CN116366275A - Safety verification method, device, equipment and storage medium based on vehicle controller - Google Patents
Safety verification method, device, equipment and storage medium based on vehicle controller Download PDFInfo
- Publication number
- CN116366275A CN116366275A CN202211313241.2A CN202211313241A CN116366275A CN 116366275 A CN116366275 A CN 116366275A CN 202211313241 A CN202211313241 A CN 202211313241A CN 116366275 A CN116366275 A CN 116366275A
- Authority
- CN
- China
- Prior art keywords
- vehicle controller
- verification
- check
- seed
- response
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
- H04L67/125—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/02—Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]
Landscapes
- Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Lock And Its Accessories (AREA)
Abstract
The invention relates to a safety verification method, a device, equipment and a storage medium based on a vehicle controller, wherein seed request data are acquired and are used for requesting the vehicle controller to verify seeds; transmitting the seed request data to the vehicle controller and waiting for a request response of the vehicle controller; when a target check seed sent by a vehicle controller is received, calculating the target check seed according to a first algorithm to obtain a first check key; the vehicle controller is controlled to operate a plurality of verification seeds in the vehicle controller according to a second algorithm to obtain a verification key set; matching the first check key with a second check key in the check key group to obtain a matching result; and completing the security check based on the matching result. According to the invention, the plurality of verification seeds are preset in the vehicle controller, the verification key group is obtained after the plurality of verification seeds are operated, and then the first verification key obtained by the terminal operation is verified through the verification key group, so that the verification compatibility is improved.
Description
Technical Field
The invention relates to the technical field of safety verification, in particular to a safety verification method, device and equipment based on a vehicle controller and a storage medium.
Background
The popularization of random car intellectualization, and the vehicle ECU (Electronic Control Unit) electronic control unit) is widely used in car systems such as car-mounted systems, navigation systems, battery systems, and the like. Because of the importance of the vehicle ECU, if the vehicle ECU is to be unlocked, it is necessary to perform security authentication on the vehicle ECU, and after passing the security authentication, a corresponding operation can be performed on the vehicle ECU.
In the existing safety verification method, such as chinese patent CN113895222a, a heavy duty car locking verification method based on MD5 Algorithm, when an engine ECU is tested, it is required to obtain seeds from the engine ECU, then make the terminal and the engine ECU calculate the seeds through MD5 Algorithm (MD 5 Message-Digest algorism, MD5 information summary Algorithm) respectively to obtain two passwords, and then compare the passwords to complete the verification. However, the technical scheme generally only supports one-to-one comparison, namely, only one seed is stored in the ECU, and when verification is performed, only verification between one terminal and the vehicle ECU is performed, so that the compatibility is poor.
Disclosure of Invention
The invention aims to provide a safety verification method, a safety verification device, safety verification equipment and a safety verification storage medium based on a vehicle controller, so as to solve the problem of poor verification compatibility of the vehicle controller in the prior art.
In order to achieve the above purpose, the technical scheme adopted by the invention is as follows:
a vehicle controller-based security verification method, the method comprising:
acquiring seed request data, wherein the seed request data is used for requesting a vehicle controller to check seeds;
transmitting the seed request data to a vehicle controller and waiting for a request response of the vehicle controller;
when a target check seed sent by the vehicle controller is received, calculating the target check seed according to a first algorithm to obtain a first check key; the vehicle controller is controlled to operate a plurality of verification seeds in the vehicle controller according to a second algorithm to obtain a verification key set; the plurality of verification seeds includes the target verification seed;
matching the first check key with a second check key in the check key group to obtain a matching result; and completing the security check based on the matching result.
In one embodiment of the present invention, the sending the seed request data to the vehicle controller includes:
acquiring extended session request data for establishing a session with a vehicle controller and security authentication data for performing security authentication on the vehicle controller;
entering a default session mode, transmitting the extended session request data to the vehicle controller in the default session mode, and waiting for a first response of the vehicle controller, wherein the first response comprises a first positive response and a first negative response;
switching a default session mode to an extended session mode upon receiving a first affirmative response from the vehicle controller;
transmitting the security authentication data to the vehicle controller under the extended session model and waiting for a second response of the vehicle controller, the second response comprising a first positive response and a second negative response;
upon receiving a second affirmative response from the vehicle control, passing a secure access authentication;
the seed request data is sent to the vehicle controller upon passing the secure access authentication.
In an embodiment of the present invention, completing the security check based on the matching result includes:
passing a security check when the first check key matches any one of the second check keys in the check key group; and when the first verification key is not matched with all the second verification keys in the verification key set, the security verification is not passed.
In an embodiment of the present invention, after sending the seed request data to a vehicle controller and waiting for a response from the vehicle controller, the method further includes:
and when the target check seed sent by the vehicle controller is not received, the safety check fails and the check flow is ended.
In an embodiment of the present invention, after sending the extended session request data to the vehicle controller and waiting for a first response from the vehicle controller, the method further includes:
upon receiving a first negative response from the vehicle controller, the mode switch fails and the verification process ends.
In an embodiment of the present invention, after sending the security authentication data to the vehicle controller and waiting for a second response from the vehicle controller, the method further includes:
and when receiving a second negative response from the vehicle controller, the safety authentication fails and the verification process is ended.
In an embodiment of the present invention, after passing the security check, the method further includes:
and executing target operation on the vehicle controller, wherein the target operation at least comprises remote upgrading and information modification.
The invention also provides a safety verification device based on the vehicle controller, which comprises:
the acquisition module is used for acquiring seed request data, wherein the seed request data is used for requesting a vehicle controller to check seeds;
the sending module is used for sending the seed request data to a vehicle controller and waiting for a request response of the vehicle controller;
the operation module is used for carrying out operation on the target check seed according to a first algorithm when receiving the target check seed sent by the vehicle controller, so as to obtain a first check key; the vehicle controller is controlled to operate a plurality of verification seeds in the vehicle controller according to a second algorithm to obtain a verification key set; the plurality of verification seeds includes the target verification seed;
the verification module is used for matching the first verification key with a second verification key in the verification key group to obtain a matching result; and completing the security check based on the matching result.
The present invention also provides an electronic device including:
one or more processors;
and a storage means for storing one or more programs which, when executed by the one or more processors, cause the electronic device to implement the vehicle controller-based security verification method as described above.
The present invention also provides a computer-readable storage medium having stored thereon computer-readable instructions that, when executed by a processor of a computer, cause the computer to perform the vehicle controller-based security verification method as described above.
The beneficial effects of the invention are as follows: according to the safety verification method, the device, the equipment and the storage medium based on the vehicle controller, seed request data are obtained, and the seed request data are used for requesting the vehicle controller to verify seeds; transmitting the seed request data to the vehicle controller and waiting for a request response of the vehicle controller; when a target check seed sent by a vehicle controller is received, calculating the target check seed according to a first algorithm to obtain a first check key; the vehicle controller is controlled to operate a plurality of verification seeds in the vehicle controller according to a second algorithm to obtain a verification key set; the plurality of check seeds includes a target check seed; matching the first check key with a second check key in the check key group to obtain a matching result; and completing the security check based on the matching result. According to the invention, a plurality of verification seeds are preset in the vehicle controller, the verification key group is obtained after the plurality of verification seeds are operated, and then the verification key obtained by the terminal operation is verified through the verification key group, so that the verification compatibility is effectively improved.
Drawings
FIG. 1 is an application scenario diagram illustrating a vehicle controller-based security verification method according to an exemplary embodiment of the present application;
FIG. 2 is a flow chart illustrating a vehicle controller-based security verification method according to an exemplary embodiment of the present application;
FIG. 3 is a flowchart illustrating an implementation of a vehicle controller-based security verification method according to an exemplary embodiment of the present application;
FIG. 4 is a flowchart illustrating an implementation of a vehicle controller-based security verification method according to another exemplary embodiment of the present application;
FIG. 5 is a block diagram of a vehicle controller-based security check device shown in an exemplary embodiment of the present application;
fig. 6 shows a schematic diagram of a computer system suitable for use in implementing the electronic device of the embodiments of the present application.
Detailed Description
Further advantages and effects of the present invention will become readily apparent to those skilled in the art from the disclosure herein, by referring to the accompanying drawings and the preferred embodiments. The invention may be practiced or carried out in other embodiments that depart from the specific details, and the details of the present description may be modified or varied from the spirit and scope of the present invention. It should be understood that the preferred embodiments are presented by way of illustration only and not by way of limitation.
It should be noted that the illustrations provided in the following embodiments merely illustrate the basic concept of the present invention by way of illustration, and only the components related to the present invention are shown in the drawings and are not drawn according to the number, shape and size of the components in actual implementation, and the form, number and proportion of the components in actual implementation may be arbitrarily changed, and the layout of the components may be more complicated.
FIG. 1 is an application scenario diagram of a vehicle controller-based security verification method according to an exemplary embodiment of the present application, as shown in FIG. 1, in which a client communicates with a vehicle ECU via a data bus; the data bus may be a CAN (Controller Area Network ) bus, a LIN (Local Interconnect Network, local interconnect network) bus, a FlexRay bus, or a MOST (Media Oriented System Transport, media oriented system transmission) bus; the client can be any equipment supporting data bus communication, such as a vehicle machine, a tablet, an intelligent terminal and the like; the client requests the verification seeds from the vehicle ECU through the data bus, then acquires the verification seeds through the data bus, calculates the verification seeds, and then interacts the verification key/verification key group obtained by calculation through the data bus so as to carry out comparison verification. After verification, the client obtains the corresponding authority, and then performs various operations such as upgrading, information access, information modification, information downloading and the like on the vehicle ECU through the data bus.
As shown in fig. 2, in an exemplary embodiment, the vehicle controller-based security verification method at least includes steps S210 to S240, which are described in detail as follows:
s210, acquiring seed request data, wherein the seed request data is used for requesting a vehicle controller to check seeds;
in this embodiment, the seed request data is stored in advance in a memory of the client, and when the client needs to perform different operations on the vehicle controller, the corresponding seed request data is read from the memory; meanwhile, different security levels exist for different operations, and corresponding seed request data are different; if the seed request data is available for different security levels from 0x00 to 0xFF, by default, all odd values are used for the seed request and the next even value (security level 1 for the seed request) is used to send a security key to the vehicle controller using a security access service identifier (e.g., 0x 27) to unlock.
S220, sending the seed request data to a vehicle controller, and waiting for a request response of the vehicle controller;
in this embodiment, according to a preset communication protocol, the vehicle controller verifies the seed request data after receiving the seed request data, and returns the verification seed corresponding to the seed request data to the vehicle controller after the verification is passed. Therefore, after the seed request data is sent to the vehicle controller, only the response of the vehicle controller is required to be waited, if the response is not performed, namely, when the verification seed sent by the vehicle controller is not received, the safety verification of the vehicle controller fails and the verification flow is ended.
S230, when receiving a target check seed sent by the vehicle controller, calculating the target check seed according to a first algorithm to obtain a first check key; the vehicle controller is controlled to operate a plurality of verification seeds in the vehicle controller according to a second algorithm to obtain a verification key set; the plurality of verification seeds includes the target verification seed;
in step S230, the first algorithm and the second algorithm may be the same algorithm, and when the first algorithm and the second algorithm are the same algorithm, the subsequent matching of the first verification key and the verification key set is to substantially compare the keys; the target check seed sent by the vehicle controller is one of various check seeds stored in the vehicle controller, the various check seeds in the vehicle controller can be check seeds of related manufacturers of the host manufacturer, for example, the sent check seed is check seed for verifying manufacturer A, and when the check seed is stored in advance, the check seeds of a subsidiary company and a branch company of the manufacturer A can be stored in the vehicle controller, so that the check compatibility is improved.
For example, only one seed is AppKeyConst, originally included in the bootloader engineering leveonekeyarith function: 0x and B (company a), and after receiving the request, performing security key calculation by using the seed, and sending the calculated security key to the client. Now, to be compatible with the seeds of company B, another seed 0X is added on this basis, and a (company B).
S240, matching the first verification key with a second verification key in the verification key group to obtain a matching result; and completing the security check based on the matching result.
In step S240, comparing the first verification key obtained by the operation of the client with the second verification keys in the verification key set one by one, and when the first verification key is matched with any one of the second verification keys in the verification key set, passing the security verification; and when the first verification key is not matched with all the second verification keys in the verification key set, the security verification is not passed.
In an embodiment of the present invention, the process of sending the seed request data to the vehicle controller may further include steps S310 to S360, which are described in detail below:
s310, acquiring extended session request data for establishing a session with a vehicle controller and safety authentication data for carrying out safety authentication on the vehicle controller;
s320, entering a default session mode, sending the extended session request data to the vehicle controller in the default session mode, and waiting for a first response of the vehicle controller, wherein the first response comprises a first positive response and a first negative response;
in this embodiment, the default session mode between the client and the vehicle controller is the default session mode, and in order to ensure the security of the vehicle controller, before requesting to check the seed from the vehicle controller, security authentication needs to be performed on the client; in this embodiment, before performing security authentication on the client, the default session mode of the client needs to be switched to the extended session mode; accordingly, the client requests to switch the default session mode to the extended session mode by transmitting the extended session request data to the vehicle controller.
S330, switching a default session mode to an extended session mode when a first affirmative response is received from the vehicle controller; upon receiving a first negative response from the vehicle controller, the mode switch fails and the verification process ends.
In step S330, when the vehicle controller returns a first positive response, it indicates that the vehicle controller agrees to switch the default session mode to the extended session mode, and the client displays that the switching is successful, and enters the extended session mode. If the first positive response of the vehicle controller is not received or the first negative response of the vehicle controller is received within a predetermined time, the mode switching failure is directly displayed in the client and the verification flow is ended.
S340, transmitting the security authentication data to the vehicle controller under the extended session model, and waiting for a second response of the vehicle controller, wherein the second response comprises a first positive response and a second negative response;
in step S340, the secure access authentication may be performed in the extended session mode, that is, the secure authentication data inside the client is sent to the vehicle controller, and the vehicle controller performs the secure authentication on the client through the secure authentication data.
S350, when a second positive response from the vehicle control is received, passing secure access authentication; and when receiving a second negative response from the vehicle controller, the safety authentication fails and the verification process is ended.
In step S350, the vehicle controller returns a second affirmative response indicating that the vehicle controller passes the secure access authentication to the client, at which time the client displays that the secure access authentication is passed. If the second positive response of the vehicle controller is not received within the preset time or the second negative response of the vehicle controller is received, the failure of the security access authentication is directly displayed in the client and the verification process is ended.
And S360, transmitting the seed request data to a vehicle controller when the secure access authentication is passed.
In step S360, after passing the secure access authentication, that is, the vehicle controller can perform data interaction with the client except the authentication data, the seed request data may be sent to the vehicle controller, so as to request the vehicle controller to return the check seed.
In an embodiment of the present invention, the process after the verification of the vehicle controller may further include step S410, which is described in detail below:
s410, executing target operation on the vehicle controller, wherein the target operation at least comprises remote upgrade and information modification.
In this embodiment, when the security check is passed, the operation authority corresponding to the check seed is obtained, so that operations such as corresponding remote upgrade and information modification can be performed on the vehicle controller.
Fig. 3 is a flowchart illustrating an implementation of a vehicle controller-based security verification method according to an exemplary embodiment of the present application, and as shown in fig. 3, the vehicle controller-based security verification method in the present application includes:
client side: the client enters a default session mode and sends the expanded session request data to the vehicle controller;
a vehicle controller: after receiving the extended session request data, the vehicle controller checks the extended session request data, returns a first positive response when passing the check, and returns a first negative response when not passing the check;
client side: when receiving a first positive response, the client switches a default session mode to an extended session mode and sends security access request data to the vehicle controller; the client displays the switching failure of the session mode and ends the verification flow when receiving the first negative response;
a vehicle controller: when the vehicle controller receives the safety access request data, checking the safety access request data, and when the safety access request data passes the checking, returning a second positive response; returning a second negative response when the verification of the safety access request data is not passed;
client side: the client receives the second positive response, shows that the security access authentication is successful, and sends seed request data to the vehicle controller; the client receives the second negative response, displays the failure of the security access authentication, and ends the verification process;
a vehicle controller: when the vehicle controller receives seed request data, searching according to the seed request data, finding out a check seed corresponding to the seed request data, returning the check seed to the client, and calculating the check seed and other check seeds by using a related algorithm to obtain a check key group;
client side: after receiving the check seeds, the client operates the check seeds according to a related algorithm to obtain a first check key, and sends the first check key to the vehicle controller;
a vehicle controller: after receiving the first verification key, the vehicle controller matches the first verification key with the verification key group one by one, and when any one second verification key in the verification key group is consistent with the first verification key, the safety verification of the client is carried out; otherwise, the verification fails.
Fig. 4 is a flowchart of an implementation of a vehicle controller-based security verification method according to another exemplary embodiment of the present application, and is specifically described below:
seeds preset in the vehicle controller include company a: 0X B, B company: 0X a; the battery pack management controller assembly (BMS) cannot perform OTA upgrade, and it is confirmed that the seed used in the current BMS in the OTA upgrade test is 0X a (B company). In some cases, however, the a company needs to perform OTA upgrade, and the seed of the a company corresponds to 0x B (a company). Therefore, when the company a performs OTA upgrade on the vehicle controller, the company a can perform smooth verification through the seed 0X a preset in the vehicle controller, so as to realize the function of the company a compatible client.
According to the safety verification method based on the vehicle controller, seed request data are acquired, and the seed request data are used for requesting the vehicle controller to verify seeds; transmitting the seed request data to the vehicle controller and waiting for a response from the vehicle controller; when a check seed sent by a vehicle controller is received, calculating the check seed according to a first algorithm to obtain a check key; the vehicle controller is controlled to operate the check seeds and the related seeds of the check seeds in the vehicle controller according to a second algorithm to obtain a check key group; matching the verification key with the verification key group to obtain a matching result; and completing verification of the vehicle controller based on the matching result. According to the invention, a plurality of verification seeds are preset in the vehicle controller, the verification key group is obtained after the plurality of verification seeds are operated, and then the verification key obtained by the terminal operation is verified through the verification key group, so that the verification compatibility of the vehicle controller is effectively improved.
As shown in fig. 5, the present invention further provides a safety verification device based on a vehicle controller, the device comprising:
the acquisition module is used for acquiring seed request data, wherein the seed request data is used for requesting a vehicle controller to check seeds;
the sending module is used for sending the seed request data to a vehicle controller and waiting for a request response of the vehicle controller;
the operation module is used for carrying out operation on the target check seed according to a first algorithm when receiving the target check seed sent by the vehicle controller, so as to obtain a first check key; the vehicle controller is controlled to operate a plurality of verification seeds in the vehicle controller according to a second algorithm to obtain a verification key set; the plurality of verification seeds includes the target verification seed;
the verification module is used for matching the first verification key with a second verification key in the verification key group to obtain a matching result; and completing the security check based on the matching result.
It should be noted that, the safety verification device based on the vehicle controller provided in the foregoing embodiment and the safety verification method based on the vehicle controller provided in the foregoing embodiment belong to the same concept, and the specific manner in which each module and unit perform the operation has been described in detail in the method embodiment, which is not repeated herein. In practical application, the safety verification device based on the vehicle controller provided in the above embodiment may distribute the functions to be completed by different functional modules according to needs, that is, the internal structure of the device is divided into different functional modules to complete all or part of the functions described above, which is not limited herein.
The embodiment of the application also provides electronic equipment, which comprises: one or more processors; and a storage device for storing one or more programs which, when executed by the one or more processors, cause the electronic device to implement the vehicle controller-based security verification method provided in the above embodiments.
Fig. 6 shows a schematic diagram of a computer system suitable for use in implementing the electronic device of the embodiments of the present application. It should be noted that, the computer system 600 of the electronic device shown in fig. 6 is only an example, and should not impose any limitation on the functions and the application scope of the embodiments of the present application.
As shown in fig. 6, the computer system 600 includes a central processing unit (Central Processing Unit, CPU) 601, which can perform various appropriate actions and processes, such as performing the methods in the above-described embodiments, according to a program stored in a Read-Only Memory (ROM) 602 or a program loaded from a storage section 608 into a random access Memory (Random Access Memory, RAM) 603. In the RAM 603, various programs and data required for system operation are also stored. The CPU 601, ROM 602, and RAM 603 are connected to each other through a bus 604. An Input/Output (I/O) interface 605 is also connected to bus 604.
The following components are connected to the I/O interface 605: an input portion 606 including a keyboard, mouse, etc.; an output portion 607 including a Cathode Ray Tube (CRT), a liquid crystal display (Liquid Crystal Display, LCD), and a speaker, etc.; a storage section 608 including a hard disk and the like; and a communication section 609 including a network interface card such as a LAN (Local Area Network ) card, a modem, or the like. The communication section 609 performs communication processing via a network such as the internet. The drive 610 is also connected to the I/O interface 605 as needed. Removable media 611 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is installed as needed on drive 610 so that a computer program read therefrom is installed as needed into storage section 608.
In particular, according to embodiments of the present application, the processes described above with reference to flowcharts may be implemented as computer software programs. For example, embodiments of the present application include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising a computer program for performing the method shown in the flowchart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication portion 609, and/or installed from the removable medium 611. When executed by a Central Processing Unit (CPU) 601, performs the various functions defined in the system of the present application.
It should be noted that, the computer readable medium shown in the embodiments of the present application may be a computer readable signal medium or a computer readable storage medium, or any combination of the two. The computer readable storage medium may be, for example, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination thereof. More specific examples of the computer-readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-Only Memory (ROM), an erasable programmable read-Only Memory (Erasable Programmable Read Only Memory, EPROM), flash Memory, an optical fiber, a portable compact disc read-Only Memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present application, a computer-readable signal medium may include a data signal propagated in baseband or as part of a carrier wave, with a computer-readable computer program embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. A computer program embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wired, etc., or any suitable combination of the foregoing.
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. Where each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units involved in the embodiments of the present application may be implemented by means of software, or may be implemented by means of hardware, and the described units may also be provided in a processor. Wherein the names of the units do not constitute a limitation of the units themselves in some cases.
Another aspect of the present application also provides a computer-readable storage medium having stored thereon a computer program which, when executed by a processor of a computer, causes the computer to perform a vehicle controller-based safety verification method as before. The computer-readable storage medium may be included in the electronic device described in the above embodiment or may exist alone without being incorporated in the electronic device.
Another aspect of the present application also provides a computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions so that the computer device performs the vehicle controller-based security verification method provided in the above-described respective embodiments.
The above embodiments are merely preferred embodiments for fully explaining the present invention, and the scope of the present invention is not limited thereto. Equivalent substitutions and modifications will occur to those skilled in the art based on the present invention, and are intended to be within the scope of the present invention.
Claims (10)
1. A vehicle controller-based safety verification method, the method comprising:
acquiring seed request data, wherein the seed request data is used for requesting a vehicle controller to check seeds;
transmitting the seed request data to a vehicle controller and waiting for a request response of the vehicle controller;
when a target check seed sent by the vehicle controller is received, calculating the target check seed according to a first algorithm to obtain a first check key; the vehicle controller is controlled to operate a plurality of verification seeds in the vehicle controller according to a second algorithm to obtain a verification key set; the plurality of verification seeds includes the target verification seed;
matching the first check key with a second check key in the check key group to obtain a matching result; and completing the security check based on the matching result.
2. The vehicle controller-based security verification method according to claim 1, wherein: transmitting the seed request data to a vehicle controller, comprising:
acquiring extended session request data for establishing a session with a vehicle controller and security authentication data for performing security authentication on the vehicle controller;
entering a default session mode, transmitting the extended session request data to the vehicle controller in the default session mode, and waiting for a first response of the vehicle controller, wherein the first response comprises a first positive response and a first negative response;
switching a default session mode to an extended session mode upon receiving a first affirmative response from the vehicle controller;
transmitting the security authentication data to the vehicle controller under the extended session model and waiting for a second response of the vehicle controller, the second response comprising a first positive response and a second negative response;
upon receiving a second affirmative response from the vehicle control, passing a secure access authentication;
the seed request data is sent to the vehicle controller upon passing the secure access authentication.
3. The vehicle controller-based security verification method according to claim 1, wherein: completing the security check based on the matching result, including:
passing a security check when the first check key matches any one of the second check keys in the check key group; and when the first verification key is not matched with all the second verification keys in the verification key set, the security verification is not passed.
4. The vehicle controller-based security verification method according to claim 1, wherein: after sending the seed request data to a vehicle controller and waiting for a response from the vehicle controller, the method further comprises:
and when the target check seed sent by the vehicle controller is not received, the safety check fails and the check flow is ended.
5. The vehicle controller-based security verification method according to claim 2, wherein: after sending the extended session request data to the vehicle controller and waiting for a first response by the vehicle controller, the method further comprises:
upon receiving a first negative response from the vehicle controller, the mode switch fails and the verification process ends.
6. The vehicle controller-based safety verification method according to claim 2, wherein after transmitting the safety authentication data to the vehicle controller and waiting for a second response of the vehicle controller, further comprising:
and when receiving a second negative response from the vehicle controller, the safety authentication fails and the verification process is ended.
7. A vehicle controller-based security verification method according to claim 3, wherein: after passing the security check, the method further comprises:
and executing target operation on the vehicle controller, wherein the target operation at least comprises remote upgrading and information modification.
8. A vehicle controller-based safety verification device, the device comprising:
the acquisition module is used for acquiring seed request data, wherein the seed request data is used for requesting a vehicle controller to check seeds;
the sending module is used for sending the seed request data to a vehicle controller and waiting for a request response of the vehicle controller;
the operation module is used for carrying out operation on the target check seed according to a first algorithm when receiving the target check seed sent by the vehicle controller, so as to obtain a first check key; the vehicle controller is controlled to operate a plurality of verification seeds in the vehicle controller according to a second algorithm to obtain a verification key set; the plurality of verification seeds includes the target verification seed;
the verification module is used for matching the first verification key with a second verification key in the verification key group to obtain a matching result; and completing the security check based on the matching result.
9. An electronic device, comprising:
one or more processors;
storage means for storing one or more programs which, when executed by the one or more processors, cause the electronic device to implement the vehicle controller-based security verification method of any one of claims 1 to 7.
10. A computer readable storage medium having stored thereon computer readable instructions which, when executed by a processor of a computer, cause the computer to perform the vehicle controller-based security verification method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211313241.2A CN116366275A (en) | 2022-10-25 | 2022-10-25 | Safety verification method, device, equipment and storage medium based on vehicle controller |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211313241.2A CN116366275A (en) | 2022-10-25 | 2022-10-25 | Safety verification method, device, equipment and storage medium based on vehicle controller |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116366275A true CN116366275A (en) | 2023-06-30 |
Family
ID=86926948
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211313241.2A Pending CN116366275A (en) | 2022-10-25 | 2022-10-25 | Safety verification method, device, equipment and storage medium based on vehicle controller |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116366275A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117729051A (en) * | 2024-02-04 | 2024-03-19 | 慧翰微电子股份有限公司 | Bidirectional safety verification method for MCU software upgrade and automobile control system |
-
2022
- 2022-10-25 CN CN202211313241.2A patent/CN116366275A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117729051A (en) * | 2024-02-04 | 2024-03-19 | 慧翰微电子股份有限公司 | Bidirectional safety verification method for MCU software upgrade and automobile control system |
| CN117729051B (en) * | 2024-02-04 | 2024-05-10 | 慧翰微电子股份有限公司 | Bidirectional safety verification method for MCU software upgrade and automobile control system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107729757B (en) | Software authentication before software update | |
| CN111263352A (en) | OTA (over the air) upgrading method and system of vehicle-mounted equipment, storage medium and vehicle-mounted equipment | |
| CN113094062A (en) | Upgrading method and device | |
| WO2021203604A1 (en) | Update test method and apparatus for vehicle component, and computer device and storage medium | |
| CN111949288A (en) | Intelligent element remote upgrading method and system based on vehicle-mounted Ethernet | |
| CN112311892A (en) | Automobile key matching method and device and automobile communication interface equipment | |
| US20240069906A1 (en) | Server, software update system, distribution method, and non-transitory storage medium | |
| CN116366275A (en) | Safety verification method, device, equipment and storage medium based on vehicle controller | |
| CN115696266A (en) | Vehicle-mounted controller upgrading method, device, equipment and storage medium | |
| JP2023518402A (en) | Certificate list update method and device | |
| CN115437915A (en) | Vehicle-based version testing method and device and electronic equipment | |
| CN115515012A (en) | Key burning method and device, electronic equipment board card and storage medium | |
| CN113282310A (en) | Application management method and system, vehicle-mounted device, server and readable storage medium | |
| CN115603982B (en) | Vehicle-mounted terminal security authentication method and device, electronic equipment and storage medium | |
| CN116015959B (en) | Real name authentication method, device, electronic equipment and storage medium | |
| CN116366636A (en) | Vehicle software upgrading method and device and automobile | |
| CN110708311A (en) | Download permission authorization method and device and server | |
| CN115174645B (en) | Automobile OTA cloud interaction method and system | |
| CN116155579A (en) | Secure communication method, system, storage medium and vehicle | |
| CN114866530B (en) | Method, device and computer storage medium for downloading upgrade data packet | |
| CN115734189B (en) | Control method and device for vehicle, electronic equipment and storage medium | |
| CN113271320B (en) | Terminal authentication method, device, system, medium and equipment | |
| CN115967502A (en) | Terminal security upgrading method and system, electronic equipment and readable storage medium | |
| CN117707568A (en) | Vehicle-mounted system upgrading method, device, equipment and medium | |
| KR20230000852A (en) | Apparatus for updating software of vehicle and control method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |