CN109120650A - A kind of side channel signal automated collection systems and method towards IOT terminal - Google Patents

Abstract

Side channel signal automated collection systems towards IOT terminal of the invention, including side channel information analog input card, oscillograph and PC machine, be characterized in that: side channel information analog input card is made of main control module, reset control circuit, communication control circuit, energy mark Acquisition Circuit, reset control circuit controls reset/trigger signal low and high level, and communication control circuit controls the on-off communicated between main control module and FLASH.Acquisition method of the invention, comprising: a) is tested object connection；B) is initialized；C) sends random firmware data；Whether d) reception is completed；E) obtains firmware data；F) reset and communication control；G) firmware data is downloaded；H) is released the control；I) acquisition of energy mark and upload.Side channel signal automated collection systems of the invention are, it can be achieved that automatic collection to energy mark signal in tested object firmware upgrade process, convenient for analyzing to whether there is side-channel attack loophole in IOT terminal device firmware upgrade process.

Description

A kind of side channel signal automated collection systems and method towards IOT terminal

Technical field

The present invention relates to a kind of side channel signal automated collection systems and methods, more specifically, more particularly to a kind of face To the side channel signal automated collection systems and method of IOT terminal.

Background technique

With the fast development of Internet of Things (IOT), the application field of IOT terminal device is very extensive.Technology of Internet of things is People's lives bring great convenience.People can be with remote monitoring and control IOT terminal device by cell phone application.But therewith The safety problem come also becomes increasingly conspicuous, and security incident emerges one after another.CCTV13 channel was once produced: smart television is hacked and intelligence Camera is by the event of malicious intrusions.2016 end of the year hackers utilize a large amount of internet of things equipment, have initiated DDOS attack, have caused more The well-known website of family can not access.2017, cryptography expert Shamir team was realized based on side Channel Technology by aircraft On-air radio firmware upgrade, to attack Philips Hue intelligent lamp.

For IOT terminal device due to the limitation of own resource, cost, power consumption, attacker relatively easily utilizes equipment Side-channel attack is implemented in the physics leakage (such as: energy, electromagnetism, sound, time, light) generated in calculating process, to IOT equipment Safety cause great threat.Internet of Things scale deployment is faced with numerous challenges.When numerous internet of things equipment needs function When can update or repair loophole, wireless (OTA) firmware upgrade will become an important time saving, convenient and fast function.OTA is solid Part upgrading has become the indispensable component part of internet of things equipment.

The principle of OTA firmware upgrade is that firmware upgrade order is sent to Internet of Things cloud platform by network by terminal APP, Firmware updating is sent to router and bridge by network by Internet of Things cloud platform, and firmware updating is sent to IOT terminal by bridge Equipment.The firmware received is decrypted IOT terminal device and authentication operation, generates authentication code, then according to authentication code, judgement Whether the firmware has upgrade service permission.If Service Privileges certification passes through, firmware updating programming is entered into IOT terminal device In, and return to the successful result of firmware upgrade.If authentification failure, the result of firmware upgrade failure is directly returned.

During IOT terminal device firmware upgrade, if there is the leakage of firmware encrypting, the side Multiple Channel Analysis of certification Hole, attacker can analyze decruption key and authentication key, to obtain firmware upgrade by side-channel attack method Authentication service permission.And then malice firmware is generated, malice firmware is then downloaded into IOT terminal by way of firmware upgrade In, it is illegally controlled, so as to cause DDOS similar to serious network safety event.

This patent provides automation for side-channel attack loophole present in IOT terminal device firmware upgrade process Side channel information acquisition platform and implementation method, assessed for the safety to IOT terminal device preventing side-channel attack Analysis.The platform has friendly interface between software and hardware, can be communicated with the side Multiple Channel Analysis software of mainstream, can automate and adopt Collect and uploads energy mark sampled data.The invention patent is that side channel safety is commented in IOT terminal device firmware upgrade process Estimate and provides the side channel information acquisition platform of automation.The acquisition platform have interface simple, good compatibility, acquisition energy The features such as mark signal-to-noise ratio is high provides the analysis signal of high quality for side Multiple Channel Analysis.

Summary of the invention

The present invention in order to overcome the shortcomings of the above technical problems, provide a kind of side channel signal towards IOT terminal from Dynamic acquisition system and method.

Side channel signal automated collection systems towards IOT terminal of the invention, including side channel information analog input card, show Wave device and PC machine, PC machine is for running side Multiple Channel Analysis application program, and side channel information analog input card is for acquiring tested pair As the energy mark signal in firmware upgrade process, and it is sent in oscillograph；Oscillograph is connected with PC machine through communication line, oscillography Device converts digital signal for received energy mark signal and is transmitted to PC machine；It is characterized by: the side channel information acquisition Board is by main control module, reset control circuit, communication control circuit, energy mark Acquisition Circuit, filtering and amplifying circuit and power supply electricity Road composition, main control module turns TTL module by USB and PC machine communicates to connect；The output end of reset control circuit formed all the way with The reset line interface that the reset signal of the MCU of tested object is connected, another way form the triggering letter being connected with oscillograph Number, the output end of main control module is connected with the control terminal of reset control circuit, with the high and low electricity exported to reset control circuit Level state is controlled；The MCU of tested object is connected through SPI communication line with the FLASH of test object；

The SPI communication interface of main control module is connected with the input terminal of communication control circuit, the output end shape of communication control circuit The SPI communication line interface being connected at the SPI communication line between MCU and FLASH；The output end and communication control of main control module The control terminal of circuit is connected, and is controlled with the on off operating mode to its input terminal and output end；The input of energy acquisition circuit End forms the energy mark acquisition interface being connected with the power end of the MCU of tested object, the signal of energy acquisition circuit acquisition Oscillograph is input to after the processing of filtering and amplifying circuit.

Side channel signal automated collection systems towards IOT terminal of the invention, main control module reset control by control The output of circuit makes MCU be in the low level reset signal of reset state always, and MCU is made to lose the control to FLASH, main simultaneously It controls module output and connects communication control circuit input and the low level signal of output end, so that main control module is by firmware upgrade data It is downloaded in FLASH；After firmware upgrade data are downloaded, main control module output disconnects communication control circuit input and output end The high level signal of connection, to restore control of the MCU to FLASH, while the high electricity of main control module control reset control circuit output Ordinary mail number, to trigger the energy mark signal that oscillograph receives energy acquisition circuit acquisition.

Side channel signal automated collection systems towards IOT terminal of the invention, the main control module use model The different pins of the chip of STM32F405R, STM32F405R export reseting controling signal C_RST, communications control signal E_STM And SPI communication signal MOSI, MISO, SCK and NSS；Reset control circuit by model TS5A3167DBV analog switch U18 composition, the control terminal IN of analog switch U18 are connected with reseting controling signal C_RST, the outlet side of analog switch U18 Reset signal is formed after public end COM series resistance R26, the normal-closed end NC ground connection of analog switch U18；Communication control electricity Route 4 models be TS5A3167DBV analog switch U8, U9, U10, U11 composition, 4 analog switch U8, U9, U10, The control terminal IN of U11 is connected with communications control signal E_STM；SPI communication signal MOSI, MISO, SCK and NSS are concatenated C_MOSI, C_MISO, C_SCK and C_CS are respectively formed after resistance, the SPI communication line being tested between the MCU and FLASH of object Respectively F_MOSI, F_MISO, F_SCK and F_CS；The public end COM of 4 analog switches U8, U9, U10, U11 respectively with C_ CS, C_SCK, C_MISO, C_MOSI are connected, and normal-closed end NC is connected with F_CS, F_SCK, F_MISO, F_MOSI respectively.

Side channel signal automated collection systems towards IOT terminal of the invention, the energy acquisition circuit by resistance R5, R6, R10 and capacitor C15, C16, C17 composition, one end after resistance R5 connects with resistance R6 are grounded, and the other end forms energy mark and adopts Collect interface, the both ends after capacitor C15, C16 and C17 are in parallel are connected to power ground and one end of R10 respectively, and the another of R10 is terminated at In energy mark acquisition interface；Filtering and amplifying circuit by amplifier AD8000, resistance R15, R22, R21 and capacitor C29, C30, Both ends after C31 and C32 composition, resistance R22, resistance R15 and resistance R21 are sequentially connected in series are being connected to power ground and power supply just respectively On, the both ends after capacitor C29, C30, C31 are in parallel are connected to the junction of R5 and R6 and the junction of R22 and R15 respectively；Resistance The junction of R15 and R21 is grounded through capacitor C32, and the input terminal IN+ of amplifier AD8000 is connected to the junction of R22 and R15, is put The output end OUT of big device AD8000 forms the signaling interface for being input to oscillograph after capacitor and resistance.

Side channel signal automated collection systems towards IOT terminal of the invention, the main control module turn TTL mould through USB Block and PC machine communicate to connect, and USB turns TTL module and is made of the chip of model FT232RL, and the RS232 communication of main control module connects Mouth is connected with the end TXD, RXD of FT232RL, and the port USBDM, USBDP of FT232RL forms the USB being connected with PC machine and connects Mouthful.

The acquisition method of side channel signal automated collection systems towards IOT terminal of the invention, which is characterized in that pass through Following steps are realized:

A) is tested object connection, and the reseting port of tested object MCU is connected to the reset on the channel information analog input card of side On line interface, it is connected on SPI communication line interface through tested SPI communication line between object MCU and FLASH, it will be through tested The power supply of object MCU is terminated in energy mark acquisition interface, realizes the connection of tested object and side channel information analog input card； B) main control module initializes, and main control module initializes I/O, UART, SPI and clock frequency, to UART and SPI interface Communication baud rate, timing, interruption initialized；C) sends random firmware data, and random firmware data is sent to by PC machine Main control module on the channel information analog input card of side；D) judges whether data receiver is completed, and main control module is connect by inquiring serial ports Receive whether mark UartFlag is set to 1, whether the data to judge that PC machine is sent finish receiving；If UartFlag=1 shows The data receiver that PC machine sends over is completed, and is executed step e), is otherwise continued to execute step c)；E) obtains random firmware data, UartFlag is reset first, then parses the data received, obtains random firmware data；F) is resetted and is communicated Control, main control module export low level reseting controling signal and low level communications control signal, MCU are made to be in reset always State and lose the control to FLASH, and connect the SPI communication circuit between main control module and FLASH；G) firmware data Downloading, main control module download to firmware upgrade mark and random firmware data in FLASH；H) discharges the control to MCU, main The reseting controling signal of module output high level and the communications control signal of high level are controlled, main control module disconnects logical with FLASH Letter connection, and MCU receive the signal for becoming high level from low level after restart；I) energy mark signal acquisition and upload, MCU reads firmware data and upgrading in FLASH, while the energy in energy acquisition circuit acquisition MCU escalation process after restarting Mark signal is simultaneously uploaded to oscillograph, and oscillograph is uploaded to PC machine after converting digital signal for received analog energy mark signal, Realize the side channel signal automatic collection in tested object firmware upgrade process.

The beneficial effects of the present invention are: the side channel signal automated collection systems of the invention towards IOT terminal, by PC Machine, oscillograph and side channel information analog input card composition, side channel information analog input card by main control module, reset control circuit, Communication control circuit, energy acquisition circuit composition.The output end of reset control circuit forms the MCU reset terminal with tested object The reset line interface being connected, the SPI communication line interface on communication control circuit can be disconnected or be connect in the control line of main control module The logical SPI communication between MCU and FLASH is connect, and the acquisition interface of energy mark Acquisition Circuit is connected with the power end of MCU, To realize the acquisition to energy mark signal (faint voltage change signal) in MCU firmware upgrade process.In use process, pass through SPI communication line, MCU power end between the MCU reset terminal, MCU and FLASH of tested object is connected with corresponding interface It connects, the automatic collection to the energy mark signal in tested object firmware upgrade process can be realized, with solid to IOT terminal device Analyzed in part escalation process with the presence or absence of side-channel attack loophole, provide automation side channel information acquisition platform and Implementation method is conducive to the safety to IOT terminal device preventing side-channel attack and carries out convenient, assessment point fast and accurately Analysis.

Detailed description of the invention

Fig. 1 is the schematic diagram of the side channel signal automated collection systems of the invention towards IOT terminal；

Fig. 2 is the circuit diagram of the main control module in the present invention；

Fig. 3 is the circuit diagram of the reset control circuit in the present invention；

Fig. 4 is the circuit diagram of the trigger circuit in the present invention；

Fig. 5 is the circuit diagram of communication control circuit in the present invention；

Fig. 6 is the circuit diagram of the SPI signal of the main control module output in the present invention；

Fig. 7 is the circuit diagram of energy acquisition circuit and filtering and amplifying circuit in the present invention；

Fig. 8 is the circuit diagram that USB turns TTL module in the present invention；

Fig. 9 is the circuit diagram of the MCU as tested object a kind of；

Figure 10 is the circuit diagram of the FLASH as tested object a kind of；

Figure 11 is the work flow diagram of main control module in the present invention.

In figure: 1 side channel information analog input card, 2 oscillographs, 3 PC machine, 4 main control modules, 5 reset control circuits, 6 communications Control circuit, 7 trigger circuits, 8 filtering and amplifying circuits, 9 energy acquisition circuits, 10 power supply circuits, 11 USB turn TTL module；12 MCU, 13 FLASH, 14 reset line interface, 15 SPI communication line interfaces, 16 energy mark acquisition interfaces.

Specific embodiment

The invention will be further described with embodiment with reference to the accompanying drawing.

As shown in Figure 1, the schematic diagram of the side channel signal automated collection systems of the invention towards IOT terminal is given, It is made of PC machine 3, oscillograph 2 and side channel information analog input card 1, and PC machine is used to run the application journey of side channel signal analysis Sequence, PC machine 3 and side channel information analog input card 1 communicate to connect, so that firmware upgrade data are sent to side channel information by PC machine 3 The data that analog input card 1 and receiving side channel information analog input card 1 are sent.Side channel information analog input card 1 is realized to tested The acquisition of the energy mark signal of object is tried, and the signal of acquisition is transmitted in oscillograph 2.Oscillograph 2 and PC machine 1 are through communication line It is connected, the energy mark signal of received analog signal form is converted digital signal by oscillograph 2, and is uploaded in PC machine 3, The energy mark acquired so as to 3 Duis of PC machine is analyzed, and the side Multiple Channel Analysis result of IOT terminal device is ultimately formed.

Side channel information analog input card 1 shown in FIG. 1 by main control module 4, reset control circuit 5, communication control circuit 6, Energy mark Acquisition Circuit 9, trigger circuit 7, filtering and amplifying circuit 8, USB turn TLL module and power supply circuit 10 forms, master control mould Block 4 has the function of data communication, FLASH data manipulation and control output, turns TTL module 11 by USB and communicates with PC machine 3 Letter, voltage needed for power supply circuit 10 provides work for each module.The output end of reset control circuit 5, which is formed, resets line interface 14, it resets line interface 14 and is used to be connected with the reset terminal of tested object MCU, 5 input terminal of reset control circuit and master control mould The output end of block 4 is connected, so that under the control action of main control module 4, control 5 output phase of reset control circuit is answered high and low The reset signal of level.The reset signal that reset control circuit 5 exports simultaneously is also used as the output signal of trigger circuit 7, with touching It sends out oscillograph 2 and receives energy mark signal.

The input terminal of communication control circuit 6 is connected with the SPI communication line that main control module 4 exports, and it is logical that output end forms SPI Believe that line interface 15, the SPI communication line between the MCU and FLASH of tested object are connected on SPI communication line interface 15；Communication control The control terminal of circuit 6 processed is connected with the output end of main control module 4, so that main control module 4 exports control communication control circuit 6 The control signal of input and output end on-off.The input terminal of energy acquisition circuit 9 forms energy mark acquisition interface 16, output end with Filtering and amplifying circuit 8 is connected, and energy mark acquisition interface 16 is connected with the power end of tested object MCU, is existed with obtaining MCU The signal intensity of power end in firmware upgrade process, and amplified, be filtered after be input in oscillograph 2.

The effect of main control module 4 is to receive PC machine 3 to send over data, and carry out parsing to data and obtain random firmware number According to, then by firmware upgrade mark and random firmware data, downloaded to by communication control circuit 6 in the FLASH of IOT terminal, Make MCU when FLASH downloading data by reset control circuit simultaneously, is in reset state always.The firmware of FLASH After data are downloaded, communication control circuit disconnects main control module and FLASH communication data line, and reset control circuit output is multiple Position signal triggering MCU is restarted, and MCU is promoted to enter firmware upgrade process.

The reseting controling signal for making MCU be in reset state always is exported when main control module 4 controls reset control circuit 5 Afterwards, since MCU is in reset state, the control to FLASH is just lost.At this point, main control module 4 controls communication control circuit 6 input and output is connected, and is achieved that main control module 4 is connect with the SPI communication of FLASH, main control module 4 can will receive at this time PC machine 3 send firmware upgrade data be downloaded in FLASH.After downloading, main control module 4 controls communication control circuit 6 Input and output disconnect, disconnect main control module 4 connect with the SPI communication of FLASH；At this point, changing the defeated of reset control circuit 5 It does well, restarts MCU, so that MCU is upgraded using the firmware data in FLASH.Trigger circuit 7 exports simultaneously It controls signal triggering oscillograph and carries out signal reception, the energy mark signal that energy acquisition circuit 9 acquires is sent in oscillograph 2.

As shown in Fig. 2, give the circuit diagram of the main control module in the present invention, shown in main control module 4 use model Believe respectively as reseting controling signal C_RST, communication control the port PB1, PB2 of the chip of STM32F405R, STM32F405R Number E_STM, PA7, PA6, PA5, PA4 respectively as SPI communication MOSI, MISO, SCK and NSS signal, PC10, PC11 points Not as RXD, TXD signal for realizing RS232 communication.As shown in fig. 6, giving the SPI of the main control module output in the present invention The circuit diagram of signal, it is seen that main control module output MOSI, MISO, SCK and NSS signal respectively through resistance R17, R18, R19, SPI communication signal marked as C_MOSI, C_MISO, C_SCK and C_NSS is formed after R20, increase resistance R17, R18, R19, R20 is used for the ease of debugging.

As shown in figure 3, give the circuit diagram of the reset control circuit in the present invention, shown in reset control circuit 5 adopt It is connected with the end IN of the analog switch U18 of model TS5A3167DBV, analog switch U18 with reseting controling signal C_RST, Reset signal is formed after the end the COM series resistance R28 of analog switch U18, the end the NC ground connection of analog switch U18.Such as Fig. 4 It is shown, give the circuit diagram of the trigger circuit in the present invention, the reset signal that analog switch U18 is generatedAlso as defeated The trigger signal entered into oscillograph 2 is used, and the pin 1 in Fig. 4 in CON3 is shorted with pin 2, that is, has selected reset signalIt is exported as trigger signal.Pin 2 and 3 is shorted, that is, I/O mouthfuls of low and high levels has been selected to export as trigger signal.Touching It signals by being connected after resistance R61 with SMA interface.SMA turns BNC cable and oscillograph 2 is connected with the port SM2 J11.

TS5A3167DBV in Fig. 3 singly throws analog switch to be single-ended, and the conducting resistance of the analog switch is 0.9 Ω, this is led Energization resistance value is smaller, and loss of signal degree is small, and precision is higher.The frequency bandwidth of TS5A3167DBV be 200MHZ, dynamic range compared with Greatly, it can satisfy the demand of SPI communication frequency.The single supply that the operating condition of TS5A3167DBV is+1.65V-+5.5V is powered, Its voltage is chosen to be+3.3V, identical as the voltage of main control module 4 and FLASH, to simplify the complexity of power supply circuit.It should Analog switch has 5 pins: 1(NC), 2(COM), 3(GND), 4(IN) and 5(V+).Wherein pin 1(NC) it is analog switch Normal-closed end, 2(COM) be analog switch public end, 3(GND) logically, 4(IN) logic level input, 5(V+) positive simulation Power input.Wherein IN(4) it is connected with main control module, the end COM is according to IN(4) height of incoming level, it switches over.The simulation The function of switch is shown in Table 1.H indicates that high level, L indicate low level in table.

Table 1

Reset control circuit 5 is made of 1 analog switch TS5A3167DBV, resistance, capacitor and reset key.It is controlled when resetting Signal C_RST be low level when so that IN(4) pin be low level, public end COM(2) be connected with normal-closed end NC(1) so that The level of the reseting pin of MCU be always it is low, MCU is in reset state at this time.When reseting controling signal C_RST is low level When, IN(4) be also high level, public end COM(2) disconnected with normal-closed end NC(1), COM(2) vacantly, the reset circuit of MCU at this time Reset signal is generated, MCU is restarted.

As shown in figure 5, give the circuit diagram of communication control circuit in the present invention, shown in communication control circuit by 4 Model is the analog switch composition of TS5A3167DBV, and label is respectively U8, U9, U10, U11,4 analog switches (U8, U9, U10, U11) IN pin with main control module 4 export communications control signal E_STM be connected, analog switch U8, U9, The public end COM of U10, U11 are connected with C_CS, C_SCK, C_MISO, C_MOSI respectively, normal-closed end NC respectively with F_CS, F_ SCK, F_MISO, F_MOSI are connected, and F_MOSI, F_MISO, F_SCK and F_CS are between the MCU and FLASH of tested object SPI communication line.In this way, when the communications control signal E_STM that main control module 4 exports is low level, so that C_CS, C_SCK, C_MISO, C_MOSI are connected with F_CS, F_SCK, F_MISO, F_MOSI, that is, realize main control module 4 and tested object Communication connection between FLASH, so that main control module 4 downloads firmware upgrade data into FLASH；It is exported when main control module 4 When E_STM is high level, then the communication connection between main control module 4 and FLASH is disconnected.

