Vehicle-to-X communication systems which are suitable for information transmission both between different vehicles (vehicle-to-vehicle communication) and between vehicles and infrastructure facilities (vehicle-to-infrastructure communication) are already known in the prior art. Both variants are usually grouped under the generic term “vehicle-to-X communication”. The transmitted vehicle-to-X data may be of a safety-critical nature and cause an autonomous intervention by a vehicle system in the vehicle control system. Accordingly, strict demands for data security and reliability are placed at least on the safety-critical vehicle-to-X data in order to protect a recipient from maliciously manipulated data and hence from control interventions based on false information.
DE 10 2010 038 640 A1 describes in this connection a device and a method for vehicle-to-X communication. The disclosed method is based on a combination of communication technologies, each of which is different and has different properties. A first communication channel can be implemented e.g. as a mobile communication channel, whereas a second communication channel is implemented as a WLAN channel. Which type of information is sent over which communication channel is determined by sender-based sorting of the information to be sent. According to DE 10 2010 038 640 A1, periodically occurring or static information is transmitted over the first channel, whereas safety-relevant information is transmitted over the second channel.
DE 10 2011 004 505 A1 discloses a method for secure vehicle-to-X communication. The reliability of a vehicle-to-X message is in this case checked, for example, by measuring the position and/or speed of the sender and by subsequently comparing the measured information with the information contained in the vehicle-to-X message. If a difference is identified, the received vehicle-to-X message is classified as unreliable and handled accordingly. By using the method described in DE 10 2011 004 505 A1 it is possible to send e.g. the “cooperative awareness messages” as they are known without a cryptographic data security structure thereby not only making the sent messages up to 80% shorter but also reducing the electronic computing power required for the data security check.
DE 10 2010 002 092 A1 describes data processing for received vehicle-to-X messages, which processing precedes forwarding of the messages to the associated applications and systems in the vehicle and processing of same by these applications and systems. Such data processing can comprise checking a security level of the message and additionally perform a data reduction process. The data reduction process causes information about certain objects or situations to be suppressed and hence said information is not forwarded and processed. Thus, for instance, information about objects located too far from the receiving vehicle or information about objects that are only reached by the vehicle after a certain period of time is ignored. Likewise, a large number of spatially close objects having fundamentally the same response to a situation are combined e.g. into a traffic jam. It is also possible to take account solely of objects located in the intended channel of movement of the vehicle. The amount of data to be processed by the individual applications can thereby be reduced significantly.
It is probable from current efforts that a PKI-based (Public Key Infrastructure) data security method will be used for the large-scale introduction of vehicle-to-X communication systems, which method draws on what are known as elliptic curves as cryptographic algorithms. Although such a security method has the advantage that only relatively short digital key sequences are needed, it has the disadvantage that a relatively large amount of computing power must be expended on checking the key sequences. Since the vehicle-to-X communication methods known from the prior art additionally perform a check of a data security structure only according to permanently defined schemes, this inflexible manner of processing means that, taking into account the very high latency requirements for managing reliably under all circumstances a potentially arising computational load, dedicated processing units are essential, which in turn are associated with relatively high manufacturing costs.
Therefore the object of the present invention is to reduce the computational load for checking the data security sequences that arises in connection with receiving a multiplicity of vehicle-to-X messages while simultaneously guaranteeing a high data security standard.