• 专利附录
  • 专利说明
  • 权利要求
  • 类似技术
  • 同族专利
  • 引用文献
  • 法律状态
  • 优先权
    • 专利摘要:
    This system for transmitting avionic application data between means for producing and consuming data, the application data being transmitted in the form of data transmission units each comprising: at least one portion of an application message; and an additional message (MA) containing identification and control information; is characterized in that the additional message (MA) comprises: - an identification sequence (MDA) comprising a static part (ID) for identifying the application message and its source and a variable part (VAR) for distinguishing the message in a unique way; and a control sequence (MCS) intended to control the integrity of the application message and based on a sequence representing a cyclic redundancy check code of the concatenation of at least a portion of the application message corresponding to said unit, with the identification sequence (MDA).
    公开号:FR3014273A1
    申请号:FR1302814
    申请日:2013-12-03
    公开日:2015-06-05
    发明作者:Patrice Georges Paul Toillon;Vincent Christophe Cedric Sollier;Champeaux Paul Marie Boivin;David Jose Faura
    申请人:Thales SA;
    IPC主号:
    专利说明:

    [0001] The present invention relates to a system for transmitting avionic application data. More particularly, the invention relates to such a system for transmitting avionic application data between production means and data consumption means, the application data being transmitted in the form of data transmission units, each transmission unit comprising: - at least a portion of an application message; and an additional message containing identification and control information associated with this application message. In general, the transmission of application data in avionics systems meets a certain level of robustness required by aeronautical regulations. This level depends on the nature of the data to be transmitted and is all the higher as the data are sensitive.
    [0002] Thus, the transmission systems in avionics systems not only enable data transmission between production means and data consumption means but also ensure the integrity of the data transmitted. It is therefore important to be able to detect possible transmission errors.
    [0003] In practice, application data transmission errors are inevitable. Thus, the application data transmission systems must make it possible to detect at least a part of these errors. The part of the errors detected varies according to the nature of the data. Various application data transmission systems for detecting at least a portion of transmission errors already exist in the state of the art. Such systems make it possible in particular to integrate in each transmission unit containing an application message means for verifying the integrity of this application message.
    [0004] Thus, for example, the document WO 2010/0009965 A2 describes a transmission system for integrating into the transmission unit containing an application message, an authentication block. This authentication block is implemented by cryptographic techniques and is based on the application message and a key.
    [0005] Moreover, the document FR 2878097 A1 also describes a transmission method of this nature and implementing different codes for coding blocks of successive information symbols. The present invention aims to provide an avionics application data transmission system for detecting the non-integrity of an application message at a level compatible with aeronautical requirements. Such a system does not use specific propagation mechanisms and applies to any type of communications network such as those that are part of the ARINC 664 communication standard.
    [0006] For this purpose, the subject of the invention is a system for transmitting avionic application data of the aforementioned type in which the additional message comprises: an identification sequence comprising a static part making it possible to identify the application message and its source and a variable part making it possible to distinguish the message in a unique and certain way; and a control sequence intended to control the integrity of the application message and based on a main sequence representing a cyclic redundancy check code of the concatenation of at least a portion of the application message corresponding to said unit, with the sequence of 'identification. According to particular embodiments of the invention, the system comprises one or more of the following characteristics: the control sequence and the identification sequence are distinct; the control sequence is the result of the application of the XOR operator between: + a sequence resulting from an encoding of at least part of the identification sequence with a key represented by a field of the variable part the identification sequence; and + the main sequence; the control sequence is the result of the application of the XOR operator between + a sequence resulting from an encoding of at least a part of the identification sequence with a key represented by a variable sequence in time and known by the means of production and consumption at every moment; and + the main sequence; the control sequence is the result of the application of the XOR operator between: + a sequence resulting from an encoding of at least a part of the identification sequence with a first key represented by a coding of a field of the variable part of the identification sequence with a second key represented by a sequence known by the means of production and consumption; and + the main sequence; the control sequence is the result of the application of the XOR operator between: + a sequence resulting from an encoding of at least a part of the identification sequence with a first key represented by the result of the application the XOR operator enters: - a field of the variable part of the identification sequence; and a sequence known by the production and consumption means and the main sequence; the control sequence is the result of the application of the XOR operator between: + a sequence resulting from an encoding of at least a part of the identification sequence and at least a portion of the application message with a key represented by a field of the variable part of the identification sequence; and + the main sequence; the control sequence is the result of the application of the XOR operator between: + a sequence resulting from an encoding of at least a part of the identification sequence and at least a portion of the application message with a key represented by a variable