CN116541046B - Energy storage system upgrading method and device, computer equipment and readable storage medium - Google Patents
Energy storage system upgrading method and device, computer equipment and readable storage medium Download PDFInfo
- Publication number
- CN116541046B CN116541046B CN202310816678.6A CN202310816678A CN116541046B CN 116541046 B CN116541046 B CN 116541046B CN 202310816678 A CN202310816678 A CN 202310816678A CN 116541046 B CN116541046 B CN 116541046B
- Authority
- CN
- China
- Prior art keywords
- verification
- preset
- firmware
- upgrade package
- target
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 72
- 238000004146 energy storage Methods 0.000 title claims abstract description 71
- 238000012795 verification Methods 0.000 claims abstract description 177
- 230000005856 abnormality Effects 0.000 claims description 12
- 238000004590 computer program Methods 0.000 claims description 12
- 230000008569 process Effects 0.000 abstract description 17
- 230000006854 communication Effects 0.000 description 19
- 238000004891 communication Methods 0.000 description 17
- 230000003993 interaction Effects 0.000 description 6
- 238000013524 data verification Methods 0.000 description 5
- 238000012545 processing Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 230000008859 change Effects 0.000 description 2
- 125000004122 cyclic group Chemical group 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- OKTJSMMVPCPJKN-UHFFFAOYSA-N Carbon Chemical compound [C] OKTJSMMVPCPJKN-UHFFFAOYSA-N 0.000 description 1
- 229910021389 graphene Inorganic materials 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000004806 packaging method and process Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/105—Arrangements for software license management or administration, e.g. for managing licenses at corporate level
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/34—Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02E—REDUCTION OF GREENHOUSE GAS [GHG] EMISSIONS, RELATED TO ENERGY GENERATION, TRANSMISSION OR DISTRIBUTION
- Y02E60/00—Enabling technologies; Technologies with a potential or indirect contribution to GHG emissions mitigation
- Y02E60/10—Energy storage using batteries
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Stored Programmes (AREA)
Abstract
The application relates to an energy storage system upgrading method, a device, computer equipment and a readable storage medium, comprising the following steps: carrying out handshake verification for preset times according to a preset upgrading request and a cloud; after the handshake verification is completely successful, receiving a firmware upgrade package issued by the cloud; adding data to be verified to the firmware upgrade package to obtain a target firmware upgrade package; the target firmware upgrade package is sent to target slave equipment of the energy storage system; and finishing firmware upgrading of the target slave equipment according to the feedback signal of the target slave equipment. According to the application, a plurality of verification modes are added in the handshake process and the firmware upgrade package distribution process, so that the security of the energy storage system in OTA upgrade is effectively improved.
Description
Technical Field
The present application relates to the field of firmware upgrade of energy storage systems, and in particular, to an energy storage system upgrade method, apparatus, computer device, and readable storage medium.
Background
When the existing energy storage system is upgraded by Over-the-Air Technology (OTA), a complex communication connection process is required, and the system potential safety hazard is easily caused by malicious attack in the communication process.
Accordingly, there is a need for an energy storage system upgrade scheme that improves security during OTA upgrades.
Disclosure of Invention
Based on this, it is necessary to provide an energy storage system upgrading method, an apparatus, a computer device and a readable storage medium for solving the security problem in the energy storage system OTA upgrading process.
The specific scheme is as follows:
in a first aspect, a method for upgrading an energy storage system includes:
carrying out handshake verification for preset times according to a preset upgrading request and a cloud;
if the handshake verification is successful, receiving a firmware upgrade package issued by the cloud;
adding data to be verified to the firmware upgrade package to obtain a target firmware upgrade package;
the target firmware upgrade package is sent to target slave equipment of the energy storage system;
and finishing firmware upgrading of the target slave equipment according to the feedback signal of the target slave equipment.
In one embodiment, before the handshake verification is performed with the cloud end for a preset number of times according to the preset upgrade request, the method further includes:
establishing Bluetooth connection with a preset terminal;
transmitting current firmware information to the preset terminal;
and when the current firmware information is different from the latest firmware information of the preset terminal, receiving the preset upgrading request sent by the preset terminal.
In one embodiment, the performing handshake verification for a preset number of times according to a preset upgrade request and the cloud includes:
receiving partial encryption data of the firmware upgrade package sent by the cloud;
verifying the partial encrypted data according to a first preset verification method to obtain a first verification result;
if the first verification result is verification passing, verifying the partial encrypted data according to a second preset verification method to obtain a second verification result;
and if the second verification result is verification passing, determining that the handshake verification is completely successful.
In one embodiment, the verifying the partially encrypted data according to the first preset verification method includes:
verifying the digital signature in the part of the encrypted data according to the digital certificate;
if the digital signature passes the verification, outputting a first verification result passing the verification;
and if the digital signature fails to verify, outputting a first verification result of the verification failure.
In one embodiment, the verifying the partially encrypted data according to the second preset verification method includes:
decrypting the partially encrypted data according to an AES private key;
if the target feature code is obtained through decryption, outputting a second verification result passing verification;
and if the target feature code is not obtained through decryption, outputting a second verification result of verification failure.
In one embodiment, the completing the firmware upgrade of the target slave device according to the feedback signal of the target slave device includes:
if the feedback signal of the target slave device is the first feedback signal, continuously sending the firmware upgrading packet to the target slave device until the target slave device finishes firmware upgrading;
and if the feedback signal of the target slave device is the second feedback signal, stopping sending the firmware upgrade package to the target slave device, and sending the verification abnormality information to a preset terminal.
In one embodiment, the adding data to be verified to the firmware upgrade package to obtain a target firmware upgrade package includes:
and generating and adding the data to be verified at intervals of preset frames between the upgrade package data of each firmware upgrade package to obtain the target firmware upgrade package, wherein the data to be verified is associated with the local current time.
In a second aspect, an embodiment of the present application provides an energy storage system upgrade apparatus, which is characterized in that the apparatus includes:
the handshake module is used for performing handshake verification for preset times with the cloud according to a preset OTA upgrading request;
the receiving module is used for receiving the firmware upgrade package issued by the cloud if the handshake verification is completely successful;
the encryption module is used for adding data to be verified to the firmware upgrading packet so as to obtain a target firmware upgrading packet;
the sending module is used for sending the target firmware upgrade package to target slave equipment of the energy storage system;
and the upgrading module is used for finishing the firmware upgrading of the target slave equipment according to the feedback signal of the target slave equipment.
In a third aspect, a computer device includes a processor and a memory, the memory storing a computer program, the processor implementing the steps of the energy storage system upgrade method of the first aspect when executing the computer program.
In a fourth aspect, a computer readable storage medium has stored thereon a computer program which, when executed by a processor, implements the steps of the energy storage system upgrade method of the first aspect.
In summary, the embodiment of the application provides an energy storage system upgrading method, an energy storage system upgrading device, computer equipment and a readable storage medium, which comprise the following steps: carrying out handshake verification for preset times according to a preset upgrading request and a cloud; after the handshake verification is completely successful, receiving a firmware upgrade package issued by the cloud; adding data to be verified to the firmware upgrade package to obtain a target firmware upgrade package; the target firmware upgrade package is sent to target slave equipment of the energy storage system; and finishing firmware upgrading of the target slave equipment according to the feedback signal of the target slave equipment. According to the application, a plurality of verification modes are added in the handshake process and the firmware upgrade package distribution process, so that the security of the energy storage system in OTA upgrade is effectively improved.
Drawings
FIG. 1 is a schematic diagram of an application environment of an energy storage system upgrade method according to one embodiment;
FIG. 2 is a flow chart of an energy storage system upgrade method according to one embodiment;
FIG. 3 is a flow chart illustrating an exemplary method for upgrading an energy storage system according to another embodiment;
FIG. 4 is a schematic diagram of a handshake verification procedure of an energy storage system upgrade method according to an embodiment;
FIG. 5 is a schematic diagram of a device module of an energy storage system upgrade device according to one embodiment;
fig. 6 is a schematic device configuration diagram of a computer device in one embodiment.
Detailed Description
The present application will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present application more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the application.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs. The terminology used herein in the description of the application is for the purpose of describing particular embodiments only and is not intended to be limiting of the application.
It will be understood that the terms first, second, etc. as used herein may be used to describe various elements, but these elements are not limited by these terms. These terms are only used to distinguish one element from another element. For example, a first resistance may be referred to as a second resistance, and similarly, a second resistance may be referred to as a first resistance, without departing from the scope of the application. Both the first resistor and the second resistor are resistors, but they are not the same resistor.
It is to be understood that in the following embodiments, "connected" is understood to mean "electrically connected", "communicatively connected", etc., if the connected circuits, devices, units, etc., have electrical or data transfer between them.
As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," and/or the like, specify the presence of stated features, integers, steps, operations, elements, components, or groups thereof, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, or groups thereof.
In one embodiment, an energy storage system upgrade method is provided for use in an application environment such as that shown in fig. 1. As shown in fig. 1, the energy storage system includes a master device and a plurality of slave devices, the master device being communicatively coupled to each slave device.
