) according to the second communication protocol (P2) following step d establishing connection (E6) and previously to the second receiving step (E8) of a downlink message;
    [0006]
    6. Method according to one of the preceding claims, comprising a step of releasing and / or accepting the release (E9) of the connection (Cnx) according to the second communication protocol (P2) 15 after a given number of transmissions of upstream and / or downstream messages according to the second communication protocol (P2) or after a delay determined after the communication establishment step (E6). 20
    [0007]
    7. A method of data transmission between a server (S) and an electronic control unit (U) of a home automation installation (I) comprising the following steps: A first transmission step (E5 ') according to a first communication protocol (P1) by the server (S) of a connection opening request message (Mopen) to the electronic control unit (U); a step of accepting the establishment (E6 ') of a connection (Cnx) by the server (S) at the initiative of the electronic control unit (U) according to a second connection protocol (P2); A second transmission step (E8 ') according to the second communication protocol (P2) by the server (S) of a downlink message (Mrp) to the electronic control unit (U) according to the second communication protocol (P2).
    [0008]
    8. The method according to claim 7, comprising: A first step of receiving (E2 ') a periodic message (Mping) according to the first communication protocol (P1) by the server (S) from the electronic control unit (U); 5 and wherein the first transmission step (E5 ') of a connection opening request message (Mopen) comprises a step of transmitting at least one downstream message (Mopen) subsequent to the first reception step ( E2 '). 10
    [0009]
    9. Method according to any one of claims 7 or 8, comprising, prior to the first transmission step (E5 ') of a connection opening request (Mopen) A preliminary transmission step (E4') by the server (S) for the electronic control unit (U) of a downlink message corresponding to an accessibility response (Mpong);
    [0010]
    10. Method according to any one of claims 7 to 9, comprising: a step of receiving (E7 ') a rising message (MRq) by the server (S) from the electronic control unit (U ) According to the second communication protocol (P2) following the connection establishment acceptance step (E6 ') and previously to the second transmission step (E8') of a downlink message (Mrp); 25
    [0011]
    11. Method according to any one of claims 7 to 10, comprising a step of release or release acceptance (E9 ') of the connection (Cnx) according to the second communication protocol (P2) after a given number of reception of upstream messages and / or downlink messages according to the second communication protocol (P2) or after a delay determined after the communication establishment acceptance step (E6 ').
    [0012]
    A computer program product comprising portions of program code for performing the steps of a data transmission method according to one of claims 1 to 6 when said program is executed by a computer. 3031260 23
    [0013]
    An electronic control unit (U) of a home automation installation comprising a processing unit (2) arranged to contain and execute the computer program product according to the preceding claim 5, the electronic control unit further comprising at least a communication interface (3) for controlling and / or controlling at least one actuator, in particular a movable element of a building, or other equipment that can be controlled or controlled electrically or electronically, such as, for example an alarm system, or at least one sensor, and a communication interface (4) intended for communication according to the first communication protocol (P1) or the second communication protocol (P2) with a server ( S). 15
    [0014]
    A computer program product comprising portions of program code for performing the steps of a data transmission method according to one of claims 7 to 11 when said program is executed by a computer. 20
    [0015]
    15. Server (S) for controlling and / or remote control of at least one electronic control unit (U) of a home automation installation comprising a processing unit (102) arranged to contain and execute the computer program product according to the preceding claim, the server further comprising at least one communication interface (104) for communication according to the first communication protocol (P1) or the second communication protocol (P2) with at least one electronic control unit (U).
    类似技术:
    公开号 | 公开日 | 专利标题
    US7080046B1|2006-07-18|Method for amortizing authentication overhead
    EP3409054B1|2020-02-26|Synchronization method for a node in a cellular network
    US10200504B2|2019-02-05|Communication protocols over internet protocol | networks
    WO2016102903A1|2016-06-30|Method of transmitting data between a server and an electronic unit for control of a home automation installation
    FR2920930A1|2009-03-13|SYNCHRONIZED SYSTEM FOR DISTRIBUTING AND PROCESSING SIGNALS, IN PARTICULAR AUDIO SIGNALS IN A WIRELESS SPEAKER NETWORK
    CN108293057A|2018-07-17|Data compression for communication signaling
    Nazir et al.2019|Reliable image notifications for smart home security with MQTT
    WO2016102902A1|2016-06-30|Method of processing upgoing or downgoing application messages originating from or destined for an electronic unit for control of a home automation installation by a server
    WO2019185552A1|2019-10-03|Communication method
    EP3777308A1|2021-02-17|Communication method
    Juste et al.2011|Litter: A lightweight peer-to-peer microblogging service
    WO2020089565A1|2020-05-07|System for improved monitoring of connected sensors
    FR3087981A1|2020-05-01|SECURE METHOD FOR TRANSMITTING DATA WITHIN A SUPERVISION SYSTEM
    EP3556151A1|2019-10-23|Method for controlling a radio signal emitted by a gateway, and corresponding gateway and computer program
    FR3087983A1|2020-05-01|IMPROVED MONITORING SYSTEM FOR CONNECTED SENSORS
    EP3547616A1|2019-10-02|Method for managing an electronic device
    WO2007113418A1|2007-10-11|Confidential transmission of data by change of frequency in a telecommunications network
    FR3066342A1|2018-11-16|SINGULARIZATION OF FRAMES TO BE EMITTED BY A CONNECTED OBJECT AND BLOCKING OF REWARDED FRAMES ON A LOW CONSUMPTION WIRELESS COMMUNICATION NETWORK
    EP2614630B1|2018-08-15|Processing of data for the notification of a device
    EP1858224A1|2007-11-21|Method of setting up virtual private networks and remote access control
    EP3360293A1|2018-08-15|Means for managing access to data
    EP2805310A1|2014-11-26|Wake-on-lan for a device connected to a multi-link network
    FR2984666A1|2013-06-21|METHOD AND DEVICE FOR PROVIDING CONTENT, STORED ON A SERVER IN ENERGETIC WATCH MODE
    EP3625928A1|2020-03-25|Method for securing communication without management of states
    WO2016016576A1|2016-02-04|Automatic method of remote updating of sofware contained in an autonomous radio transmitter device of the beacon type
    同族专利:
    公开号 | 公开日
    WO2016102903A1|2016-06-30|
    FR3031260B1|2018-02-09|
    US20170346905A1|2017-11-30|
    EP3238384A1|2017-11-01|
    引用文献:
    公开号 | 申请日 | 公开日 | 申请人 | 专利标题
    US20040151132A1|2003-01-21|2004-08-05|Kabushiki Kaisha Toshiba|Method of and apparatus for communication, communication control system, and computer product|
    DE102007016416A1|2007-04-05|2008-10-09|Deutsche Telekom Ag|External access to local network with non-permanent Internet connection|
    DE102011109678A1|2011-08-08|2013-02-14|Rwe Effizienz Gmbh|COMMUNICATION SYSTEM|
    DE102012105698A1|2012-06-28|2013-10-31|Deutsche Telekom Ag|External access to IP-based house control unit in local network|
    TW200408242A|2002-09-06|2004-05-16|Matsushita Electric Ind Co Ltd|Home terminal apparatus and communication system|
    JP3445986B1|2002-09-27|2003-09-16|松下電器産業株式会社|Servers, devices and communication systems connected to the Internet|FR3047374B1|2016-01-28|2018-07-27|Overkiz|METHOD FOR CONFIGURING, CONTROLLING OR SUPERVISING A DOMOTIC FACILITY|
    EP3451606A1|2017-08-30|2019-03-06|Siemens Aktiengesellschaft|Method for inspecting datagrams transmitted within an industrial automation system and automation and/or communication device|
    US10834306B2|2019-01-15|2020-11-10|International Business Machines Corporation|Method for a remote control of a radiation detection apparatus|
    法律状态:
    2015-11-16| PLFP| Fee payment|Year of fee payment: 2 |
    2016-07-01| PLSC| Publication of the preliminary search report|Effective date: 20160701 |
    2016-11-10| PLFP| Fee payment|Year of fee payment: 3 |
    2017-11-09| PLFP| Fee payment|Year of fee payment: 4 |
    2019-12-13| PLFP| Fee payment|Year of fee payment: 6 |
    2020-11-02| PLFP| Fee payment|Year of fee payment: 7 |
    2021-10-29| PLFP| Fee payment|Year of fee payment: 8 |
    优先权:
    申请号 | 申请日 | 专利标题
    FR1463300|2014-12-24|
    FR1463300A|FR3031260B1|2014-12-24|2014-12-24|METHOD FOR TRANSMITTING DATA BETWEEN A SERVER AND AN ELECTRONIC CONTROL UNIT OF A DOMOTIC INSTALLATION|FR1463300A| FR3031260B1|2014-12-24|2014-12-24|METHOD FOR TRANSMITTING DATA BETWEEN A SERVER AND AN ELECTRONIC CONTROL UNIT OF A DOMOTIC INSTALLATION|
    PCT/FR2015/053740| WO2016102903A1|2014-12-24|2015-12-23|Method of transmitting data between a server and an electronic unit for control of a home automation installation|
    EP15823713.1A| EP3238384A1|2014-12-24|2015-12-23|Method of transmitting data between a server and an electronic unit for control of a home automation installation|
    US15/539,890| US20170346905A1|2014-12-24|2015-12-23|Method of transmitting data between a server and an electronic unit for control of a home automation installation|
    [返回顶部]