sequence in time and known by the means of production and consumption at each moment; and + the main sequence; the control sequence is the result of the application of the XOR operator between: + a sequence resulting from an encoding of at least a part of the identification sequence and at least a portion of the application message with a first key represented by a coding of a field of the variable part of the identification sequence with a second key represented by a sequence known by the means of production and consumption; and + the main sequence; the control sequence is the result of the application of the XOR operator between: + a sequence resulting from an encoding of at least a part of the identification sequence and at least a portion of the application message with a first key represented by the result of the application of the XOR operator between: a field of the variable part of the identification sequence; and a sequence known by the means of production and consumption; and + the main sequence; - The or each key is known only by the means of production and consumption to further ensure the authenticity of the messages; for an application message formed of a plurality of ordered portions, the control sequence of the transmission unit associated with the first portion is the result of the application of the XOR operator between: + a sequence resulting from a coding a sequence represented by the result of the application of the XOR operator between: at least a part of the identification sequence corresponding to this portion; and - a predetermined initial value; and + the main sequence corresponding to this portion; and the control sequence of the transmission unit associated with each subsequent portion is the result of the application of the XOR operator between: + an auxiliary sequence resulting from a coding of a sequence represented by the result of the applying the XOR operator between: at least part of the identification sequence corresponding to this portion; and an auxiliary sequence corresponding to the preceding portion and the main sequence corresponding to this portion; for an application message formed of a plurality of ordered portions, the control sequence of the transmission unit associated with the first portion is the result of the application of the XOR operator between: + a sequence resulting from a encoding a sequence represented by the result of the application of the XOR operator between: - at least a part of the identification sequence and at least a portion of the application message; and - a predetermined initial value; and + the main sequence corresponding to this portion; and the control sequence of the transmission unit associated with each subsequent portion is the result of the application of the XOR operator between: + an auxiliary sequence resulting from a coding of a sequence represented by the result of the applying the XOR operator between: at least part of the identification sequence and at least a portion of the application message; and an auxiliary sequence corresponding to the preceding portion; and + the main sequence corresponding to this portion. - The control sequence is distributed in the identification sequence according to a distribution law known by the means of production and consumption; - the law of distribution is constant in time; - the distribution law is variable in time; - the law is known only by means of production and consumption to further ensure the confidentiality of messages; the identification sequence comprises information selected from the group further comprising: + identification information of the means of production of the corresponding application message, + identification information of the corresponding application message, + order information; elaboration of the corresponding application message, + production sequence number information of the corresponding application message, + date of development of the corresponding application message; the additional message is associated with the application message in whole or portion thereof per portion. The invention will be better understood on reading the description which follows, given solely by way of example and with reference to the appended drawings, in which: FIG. 1 is a schematic view illustrating a data transmission system; avionics applications according to the invention; FIG. 2 is a schematic view illustrating a transmission unit to be transmitted by the system of FIG. 1; FIG. 3 is a diagram illustrating a division of an application message to be transmitted by the system of FIG. 1 into a plurality of portions; FIG. 4 is a schematic view of an additional message without distribution forming part of the transmission unit of FIG. 2; FIG. 5 is a flowchart illustrating a fifth embodiment of the invention; and FIG. 6 is a schematic view of an additional message with a distribution forming part of the transmission unit of FIG. 2. FIG. 1 shows an example of a data transmission system. avionics applications according to the invention. This transmission system can be used in avionics systems. Such a transmission system 10 comprises, for example, means for producing application data and means for consuming such data, designated respectively by the general references 12 and 14 in this FIG. 1. The production means 12 are represented by any suitable means. to produce application data for consumption means 14. Such a means comprises for example an equipment, a piece of equipment, a sensor, a partition, an application, a software and / or a hardware. Similarly, the consumption means 14 are represented by any means capable of consuming application data transmitted by the production means. Such means includes, for example, equipment, part of equipment, actuator, partition, application, software and / or hardware.
    [0007] The means of production and consumption are for example on board an aircraft. The application data comprise, for example, instructions for piloting the aircraft. Depending on their specific tasks, these instructions may be redundant and / or meet a certain level of robustness. The production and consumption means are interconnected in an avionics communication computer network designated by the general reference 16 in FIG. 1. The network 16 comprises a plurality of material resources, for example cables physically connecting the means of production. and consumption between them and for example switches ensuring the transfer between these means, digital data. Such a set of hardware resources forms a set of physical paths for the application data.
    [0008] The network 16 also comprises a plurality of intangible resources ensuring such transfer to the software level. These resources include, for example, processing resources, storage resources or communication resources. The computer network 16 conforms, for example, to the communication standard ARINC 664. The architecture of the network 16 is able to support, for example, the concept of integrated modular avionics (IMA for "Integrated Modular Avionics"). The production means 12 are able to transmit application data to the consumption means 14 by using the same physical path and the same intangible resources of the network 16. The application data is transmitted in the form of data transmission units. An example of such a transmission unit is shown diagrammatically in FIG. 2 where this transmission unit is designated by the general reference 20. The transmission unit 20 is formed by an application message M and an additional message MA comprising, for example identification and control information associated with this application message. The application message M represents, for example, an independent setpoint sent by the production means 12 to the consumption means 14. In a variant, the transmission unit is formed by a portion P of the application message M and an additional message MA associated with it. portion. Thus, the message M is divided into a plurality of portions P and each portion P is transmitted via the network 16 by a transmission unit. Thus, the term "data transmission unit" used in the present description means the association of an application message M or a portion P of this application message M, and an additional message MA in the direction defined herein. -above. FIG. 3 shows a message M divided into four portions P1, P2, P3 and P4. These portions are transmitted via the network 16 by independent transmission units designated respectively by general references 31, 32, 33 and 34 in this FIG.
    [0009] Each transmission unit 31, 32, 33 and 34 is formed by a corresponding P1, Per P3 and P4 portion and by an additional message MA ,, MA2, MA3 and MA4 comprising for example identification and control information associated with this. portion. Such a division makes it possible to optimize the coverage of the integrity mechanism by adapting the length of the portion to the intrinsic performance of the control used of the network 16. This division also makes it possible to optimize the operation of the network 16 by adapting the length of the portion at the processing speed of this portion by the production means 12 and by the consumption means 14.
    [0010] Within the production means 12, such a treatment is provided by means for forming transmission units designated by the general reference 22 in FIG. 1. These means are, for example, capable of dividing the message M into P portions. are furthermore able to form a transmission unit for each application message M or for each portion P of this message by adding an additional message associated with this application message M or this portion P. Finally, the means for forming units of transmission 22 are able to transmit the transmission units formed in the network 16. Likewise, within the consumption means 14, the processing of the transmission units is ensured by transmission unit reading means designated by the general reference 24. in FIG. 1. The reading means 24 are able to receive a transmission unit and extract the application message M or the portion P from the application message. M corresponding to this transmission unit. The reading means 24 are also able to read the additional message MA corresponding to each portion or to each message received (e).
    [0011] This additional message MA allows the reading means 24 to verify the integrity of the message M received or the portion P received. The reading means 24 are also able to reconstruct an application message M from the portions P received from this message. In the remainder of this description, an application message M and a portion P of an application message M will no longer be distinguished. The term "application message M" will mean an application message M or a portion P of an application message M in the meaning defined above. FIG. 4 schematically illustrates an example of a structure of an additional message MA without distribution associated with an application message M.
    [0012] This additional message MA is able to be formed by the transmission unit forming means 22 and to be read by the reading means 24 of FIG.
    [0013] Thus, according to FIG. 4, the additional message MA comprises an identification sequence MDA. This identification sequence MDA is formed by a static part ID making it possible to identify the application message M and its source in the network and a variable part VAR making it possible to distinguish the application message M in a unique and certain manner and in particular to distinguish two occurrences of the same message. For example, the static part ID has a first field and a second field. The first field is for example 6 bits in size and is formed for example by an identifier of the producer of the application message M. This identifier uniquely identifies the production means 12 having sent this message M in the network 16. It corresponds by example to the source identifier (in English "Partition Id Source") in the case of ARINC 653 type IMA architecture.
    [0014] As a variant, this identifier corresponds to the sensor number associated with the production means 12. As a further variant, this identifier corresponds to the position of the production means 12. The second field is, for example, 10 bits in size and is formed for example by an identifier of the application message M in the network 16. The variable portion VAR of the MDA sequence comprises for example an MSN field and a MPT field. The MSN field is for example 16 bits in size and is formed by a number corresponding to the order of development of the application message M.
    [0015] As a variant, the MSN field could also associate the order of elaboration of the application message M with the order of elaboration of the portion P for the same message order. The MPT field is, for example, 32 bits in size and comprises, for example, the date (instant) of elaboration of the application message M.
    [0016] The additional message MA further comprises an MCS control sequence intended to control the integrity of the application message M and is based on a main sequence SP. The main sequence SP is represented for example by a cyclic redundancy check code CRC of the concatenation of the application message M with the identification sequence MDA, that is to say: SP = CRC (MDA) where the symbol o denotes the concatenation operator. The cyclic redundancy check code CRC is obtained for example using one or more generating polynomials. According to a first embodiment of the invention, the control sequence is the result of the application of the XOR operator between an auxiliary sequence and the main sequence SP. In this embodiment, the auxiliary sequence is a sequence resulting from encoding at least a portion of the MDA identification sequence with a key represented by the MPT field of the MDA identification sequence.
