CN-121989743-A - Charging pile management system

Abstract

The charging pile management system comprises an edge controller and a cloud server. The edge controller establishes an unencrypted connection with the first type of charging pile according to the first security profile, and converts the first charging information formatted according to the first communication protocol and transmitted from the first type of charging pile into second charging information formatted according to the second communication protocol. If the edge controller passes the first mutual authentication test according to the second security profile with the security higher than the first security profile, the cloud server establishes a first encryption connection with the edge controller. And responding to the second charging information transmitted through the first encryption connection line, and executing the charging station management service on the first type of charging piles by the cloud server.

Inventors

• GAO JIANRONG
• Yan Songxing
• HUANG ZHENRUI
• LIU FENGRONG
• WEI RONGZHI
• Jian Zhengming

Assignees

• 光宝科技股份有限公司
• 光宝科技新加坡私人有限公司

Dates

Publication Date

20260508

Application Date

20250605

Priority Date

20250414

Claims (17)

1. 1. A charging stake management system, comprising: An edge controller configured to: establishing a non-encrypted connection with a first type of charging pile according to a first security profile, and Converting a first charging information formatted according to a first communication protocol and transmitted from the first type charging pile into a second charging information formatted according to a second communication protocol; A cloud server configured to: If the edge controller passes a first mutual authentication test according to a second security profile with security higher than the first security profile, establishing a first encrypted connection with the edge controller, and And responding to the second charging information transmitted through the first encryption connection line, and executing a charging station management service on the first type of charging piles.
2. 2. The charge stake management system of claim 1, wherein the edge controller includes: a first module configured to: Performing a first identification test to verify a first identification of the first type of charging stake; if the first type of charging pile passes the first identification test, the non-encrypted connection line is established with the first type of charging pile and Receiving the first charging information from the first type of charging piles through the non-encrypted connection; A second module having a first theme for transmitting and receiving information over the first encrypted wire configured to: converting the first charge information into the second charge information, and The second charging information is published on the first topic.
3. 3. The charging stake management system of claim 2, wherein the cloud server includes: A first network endpoint having a second theme for sending and receiving information configured to: Performing the first mutual authentication test to authenticate the edge controller; if the edge controller passes the first mutual authentication test, establishing the first encrypted connection with the edge controller using a mutual authentication transmission security channel, and Subscribing the first theme to receive the second charging information through the first encryption connection line, and publishing the second charging information on the second theme; A second network endpoint configured to: Subscribing to the second topic for receiving the second charging information, and And executing the charging station management service on the first type of charging piles according to the second charging information.
4. 4. The charging stake management system as claimed in claim 2, wherein the first mutual authentication test includes: the cloud server transmits a server certificate stored in the cloud server to the edge controller; The edge controller validating the server credential; the edge controller transmitting an edge credential stored in the edge controller to the cloud server, and The cloud server verifies the edge credential.
5. 5. The charging pile management system of claim 1, wherein the edge controller and the cloud server are further configured to: Exchanging a first encryption key, and If the edge controller passes the first mutual authentication test, encrypting the first encrypted connection based on the first encryption key.
6. 6. The charge stake management system of claim 2, wherein the edge controller is further configured to: Storing a first set of identifiers; Performing a first identification test by verifying whether a first identification of the first type of charging stake belongs to the first identification set, and The unencrypted connection is established only if the first identification is verified as authorized.
7. 7. The charge stake management system as recited in claim 6, wherein the first identification includes a non-encrypted code in accordance with the first security profile, the edge controller being further configured to: detecting a first connection request from the first type of charging pile; storing a second identification in the first type of charging stake for replacing the first identification; storing the second identification in the first identification set, and If the first type of charging stake issues a subsequent connection request, the first identification test is performed by verifying the second identification of the first type of charging stake.
8. 8. The charging pile management system of claim 1, wherein the cloud server is further configured to: If a second type of charging pile passes a second identification test according to a second security profile, a second encryption connection line is established with the second type of charging pile; Receiving a third charge information, which is sent by the second type of charge pile and formatted by the first communication protocol, and And responding to the third charging information, and executing the charging station management service on the second type of charging piles.
9. 9. The charging stake management system as claimed in claim 8, wherein the second identification test is a second mutual authentication test including: The cloud server transmits a server certificate stored in the cloud server to the second type charging pile; the second class charging pile verifies the server certificate; The second type charging post transmitting a charging post credential stored in the second type charging post to the cloud server, and The cloud server verifies the charging pile credentials.
10. 10. The charging stake management system of claim 9, wherein the second type of charging stake and the cloud server are further configured to: Exchanging a second encryption key, and And if the second type charging pile passes the second mutual authentication test, encrypting the second encryption connection line based on the second encryption key.
11. 11. The charging pile management system of claim 8, wherein the cloud server is further configured to: Storing a second set of identifiers; performing the second identification test by verifying whether a third identification of the second type of charging stake belongs to the second set of identifications, and The second encrypted connection is established only if the third identification is verified as authorized.
12. 12. The system of claim 11, wherein the third identification includes an encryption code according to the second security profile, the edge controller further configured to: detecting a first connection request from the second type of charging pile; Storing a fourth identification in the second type of charging pile for replacing the third identification; Storing the fourth identification in the second identification set, and And if the second type charging pile sends out a subsequent connection request, executing the second identification test by verifying the fourth identification of the second type charging pile.
13. 13. The charging pile management system of claim 8, wherein the cloud server comprises a service network configured to: converting the third charging information into a fourth charging information according to the second communication protocol; collecting the second charging information and the fourth charging information, and And executing the charging station management service on the first type charging pile and the second type charging pile in response to the second charging information and the fourth charging information respectively.
14. 14. The charging stake management system as claimed in claim 1, wherein the first communication protocol is based on an open charging point protocol, the first type of charging stake supports a security profile 0 or a security profile 1 of the open charging point protocol, and the second communication protocol is based on message queue telemetry transmission.
15. 15. The charging peg management system of claim 1, wherein the charging station management service comprises a process initiation notification, a remotely initiated transaction, an electric vehicle driver service, a mobile application service, a payment service, an invoice service, a device service, or a transaction service based on the second charging information.
16. 16. The charging pile management system of claim 1, wherein the cloud server is further configured to: detecting a first disconnection event associated with the first encrypted connection, and If the first disconnect event exceeds a predetermined time, the first cryptographic connection is terminated until the edge controller passes the first mutual authentication test again.
17. 17. The charge stake management system of claim 2, wherein the edge controller further includes: A third module configured to: Detecting a second disconnect event indicating that the edge controller is not connected to the Internet, and And executing a local information security management system service on the first type of charging post in response to the first charging information transmitted through the unencrypted connection, wherein the local information security management system service comprises processing a start notification or a remote start transaction.

Description

Charging pile management system Technical Field The present invention relates to a secure communication system, and more particularly, to a charging pile management system for providing secure communication for a plurality of electric vehicle power supply devices (Electronic Vehicle Supply Equipment: EVSE). Background The open charge point protocol (Open Charge Point Protocol: OCPP) is a widely used communication protocol between Electric Vehicle Supply Equipment (EVSE) and a central management system called the Charging Station Management System (CSMS). CSMS provides a unified way of exchanging information such as status, meter values and transaction related data. OCPP have several security profiles, numbered 0, 1, 2, and 3. The security profiles 0 and 1 transmit information in plain text, which presents a significant security risk because data may be intercepted and read by unauthorized parties. This is particularly a concern given the sensitivity of certain data transmitted, such as transaction details and user identity. Disclosure of Invention The charging pile management system comprises an edge controller and a cloud server. The edge controller establishes an unencrypted connection with the first type of charging pile according to the first security profile, and converts the first charging information formatted according to the first communication protocol and transmitted from the first type of charging pile into second charging information formatted according to the second communication protocol. If the edge controller passes the first mutual authentication test according to the second security profile with the security higher than the first security profile, the cloud server establishes a first encryption connection with the edge controller. And responding to the second charging information transmitted through the first encryption connection line, and executing the charging station management service on the first type of charging piles by the cloud server. The charging pile management system comprises a first module and a second module. The first module performs a first identification test to verify a first identification of the first type of charging stake. If the first type charging pile passes the first identification test, the first module establishes an unencrypted connection with the first type charging pile. The first module receives first charging information from a first type of charging pile through an unencrypted connection. The second module has a first theme for transmitting and receiving information over the first encrypted wire. The second module converts the first charging information into second charging information and publishes the second charging information on the first topic. The charging pile management system described above, the cloud server includes a first network endpoint and a second network endpoint. The first network endpoint has a second theme for sending and receiving information. The first network endpoint performs a first mutual authentication test to authenticate the edge controller. If the edge controller passes the first mutual authentication test, the first network endpoint establishes a first encrypted connection with the edge controller using a mutual authentication transmission security (mutual Transport Layer Security: mTLS) channel. The first network endpoint subscribes to the first theme to receive the second charging information through the first encryption connection line, and issues the second charging information on the second theme. The second network endpoint subscribes to a second theme for receiving second charging information and executing charging station management service on the first type charging piles according to the second charging information. The charging pile management system as described above, the first mutual authentication test includes the following steps. The cloud server transmits the server credential stored in the cloud server to the edge controller. The edge controller verifies the server credential. The edge controller transmits edge credentials stored in the edge controller to the cloud server. The cloud server verifies the edge credentials. The charging pile management system as described above, wherein the edge controller and the cloud server exchange the first encryption key. If the edge controller passes the first mutual authentication test, the edge controller and the cloud server encrypt the first encrypted connection based on the first encryption key. The charge pile management system as described above, wherein the edge controller stores the first set of identities. The edge controller performs a first identification test by verifying whether the first identification of the first type of charging stake belongs to the first identification set. The edge controller establishes the unencrypted connection only if the first identification is verified as authorized. The charging pile management system as described above,