Reset control circuit 5 and communication control circuit 6 cooperate under the control of main control module 4, are not needing artificially In the case where interference, automation realizes the process of simulation firmware upgrade.The level state of C_RST and E_STM is different, control electricity The function that road is realized is different.The specific status function of C_RST and E_STM is shown in Table 2.H indicates that high level, L indicate low electricity in table It is flat.

Table 2

The major function that main control module 4 is realized is: receiving the data that PC machine side Multiple Channel Analysis software is transmitted across, and carries out to data Parsing obtains random firmware data；Then reset and signal circuit are controlled, by firmware upgrade mark and firmware data Download to the specified position FLASH；After downloading, starting MCU is resetted, reset signal triggers oscillograph as trigger signal Energy mark is sampled.

As shown in fig. 7, the circuit diagram of energy acquisition circuit and filtering and amplifying circuit in the present invention is given, energy acquisition electricity Road 9 is made of resistance R10 in resistance R5, R6 and Fig. 9 in Fig. 7 and capacitor C15, C16, C17, after resistance R5 connects with resistance R6 One end ground connection, the other end (marked as POWER) forms energy mark acquisition interface 16, after capacitor C15, C16 and C17 is in parallel Both ends are connected to power ground and one end of R10 respectively, and the another of R10 is terminated in energy mark acquisition interface 16, and the acquisition of energy mark connects Mouth 16 is connected with the power end of tested object, to acquire the signal of MCU power end during running firmware upgrade procedure Variation.Filtering and amplifying circuit 8 is made of amplifier AD8000, resistance R15, R22, R21 and capacitor C29, C30, C31 and C32, Resistance R22, resistance R15 and resistance R21 be sequentially connected in series after both ends be connected to respectively power ground and power supply just on, capacitor C29, C30, Both ends after C31 is in parallel are connected to the junction of R5 and R6 and the junction of R22 and R15 respectively；The connection of resistance R15 and R21 Place is grounded through capacitor C32, and the input terminal IN+ of amplifier AD8000 is connected to the junction of R22 and R15, and amplifier AD8000's is defeated Outlet OUT forms the signaling interface for being input to oscillograph after capacitor and resistance.

As shown in figure 8, giving the circuit diagram that USB in the present invention turns TTL module, main control module 4 turns TTL module through USB 11 communicate to connect with PC machine 3, and USB turns TTL module and is made of the chip of model FT232RL, and the RS232 communication of main control module connects Mouth is connected with the end TXD, RXD of FT232RL, and the port USBDM, USBDP of FT232RL forms the USB being connected with PC machine and connects Mouthful.As shown in figure 9, giving the circuit diagram of the MCU as tested object a kind of, the MCU for being tested object uses model The chip of ATMEGA2564RFR2-ZU, the port I/O are formed with F_CS, F_SCK, F_MISO, F_ that realization is communicated with FLASH MOSI signal wire is connected with the reset signal that reset control circuit 5 exportsSignal end, and for carrying out energy mark The POWER signal end of signal acquisition.As shown in Figure 10, the circuit diagram of the FLASH as tested object a kind of is given, it is shown FLASH memory use model M25P40-VMN6PB chip, be connected with the SPI communication line of MCU, to realize number According to storage and reading, shown in switch U5, U6 and socket J4 be to debug and be used.

As shown in figure 11, the work flow diagram of main control module in the present invention, the side of the invention towards IOT terminal are given The acquisition method of channel signal automated collection systems is realized by following steps:

A) is tested object connection, and the reseting port of tested object MCU is connected to (1) on the channel information analog input card of side It resets on line interface (14), is connected to SPI communication line interface (15) through tested SPI communication line between object MCU and FLASH On, the power supply through tested object MCU is terminated in energy mark acquisition interface (16), realizes that tested object and side channel are believed Cease the connection of analog input card；

B) main control module initializes, and main control module initializes I/O, UART, SPI and clock frequency, to UART and SPI The communication baud rate of interface, timing, interruption are initialized；

C) sends random firmware data, and random firmware data is sent to the master control mould on the channel information analog input card of side by PC machine Block；

D) judges whether data receiver is completed, and main control module is come by inquiring whether serial ports reception flag UartFlag is set to 1 Whether the data for judging that PC machine is sent finish receiving；If UartFlag=1, show that the data receiver that PC machine sends over is completed, Step e) is executed, step c) is otherwise continued to execute；

E) obtains random firmware data, first resets UartFlag, then parses the data received, obtain with Machine firmware data；

F) resets and communication control, main control module export low level reseting controling signal and low level communications control signal, So that MCU is in reset state always and lose the control to FLASH, and connects the SPI communication between main control module and FLASH Circuit；

G) firmware data is downloaded, and main control module downloads to firmware upgrade mark and random firmware data in FLASH；

H) discharges the control to MCU, and main control module exports the reseting controling signal of high level and the communication control letter of high level Number, main control module disconnect with the communication connection of FLASH, and MCU receive the signal for becoming high level from low level after restart；

I) energy mark signal acquisition and upload, MCU read firmware data and upgrading in FLASH, while energy acquisition after restarting Energy mark signal in circuit acquisition MCU escalation process is simultaneously uploaded to oscillograph, and oscillograph is by received analog energy mark signal It is uploaded to PC machine after being converted into digital signal, realizes the side channel signal automatic collection in tested object firmware upgrade process.

Claims (6)

1. a kind of side channel signal automated collection systems towards IOT terminal, including side channel information analog input card (1), oscillography Device (2) and PC machine (3), for PC machine for running side Multiple Channel Analysis application program, side channel information analog input card is tested for acquiring The energy mark signal in object firmware upgrade process is tried, and is sent in oscillograph；Oscillograph is connected with PC machine through communication line, Oscillograph converts digital signal for received energy mark signal and is transmitted to PC machine；It is characterized by: the side channel information Analog input card is filtered by main control module (4), reset control circuit (5), communication control circuit (6), energy mark Acquisition Circuit, amplification Circuit (8) and power supply circuit (10) composition, main control module turns TTL module (11) by USB and PC machine communicates to connect；Reset control The output end of circuit forms the reset line interface (14) being connected with the reset signal of the MCU(12 of tested object) all the way, separately The trigger signal being connected with oscillograph is formed all the way, and the output end of main control module is connected with the control terminal of reset control circuit It connects, to control the high and low level state that reset control circuit exports；The MCU of tested object is through SPI communication line and surveys The FLASH of examination object is connected；

The SPI communication interface of main control module is connected with the input terminal of communication control circuit (6), the output end of communication control circuit Form the SPI communication line interface (15) being connected with the SPI communication line between MCU and FLASH；The output end of main control module and logical The control terminal of letter control circuit is connected, and is controlled with the on off operating mode to its input terminal and output end；Energy acquisition circuit (9) input terminal forms the energy mark acquisition interface (16) being connected with the power end of the MCU of tested object, energy acquisition electricity The signal of road acquisition is input to oscillograph (2) after the processing of filtering and amplifying circuit (8).

2. the side channel signal automated collection systems according to claim 1 towards IOT terminal, it is characterised in that: master control Module (4) makes MCU(12 by controlling the output of reset control circuit (5)) it is in the low level reset letter of reset state always Number, lose MCU to FLASH(13) control, while main control module output connect communication control circuit (6) input and output end Low level signal so that firmware upgrade data are downloaded in FLASH by main control module；After firmware upgrade data are downloaded, Main control module output disconnects communication control circuit and inputs the high level signal being connected to output end, to restore control of the MCU to FLASH System, while main control module control reset control circuit exports high level signal, receives energy acquisition circuit to trigger oscillograph (2) (9) the energy mark signal acquired.

3. the side channel signal automated collection systems according to claim 1 or 2 towards IOT terminal, it is characterised in that: institute The chip that main control module (4) use model STM32F405R is stated, the different pins of STM32F405R export reseting controling signal C_RST, communications control signal E_STM and SPI communication signal MOSI, MISO, SCK and NSS；Reset control circuit (5) is by type It number is formed for the analog switch U18 of TS5A3167DBV, the control terminal IN of analog switch U18 is connected with reseting controling signal C_RST It connects, forms reset signal after the public end COM series resistance R26 of the outlet side of analog switch U18, analog switch U18's Normal-closed end NC ground connection；Communication control circuit (6) is analog switch U8, U9, U10, U11 group of TS5A3167DBV by 4 models At the control terminal IN of 4 analog switches U8, U9, U10, U11 are connected with communications control signal E_STM；SPI communication signal MOSI, MISO, SCK and NSS are respectively formed C_MOSI, C_MISO, C_SCK and C_CS after being concatenated resistance, are tested object SPI communication line between MCU and FLASH is respectively F_MOSI, F_MISO, F_SCK and F_CS；4 analog switch U8, U9, The public end COM of U10, U11 are connected with C_CS, C_SCK, C_MISO, C_MOSI respectively, normal-closed end NC respectively with F_CS, F_ SCK, F_MISO, F_MOSI are connected.

4. the side channel signal automated collection systems according to claim 1 or 2 towards IOT terminal, it is characterised in that: institute It states energy acquisition circuit (9) to be made of resistance R5, R6, R10 and capacitor C15, C16, C17, after resistance R5 connects with resistance R6 One end ground connection, the other end form energy mark acquisition interface (16), and the both ends after capacitor C15, C16 and C17 are in parallel are connected to electricity respectively Source and R10 one end, the another of R10 be terminated in energy mark acquisition interface；Filtering and amplifying circuit (8) is by amplifier AD8000, resistance R15, R22, R21 and capacitor C29, C30, C31 and C32 composition, resistance R22, resistance R15 and resistance R21 according to Both ends after secondary series connection be connected to respectively power ground and power supply just on, the both ends after capacitor C29, C30, C31 is in parallel are connected to R5 respectively With the junction of the junction of R6 and R22 and R15；The junction of resistance R15 and R21 are grounded through capacitor C32, amplifier The input terminal IN+ of AD8000 is connected to the junction of R22 and R15, the output end OUT of amplifier AD8000 shape after capacitor and resistance At the signaling interface for being input to oscillograph.

5. the side channel signal automated collection systems according to claim 1 or 2 towards IOT terminal, it is characterised in that: institute It states main control module (4) and turns TTL module (11) and PC machine (3) communication connection through USB, USB turns TTL module by model FT232RL Chip composition, the RS232 communication interface of main control module is connected with the end TXD, RXD of FT232RL, the USBDM of FT232RL, The port USBDP forms the USB interface being connected with PC machine.

6. a kind of acquisition method of the side channel signal automated collection systems based on described in claim 1 towards IOT terminal, It is characterized in that, is realized by following steps:

A) is tested object connection, and the reseting port of tested object MCU is connected to (1) on the channel information analog input card of side It resets on line interface (14), is connected to SPI communication line interface (15) through tested SPI communication line between object MCU and FLASH On, the power supply through tested object MCU is terminated in energy mark acquisition interface (16), realizes that tested object and side channel are believed Cease the connection of analog input card；

B) main control module initializes, and main control module initializes I/O, UART, SPI and clock frequency, to UART and SPI The communication baud rate of interface, timing, interruption are initialized；

C) sends random firmware data, and random firmware data is sent to the master control mould on the channel information analog input card of side by PC machine Block；

D) judges whether data receiver is completed, and main control module is come by inquiring whether serial ports reception flag UartFlag is set to 1 Whether the data for judging that PC machine is sent finish receiving；If UartFlag=1, show that the data receiver that PC machine sends over is completed, Step e) is executed, step c) is otherwise continued to execute；

E) obtains random firmware data, first resets UartFlag, then parses the data received, obtain with Machine firmware data；

F) resets and communication control, main control module export low level reseting controling signal and low level communications control signal, So that MCU is in reset state always and lose the control to FLASH, and connects the SPI communication between main control module and FLASH Circuit；

G) firmware data is downloaded, and main control module downloads to firmware upgrade mark and random firmware data in FLASH；

H) discharges the control to MCU, and main control module exports the reseting controling signal of high level and the communication control letter of high level Number, main control module disconnect with the communication connection of FLASH, and MCU receive the signal for becoming high level from low level after restart；

I) energy mark signal acquisition and upload, MCU read firmware data and upgrading in FLASH, while energy acquisition after restarting Energy mark signal in circuit acquisition MCU escalation process is simultaneously uploaded to oscillograph, and oscillograph is by received analog energy mark signal It is uploaded to PC machine after being converted into digital signal, realizes the side channel signal automatic collection in tested object firmware upgrade process.