    [0017] Said part of the identification sequence MDA is represented for example by all or part of the static part ID and all or part of the MSN field. Such coding is performed for example with a Hash law (or other cryptographic primitives) with a key represented by the MPT field. Thus, the key is different from one application message M to another and is variable temporally for the same producer. Thus, the MCS control sequence can be determined using the following relation: MCS = XOR [EKeyA (MSN ID); SPi where E yA denotes the cryptographic primitive used (as the Hash law for example) and KeyA designates the key represented by the MPT field. As a variant, the coding is applied to the static part ID, to the MSN field and to the application message M. This then gives the following relation: MCS = XOR [EKeyA (ID o MSN o M); SPi. According to a second embodiment of the invention, the control sequence is the result of the application of the XOR operator between an auxiliary sequence and the main sequence SP. In this embodiment, the auxiliary sequence is a sequence resulting from encoding at least part of the MDA identification sequence with a key represented by a time-varying sequence.
    [0018] This sequence is known by the means of production and consumption at every moment. Said part of the identification sequence MDA is represented for example by all or part of the static part ID and all or part of the MSN field. Such coding is performed for example with a Hash law with a cyclic change key.
    [0019] Such a cyclic change notably enables the production and consumption means to know the key without having communicated it explicitly via the network 16. Thus, the MCS control sequence can be determined using the following relation: MCS = XOR [EK,), A (,) (MSN ID); SPI where KeyA (t) denotes the cyclic key and variable in time. As a variant, the coding is applied to the static part ID, to the MSN field and to the application message M. This gives the following relation: MCS = XORLE'KeyA (i) (MSN ID o M); SPi. According to a third embodiment of the invention, the control sequence is the result of the application of the XOR operator between an auxiliary sequence and the main sequence SP. In this embodiment, the auxiliary sequence is a sequence resulting from encoding at least a portion of the MDA identification sequence with a first key. Such coding is performed for example with a Hash law. Said part of the identification sequence MDA is represented for example by all or part of the static part ID and all or part of the MSN field.
    [0020] The first key is represented by encoding the MPT field of the MDA identification sequence with a second key. Such coding is performed for example by an encoding function with a different key from one message to another and variable temporally. The second key represented by a sequence known by the means of production and consumption. This second key is known only by the means of consumption and production concerned and is stored in their respective configuration table. This means in particular that the key is not able to be known externally which makes it possible to ensure the authenticity of the transmitted data.
    [0021] Thus, the MCS control sequence can be determined using the following relation: MCS = XOR [EKeyA (MSN ID); SPi where KeyA designates the first key defined by the relation: KeyA = FKeyB (MPT) where F designates the coding function and KeyB the second key. As a variant, the first coding is applied to the static part ID, to the MSN field and to the application message M. This gives the following relation: MCS = XORI.E'KeyA (ID has MSN o M); SPi.
    [0022] According to a fourth embodiment of the invention, the control sequence is the result of the application of the XOR operator between an auxiliary sequence and the main sequence SP. In this embodiment, the auxiliary sequence is a sequence resulting from encoding at least a portion of the MDA identification sequence with a first key. Such coding is performed for example with a Nash law. Said part of the identification sequence MDA is represented for example by the static part ID and by the field MSN. The first key is represented by the result of the application of the XOR operator between the MPT field of the identification sequence MDA and a sequence known by the production and consumption means. This sequence is known only by the means of consumption and production concerned and is stored in their respective configuration table. This means in particular that the key is not able to be known externally which makes it possible to ensure the authenticity of the transmitted data. The first key is different from one application message M to the other and is variable temporally. Thus, the MCS control sequence can be determined using the following relation: MCS = X011 [EKeyA (MSN ID); SPi where KeyA denotes the first key defined by the relation: KeyA = XOR [KeyB; MPT] where KeyB denotes the sequence known by the means of production and consumption.
    [0023] As a variant, the first coding is applied to the static part ID, to the MSN field and to the application message M. This gives the following relation: MCS = XORLE'KeyA (ID o MSN o M); Spinnaker. In the four embodiments described above, when an application message M refers to a portion P of an application message M, that is to say when the application message M is divided into a plurality of portions P , the creation of the MCS part of the additional message MA associated with a portion P is independent of the other portions P of the same application message. Thus, in the four embodiments described above, the method for checking the integrity of an application message M is said to be "without chaining". In the following, we denote Seq the input sequence of the cryptographic primitive EKeyA, represented for example by the law of Hash, according to one of the four preceding embodiments. According to a fifth embodiment, the input sequence of the cryptographic primitive EKeyA of the first portion P of an application message M is the result of the application of the operator XOR between the sequence Seqi corresponding to the first portion P and an initial value IV (of the "Initial Value") predetermined, that is to say: MCS1 = XORLEKeyA (X0R [Seqi; / V)); SPI.