The host equipment of the energy storage system is also in communication connection with a preset terminal and is used for acquiring firmware upgrading instructions from the preset terminal so as to upgrade the firmware of the host equipment and each slave equipment. The communication connection manner between the host device and the preset terminal may be bluetooth connection or WIFI connection, which is not specifically limited in this embodiment. The preset terminal comprises, but is not limited to, a mobile phone, a personal computer, a robot or intelligent wearable device and the like.
Specifically, as shown in fig. 1, the slave device includes 4 slave devices, such as slave device a, slave device b, slave device c, slave device d, and the like, where each slave device can control an independent energy storage module. It should be noted that the number of slave devices may be set according to the actual application scenario, and is only illustrated herein as an example and not specifically limited.
The host device and the slave device may communicate data based on a controller area network bus (Controller Area Network, abbreviated as CAN) communication protocol, or may communicate using other communication protocols, which is not limited in this embodiment.
In the actual application process, communication interaction is carried out between the preset terminal and the cloud terminal, the cloud terminal packages a firmware upgrade program according to a preset protocol, and an upgrade uniform resource locator (Uniform Resource Locator, URL for short) is sent to the preset terminal, wherein the type of the preset protocol can be selected in a self-adaptive mode according to an actual application scene. In addition, after receiving an upgrade instruction sent by a preset terminal, a host device of the energy storage system performs communication interaction with a cloud to obtain a firmware upgrade package sent by the cloud, wherein the cloud can also be called a cloud server or a cloud computing platform, and the cloud is used for providing computing, networking and storage capacity based on services of hardware resources and software resources.
Before firmware upgrade is performed on the host device or the slave device, the preset terminal obtains the device type of the host device, the device type of the slave device, firmware version information of the host device and firmware version information of the slave device through the host device, wherein the firmware version information comprises information such as a firmware version number, a firmware size, a firmware cyclic redundancy check (Cyclic redundancy check, CRC for short) and the like.
The method comprises the steps that a preset terminal receives version information of latest firmware pushed by a cloud in real time, compares the version information of the latest firmware with the version information of current firmware of a host device and a slave device, and enables the host device and the slave devices to start firmware upgrading when the version information of the latest firmware is different from the version information of the current firmware.
In one embodiment, as shown in fig. 2, a method for upgrading an energy storage system is provided, and the method is applied to the application environment in fig. 1 for illustration, and includes the following steps:
s101, carrying out handshake verification for a preset number of times according to a preset OTA upgrading request and a cloud.
Specifically, a preset Over-the-Air Technology (OTA) upgrade request is generated by a preset terminal according to current firmware information of the energy storage system and latest firmware information sent by a cloud. The preset terminal compares the current firmware information with the latest firmware information, and when the firmware version of the latest firmware information is different from the firmware version of the current firmware information, a preset OTA upgrading request is sent to the energy storage system.
After receiving a preset OTA upgrading request, the energy storage system starts to execute a plurality of handshaking verifications with the cloud, and only after all the handshaking verifications are successful, data communication is started.
S102, after all handshake verification is successful, receiving a firmware upgrade package issued by a cloud;
specifically, after all handshake verification with the cloud is successful, the host device of the energy storage system receives an encrypted firmware upgrade package sent by the cloud. After the host equipment receives the firmware upgrade package locally, the data to be verified is added to the encrypted firmware upgrade package for processing.
S103, adding data to be verified for the firmware upgrade package to obtain a target firmware upgrade package;
specifically, the host device is preset with a local encryption algorithm, and the local encryption algorithm is used for adding data to be verified to a firmware upgrade package sent by the cloud to form a target firmware upgrade package containing the data to be verified. After the slave device reads the data to be verified, data verification processing is performed according to the data to be verified, and only when the verification result of the slave device is consistent with the data to be verified, the slave device continues to receive the firmware upgrade package.
In one embodiment, adding data to be verified to a firmware upgrade package to obtain a target firmware upgrade package includes:
generating and adding data to be verified at intervals of preset frames among the upgrade package data of each firmware upgrade package to obtain a target firmware upgrade package, wherein the data to be verified is associated with the local current time.
Specifically, when the host device adds the data to be verified, the data to be verified is embedded into the firmware upgrade package at intervals of a preset frame number.
For example, if a firmware upgrade packet has a size of 3 megabytes and defines 8 bytes as 1 frame, the 3 megabytes firmware upgrade packet has 393216 frames, and data to be verified is added every 10 frames, and when receiving data, the slave device performs data verification processing every 10 frames.
In the actual application process, the data to be verified is generated in real time and is associated with the local current time of the host equipment, when the slave equipment performs handshake with the host equipment, the local current time of the host equipment is obtained, the local verification data of the slave equipment is obtained according to the local current time of the host equipment, when the local verification data of the slave equipment is consistent with the data to be verified of the firmware upgrade package, the communication between the host equipment and the slave equipment is normal and is not attacked by malicious programs, and the firmware upgrade package of the host equipment can be continuously received.
In the implementation process, the preset frame number of the interval can be adaptively set according to the data size of the firmware upgrade package, and the larger the firmware upgrade package data is, the larger the preset frame number of the interval is, so that the preset frame number is not specifically limited in the embodiment. It should be noted that the preset number of frames is optimal to minimize the number of verification times.
S104, sending the target firmware upgrade package to target slave equipment of the energy storage system;
specifically, before the host device sends the target firmware upgrade packet to the target slave device, handshake is further required between the host device and the target slave device to unify the communication protocol.
After the handshake between the host device and the target slave device is successful, the target firmware upgrade packet is sent to the target slave device, so that the target slave device starts to upgrade the firmware.
S105, according to the feedback signal of the target slave device, the OTA upgrade of the target slave device is completed.
Specifically, when receiving the target firmware upgrade package, the target slave device performs a real-time data verification step according to the data to be verified added by the host device, and sends a corresponding feedback signal to the host device. And the host equipment completes the OTA upgrading process of the target slave equipment according to the feedback signal sent by the target slave equipment.
In one embodiment, as shown in fig. 3, before handshake verification is performed with the cloud end for a preset number of times according to a preset OTA upgrade request, the method further includes:
s201, bluetooth connection is established with a preset terminal.
S202, current firmware information is sent to the preset terminal, so that the preset terminal judges whether to send a preset OTA upgrading request according to the latest firmware information and the current firmware information.
S203, when the latest firmware information is different from the current firmware information, a preset OTA upgrading request sent by a preset terminal is received.
In a specific implementation process, before a firmware upgrading step is performed, a host device of the energy storage system establishes a bluetooth connection with a preset terminal so as to facilitate subsequent reception of a preset OTA upgrading request.
Bluetooth connection is established between the preset terminal and the energy storage system, so that the OTA upgrading step can be started to be executed, the communication connection process of the energy storage system for OTA upgrading is effectively simplified, and the OTA upgrading efficiency of the energy storage system is effectively improved.
Specifically, the current firmware information includes current firmware information of the master device and current firmware information of each slave device.
In one embodiment, the types and addresses of the slave devices are different, and the firmware information of the slave devices is associated with the types, and when the host device sends the current firmware information of the slave devices to the preset terminal, the types, addresses and current firmware information of the slave devices are packaged and sent to the preset terminal, so that the preset terminal can conveniently identify the corresponding latest firmware information.
The preset terminal compares the current firmware information and the latest firmware information with the same equipment type, and sends a preset OTA upgrading request to the host equipment of the energy storage system only when the current firmware information and the latest firmware information are different.
Specifically, the host device sends the current firmware information of the host device and the slave device to the preset terminal at intervals of preset time, and the preset time can be adaptively set according to the actual application scenario, which is not limited herein.
After receiving the preset OTA upgrading request, the host equipment starts to carry out a handshake connection step with the cloud.
In one embodiment, as shown in fig. 4, performing handshake verification for a preset number of times according to a preset OTA upgrade request and a cloud, including:
s1011, receiving partial encryption data of the firmware upgrade package sent by the cloud;
specifically, the partially encrypted data is a summary portion of the firmware upgrade package.
Before the cloud end sends the firmware upgrade package to the host equipment, adding a feature code to the summary part of the firmware upgrade package, and packaging the summary part after adding the feature code to obtain a part of upgrade data package; and then, encrypting part of the upgrade data packet by adopting an AES encryption algorithm, and after the digital visa is added, sending part of the upgrade data packet with the digital visa to host equipment.
The part of the encryption data of the firmware upgrade package received by the host device, namely the encryption part upgrade data package comprising the digital visa and the feature code.
In the practical application process, the part of the encrypted data may be an upgrade data packet obtained after the step of adding the feature code, the step of encrypting and the step of adding the digital visa in other content parts of the firmware upgrade package, which is not limited by the specific part of the encrypted data in the embodiment.
S1012, verifying part of the encrypted data according to a first preset verification method to obtain a first verification result;
in a specific embodiment, the number of handshake verification can be adaptively set according to an actual application scene, and through setting a plurality of handshake verification steps, the situations of data loss, system abnormality and the like caused by malicious attack of other devices in the communication process of the cloud and the host device can be effectively prevented.
The first preset verification method is used for verifying the authenticity of the digital visa. The first verification result comprises verification success and verification failure; when the first verification result is successful, the host device is proved to verify the digital visa without errors; and when the first verification result is verification failure, indicating that the host equipment has error in verification of the digital visa.
Specifically, the cloud end can encrypt the digital visa by adopting an SHA-256 algorithm and can encrypt the digital visa by adopting other types of encryption algorithms in the process of adding the digital visa.
In one embodiment, verifying the partially encrypted data according to a first preset verification method includes:
verifying the digital signature in the partial encrypted data according to the digital certificate;
if the digital signature passes the verification, outputting a first verification result passing the verification;
if the digital signature fails to verify, outputting a first verification result of the verification failure.
Specifically, the digital certificate may be generated and verified in the x.509 format, or may be generated and verified in another format, which is not limited in this embodiment, and may be adaptively replaced according to an actual application scenario.
S1013, if the first verification result is verification passing, verifying part of the encrypted data according to a second preset verification method to obtain a second verification result;
specifically, the second preset verification method is only executed after the first preset verification method is executed, and the execution is started after the first verification result of verification passing is obtained. If the first verification result is verification failure, the host device of the energy storage system refuses the firmware upgrade package sent by the cloud and feeds back failure of executing the OTA upgrade request to the preset terminal. And the user can check the node failed in execution of the OTA upgrading request through the preset terminal, and correspondingly adjust the firmware upgrading package and the energy storage system.
And if the first verification result is verification passing, performing second verification on the part of the encrypted data. The second preset verification method is used for the feature codes in the partial encrypted data, and if the corresponding feature codes are detected after the partial encrypted data is decrypted, the second verification of the instruction book host equipment is passed; and if the corresponding feature code is not detected after the encrypted data is decrypted, indicating that the second verification of the host equipment fails.
In one embodiment, verifying the partially encrypted data according to a second preset verification method includes:
decrypting the partial encrypted data according to the AES private key to obtain a target feature code in the partial encrypted data;
if the target feature code is obtained, outputting a second verification result passing verification;
and if the target feature code is not obtained, outputting a second verification result of verification failure.
In a specific embodiment, the cloud end encrypts a part of the upgrade data packet of the firmware upgrade packet by an AES encryption method, and the host device decrypts the part of the encrypted data by an AES private key and detects a target feature code in the decrypted part of the upgrade data packet.
In the implementation process, if the cloud end encrypts part of the upgrade data packet of the firmware upgrade packet by adopting other encryption modes, the host equipment decrypts part of the encrypted data by adopting corresponding decryption modes. The encryption mode can be adaptively replaced according to the actual application scene, which is not limited in this embodiment.
Specifically, if the second verification result is verification failure, the host device of the energy storage system refuses the firmware upgrade package sent by the cloud, and feeds back an execution failure of the OTA upgrade request to the preset terminal. And the user can check the node failed in execution of the OTA upgrading request through the preset terminal, and correspondingly adjust the firmware upgrading package and the energy storage system.
S1014, if the second verification result is verification passing, determining that the handshake verification is all successful.
Specifically, the embodiment sets a two-way handshake verification process, and the host device executes a first preset verification method and a second preset verification method according to a preset sequence, and when a second verification result is received to pass verification, the multiple-way handshake verification between the host device and the cloud is completely successful.
In a specific embodiment, the number of handshake verifications may also be adaptively added according to an actual application scenario, which is not limited in this embodiment. When the number of times of handshake authentication is three or more, the execution sequence of each handshake authentication needs to be set in advance, and the host device sequentially executes each handshake authentication step according to the execution sequence set in advance.
In one embodiment, according to a feedback signal of the target slave device, the method for completing the OTA upgrade of the target slave device includes:
if the feedback signal of the target slave device is the first feedback signal, continuously sending a firmware upgrade package to the target slave device until the target slave device finishes OTA upgrade;
and if the feedback signal of the target slave device is the second feedback signal, stopping sending the firmware upgrade package to the target slave device, and sending the verification abnormality information to the preset terminal.
Specifically, the first feedback signal is a feedback signal with normal data verification, and after the host device receives the first feedback signal, the firmware upgrade package is continuously sent to the target slave device. The second feedback signal is a feedback signal of data verification abnormality, after the host equipment receives the second feedback signal, the host equipment stops sending the firmware upgrade package to the target slave equipment, generates verification abnormality information of the target slave equipment verification abnormality, and sends the verification abnormality information to the preset terminal, so that a user can quickly position the target slave equipment according to the verification abnormality information in the preset terminal, and the problem of the upgrade abnormality is solved.
In summary, the embodiment of the application provides an energy storage system upgrading method, which effectively improves the safety of communication interaction between an energy storage system and a cloud end and ensures the data safety of a firmware upgrading packet by performing a multiple handshake verification step before communication interaction between the energy storage system and the cloud end. Before the host device of the energy storage system sends the firmware upgrade package to the slave device of the energy storage system, verification data is additionally added to the firmware upgrade package, so that the communication safety between the host device and the slave device is further improved, the firmware upgrade package is effectively prevented from being damaged and replaced due to attack of malicious programs, and the safety of OTA upgrade of the energy storage system is greatly improved.
It should be understood that, although the steps in the flowcharts related to the above embodiments are sequentially shown as indicated by arrows, these steps are not necessarily sequentially performed in the order indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in the flowcharts referred to in the above embodiments may include a plurality of sub-steps or a plurality of stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of execution of the steps or stages is not necessarily sequential, but may be performed alternately or alternately with at least some of the other steps or stages.
Based on the same inventive concept, the embodiment of the application also provides a firmware upgrading device for realizing the above related firmware upgrading method. The implementation of the solution provided by the device is similar to the implementation method described in the above method, so the specific limitation in one or more firmware upgrading device embodiments provided below may refer to the limitation of the firmware upgrading method described above, and will not be repeated here.
In one embodiment, as shown in fig. 5, there is provided an energy storage system upgrade apparatus 500, comprising:
the handshake module 510 is configured to perform handshake verification for a preset number of times with the cloud according to a preset OTA upgrade request;
the receiving module 520 is configured to receive a firmware upgrade package sent by the cloud after all the handshaking verification is successful;
an encryption module 530, configured to add data to be verified to the firmware upgrade package, so as to obtain a target firmware upgrade package;
a sending module 540, configured to send the target firmware upgrade package to a target slave device of the energy storage system;
and the upgrading module 550 is configured to complete OTA upgrading of the target slave device according to the feedback signal of the target slave device.
In one embodiment, the energy storage system upgrade apparatus 500 further comprises:
the Bluetooth connection module is used for establishing Bluetooth connection with a preset terminal; transmitting current firmware information to the preset terminal so that the preset terminal judges whether to transmit the preset OTA upgrading request according to the latest firmware information and the current firmware information; and when the latest firmware information is different from the current firmware information, receiving the preset OTA upgrading request sent by the preset terminal.
In one embodiment, the handshake module 510 is specifically configured to receive part of the encrypted data of the firmware upgrade package sent by the cloud; verifying the partial encrypted data according to a first preset verification method to obtain a first verification result; if the first verification result is verification passing, verifying the partial encrypted data according to a second preset verification method to obtain a second verification result; and if the second verification result is verification passing, determining that the handshake verification is completely successful.
In one embodiment, the handshake module 510 is specifically configured to verify a digital signature in the partially encrypted data according to a digital certificate; if the digital signature passes the verification, outputting a first verification result passing the verification; and if the digital signature fails to verify, outputting a first verification result of the verification failure.
In one embodiment, the handshake module 510 is specifically configured to decrypt the partially encrypted data according to an AES private key to obtain a target feature code in the partially encrypted data; if the target feature code is obtained, outputting a second verification result passing verification; and if the target feature code is not obtained, outputting a second verification result of verification failure.
In one embodiment, the upgrade module 550 is specifically configured to continuously send the firmware upgrade package to the target slave device if the feedback signal of the target slave device is the first feedback signal, until the target slave device completes the OTA upgrade; and if the feedback signal of the target slave device is the second feedback signal, stopping sending the firmware upgrade package to the target slave device, and sending the verification abnormality information to a preset terminal.
In one embodiment, the encryption module 530 is specifically configured to generate and add the data to be verified at intervals of a preset number of frames between the upgrade package data of each firmware upgrade package, so as to obtain the target firmware upgrade package, where the data to be verified is associated with a local current time.
In summary, the embodiment of the application provides an energy storage system upgrading device, which effectively improves the safety of communication interaction between an energy storage system and a cloud end and ensures the data safety of a firmware upgrading packet by performing a multiple handshake verification step before communication interaction between the energy storage system and the cloud end. Before the host device of the energy storage system sends the firmware upgrade package to the slave device of the energy storage system, verification data is additionally added to the firmware upgrade package, so that the communication safety between the host device and the slave device is further improved, the firmware upgrade package is effectively prevented from being damaged and replaced due to attack of malicious programs, and the safety of OTA upgrade of the energy storage system is greatly improved.
In addition, referring to fig. 6, an embodiment of the present application provides a computer device including a processor and a memory, the memory storing a computer program, the processor implementing the following steps when executing the computer program:
carrying out handshake verification for a preset number of times according to a preset OTA upgrading request and a cloud;
after the handshake verification is completely successful, receiving a firmware upgrade package issued by the cloud;
adding data to be verified to the firmware upgrade package to obtain a target firmware upgrade package;
the target firmware upgrade package is sent to target slave equipment of the energy storage system;
and finishing OTA upgrading of the target slave equipment according to the feedback signal of the target slave equipment.
In a specific real-time process, the computer device may be an energy storage device or any control device belonging to an energy storage system, which is not limited in this embodiment.
The embodiment of the application provides a computer readable storage medium, which stores a computer program, and the computer program realizes the following steps when being executed by a processor:
carrying out handshake verification for a preset number of times according to a preset OTA upgrading request and a cloud;
after the handshake verification is completely successful, receiving a firmware upgrade package issued by the cloud;
adding data to be verified to the firmware upgrade package to obtain a target firmware upgrade package;
the target firmware upgrade package is sent to target slave equipment of the energy storage system;
and finishing OTA upgrading of the target slave equipment according to the feedback signal of the target slave equipment.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, database, or other medium used in embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, high density embedded nonvolatile Memory, resistive random access Memory (ReRAM), magnetic random access Memory (Magnetoresistive Random Access Memory, MRAM), ferroelectric Memory (Ferroelectric RandomAccess Memory, FRAM), phase change Memory (Phase Change Memory, PCM), graphene Memory, and the like. Volatile memory can include random access memory (Random Access Memory, RAM) or external cache memory, and the like. By way of illustration, and not limitation, RAM can take many forms, such as static Random access memory (Static Random Access Memory, SRAM) or Dynamic Random access memory (Dynamic Random AccessMemory, DRAM), among others. The databases referred to in the embodiments provided herein may include at least one of a relational database and a non-relational database. The non-relational database may include, but is not limited to, a blockchain-based distributed database, and the like. The processor referred to in the embodiments provided in the present application may be a general-purpose processor, a central processing unit, a graphics processor, a digital signal processor, a programmable logic unit, a data processing logic unit based on quantum computing, or the like, but is not limited thereto.
The technical features of the above-described embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above-described embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The above examples illustrate only a few embodiments of the application, which are described in detail and are not to be construed as limiting the scope of the application. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the application, which are all within the scope of the application. Accordingly, the scope of protection of the present application is to be determined by the appended claims.
Claims (4)
1. An energy storage system upgrade method, comprising:
carrying out handshake verification for preset times according to a preset upgrading request and a cloud;
if the handshake verification is successful, receiving a firmware upgrade package issued by the cloud;
adding data to be verified to the firmware upgrade package to obtain a target firmware upgrade package;
the target firmware upgrade package is sent to target slave equipment of the energy storage system;
according to the feedback signal of the target slave device, finishing firmware upgrading of the target slave device;
handshake verification of a preset number of times is performed according to a preset upgrading request and a cloud, and the handshake verification comprises the following steps:
receiving partial encryption data of the firmware upgrade package sent by the cloud; verifying the partial encrypted data according to a first preset verification method to obtain a first verification result; if the first verification result is verification passing, verifying the partial encrypted data according to a second preset verification method to obtain a second verification result; if the second verification result is verification passing, determining that the handshake verification is all successful;
the verifying the partially encrypted data according to the second preset verification method includes:
decrypting the partially encrypted data according to an AES private key; if the target feature code is obtained through decryption, outputting a second verification result passing verification; if the target feature code is not obtained through decryption, outputting a second verification result of verification failure;
the step of adding data to be verified to the firmware upgrade package to obtain a target firmware upgrade package comprises the following steps:
generating and adding the data to be verified at intervals of preset frames between the upgrade package data of each firmware upgrade package to obtain the target firmware upgrade package, wherein the data to be verified is associated with the local current time;
before handshake verification is performed for a preset number of times according to a preset upgrading request and the cloud, the method further comprises the following steps:
establishing Bluetooth connection with a preset terminal; transmitting current firmware information to the preset terminal; when the current firmware information is different from the latest firmware information of the preset terminal, receiving the preset upgrading request sent by the preset terminal;
the verifying the partially encrypted data according to a first preset verification method includes:
verifying the digital signature in the part of the encrypted data according to the digital certificate; if the digital signature passes the verification, outputting a first verification result passing the verification; if the digital signature fails to verify, outputting a first verification result of the verification failure;
and completing firmware upgrading of the target slave device according to the feedback signal of the target slave device, comprising:
if the feedback signal of the target slave device is the first feedback signal, continuously sending the firmware upgrading packet to the target slave device until the target slave device finishes firmware upgrading; and if the feedback signal of the target slave device is the second feedback signal, stopping sending the firmware upgrade package to the target slave device, and sending the verification abnormality information to a preset terminal.
2. An energy storage system upgrade apparatus, comprising:
the Bluetooth connection module is used for establishing Bluetooth connection with a preset terminal; transmitting current firmware information to the preset terminal; when the current firmware information is different from the latest firmware information of the preset terminal, receiving a preset upgrading request sent by the preset terminal;
the handshake module is used for performing handshake verification for preset times according to a preset upgrading request and the cloud;
the receiving module is used for receiving the firmware upgrade package issued by the cloud if the handshake verification is completely successful;
the encryption module is used for adding data to be verified to the firmware upgrading packet so as to obtain a target firmware upgrading packet;
the sending module is used for sending the target firmware upgrade package to target slave equipment of the energy storage system;
the upgrading module is used for finishing the firmware upgrading of the target slave equipment according to the feedback signal of the target slave equipment;
the handshake module is specifically configured to receive part of encrypted data of the firmware upgrade packet sent by the cloud; verifying the partial encrypted data according to a first preset verification method to obtain a first verification result; if the first verification result is verification passing, verifying the partial encrypted data according to a second preset verification method to obtain a second verification result; if the second verification result is verification passing, determining that the handshake verification is all successful;
the handshake module is further configured to decrypt the partially encrypted data according to an AES private key; if the target feature code is obtained through decryption, outputting a second verification result passing verification; if the target feature code is not obtained through decryption, outputting a second verification result of verification failure;
the encryption module is specifically configured to generate and add the data to be verified at intervals of a preset frame number between upgrade package data of each firmware upgrade package, so as to obtain the target firmware upgrade package, where the data to be verified is associated with a local current time;
the handshake module is further used for verifying the digital signature in the part of the encrypted data according to the digital certificate; if the digital signature passes the verification, outputting a first verification result passing the verification; if the digital signature fails to verify, outputting a first verification result of the verification failure;
the upgrade module is further configured to continuously send the firmware upgrade package to the target slave device if the feedback signal of the target slave device is the first feedback signal, until the target slave device completes firmware upgrade; and if the feedback signal of the target slave device is the second feedback signal, stopping sending the firmware upgrade package to the target slave device, and sending the verification abnormality information to a preset terminal.
3. A computer device comprising a processor and a memory, the memory storing a computer program, characterized in that the processor implements the steps of the energy storage system upgrade method of claim 1 when the computer program is executed by the processor.
4. A computer readable storage medium having stored thereon a computer program, characterized in that the computer program when executed by a processor implements the steps of the energy storage system upgrade method of claim 1.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310816678.6A CN116541046B (en) | 2023-07-05 | 2023-07-05 | Energy storage system upgrading method and device, computer equipment and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310816678.6A CN116541046B (en) | 2023-07-05 | 2023-07-05 | Energy storage system upgrading method and device, computer equipment and readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116541046A CN116541046A (en) | 2023-08-04 |
| CN116541046B true CN116541046B (en) | 2023-12-12 |
Family
ID=87447449
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310816678.6A Active CN116541046B (en) | 2023-07-05 | 2023-07-05 | Energy storage system upgrading method and device, computer equipment and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116541046B (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102981881A (en) * | 2012-12-10 | 2013-03-20 | 中兴通讯股份有限公司 | Method and system for preventing mobile terminal from being updated to illegal firmware version |
| CN109375937A (en) * | 2018-10-30 | 2019-02-22 | Oppo广东移动通信有限公司 | Method for upgrading system, device, terminal device and storage medium |
| CN109495307A (en) * | 2018-11-27 | 2019-03-19 | 北京车和家信息技术有限公司 | Method for upgrading system, OTA upgrade package encryption method, terminal device and vehicle |
| CN110515637A (en) * | 2019-07-12 | 2019-11-29 | 湖南新云网科技有限公司 | A kind of programme upgrade method, system and terminal device |
| WO2020211016A1 (en) * | 2019-04-17 | 2020-10-22 | 华为技术有限公司 | Device upgrade method and related device |
| CN115396121A (en) * | 2022-10-26 | 2022-11-25 | 广州万协通信息技术有限公司 | Security authentication method for security chip OTA data packet and security chip device |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107194242B (en) * | 2017-03-30 | 2019-11-08 | 百富计算机技术(深圳)有限公司 | Firmware upgrade method and device |
-
2023
- 2023-07-05 CN CN202310816678.6A patent/CN116541046B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102981881A (en) * | 2012-12-10 | 2013-03-20 | 中兴通讯股份有限公司 | Method and system for preventing mobile terminal from being updated to illegal firmware version |
| CN109375937A (en) * | 2018-10-30 | 2019-02-22 | Oppo广东移动通信有限公司 | Method for upgrading system, device, terminal device and storage medium |
| CN109495307A (en) * | 2018-11-27 | 2019-03-19 | 北京车和家信息技术有限公司 | Method for upgrading system, OTA upgrade package encryption method, terminal device and vehicle |
| WO2020211016A1 (en) * | 2019-04-17 | 2020-10-22 | 华为技术有限公司 | