CN111638898A - Cloud verification method for absolute consistency of firmware version upgrading of FOTA - Google Patents

Cloud verification method for absolute consistency of firmware version upgrading of FOTA Download PDF

Info

Publication number
CN111638898A
CN111638898A CN202010507808.4A CN202010507808A CN111638898A CN 111638898 A CN111638898 A CN 111638898A CN 202010507808 A CN202010507808 A CN 202010507808A CN 111638898 A CN111638898 A CN 111638898A
Authority
CN
China
Prior art keywords
upgrade
server
upgrade package
version
package
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010507808.4A
Other languages
Chinese (zh)
Inventor
樊祥阔
李闻
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Luzhou Hemiao Communication Technology Co ltd
Original Assignee
Luzhou Hemiao Communication Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Luzhou Hemiao Communication Technology Co ltd filed Critical Luzhou Hemiao Communication Technology Co ltd
Priority to CN202010507808.4A priority Critical patent/CN111638898A/en
Publication of CN111638898A publication Critical patent/CN111638898A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F40/00Handling natural language data
    • G06F40/10Text processing
    • G06F40/194Calculation of difference between files
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/70Software maintenance or management
    • G06F8/71Version control; Configuration management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Computational Linguistics (AREA)
  • Audiology, Speech & Language Pathology (AREA)
  • Artificial Intelligence (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Bioethics (AREA)
  • Computer Hardware Design (AREA)
  • Stored Programmes (AREA)

Abstract

本发明公开了一种FOTA升级固件版本绝对一致性的云端校验方法,包括步骤:S1:制作从源版本到目标版本的固件差分升级包,并由FOTA升级配置管理员将升级包上传到云端服务器;S2:筛选要升级的目标设备形成升级群组,创建并启动升级任务;S3:目标设备注册到云端服务器并上线,服务器对目标设备发起基本升级能力的检查以及端云固件版本绝对一致性的检查。本发明通过将FOTA升级固件版本的绝对一致性校验由传统的设备侧上升到云端,可以最大程度的避免将问题升级包(比如服务器升级包配置错误、发生损坏或者被恶意篡改等)下沉到设备端导致各种升级异常(如无法开机、功能紊乱等)、流量和功耗损失等。

Figure 202010507808

The invention discloses a cloud-based verification method for absolute consistency of FOTA upgrade firmware versions. Server; S2: Screen the target devices to be upgraded to form an upgrade group, create and start an upgrade task; S3: Register the target device to the cloud server and go online, the server initiates a basic upgrade capability check on the target device and the absolute consistency of the device-cloud firmware version inspection. By raising the absolute consistency check of the FOTA upgrade firmware version from the traditional device side to the cloud, the present invention can avoid sinking the problem upgrade package (such as the server upgrade package is incorrectly configured, damaged or maliciously tampered, etc.) to the greatest extent. To the device side, various upgrade exceptions (such as failure to boot, dysfunction, etc.), traffic and power consumption losses, etc. are caused.

Figure 202010507808

Description

一种FOTA升级固件版本绝对一致性的云端校验方法A Cloud Verification Method for Absolute Consistency of FOTA Upgraded Firmware Versions

技术领域technical field

本发明涉及FOTA升级技术领域,具体涉及一种FOTA升级固件版本绝对一致性的云端校验方法。The invention relates to the technical field of FOTA upgrade, in particular to a cloud verification method for absolute consistency of FOTA upgrade firmware versions.

背景技术Background technique

设备侧在做FOTA升级的时候,理论上需要先进行绝对一致性校验,绝对一致性校验指的是,设备当前运行的固件版本跟制作FOTA升级包的源固件版本是否绝对一致,绝对一致指的不光是版本号、型号、厂商等基本信息一致,而且必须是同一次编译出的版本,这样才能最大限度的保证升级不出问题。When performing FOTA upgrade on the device side, in theory, absolute consistency check needs to be performed first. Absolute consistency check refers to whether the firmware version currently running on the device is absolutely consistent with the source firmware version used to make the FOTA upgrade package. It refers not only to the same basic information such as version number, model, manufacturer, etc., but also the version compiled at the same time, so as to ensure that the upgrade will not be a problem to the greatest extent.

现有的FOTA升级方案,经常出现升级包下载到设备中,设备对当前版本和升级包做绝对一致性校验失败而导致无法升级,而后设备会根据云端升级定义的重试次数反复重试下载、校验失败这个过程,导致大量消耗设备数据流量和电量;或者有些设备因为校验机制不完善,校验不充分导致有问题的升级包(比如服务器升级包配置错误、发生损坏或者被恶意篡改等)被触发升级,造成设备无法开机或功能异常等严重问题。In the existing FOTA upgrade solution, the upgrade package is often downloaded to the device, and the device fails to perform absolute consistency check on the current version and the upgrade package, resulting in failure to upgrade. Then the device will retry the download repeatedly according to the number of retries defined by the cloud upgrade. , The process of verification failure, resulting in a large consumption of data traffic and power of the device; or some devices due to the imperfect verification mechanism and insufficient verification lead to problematic upgrade packages (for example, the server upgrade package is incorrectly configured, damaged or maliciously tampered with) etc.) are triggered to upgrade, causing serious problems such as the device cannot be turned on or functions abnormally.

大家对上述现象已经习以为常,习惯性的认为这是正常的,不是问题:绝对的一致性检查理应放在设备侧升级前进行,而服务器侧的工作重点理所应当在海量设备的接入鉴权、注册连接管理、上下行业务数据的管理,升级群组和任务流程管理等等。因此服务器在发起或者提示FOTA升级时,普遍是对设备做基本的升级能力检查,比如检查设备电量、小区ID/信号质量、可用空间、设备版本号是否满足升级任务的配置要求,而忽略了对要升级的版本做绝对的一致性检查。Everyone has become accustomed to the above phenomenon, and they are accustomed to think that this is normal and not a problem: the absolute consistency check should be performed before the upgrade of the device side, and the work focus of the server side should be the access authentication of massive devices. , registration connection management, uplink and downlink business data management, upgrade group and task process management, etc. Therefore, when the server initiates or prompts the FOTA upgrade, it generally checks the basic upgrade capability of the device, such as checking whether the device power, cell ID/signal quality, available space, and device version number meet the configuration requirements of the upgrade task, but ignores the configuration requirements of the upgrade task. The version to be upgraded does an absolute consistency check.

发明内容SUMMARY OF THE INVENTION

本发明所要解决的技术问题是提供一种FOTA升级固件版本绝对一致性的云端校验方法,以解决上述背景技术中提出的问题。The technical problem to be solved by the present invention is to provide a cloud-based verification method for absolute consistency of FOTA upgrade firmware versions, so as to solve the problems raised in the above background art.

本发明是通过以下技术方案来实现的:一种FOTA升级固件版本绝对一致性的云端校验方法,其特征在于:包括步骤:The present invention is realized by the following technical solutions: a cloud-based verification method for absolute consistency of FOTA upgrade firmware version, which is characterized in that: it comprises the steps:

S1:制作从源版本到目标版本的固件差分升级包,并由FOTA升级配置管理员将升级包上传到云端服务器;S1: Make a firmware differential upgrade package from the source version to the target version, and upload the upgrade package to the cloud server by the FOTA upgrade configuration administrator;

S2:筛选要升级的目标设备形成升级群组,创建并启动升级任务;S2: Screen the target devices to be upgraded to form an upgrade group, create and start an upgrade task;

S3:目标设备注册到云端服务器并上线,服务器对目标设备发起基本升级能力的检查以及端云固件版本绝对一致性的检查,如任一校验不通过,则服务器不启动该设备升级流程,并将校验失败的原因通知管理员或用户,流程结束;S3: The target device is registered to the cloud server and goes online. The server checks the basic upgrade capability of the target device and checks the absolute consistency of the device-cloud firmware version. If any verification fails, the server will not start the device upgrade process, and Notify the administrator or user of the reason for the verification failure, and the process ends;

服务器校验通过,则对目标设备启动升级流程,目标设备下载升级包,之后完成目标设备升级包校验、升级包执行等后续流程,并最终完成和服务器的状态交互,服务器会将最终升级的结果通知管理员或用户。If the server verification passes, the upgrade process is started for the target device, the target device downloads the upgrade package, and then completes the follow-up processes such as target device upgrade package verification and upgrade package execution, and finally completes the status interaction with the server. The server will update the final upgrade package. The result is notified to the administrator or user.

作为优选的技术方案,所述S1包括过程:As a preferred technical solution, the S1 includes the process:

升级包是签名的,服务器需要验签,先用其中的公钥解开签名,拿到摘要和摘要算法,摘要应包括,升级包摘要,源版本各分区镜像摘要,服务器根据摘要算法重新计算升级包摘要,然后跟从包里解析出的比对,如果一致,说明升级包完好无损,源版本各分区镜像摘要可信;The upgrade package is signed, the server needs to verify the signature, first unlock the signature with the public key in it, and get the digest and digest algorithm. The digest should include the upgrade package digest, and the image digest of each partition of the source version. The server recalculates the upgrade according to the digest algorithm. Package summary, and then compare with the parsed from the package. If they are consistent, it means that the upgrade package is intact, and the image summary of each partition of the source version is credible;

如果升级包没签名,则直接认为该升级包是可信的,直接提取升级包中的当前版本各分区镜像摘要。If the upgrade package is not signed, it is directly considered that the upgrade package is credible, and the image summaries of each partition of the current version in the upgrade package are directly extracted.

作为优选的技术方案,所述S3包括过程:As a preferred technical solution, the S3 includes the process:

服务器将从升级包中抽取的源版本各分区镜像文件摘要算法(如SHA256等)下发给设备侧,设备侧据此计算当前固件版本各分区镜像文件的即时摘要并传给云端服务器,服务器然后跟从升级包中抽取的源版本对应的各分区镜像文件摘要进行比对(比对原则,如果全部都相同,绝对一致性检查成功,否则,只要有一个不一致,都表示绝对一致性检查失败);The server sends the image file digest algorithm (such as SHA256, etc.) of the source version extracted from the upgrade package to the device side, and the device side calculates the real-time digest of each partition image file of the current firmware version and transmits it to the cloud server. The server then Compare with the abstracts of each partition image file corresponding to the source version extracted from the upgrade package (comparison principle, if all are the same, the absolute consistency check succeeds, otherwise, as long as there is one inconsistency, it means the absolute consistency check fails);

或者服务器将从升级包中抽取的源版本对应的各分区镜像文件摘要及算法下发给设备侧,设备侧据此计算出当前固件版本各分区镜像文件的即时摘要并跟服务器下发的比对(比对原则同上.),并将比对结果返回服务器侧。Or the server will deliver the abstracts and algorithms of each partition image file corresponding to the source version extracted from the upgrade package to the device side, and the device side will calculate the real-time abstract of each partition image file of the current firmware version and compare it with the one delivered by the server. (The comparison principle is the same as above.), and the comparison result is returned to the server side.

本发明的有益效果是:通过将FOTA升级固件版本的绝对一致性校验由传统的设备侧上升到云端,可以最大程度的避免将问题升级包(比如服务器升级包配置错误、发生损坏或者被恶意篡改等)下沉到设备端导致各种升级异常(如无法开机、功能紊乱等)、流量和功耗损失等。The beneficial effects of the present invention are: by upgrading the absolute consistency check of the FOTA upgrade firmware version from the traditional device side to the cloud, it is possible to avoid to the greatest extent problem upgrade packages (for example, the server upgrade package is configured incorrectly, damaged or maliciously). tampering, etc.) sinking to the device side, resulting in various upgrade exceptions (such as failure to boot, functional disorder, etc.), traffic and power consumption losses, etc.

附图说明Description of drawings

为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to explain the embodiments of the present invention or the technical solutions in the prior art more clearly, the following briefly introduces the accompanying drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description are only These are some embodiments of the present invention. For those of ordinary skill in the art, other drawings can also be obtained according to these drawings without creative efforts.

图1为本发明的方法流程图。FIG. 1 is a flow chart of the method of the present invention.

具体实施方式Detailed ways

下面详细描述本发明的实施例,所述实施例的示例在附图中示出,其中自始至终相同或类似的标号表示相同或类似的元件或具有相同或类似功能的元件。下面通过参考附图描述的实施例是示例性的,仅用于解释本发明,而不能理解为对本发明的限制。The following describes in detail the embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein the same or similar reference numerals refer to the same or similar elements or elements having the same or similar functions throughout. The embodiments described below with reference to the accompanying drawings are exemplary, only used to explain the present invention, and should not be construed as a limitation of the present invention.

在本发明的描述中,需要理解的是,术语“中心”、“上”、“下”、“前”、“后”、“左”、“右”、“竖直”、“水平”、“顶”、“底”“内”、“外”等指示的方位或位置关系为基于附图所示的方位或位置关系,仅是为了便于描述本发明和简化描述,而不是指示或暗示所指的装置或元件必须具有特定的方位、以特定的方位构造和操作,因此不能理解为对本发明的限制。In the description of the present invention, it should be understood that the terms "center", "upper", "lower", "front", "rear", "left", "right", "vertical", "horizontal", The orientation or positional relationship indicated by "top", "bottom", "inner", "outer", etc. is based on the orientation or positional relationship shown in the drawings, and is only for the convenience of describing the present invention and simplifying the description, rather than indicating or implying that The device or element referred to must have a particular orientation, be constructed and operate in a particular orientation, and therefore should not be construed as limiting the invention.

