CN114091040B - Vehicle ECU upgrading method, storage medium and client - Google Patents
Vehicle ECU upgrading method, storage medium and client Download PDFInfo
- Publication number
- CN114091040B CN114091040B CN202210019168.1A CN202210019168A CN114091040B CN 114091040 B CN114091040 B CN 114091040B CN 202210019168 A CN202210019168 A CN 202210019168A CN 114091040 B CN114091040 B CN 114091040B
- Authority
- CN
- China
- Prior art keywords
- client
- key
- new application
- ecu
- bootloader
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The invention discloses an upgrading method of a vehicle ECU, a storage medium and a client. The BootLoader method for the ECU comprises the following steps: receiving an upgrading request sent by a client, generating a random number comprising a first randomly generated key and a first authentication code according to the request, and searching a corresponding asymmetric encryption and decryption public key according to an update _ ID in the request; encrypting the random number into a ciphertext by using the public key, receiving the ciphertext by the client, decrypting the ciphertext by using the asymmetric encryption and decryption private key corresponding to the update _ ID, and sending a decryption result to the BootLoader; if the received result is successfully compared with the random number, feeding back comparison success information to the client so that the client sends a new application program to the BootLoader; and receiving and utilizing the new application program to perform program upgrading on the ECU. The method can prevent the unreliable client from upgrading the program of the vehicle ECU.
Description
Technical Field
The invention relates to the technical field of vehicles, in particular to an upgrading method of a vehicle ECU, a storage medium and a client.
Background
In the related art, an ECU (electronic Control unit) of an automobile includes a BootLoader function, and the BootLoader function is mainly used for upgrading an application program of the ECU. However, with the development of new energy vehicles and internet-connected vehicles, the vehicles slowly start to access the internet like mobile phones and computers, and the upgrade of the vehicle software is performed through the internet, so that the traditional ECU may be upgraded by an unreliable client.
Disclosure of Invention
The present invention is directed to solving, at least to some extent, one of the technical problems in the related art. Therefore, the first purpose of the invention is to provide an upgrading method of the vehicle ECU, so as to prevent an unreliable client from upgrading the program of the vehicle ECU.
A second object of the invention is to propose a computer-readable storage medium.
A third object of the present invention is to provide a client.
In order to achieve the above object, an embodiment of a first aspect of the present invention provides an upgrading method for a vehicle ECU, where the method is used for BootLoader of the ECU, and the method includes: receiving an upgrade request sent by a client, generating a random number according to the upgrade request, and searching a corresponding public key public _ key for asymmetric encryption and decryption according to an update _ ID in the upgrade request; encrypting the random number into a ciphertext by using the public key public _ key, and sending the ciphertext to the client, so that the client decrypts the ciphertext by using the asymmetric encryption and decryption private key private _ key corresponding to the update _ ID, and sends a decryption result to the BootLoader; receiving the decryption result sent by the client, and comparing the decryption result with the random number; if the comparison is successful, feeding back comparison success information to the client so that the client sends a new application program to the BootLoader; receiving the new application program, and upgrading the program of the ECU according to the new application program; wherein the random number comprises a randomly generated first key and a first authentication code.
According to the upgrading method of the vehicle ECU, after an upgrading request sent by a client is received, a random number is generated according to the upgrading request, a corresponding public key public _ key for asymmetric encryption and decryption is searched according to an update _ ID in the upgrading request, the random number is encrypted into a ciphertext by using the public key public _ key, the ciphertext is sent to the client, so that the client decrypts the ciphertext by using a private key for asymmetric encryption and decryption corresponding to the update _ ID, and a decryption result is sent to a BootLoader; after receiving the decryption result sent by the client, the decryption result can be compared with the random number, if the comparison is successful, the comparison success information is fed back to the client, so that the client sends a new application program to the BootLoader, and the program of the ECU is upgraded according to the new application program. Therefore, the BootLoader can firstly authenticate the reliability of the client before the vehicle ECU is subjected to program upgrading, and then receives the new application program sent by the client after the client is confirmed to be reliable, so that the unreliable client is prevented from performing program upgrading on the vehicle ECU, and the safety and the reliability of the vehicle are improved. In addition, the generated random number includes the first key, and after the random number is sent to the client, the client can encrypt the new application program by using the immediately randomly generated key, so that the safety and reliability of the vehicle are further improved. Moreover, by generating a random number and enabling the random number to comprise the secret key and the authentication code, the authentication code and the secret key can be sent to the client only by one-time sending, the speed is high, the steps are simple, and the risk is further reduced.
In addition, the method for upgrading the vehicle ECU of the present invention may further have the following additional technical features:
according to an embodiment of the present invention, the decrypting the encrypted result includes a second authentication code, and the comparing the decrypted result with the random number includes: comparing the second authentication code with the first authentication code; and when the second authentication code is the same as the first authentication code, the comparison is determined to be successful.
According to one embodiment of the present invention, the upgrading method of the vehicle ECU includes: and if the comparison fails, judging that the client is not credible, forbidding the client to carry out program upgrading on the ECU, and running the current application program of the ECU.
According to one embodiment of the invention, the program upgrading of the ECU according to the new application program comprises: performing integrity verification on the new application program; and if the new application program is determined to be complete, the ECU is upgraded by utilizing the new application program.
According to an embodiment of the present invention, the client further performs hash calculation on the new application to obtain a first hash value, and sends the first hash value to the BootLoader, where performing integrity verification on the new application includes: carrying out Hash calculation on the new application program to obtain a second Hash value; comparing the second hash value with the first hash value; when the second hash value is equal to the first hash value, determining that the new application is complete.
According to an embodiment of the present invention, the decryption result further includes a second key, the client further performs symmetric encryption on a new application program by using the second key, and the program upgrading of the ECU according to the new application program further includes: decrypting the new application using the first key.
To achieve the above object, a second aspect of the present invention provides a computer-readable storage medium having a computer program stored thereon, the computer program, when executed by a processor, implementing the above-mentioned method for upgrading a vehicle ECU.
The computer readable storage medium of the embodiment of the invention can prevent the unreliable client from upgrading the program of the vehicle ECU when the computer program stored on the computer readable storage medium is executed by the processor, thereby improving the safety and reliability of the vehicle.
To achieve the above object, a third embodiment of the present invention provides a client, including a memory, a processor, and a computer program stored on the memory, where when the computer program is executed by the processor, the computer program implements the following method: sending an upgrade request to a BootLoader of an ECU (electronic control Unit) so that the BootLoader generates a random number according to the upgrade request, searching a corresponding public key public _ key for asymmetric encryption and decryption according to an update _ ID in the upgrade request, encrypting the random number into a ciphertext by using the public key public _ key, and sending the ciphertext to the client; receiving the ciphertext, and decrypting the ciphertext by using the asymmetric encryption and decryption private key corresponding to the update _ ID; sending a decryption result to the BootLoader so that the BootLoader compares the decryption result with the random number, and feeding back comparison success information to the client when the comparison is successful; sending a new application program to the BootLoader according to the comparison success information so that the BootLoader can upgrade the ECU according to the new application program; wherein the random number comprises a randomly generated first key and a first authentication code.