    [0024] The input sequence of the coding of the following portions P of the same application message M is the result of the application of the operator XOR between the sequence Seq; and an auxiliary sequence calculated for the preceding portion: MCS, = XOR {EKeyA (X0R [Seq,; SA,...] spi, where i denotes the number of the portion P in the application message M, denotes the auxiliary sequence calculated for the P portion having the number i -1, that is to say: = E KeyA (X0R [Seq, b and SA1 = KeyA E (X0R [Seq,; / Vb.So, this embodiment is recursive and is said "with chaining." This embodiment is further explained by the flowchart of FIG.
    [0025] In this FIG. 5, an application message M is divided into three portions designated by the general references P1, P2 and P3. Each portion of this message is able to be transmitted by a transmission unit. Thus, as illustrated in this FIG. 5, the MCS control sequence, corresponding to the first portion P1, is obtained from the above formulas using a first auxiliary sequence SA ,. This first auxiliary sequence SA is moreover obtained by using the corresponding Seq sequence and the initial value IV. The MCS2 control sequence corresponding to the second portion P2 is obtained from the above formulas using a second auxiliary sequence SA2. This second auxiliary sequence SA2 is moreover obtained by using the corresponding Seq2 sequence and the first auxiliary sequence SA ,. The control sequence MCS3 corresponding to the third portion P3 is obtained analogously.
    [0026] In the five embodiments described above, the MDA and MCS sequences are distinct as shown in FIG. 4. Thus, in these embodiments, the additional message MA is said to be "without distribution". According to a sixth embodiment, the MCS control sequence is distributed in the MDA identification sequence according to a distribution law.
    [0027] Thus, in this embodiment, the additional message MA is called "with distribution". FIG. 6 schematically illustrates an example of a structure of an additional message MA with distribution associated with an application message M. This distribution law is known by the means of production and consumption. For example, it defines the same fixed positions of the portions of the MCS sequence in the MDA sequence for all the M application messages. In a variant, this law defines, for example, variable positions of the portions of the MCS sequence in the MDA sequence for different messages. M based application for example the occurrence of an application message M on the other. In the latter case, the distribution law is therefore variable in time. The forming means 22 make it possible to form an additional message MA comprising the control sequence MCS distributed in the identification sequence MDA according to this law.
    [0028] Similarly, the reading means 24 are able to extract the MCS control sequence from the identification sequence MDA using this law. In this embodiment, the control sequence MCS is equal for example to the main sequence, that is to say: MCS = SP In other words, this MCS control sequence is created without any coding. In a variant, the MCS control sequence is created according to one of the five techniques corresponding to the first five embodiments of the invention. Of course, many other combinations of the embodiments are also possible.
    [0029] The operation of the transmission system 10 according to the invention will now be described.
    [0030] An instruction produced by the production means 12 for the consumption means 14 is first transformed into an application message M. This application message M is then processed by the transmission unit formation means 22.
    [0031] In these means 22, the application message M is divided into a plurality of portions P. Such a division is effected for example as a function of the length of the message M. This division makes it possible in particular to optimize the operation of various network components. depending on the speed of data processing.
    [0032] In some cases, the message M is not divided. Then, the transmission unit forming means 22 associate with this application message M or with a portion P corresponding to this message M an additional message MA. The additional message MA contains identification and control information associated with this application message M. Thus, the means 22 first construct an identification sequence MDA. This sequence may be associated with the entire application message M or with its portion P. The means 22 then construct an MCS control sequence using one of the construction techniques described above.
    [0033] For the sixth embodiment, the transmission unit forming means 22 additionally distribute the MCS control sequence in the MDA identification sequence according to a distribution law. Thus, the application message M or the portion P and the associated additional message MA form a transmission unit which is then transmitted in the network 16.
    [0034] After reception of the transmission unit by the consumption means 14, the entire application message M or its portion P is verified first by the reading means 24. Thus, the reading means first extract the application message M or its portion P of the transmission unit received.
    [0035] For the sixth embodiment, the reading means 24 further extract the MCS control sequence from the MDA identification sequence according to the distribution law. The reading means 24 then builds a control sequence MCS 'using the received message M or its received portion P and the received MDA sequence.
    [0036] This construction is based on the same construction technique used by the transmission unit formation means 22.
    [0037] Then, the reading means 24 compare the received MCS control sequence with the reconstructed MCS control sequence. If the two sequences are identical, the transmission of the message M or its portion P has been carried out without error.
    [0038] If the two sequences are not identical, the transmission of the message M or its portion P has been made with errors. After receiving all the portions P corresponding to the same application message M, the reading means 24 reconstitute this message M and then transmit it to the consumption means 14.
    [0039] Of course other embodiments can still be envisaged.
    权利要求:
    Claims (19)
    [0001]
    CLAIMS1.- System for transmitting (10) avionic application data between production means (12) and data consumption means (14), the application data being transmitted in the form of data transmission units (20), each transmission unit (20) comprising: - at least one portion (P) of an application message (M); and an additional message (MA) containing identification and control information associated with this application message (M); characterized in that the additional message (MA) comprises: an identification sequence (MDA) comprising a static part (ID) making it possible to identify the application message (M) and its source and a variable part (VAR) making it possible to to distinguish the message (M) in a unique and certain way; and a control sequence (MCS) for controlling the integrity of the application message (M) and based on a main sequence (SP) representing a cyclic redundancy check (CRC) code of the concatenation of at least one portion (P) the application message (M) corresponding to said unit (20), with the identification sequence (MDA).
    [0002]
    2. Transmission system (10) according to claim 1, characterized in that the control sequence (MCS) and the identification sequence (MDA) are distinct.
    [0003]
    3. Transmission system (10) according to claim 2, characterized in that the control sequence (MCS) is the result of the application of the XOR operator between: a sequence resulting from a coding from at least part of the identification sequence (MDA) with a key (KeyA) represented by a field (MPT) of the variable part (VAR) of the identification sequence (MDA); and - the main sequence (SP).
    [0004]
    4. Transmission system (10) according to claim 2, characterized in that the control sequence (MCS) is the result of the application of the XOR operator between: - a sequence resulting from a coding from at least part of the identification sequence (MDA) with a key (KeyA (t)) represented by a variable sequence in time and known by the means of production (12) and consumption (14) at each moment; and - the main sequence (SP).
    [0005]
    5. Transmission system (10) according to claim 2, characterized in that the control sequence (MCS) is the result of the application of the XOR operator between: - a sequence resulting from a coding from at least part of the identification sequence (MDA) with a first key (KeyA) represented by a coding of a field (MPT) of the variable part (VAR) of the identification sequence (MDA) with a second key (KeyB) represented by a sequence known by the means of production (12) and consumption (13); and - the main sequence (SP).
    [0006]
    6. Transmission system (10) according to claim 2, characterized in that the control sequence (MCS) is the result of the application of the XOR operator between: - a sequence resulting from a coding from at least part of the identification sequence (MDA) with a first key (KeyA) represented by the result of the application of the XOR operator between: - a field (MPT) of the variable part (VAR) of the sequence identification (MDA); and a sequence (KeyB) known by the means of production (12) and of consumption (14); and - the main sequence (SP).
    [0007]
    7. Transmission system (10) according to claim 2, characterized in that the control sequence (MCS) is the result of the application of the XOR operator between: a sequence resulting from a coding from least part of the identification sequence (MDA) and at least one portion (P) of the application message (M) with a key (KeyA) represented by a field (MPT) of the variable part (VAR) of the identification sequence (MDA); and - the main sequence (SP).
    [0008]
    8. Transmission system (10) according to claim 2, characterized in that the control sequence (MCS) is the result of the application of the XOR operator between: a sequence resulting from a coding from least part of the identification sequence (MDA) and at least one portion (P) of the application message (M) with a key (KeyA (t)) represented by a variable sequence in time and known by the means production (12) and consumption (14) at every moment; and - the main sequence (SP).
    [0009]
    9. Transmission system (10) according to claim 2, characterized in that the control sequence (MCS) is the result of the application of the XOR operator between: - a sequence resulting from a coding from least part of the identification sequence (MDA) and at least one portion (P) of the application message (M) with a first key (KeyA) represented by a coding of a field (MPT) of the variable part (VAR) identification sequence (MDA) with a second key (KeyB) represented by a sequence known by the means of production (12) and consumption (14); and - the main sequence (SP).
    [0010]
    10. Transmission system (10) according to claim 2, characterized in that the control sequence (MCS) is the result of the application of the XOR operator between: a sequence resulting from a coding from least part of the identification sequence (MDA) and at least one portion (P) of the application message (M) with a first key (KeyA) represented by the result of the application of the XOR operator between: a field (MPT) of the variable part (VAR) of the identification sequence (MDA); and a sequence (KeyB) known by the means of production (12) and of consumption (14); and - the main sequence (SP).
    [0011]
    11. Transmission system (10) according to any one of claims 3 to 10, characterized in that the or each key (KeyA, KeyB) is known only by the means of production (12) and consumption ( 14) to further ensure the authenticity of messages (M).
    [0012]
    12. Transmission system (10) according to any one of claims 3 to 11, characterized in that, for an application message (M) formed of a plurality of ordered portions (P), the control sequence (MCS ) of the transmission unit (20) associated with the first portion (P) is the result of the application of the XOR operator between: a sequence resulting from a coding of a sequence represented by the result of the application of the XOR operator between: at least part of the identification sequence (MDA) corresponding to this portion (P); and - a predetermined initial value (IV); and the main sequence (SP) corresponding to this portion; and the control sequence (MCS) of the transmission unit (20) associated with each subsequent portion (P) is the result of the application of the XOR operator between: - an auxiliary sequence (SA) resulting from a encoding a sequence represented by the result of the application of the XOR operator between: - at least a part of the identification sequence (MDA) corresponding to this portion (P); and an auxiliary sequence (SA) corresponding to the preceding portion (P); and the main sequence (SP) corresponding to this portion.
    [0013]
    13. Transmission system (10) according to any one of claims 3 to 11, characterized in that, for an application message (M) formed of a plurality of ordered portions (P), the control sequence (MCS ) of the transmission unit (20) associated with the first portion (P) is the result of the application of the XOR operator between: a sequence resulting from a coding of a sequence represented by the result of the application of the XOR operator between: at least part of the identification sequence (MDA) and at least one portion (P) of the application message (M); and - a predetermined initial value (IV); and the main sequence (SP) corresponding to this portion; and the control sequence (MCS) of the transmission unit (20) associated with each subsequent portion (P) is the result of the application of the XOR operator between: - an auxiliary sequence (SA) resulting from a encoding a sequence represented by the result of the application of the XOR operator between: - at least part of the identification sequence (MDA) and at least one portion (P) of the application message (M) ; and an auxiliary sequence (SA) corresponding to the preceding portion (P); and the main sequence (SP) corresponding to this portion.
    [0014]
    14. Transmission system (10) according to any one of claims 3 to 13, characterized in that the control sequence (MCS) is distributed in the identification sequence (MDA) according to a distribution law known by the means of production (12) and consumption (14).
    [0015]
    15. Transmission system (10) according to claim 14, characterized in that the distribution law is constant in time.
    [0016]
    16. Transmission system (10) according to claim 14, characterized in that the distribution law is variable in time.
    [0017]
    17. Transmission system (10) according to any one of claims 14 to 16, characterized in that the law is known only by the means of production (12) and deconsumption (14) to further enable ensure the confidentiality of messages (M).
    [0018]
    18. Transmission system (10) according to any one of the preceding claims, characterized in that the identification sequence (MDA) comprises information selected from the group further comprising: - identification information means of production of the corresponding application message (M), identification information of the corresponding application message (M), information of order of elaboration of the corresponding application message (M), production sequence number information. the corresponding application message (M), - the date of creation of the corresponding application message (M).
    [0019]
    19. Transmission system (10) according to any one of the preceding claims, characterized in that the additional message (MA) is associated with the application message (M) in whole or portion (P) thereof per portion ( P).
    类似技术:
    公开号 | 公开日 | 专利标题
    FR3014273A1|2015-06-05|SYSTEM FOR TRANSMITTING AVIONIC APPLICATIVE DATA
    US20090327818A1|2009-12-31|Multi-core engine for detecting bit errors
    FR2789829A1|2000-08-18|METHOD FOR VERIFYING THE USE OF PUBLIC KEYS GENERATED BY AN ON-BOARD SYSTEM
    EP2232765A2|2010-09-29|Method and entity for probabilistic symmetrical encryption
    FR3001849A1|2014-08-08|METHOD FOR ROUTING DATA, COMPUTER PROGRAM, NETWORK CONTROLLER AND ASSOCIATED NETWORKS
    JP2012504284A|2012-02-16|Decomposition / reconstruction in data transfer storage
    FR3014622A1|2015-06-12|ARCHITECTURE FOR CRITICAL DATA TRANSMISSION IN AVIONICS SYSTEMS
    US20100260334A1|2010-10-14|Share generation apparatus, reconstruction apparatus, verification apparatus, and secret sharing system
    EP2161700A1|2010-03-10|Method,associated system and aircraft for communicating a digital signature in order to certify a transmission
    US20080046493A1|2008-02-21|Method and system for data security
    FR2990034A1|2013-11-01|METHOD FOR CONTROLLING CYCLIC REDUNDANCY PROTECTED AGAINST AUXILIARY CHANNEL ATTACK
    CA2778847A1|2011-05-05|Identification by means of checking a user's biometric data
    FR2979443A1|2013-03-01|Method for storing data in memory interfacing with secure microcontroller, involves processing input data according to one of data processing methods to achieve data processed in different data formats
    US10157282B2|2018-12-18|Multiband encryption engine and a self testing method thereof
    FR2992083A1|2013-12-20|COMPUTER, COMMUNICATION ASSEMBLY COMPRISING SUCH A COMPUTER, RAIL MANAGEMENT SYSTEM COMPRISING SUCH A SET, AND METHOD FOR RELIABILITY OF DATA IN A COMPUTER
    FR2890202A1|2007-03-02|DEMONSTRATION OF A DATA MODIFICATION OF A SET OF DATA
    EP1449067B1|2007-12-12|Method and system for making secure a pseudo-random generator
    EP3545641A1|2019-10-02|Searchable encryption method
    CA2297276C|2008-03-25|Method and device for receiving and pre-processing messages
    US10944732B2|2021-03-09|Streaming digital content with content metadata
    EP3454512B1|2020-05-13|Communication network, associated measurement system, transport means and method for constructing a communication network
    CN114041134A|2022-02-11|System and method for block chain based secure storage
    EP3748935A1|2020-12-09|Method for storing digital files implemented by a deterministic avionics network with predetermined routing, and associated avionics communication system
    WO2018104557A1|2018-06-14|Method of sending a message, method of reception, sending device, reception device and communication system associated therewith
    EP3539253A1|2019-09-18|Method and device for transmitting encrypted data, method and device for extracting data
    同族专利:
    公开号 | 公开日
    FR3014273B1|2016-01-01|
    US20160347267A1|2016-12-01|
    US9713992B2|2017-07-25|
    引用文献:
    公开号 | 申请日 | 公开日 | 申请人 | 专利标题
    WO2000065765A1|1999-04-26|2000-11-02|Nokia Networks Oy|New method for checking the data|
    US20020170013A1|2001-05-14|2002-11-14|Interdigital Technology Corporation|Method and system for implicit user equipment identification|
    WO2013086456A1|2011-12-08|2013-06-13|Arteris SAS|Differential formatting between normal and retry data transmission|FR3058290A1|2016-10-27|2018-05-04|Thales|AVIONIC EQUIPMENT WITH SINGLE USE SIGNATURE OF EMIS MESSAGE, AVIONIC SYSTEM, TRANSMISSION METHOD AND COMPUTER PROGRAM|US6418117B1|1998-09-08|2002-07-09|Mci Worldcom, Inc.|Out of band messaging in a DRA network|
    US7536631B1|2002-12-19|2009-05-19|Rmi Corporation|Advanced communication apparatus and method for verified communication|
    DE10318068B4|2003-04-17|2009-08-27|Phoenix Contact Gmbh & Co. Kg|Method and device for packet-oriented transmission of security-relevant data|
    FR2878097B1|2004-11-16|2007-02-16|Airbus France Sas|DETECTION OF ERRORS IN THE DATA RELATING TO THE ACTUATION OF A VEHICLE ORGAN|
    US7613830B2|2004-12-10|2009-11-03|Microsoft Corporation|Reliably transferring queued application messages|
    FR2933557B1|2008-07-02|2013-02-08|Airbus France|METHOD AND DEVICE FOR PROTECTING THE INTEGRITY OF DATA TRANSMITTED ON A NETWORK|
    CN101800943B|2010-03-31|2012-03-07|西安西电捷通无线网络通信股份有限公司|Multicasting key negotiation method and system suitable for group calling system|FR3030126B1|2014-12-10|2017-01-13|Thales Sa|AVIONIC INFORMATION TRANSMISSION SYSTEM|
    DE102018204398A1|2018-03-22|2019-09-26|Robert Bosch Gmbh|Method and device for tamper-proof transmission of user data in a computer network|
    CN109255232B|2018-08-30|2021-04-06|新华三信息技术有限公司|Software loading method and software loading device|
    法律状态:
    2015-12-31| PLFP| Fee payment|Year of fee payment: 3 |
    2016-12-29| PLFP| Fee payment|Year of fee payment: 4 |
    2018-01-02| PLFP| Fee payment|Year of fee payment: 5 |
    2019-12-30| PLFP| Fee payment|Year of fee payment: 7 |
    2020-12-28| PLFP| Fee payment|Year of fee payment: 8 |
    2021-12-30| PLFP| Fee payment|Year of fee payment: 9 |
    优先权:
    申请号 | 申请日 | 专利标题
    FR1302814A|FR3014273B1|2013-12-03|2013-12-03|SYSTEM FOR TRANSMITTING AVIONIC APPLICATIVE DATA|FR1302814A| FR3014273B1|2013-12-03|2013-12-03|SYSTEM FOR TRANSMITTING AVIONIC APPLICATIVE DATA|
    US14/558,557| US9713992B2|2013-12-03|2014-12-02|Transmission system for avionics application data|
    [返回顶部]