在本发明的描述中,需要说明的是,除非另有明确的规定和限定,术语“安装”、“相连”、“设置”应做广义理解,例如,可以是固定相连、设置,也可以是可拆卸连接、设置,或一体地连接、设置。对于本领域的普通技术人员而言,可以具体情况理解上述术语在本发明中的具体含义。In the description of the present invention, it should be noted that, unless otherwise expressly specified and limited, the terms "installed", "connected" and "arranged" should be understood in a broad sense, for example, it may be fixedly connected, arranged, or Removably connected and arranged, or integrally connected and arranged. For those of ordinary skill in the art, the specific meanings of the above terms in the present invention can be understood in specific situations.

如图1所示,本发明的一种FOTA升级固件版本绝对一致性的云端校验方法,其特征在于:包括步骤:As shown in Figure 1, a cloud verification method for absolute consistency of FOTA upgrade firmware version of the present invention is characterized in that: comprising the steps:

S1:制作从源版本到目标版本的固件差分升级包,并由FOTA升级配置管理员将升级包上传到云端服务器;S1: Make a firmware differential upgrade package from the source version to the target version, and upload the upgrade package to the cloud server by the FOTA upgrade configuration administrator;

S2:筛选要升级的目标设备形成升级群组,创建并启动升级任务;S2: Screen the target devices to be upgraded to form an upgrade group, create and start an upgrade task;

S3:目标设备注册到云端服务器并上线,服务器对目标设备发起基本升级能力的检查以及端云固件版本绝对一致性的检查,如任一校验不通过,则服务器不启动该设备升级流程,并将校验失败的原因通知管理员或用户,流程结束;S3: The target device is registered to the cloud server and goes online. The server checks the basic upgrade capability of the target device and checks the absolute consistency of the device-cloud firmware version. If any verification fails, the server will not start the device upgrade process, and Notify the administrator or user of the reason for the verification failure, and the process ends;

如果检验通过,服务器校验通过,则对目标设备启动升级流程,目标设备下载升级包,之后完成目标设备升级包校验、升级包执行等后续流程,并最终完成和服务器的状态交互,服务器会将最终升级的结果通知管理员或用户。If the verification passes and the server verification passes, the upgrade process is started for the target device, the target device downloads the upgrade package, and then completes the follow-up processes such as target device upgrade package verification and upgrade package execution, and finally completes the status interaction with the server. Notify administrators or users of the results of the final upgrade.

本实施例中,所述S1包括过程:In this embodiment, the S1 includes the process:

升级包是签名的,服务器需要验签,先用其中的公钥解开签名,拿到摘要和摘要算法,摘要应包括,升级包摘要,源版本各分区镜像摘要,服务器根据摘要算法重新计算升级包摘要,然后跟从包里解析出的比对,如果一致,说明升级包完好无损,源版本各分区镜像摘要可信;The upgrade package is signed, the server needs to verify the signature, first unlock the signature with the public key in it, and get the digest and digest algorithm. The digest should include the upgrade package digest, and the image digest of each partition of the source version. The server recalculates the upgrade according to the digest algorithm. Package summary, and then compare with the parsed from the package. If they are consistent, it means that the upgrade package is intact, and the image summary of each partition of the source version is credible;

如果升级包没签名,则直接认为该升级包是可信的,直接提取升级包中的当前版本各分区镜像摘要。If the upgrade package is not signed, it is directly considered that the upgrade package is credible, and the image summaries of each partition of the current version in the upgrade package are directly extracted.

本实施例中,所述S3包括过程:In this embodiment, the S3 includes the process:

服务器将从升级包中抽取的源版本各分区镜像文件摘要算法(如SHA256等)下发给设备侧,设备侧据此计算当前固件版本各分区镜像文件的即时摘要并传给云端服务器,服务器然后跟从升级包中抽取的源版本对应的各分区镜像文件摘要进行比对(比对原则,如果全部都相同,绝对一致性检查成功,否则,只要有一个不一致,都表示绝对一致性检查失败);The server sends the image file digest algorithm (such as SHA256, etc.) of the source version extracted from the upgrade package to the device side, and the device side calculates the real-time digest of each partition image file of the current firmware version and transmits it to the cloud server. The server then Compare with the abstracts of each partition image file corresponding to the source version extracted from the upgrade package (comparison principle, if all are the same, the absolute consistency check succeeds, otherwise, as long as there is one inconsistency, it means the absolute consistency check fails);

或者服务器将从升级包中抽取的源版本对应的各分区镜像文件摘要及算法下发给设备侧,设备侧据此计算出当前固件版本各分区镜像文件的即时摘要并跟服务器下发的比对(比对原则同上.),并将比对结果返回服务器侧。Or the server will deliver the abstracts and algorithms of each partition image file corresponding to the source version extracted from the upgrade package to the device side, and the device side will calculate the real-time abstract of each partition image file of the current firmware version and compare it with the one delivered by the server. (The comparison principle is the same as above.), and the comparison result is returned to the server side.

固件升级包具体指从源版本到目标版本的差分文件包,用于将设备从当前版本(源版本)差分升级到目标版本,在通过工具制作升级包的时候,需要指定具体的源版本和目标版本文件,源版本和目标版本都是通过编译生成,包含可以通过烧写工具烧写到目标设备各个分区的一个或多个镜像文件,本发明要求生成升级包的时候,必须将源版本各个分区镜像文件的摘要(哈希值)和具体摘要算法一起打包到升级包中,升级包由FOTA升级任务配置管理人员上传到云端服务器。The firmware upgrade package specifically refers to the differential file package from the source version to the target version, which is used to differentially upgrade the device from the current version (source version) to the target version. When making the upgrade package through the tool, you need to specify the specific source version and target version. The version file, the source version and the target version are all generated through compilation, including one or more image files that can be programmed to each partition of the target device through a programming tool. The present invention requires that when an upgrade package is generated, each partition of the source version must be The digest (hash value) of the image file and the specific digest algorithm are packaged into the upgrade package, and the upgrade package is uploaded to the cloud server by the FOTA upgrade task configuration manager.

目标设备是要通过升级包升级的设备,升级前需要合法注册接入服务器并和服务器建立连接,配合服务器做基本的升级能力检查和端云固件版本的绝对一致性检查,通过后才可以从服务器下载升级包,执行后续升级流程,这样就最大程度的避免将问题升级包下沉到目标设备侧,导致无法升级或升级异常。The target device is the device that needs to be upgraded through the upgrade package. Before the upgrade, you need to legally register and connect to the server and establish a connection with the server. Cooperate with the server to perform basic upgrade capability check and absolute consistency check of the device-cloud firmware version. Download the upgrade package and perform the subsequent upgrade process, so as to avoid sinking the problematic upgrade package to the target device side to the greatest extent, resulting in failure to upgrade or abnormal upgrade.

云端服务器是泛指,也可能被称为云平台、物联网或IOT平台等,可以是业界主流的物联网连接管理平台,也可以是用户私有的应用服务器或管理平台。Cloud server is a general term, and may also be referred to as cloud platform, Internet of Things or IOT platform, etc. It can be a mainstream Internet of Things connection management platform in the industry, or it can be a user's private application server or management platform.

服务器的工作是在对目标设备发起FOTA升级前对端云固件版本做精准检查,确保目标设备中当前运行的固件版本和制作升级包时选择的源版本内容绝对一致,当且仅当是同一次编译出来的版本镜像文件才符合此要求,比如,在固件源代码没有任何改变的情况下,分别编译出两个版本,虽然两者版本号和固件功能完全一样,但内容却是不同的,因此是无法通过校验的。The server's job is to accurately check the firmware version of the end cloud before initiating the FOTA upgrade on the target device to ensure that the firmware version currently running on the target device is absolutely consistent with the source version selected when making the upgrade package, if and only if it is the same time The compiled version image file meets this requirement. For example, if the firmware source code is unchanged, two versions are compiled separately. Although the version numbers and firmware functions of the two versions are exactly the same, the content is different. Therefore, cannot pass the verification.

服务器侧具体校验方法是,在发起FOTA升级前,除了设备基本升级能力检查项(电量、信号强度、版本号、可用空间等)需要满足要求外,还必须要求端云固件版本满足本发明提出的绝对一致性检查要求,这些都满足,服务器则启动升级流程,相关设备可以下载升级包进行升级,否则,服务器将不启动升级流程,并将每台设备不能升级的具体原因以界面展现或者其它通知的方式告知FOTA升级配置管理员。The specific verification method on the server side is that, before initiating the FOTA upgrade, in addition to the basic upgrade capability check items of the device (electricity, signal strength, version number, available space, etc.) If the absolute consistency check requirements are met, the server will start the upgrade process, and the relevant devices can download the upgrade package for upgrade. Otherwise, the server will not start the upgrade process, and display the specific reasons why each device cannot be upgraded in the interface or other The notification method informs the administrator of the FOTA upgrade configuration.

本发明尤其是能避免如下2种最隐秘的不一致情况下的升级包下沉:In particular, the present invention can avoid the sinking of the upgrade package under the following two most secret inconsistencies:

1)升级包出现难以察觉的细微不一致,配置到服务器的升级包,可能因为种种原因,虽然其源固件版本和目标设备当前固件版本对应的源代码和功能完全一致,但却不是同一次编译出来的,这种升级包按照传统方式肯定能下沉到设备侧,但通常无法通过设备侧校验,而后设备会根据升级任务配置的重试策略反复重试下载、校验失败这个过程,导致大量消耗设备数据流量和电量。1) There are subtle inconsistencies in the upgrade package. The upgrade package configured to the server may be due to various reasons. Although the source firmware version and the source code and function corresponding to the current firmware version of the target device are exactly the same, they are not compiled at the same time. Yes, this upgrade package can definitely sink to the device side in the traditional way, but it usually cannot pass the device side verification, and then the device will repeatedly retry the process of downloading and verification failure according to the retry policy configured in the upgrade task, resulting in a large number of Consume device data traffic and power.

2)目标设备当前运行固件(分区镜像文件)被篡改,比如可能因为安全漏洞或者被人为篡改刷入了其它版本,此种情况下,传统方式无法阻止升级包下沉,即使升级包没有任何问题,通常也无法通过设备侧校验,副作用同1)所述。2) The current running firmware (partition image file) of the target device has been tampered with, for example, it may have been tampered with other versions due to security loopholes or artificial tampering. In this case, the traditional method cannot prevent the upgrade package from sinking, even if the upgrade package has no problems , usually cannot pass the device side verification, and the side effects are the same as described in 1).

本发明能够很大程度上帮助相关企业降低设备售后维护工作量和维护成本,提高其设备运营管理能力。The invention can help related enterprises to reduce the after-sale maintenance workload and maintenance cost of equipment to a great extent, and improve their equipment operation and management capabilities.

以上所述,仅为本发明的具体实施方式,但本发明的保护范围并不局限于此,任何不经过创造性劳动想到的变化或替换,都应涵盖在本发明的保护范围之内。因此,本发明的保护范围应该以权利要求书所限定的保护范围为准。The above are only specific embodiments of the present invention, but the protection scope of the present invention is not limited to this, and any changes or substitutions that are not conceived of without creative work should be included within the protection scope of the present invention. Therefore, the protection scope of the present invention should be based on the protection scope defined by the claims.

Claims (3)

1.一种FOTA升级固件版本绝对一致性的云端校验方法,其特征在于:包括步骤:1. a cloud verification method of FOTA upgrade firmware version absolute consistency, it is characterized in that: comprise steps: S1:制作从源版本到目标版本的固件差分升级包,并由FOTA升级配置管理员将升级包上传到云端服务器;S1: Make a firmware differential upgrade package from the source version to the target version, and upload the upgrade package to the cloud server by the FOTA upgrade configuration administrator; S2:筛选要升级的目标设备形成升级群组,创建并启动升级任务;S2: Screen the target devices to be upgraded to form an upgrade group, create and start an upgrade task; S3:目标设备注册到云端服务器并上线,服务器对目标设备发起基本升级能力的检查以及端云固件版本绝对一致性的检查,如任一校验不通过,则服务器不启动该设备升级流程,并将校验失败的原因通知管理员或用户,流程结束;S3: The target device is registered to the cloud server and goes online. The server checks the basic upgrade capability of the target device and checks the absolute consistency of the device-cloud firmware version. If any verification fails, the server will not start the device upgrade process, and Notify the administrator or user of the reason for the verification failure, and the process ends; 服务器校验通过,则对目标设备启动升级流程,目标设备下载升级包,之后完成目标设备升级包校验、升级包执行等后续流程,并最终完成和服务器的状态交互,服务器会将最终升级的结果通知管理员或用户。If the server verification passes, the upgrade process is started for the target device, the target device downloads the upgrade package, and then completes the follow-up processes such as target device upgrade package verification and upgrade package execution, and finally completes the status interaction with the server. The server will update the final upgrade package. The result is notified to the administrator or user. 2.根据权利要求1所述的FOTA升级固件版本绝对一致性的云端校验方法,其特征在于,所述S1包括过程:2. the cloud verification method of FOTA upgrade firmware version absolute consistency according to claim 1, is characterized in that, described S1 comprises process: 升级包是签名的,服务器需要验签,先用其中的公钥解开签名,拿到摘要和摘要算法,摘要应包括,升级包摘要,源版本各分区镜像摘要,服务器根据摘要算法重新计算升级包摘要,然后跟从包里解析出的比对,如果一致,说明升级包完好无损,源版本各分区镜像摘要可信;The upgrade package is signed, the server needs to verify the signature, first unlock the signature with the public key in it, and get the digest and digest algorithm. The digest should include the upgrade package digest, and the image digest of each partition of the source version. The server recalculates the upgrade according to the digest algorithm. Package summary, and then compare with the parsed from the package. If they are consistent, it means that the upgrade package is intact, and the image summary of each partition of the source version is credible; 如果升级包没签名,则直接认为该升级包是可信的,直接提取升级包中的当前版本各分区镜像摘要。If the upgrade package is not signed, it is directly considered that the upgrade package is credible, and the image summaries of each partition of the current version in the upgrade package are directly extracted. 3.根据权利要求1所述的FOTA升级固件版本绝对一致性的云端校验方法,其特征在于:所述S3包括过程:3. the cloud verification method of FOTA upgrade firmware version absolute consistency according to claim 1, is characterized in that: described S3 comprises process: 服务器将从升级包中抽取的源版本各分区镜像文件摘要算法(如SHA256等)下发给设备侧,设备侧据此计算当前固件版本各分区镜像文件的即时摘要并传给云端服务器,服务器然后跟从升级包中抽取的源版本对应的各分区镜像文件摘要进行比对(比对原则,如果全部都相同,绝对一致性检查成功,否则,只要有一个不一致,都表示绝对一致性检查失败);The server sends the image file digest algorithm (such as SHA256, etc.) of the source version extracted from the upgrade package to the device side, and the device side calculates the real-time digest of each partition image file of the current firmware version and transmits it to the cloud server. The server then Compare with the abstracts of each partition image file corresponding to the source version extracted from the upgrade package (comparison principle, if all are the same, the absolute consistency check succeeds, otherwise, as long as there is one inconsistency, it means the absolute consistency check fails); 或者服务器将从升级包中抽取的源版本对应的各分区镜像文件摘要及算法下发给设备侧,设备侧据此计算出当前固件版本各分区镜像文件的即时摘要并跟服务器下发的比对(比对原则同上.),并将比对结果返回服务器侧。Or the server will deliver the abstracts and algorithms of each partition image file corresponding to the source version extracted from the upgrade package to the device side, and the device side will calculate the real-time abstract of each partition image file of the current firmware version and compare it with the one delivered by the server. (The comparison principle is the same as above.), and the comparison result is returned to the server side.
CN202010507808.4A 2020-06-05 2020-06-05 Cloud verification method for absolute consistency of firmware version upgrading of FOTA Pending CN111638898A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010507808.4A CN111638898A (en) 2020-06-05 2020-06-05 Cloud verification method for absolute consistency of firmware version upgrading of FOTA

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010507808.4A CN111638898A (en) 2020-06-05 2020-06-05 Cloud verification method for absolute consistency of firmware version upgrading of FOTA

Publications (1)

Publication Number Publication Date
CN111638898A true CN111638898A (en) 2020-09-08

Family

ID=72328727

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010507808.4A Pending CN111638898A (en) 2020-06-05 2020-06-05 Cloud verification method for absolute consistency of firmware version upgrading of FOTA

Country Status (1)

Country Link
CN (1) CN111638898A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112383439A (en) * 2020-11-24 2021-02-19 重庆前卫表业有限公司 Air upgrading system and method for intelligent gas meter
CN112594587A (en) * 2020-12-11 2021-04-02 泸州禾苗通信科技有限公司 Full-weather intelligent module control device for street lamp
CN114039966A (en) * 2021-10-18 2022-02-11 安徽泽峰物联科技有限公司 Intelligent terminal based on LTE wireless communication technology and use method thereof
CN114090047A (en) * 2021-11-27 2022-02-25 深圳市元征科技股份有限公司 Software upgrading method and device
CN114637987A (en) * 2022-05-18 2022-06-17 广州万协通信息技术有限公司 Security chip firmware downloading method and system based on platform verification
WO2023024435A1 (en) * 2021-08-25 2023-03-02 上海商汤智能科技有限公司 Device registration method and apparatus, electronic device, storage medium, and computer program product
CN116149677A (en) * 2022-11-30 2023-05-23 深圳市湘凡科技有限公司 Method, device, equipment and medium for burning serial numbers

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012024963A1 (en) * 2010-08-27 2012-03-01 华为终端有限公司 Method, apparatus and system for processing firmware based on firmware over the air technology
CN106572372A (en) * 2016-11-14 2017-04-19 青岛海信宽带多媒体技术有限公司 Set-top box upgrading method and set-top box
CN110032377A (en) * 2019-03-19 2019-07-19 芯讯通无线科技(上海)有限公司 Communication module method for upgrading software, system and communication module
CN110134420A (en) * 2019-05-22 2019-08-16 上海诺雅克电气有限公司 Firmware upgrade method and system based on cloud platform
CN110929262A (en) * 2019-11-20 2020-03-27 上海钧正网络科技有限公司 Online upgrading method and system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012024963A1 (en) * 2010-08-27 2012-03-01 华为终端有限公司 Method, apparatus and system for processing firmware based on firmware over the air technology
CN106572372A (en) * 2016-11-14 2017-04-19 青岛海信宽带多媒体技术有限公司 Set-top box upgrading method and set-top box
CN110032377A (en) * 2019-03-19 2019-07-19 芯讯通无线科技(上海)有限公司 Communication module method for upgrading software, system and communication module
CN110134420A (en) * 2019-05-22 2019-08-16 上海诺雅克电气有限公司 Firmware upgrade method and system based on cloud platform
CN110929262A (en) * 2019-11-20 2020-03-27 上海钧正网络科技有限公司 Online upgrading method and system

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112383439A (en) * 2020-11-24 2021-02-19 重庆前卫表业有限公司 Air upgrading system and method for intelligent gas meter
CN112594587A (en) * 2020-12-11 2021-04-02 泸州禾苗通信科技有限公司 Full-weather intelligent module control device for street lamp
WO2023024435A1 (en) * 2021-08-25 2023-03-02 上海商汤智能科技有限公司 Device registration method and apparatus, electronic device, storage medium, and computer program product
CN114039966A (en) * 2021-10-18 2022-02-11 安徽泽峰物联科技有限公司 Intelligent terminal based on LTE wireless communication technology and use method thereof
CN114090047A (en) * 2021-11-27 2022-02-25 深圳市元征科技股份有限公司 Software upgrading method and device
CN114637987A (en) * 2022-05-18 2022-06-17 广州万协通信息技术有限公司 Security chip firmware downloading method and system based on platform verification
CN116149677A (en) * 2022-11-30 2023-05-23 深圳市湘凡科技有限公司 Method, device, equipment and medium for burning serial numbers
CN116149677B (en) * 2022-11-30 2024-08-02 深圳市湘凡科技有限公司 Method, device, equipment and medium for burning serial numbers

Similar Documents

Publication Publication Date Title
CN111638898A (en) Cloud verification method for absolute consistency of firmware version upgrading of FOTA
US10992482B2 (en) Verified boot and key rotation
US11138314B1 (en) Software and firmware verification by distributed ledger and intrusion detection systems
US10372932B2 (en) Secure factory data generation and restoration
US8490080B2 (en) Systems and methods of creating and accessing software simulated computers
US11983275B2 (en) Multi-phase secure zero touch provisioning of computing devices
US9519786B1 (en) Firmware integrity ensurance and update
US8418164B2 (en) Image install of a network appliance
US20190286825A1 (en) Automated workflow management and monitoring of datacenter it security compliance
US9313040B2 (en) Verification of computer system prior to and subsequent to computer program installation
US8104077B1 (en) System and method for adaptive end-point compliance
US20250147797A1 (en) Just-in-time assembly for managed virtual machines
US9043793B1 (en) Verification of controls in information technology infrastructure via obligation assertion
US12067121B2 (en) Trusted boot method and apparatus, electronic device, and readable storage medium
US20240419802A1 (en) Agentless attestation as a service
US12288082B2 (en) Automatic machine deployment and configuration
US11997073B2 (en) Secure certificate storage when a connectivity management system client is running on an operating system
EP3575953B1 (en) A blockchain network agent for verifying and accepting patch requests from a patch initiator and method thereof
US12052133B2 (en) Blockchain-based network device management methods and devices
US12225124B2 (en) Data center asset onboarding authentication for a data center asset via an onboarding operation
US12052142B2 (en) Connectivity management system which optimizes embedded connectivity management system operations
US11943124B2 (en) Data center asset remote workload execution via a connectivity management workload orchestration operation
US12003382B2 (en) Data center asset client module authentication via a connectivity management authentication operation
US12314908B2 (en) Data center asset authentication for a prospective data center asset owner via an onboarding operation
US11924045B2 (en) Connectivity management system client inventory and configuration operation for interconnected connectivity management clients

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20200908

RJ01 Rejection of invention patent application after publication