The client side sends an upgrade request to a BootLoader of the ECU so that the BootLoader generates a random number according to the upgrade request, searches a corresponding public key public _ key for asymmetric encryption and decryption according to an update _ ID in the upgrade request, encrypts the random number into a ciphertext by using the public key public _ key, and sends the ciphertext to the client side; further, after receiving the ciphertext, decrypting the ciphertext by using the private key private _ key of asymmetric encryption and decryption corresponding to the update _ ID, and sending a decryption result to the BootLoader, so that the BootLoader compares the decryption result with the random number, and when the comparison is successful, feeding back successful comparison information to the client; and then sending a new application program to the BootLoader according to the comparison success information so that the BootLoader can upgrade the program of the ECU according to the new application program. Therefore, before the vehicle ECU is upgraded, the reliability of the vehicle ECU is indicated to BootLoader, so that an unreliable client is prevented from upgrading the program of the vehicle ECU, and the safety and the reliability of the vehicle are improved. In addition, the generated random number contains the first key, and the client can encrypt the new application program by using the immediately randomly generated key, so that the safety and the reliability of the vehicle are further improved. Moreover, by generating a random number and enabling the random number to comprise the secret key and the authentication code, the authentication code and the secret key can be sent to the client only by one-time sending, the speed is high, the steps are simple, and the risk is further reduced.
Additional aspects and advantages of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.
Drawings
FIG. 1 is a flowchart of an upgrade method of a vehicle ECU according to one embodiment of the present invention;
fig. 2 is a flowchart of an upgrading method of a vehicle ECU according to another embodiment of the invention;
fig. 3 is a flowchart of an upgrading method of a vehicle ECU according to still another embodiment of the present invention.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are illustrative and intended to be illustrative of the invention and are not to be construed as limiting the invention.
An upgrade method, a storage medium, and a client of a vehicle ECU according to an embodiment of the present invention are described below with reference to the drawings.
Fig. 1 is a flowchart of an upgrading method of a vehicle ECU according to one embodiment of the present invention.
In the embodiment of the invention, the upgrading method of the vehicle ECU is used for BootLoader of the ECU. For example, the BootLoader may be operated after the ECU is reset each time, and then the BootLoader may check whether there is a remote program loading request, and if so, enter a BootLoader mode, establish bus communication with the client that sends the remote program loading request, so as to receive the upgrade request sent by the client.
As shown in fig. 1, the upgrading method of the vehicle ECU includes:
s11, receiving an upgrade request sent by the client, generating a random number according to the upgrade request, and searching a corresponding public key public _ key for asymmetric encryption and decryption according to the update _ ID in the upgrade request.
Specifically, if a certain client supports program upgrade of the ECU, the client needs to apply for the update _ ID and the private key for asymmetric encryption and decryption corresponding to the update _ ID from the ECU developer in advance. When the program of the vehicle ECU needs to be upgraded, the client sends an upgrade request, and the update _ ID is sent through the upgrade request.
After receiving the upgrade request frame, the BootLoader extracts the update _ ID from the upgrade request, and searches the corresponding public key public _ key for asymmetric encryption and decryption with respect to the update _ ID. The method for searching for the corresponding public key public _ key for asymmetric encryption and decryption may be, for example, to establish a data platform for an ECU developer, and after the BootLoader extracts the update _ ID, the BootLoader may access the data platform to obtain the public key public _ key for asymmetric encryption and decryption corresponding to the update _ ID from the data platform. For another example, the ECU developer may preset a rule for obtaining the public key public _ key of asymmetric encryption/decryption according to the update _ ID, and store the rule in a preset storage location on the vehicle, so that the BootLoader may obtain the update _ ID after extracting the update _ ID, and substitute the update _ ID into the rule to obtain the corresponding public key public _ key of asymmetric encryption/decryption. For example, a corresponding relation table between update _ ID and public key public _ key may be stored in a preset position of the vehicle, and the BootLoader may obtain the corresponding public key public _ key for asymmetric encryption and decryption by querying the table.
It should be noted that a string of random numbers may also be generated, where the random numbers include a randomly generated first key and a first authentication code, for example, 256 bits of data may be generated, where the 256 bits of data are the first key (128 bits, randomly generated) + the first authentication code (128 bits, randomly generated).
Alternatively, the first key may be generated by using a preset Encryption Algorithm, for example, an RSA Encryption Algorithm, an Elgamal Encryption Algorithm, a knapsack Algorithm, a Rabin Encryption, a D-H Algorithm, an elliptic curve Encryption Algorithm, a DES (Data Encryption Algorithm), a triple Data Encryption Algorithm, an AES (Advanced Encryption Standard), and the like.
S12, the random number is encrypted into a ciphertext by using the public key public _ key, the ciphertext is sent to the client, so that the client decrypts the ciphertext by using the private key private _ key of asymmetric encryption and decryption corresponding to the update _ ID, and the decryption result is sent to the BootLoader.
Specifically, after the random number and the public key public _ key are obtained, the random number is encrypted by using the public key public _ key to obtain a ciphertext, and the ciphertext is sent to the client. After receiving the ciphertext, the client decrypts the ciphertext by using the asymmetric encryption and decryption private key corresponding to the update _ ID to obtain a decryption result.
Further, after the decryption result is obtained, the client extracts the authentication code and the key included in the decryption result, so as to obtain a second authentication code and a second key, and sends the second authentication code to the BootLoader.
And S13, receiving the decryption result sent by the client, and comparing the decryption result with the random number.
Specifically, after receiving the decryption result sent by the client, the BootLoader may obtain the second authentication code from the decryption result, and compare the second authentication code with the first authentication code.
And S14, if the comparison is successful, feeding back the successful comparison information to the client so that the client sends the new application program to the BootLoader.
Specifically, when the second authentication code is the same as the first authentication code, the BootLoader determines that the comparison is successful, and the comparison success information is sent to the client.
When the second authentication code is different from the first authentication code, the BootLoader determines that the comparison fails, and then determines that the client is not credible, prohibits the client from upgrading the program of the ECU, and runs the current application program of the ECU.
And S15, receiving the new application program, and upgrading the program of the ECU according to the new application program.
Specifically, if the client receives the comparison success information, the client further symmetrically encrypts the new application program by using the second key, and sends the encrypted new application program to the BootLoader, and the BootLoader decrypts the new application program by using the first key. For example, BootLoader may run an NVM (non-volatile memory) driver to program the received new application into the NVM.
It should be noted that after receiving the new application program, the BootLoader also needs to perform integrity verification on the new application program, and if it is determined that the new application program is complete, the BootLoader updates the ECU using the new application program. Specifically, referring to fig. 2, after it is determined that the first authentication code is the same as the second authentication code, it is determined that the client is a reliable client through authentication, and the comparison success information is fed back to the client, and then the client performs hash calculation on the new application to obtain a first hash value, and sends the first hash value to the BootLoader, for example, after sending the new application to the BootLoader, the first hash value may be sent to the BootLoader. The BootLoader judges whether the receiving is completed or not, and after the receiving is completed, hash calculation is carried out on the new application program to obtain a second hash value; and then the BootLoader compares the second hash value with the first hash value, when the second hash value is equal to the first hash value, the completeness is judged to be consistent, and the completeness of the new application program is determined, so that the new application program can be started.
Optionally, when the integrity of the new application is verified, the client may further select to generate a corresponding first value by using a Message digest algorithm, an HMAC (Hash-based Message Authentication Code), and the like, and send the first value to the BootLoader, and after the BootLoader completes receiving, the BootLoader may generate a second value by using a corresponding algorithm, and then if the first value is equal to the second value, the integrity is determined to be consistent.
To sum up, the upgrade method of the vehicle ECU according to the embodiment of the present invention may generate a random number according to an upgrade request after receiving the upgrade request sent by the client, and search for a corresponding public key public _ key for asymmetric encryption/decryption according to the update _ ID in the upgrade request, further encrypt the random number into a ciphertext using the public key public _ key, and send the ciphertext to the client, so that the client decrypts the ciphertext using the private key private _ key for asymmetric encryption/decryption corresponding to the update _ ID, and sends a decryption result to BootLoader; after receiving the decryption result sent by the client, the decryption result can be compared with the random number, if the comparison is successful, the comparison success information is fed back to the client, so that the client sends a new application program to the BootLoader, and the program of the ECU is upgraded according to the new application program. Therefore, the BootLoader can firstly authenticate the reliability of the client before the vehicle ECU is upgraded, and then receives the new application program sent by the client after the client is confirmed to be reliable, so that the unreliable client is prevented from upgrading the program of the vehicle ECU, the safety and the reliability of the vehicle are improved, for example, the illegal client can be prevented from upgrading the program of the ECU, and the condition of intentional damage is prevented. In addition, the generated random number includes the first key, and after the random number is sent to the client, the client can encrypt the new application program by using the immediately randomly generated key, so that the safety and reliability of the vehicle are further improved. Moreover, by generating a random number and enabling the random number to comprise the secret key and the authentication code, the authentication code and the secret key can be sent to the client only by one-time sending, the speed is high, the steps are simple, and the risk is further reduced.
Fig. 3 is a flowchart of an upgrading method of a vehicle ECU according to another embodiment of the present invention.
In the embodiment of the invention, the upgrading method of the vehicle ECU is used for the client.
As shown in fig. 3, the upgrading method of the vehicle ECU includes:
s31, sending an upgrade request to the BootLoader of the ECU, so that the BootLoader generates a random number according to the upgrade request, searching a corresponding public key public _ key for asymmetric encryption and decryption according to the update _ ID in the upgrade request, encrypting the random number into a ciphertext by using the public key public _ key, and sending the ciphertext to the client.
S32, receiving the ciphertext, and decrypting the ciphertext by using the asymmetric encryption and decryption private key corresponding to the update _ ID.
And S33, sending the decryption result to the BootLoader so that the BootLoader compares the decryption result with the random number, and when the comparison is successful, feeding back comparison success information to the client.
And S34, sending the new application program to the BootLoader according to the comparison success information, so that the BootLoader can upgrade the program of the ECU according to the new application program.
For other specific embodiments of the method for upgrading the vehicle ECU according to the embodiment of the present invention, reference may be made to the method for upgrading the vehicle ECU for BootLoader of the ECU according to the above-described embodiment.
The method for upgrading the vehicle ECU comprises the steps of sending an upgrading request to a BootLoader of the ECU so that the BootLoader generates a random number according to the upgrading request, searching a corresponding public key public _ key for asymmetric encryption and decryption according to an update _ ID in the upgrading request, encrypting the random number into a ciphertext by using the public key public _ key, and sending the ciphertext to a client; further, after receiving the ciphertext, decrypting the ciphertext by using the private key private _ key of asymmetric encryption and decryption corresponding to the update _ ID, and sending a decryption result to the BootLoader, so that the BootLoader compares the decryption result with the random number, and when the comparison is successful, feeding back successful comparison information to the client; and then sending a new application program to the BootLoader according to the comparison success information so that the BootLoader can upgrade the program of the ECU according to the new application program. Therefore, before the vehicle ECU is upgraded, the reliability of the vehicle ECU is indicated to BootLoader, so that an unreliable client is prevented from upgrading the program of the vehicle ECU, and the safety and the reliability of the vehicle are improved. In addition, the generated random number contains the first key, and the client can encrypt the new application program by using the immediately randomly generated key, so that the safety and the reliability of the vehicle are further improved. Moreover, by generating a random number and enabling the random number to comprise the secret key and the authentication code, the authentication code and the secret key can be sent to the client only by one-time sending, the speed is high, the steps are simple, and the risk is further reduced.
Further, the present invention proposes a computer-readable storage medium.
In the embodiment of the invention, the computer readable storage medium has stored thereon a computer program which, when executed by the processor, implements the above-described upgrade method of the vehicle ECU.
The computer readable storage medium of the embodiment of the invention can improve the safety and reliability of the vehicle when the computer program is executed by the processor.
Further, the invention provides a client.
In an embodiment of the present invention, the client includes a memory, a processor, and a computer program stored on the memory, which when executed by the processor, implements the above-described upgrade method for the vehicle ECU of the client.
The client of the embodiment of the invention can improve the safety and reliability of the vehicle by realizing the method for upgrading the vehicle ECU of the client.
It should be noted that the logic and/or steps represented in the flowcharts or otherwise described herein, such as an ordered listing of executable instructions that can be considered to implement logical functions, can be embodied in any computer-readable medium for use by or in connection with an instruction execution system, apparatus, or device, such as a computer-based system, processor-containing system, or other system that can fetch the instructions from the instruction execution system, apparatus, or device and execute the instructions. For the purposes of this description, a "computer-readable medium" can be any means that can contain, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device. More specific examples (a non-exhaustive list) of the computer-readable medium would include the following: an electrical connection (electronic device) having one or more wires, a portable computer diskette (magnetic device), a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber device, and a portable compact disc read-only memory (CDROM). Additionally, the computer-readable medium could even be paper or another suitable medium upon which the program is printed, as the program can be electronically captured, via for instance optical scanning of the paper or other medium, then compiled, interpreted or otherwise processed in a suitable manner if necessary, and then stored in a computer memory.
It should be understood that portions of the present invention may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, the various steps or methods may be implemented in software or firmware stored in memory and executed by a suitable instruction execution system. For example, if implemented in hardware, as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic gate circuit for implementing a logic function on a data signal, an application specific integrated circuit having an appropriate combinational logic gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), or the like.
In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
In the description of the present invention, it is to be understood that the terms "central," "longitudinal," "lateral," "length," "width," "thickness," "upper," "lower," "front," "rear," "left," "right," "vertical," "horizontal," "top," "bottom," "inner," "outer," "clockwise," "counterclockwise," "axial," "radial," "circumferential," and the like are used in the orientations and positional relationships indicated in the drawings for convenience in describing the invention and to simplify the description, and are not intended to indicate or imply that the referenced devices or elements must have a particular orientation, be constructed and operated in a particular orientation, and are therefore not to be considered limiting of the invention.
Furthermore, the terms "first", "second" and "first" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include at least one such feature. In the description of the present invention, "a plurality" means at least two, e.g., two, three, etc., unless specifically limited otherwise.
In the present invention, unless otherwise explicitly stated or limited, the terms "mounted," "connected," "fixed," and the like are to be construed broadly, e.g., as being permanently connected, detachably connected, or integral; can be mechanically or electrically connected; they may be directly connected or indirectly connected through intervening media, or they may be connected internally or in any other suitable relationship, unless expressly stated otherwise. The specific meanings of the above terms in the present invention can be understood by those skilled in the art according to specific situations.
In the present invention, unless otherwise expressly stated or limited, the first feature "on" or "under" the second feature may be directly contacting the first and second features or indirectly contacting the first and second features through an intermediate. Also, a first feature "on," "over," and "above" a second feature may be directly or diagonally above the second feature, or may simply indicate that the first feature is at a higher level than the second feature. A first feature being "under," "below," and "beneath" a second feature may be directly under or obliquely under the first feature, or may simply mean that the first feature is at a lesser elevation than the second feature.
Although embodiments of the present invention have been shown and described above, it is understood that the above embodiments are exemplary and should not be construed as limiting the present invention, and that variations, modifications, substitutions and alterations can be made to the above embodiments by those of ordinary skill in the art within the scope of the present invention.
Claims (6)
1. A method for upgrading an ECU of a vehicle, the method being used for a BootLoader of the ECU, the method comprising:
receiving an upgrade request sent by a client, generating a random number according to the upgrade request, and searching a corresponding public key public _ key for asymmetric encryption and decryption according to an update _ ID in the upgrade request;
encrypting the random number into a ciphertext by using the public key public _ key, and sending the ciphertext to the client, so that the client decrypts the ciphertext by using the asymmetric encryption and decryption private key private _ key corresponding to the update _ ID, and sends a decryption result to the BootLoader;
receiving the decryption result sent by the client, and comparing the decryption result with the random number;
if the comparison is successful, feeding back comparison success information to the client so that the client sends a new application program to the BootLoader;
receiving the new application program, and upgrading the program of the ECU according to the new application program;
wherein the random number comprises a randomly generated first key and a first authentication code;
the decrypting result includes a second authentication code, and the comparing the decrypting result with the random number includes:
comparing the second authentication code with the first authentication code;
when the second authentication code is the same as the first authentication code, the comparison is determined to be successful;
the decryption result further includes a second key, the client further performs symmetric encryption on a new application program by using the second key, and the program upgrade is performed on the ECU according to the new application program, further including:
decrypting the new application using the first key;
before the receiving the upgrade request sent by the client, the method further includes:
judging whether the ECU is reset or not;
if the ECU is reset, checking whether a remote program loading request sent by the client is received;
and if so, establishing communication with the client.
2. The upgrading method of a vehicle ECU according to claim 1, characterized by comprising:
and if the comparison fails, judging that the client is not credible, forbidding the client to carry out program upgrading on the ECU, and running the current application program of the ECU.
3. The upgrading method of a vehicle ECU according to claim 1, characterized in that the program upgrading the ECU according to the new application includes:
performing integrity verification on the new application program;
and if the new application program is determined to be complete, the ECU is upgraded by utilizing the new application program.
4. The method for upgrading the vehicle ECU according to claim 3, wherein the client further performs hash calculation on the new application program to obtain a first hash value, and sends the first hash value to the BootLoader, and the integrity verification of the new application program includes:
carrying out Hash calculation on the new application program to obtain a second Hash value;
comparing the second hash value with the first hash value;
when the second hash value is equal to the first hash value, determining that the new application is complete.
5. A computer-readable storage medium on which a computer program is stored, the computer program, when executed by a processor, implementing the upgrade method for a vehicle ECU according to any one of claims 1 to 4.
6. A client comprising a memory, a processor and a computer program stored on the memory, wherein the computer program, when executed by the processor, implements a method comprising:
sending an upgrade request to a BootLoader of an ECU (electronic control Unit) so that the BootLoader generates a random number according to the upgrade request, searching a corresponding public key public _ key for asymmetric encryption and decryption according to an update _ ID in the upgrade request, encrypting the random number into a ciphertext by using the public key public _ key, and sending the ciphertext to the client;
receiving the ciphertext, and decrypting the ciphertext by using the asymmetric encryption and decryption private key corresponding to the update _ ID;
sending a decryption result to the BootLoader so that the BootLoader compares the decryption result with the random number, and feeding back comparison success information to the client when the comparison is successful;
sending a new application program to the BootLoader according to the comparison success information so that the BootLoader can upgrade the ECU according to the new application program;
wherein the random number comprises a randomly generated first key and a first authentication code;
the decrypting result includes a second authentication code, and the comparing the decrypting result with the random number includes:
comparing the second authentication code with the first authentication code;
when the second authentication code is the same as the first authentication code, the comparison is determined to be successful;
the decryption result further includes a second key, the client further performs symmetric encryption on a new application program by using the second key, and the program upgrade is performed on the ECU according to the new application program, further including:
decrypting the new application using the first key;
before the sending an upgrade request to the BootLoader of the ECU, the method further includes:
judging whether the ECU is reset or not;
if the ECU is reset, checking whether a remote program loading request sent by the client is received;
and if so, establishing communication with the client.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210019168.1A CN114091040B (en) | 2022-01-10 | 2022-01-10 | Vehicle ECU upgrading method, storage medium and client |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210019168.1A CN114091040B (en) | 2022-01-10 | 2022-01-10 | Vehicle ECU upgrading method, storage medium and client |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114091040A CN114091040A (en) | 2022-02-25 |
| CN114091040B true CN114091040B (en) | 2022-05-06 |
Family
ID=80308415
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210019168.1A Active CN114091040B (en) | 2022-01-10 | 2022-01-10 | Vehicle ECU upgrading method, storage medium and client |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114091040B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115314253B (en) * | 2022-07-06 | 2023-08-11 | 湖南行必达网联科技有限公司 | Data processing method, device, system, equipment and working machine |
| CN116318727B (en) * | 2023-03-16 | 2024-05-10 | 北京百度网讯科技有限公司 | ECU access method, device, equipment and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104333576A (en) * | 2014-10-21 | 2015-02-04 | 普华基础软件股份有限公司 | ECU (Electronic Control Unit) upgrading device and method |
| CN109240731A (en) * | 2018-08-29 | 2019-01-18 | 武汉光庭信息技术股份有限公司 | A kind of security upgrading method and system of TBox |
| CN111061499A (en) * | 2019-12-31 | 2020-04-24 | 上海赫千电子科技有限公司 | ECU updating method and system based on file system |
| CN113138775A (en) * | 2020-01-20 | 2021-07-20 | 上海交通大学 | Firmware protection method and system for vehicle-mounted diagnosis system |
-
2022
- 2022-01-10 CN CN202210019168.1A patent/CN114091040B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104333576A (en) * | 2014-10-21 | 2015-02-04 | 普华基础软件股份有限公司 | ECU (Electronic Control Unit) upgrading device and method |
| CN109240731A (en) * | 2018-08-29 | 2019-01-18 | 武汉光庭信息技术股份有限公司 | A kind of security upgrading method and system of TBox |
| CN111061499A (en) * | 2019-12-31 | 2020-04-24 | 上海赫千电子科技有限公司 | ECU updating method and system based on file system |
| CN113138775A (en) * | 2020-01-20 | 2021-07-20 | 上海交通大学 | Firmware protection method and system for vehicle-mounted diagnosis system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114091040A (en) | 2022-02-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110225063B (en) | Upgrading method and system of automobile-mounted system, server and vehicle-mounted terminal | |
| US10708062B2 (en) | In-vehicle information communication system and authentication method | |
| CN111510485B (en) | OTA upgrade package downloading method, device, vehicle end and server | |
| CN114091040B (en) | Vehicle ECU upgrading method, storage medium and client | |
| EP2659373B1 (en) | System and method for secure software update | |
| US9515829B2 (en) | Information distribution method, information distribution system and in-vehicle terminal | |
| JP4996817B2 (en) | Cloning prevention method by flash operation / start-up operation combined with device | |
| CN106302379B (en) | Authentication method, system and device for vehicle-mounted electric appliance | |
| US9148415B2 (en) | Method and system for accessing e-book data | |
| KR101904303B1 (en) | Security software authentication and verification | |
| CN111814132B (en) | Security authentication method and device, security authentication chip and storage medium | |
| CN112248844A (en) | Charging starting method of charging pile, intelligent terminal and charging system | |
| CN113138775B (en) | Firmware protection method and system for vehicle-mounted diagnosis system | |
| CN111147260A (en) | Vehicle key generation and distribution method and device | |
| CN113438087B (en) | System mirror image signature verification method based on state cryptographic algorithm under UBOOT | |
| CN111565182A (en) | Vehicle diagnosis method and device and storage medium | |
| CN114637987A (en) | Security chip firmware downloading method and system based on platform verification | |
| US20220182248A1 (en) | Secure startup method, controller, and control system | |
| CN115514492A (en) | BIOS firmware verification method, device, server, storage medium and program product | |
| CN104732138A (en) | Diagnostic equipment upgrading method and diagnostic equipment | |
| CN115242397A (en) | OTA upgrade security verification method and readable storage medium for vehicle EUC | |
| CN112887099B (en) | Data signing method, electronic device and computer readable storage medium | |
| CN106454826B (en) | Method and device for AP to access AC | |
| CN114692095A (en) | Vehicle-mounted software authorization method, storage medium, electronic device and vehicle | |
| CN116766968A (en) | Vehicle charging method, device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |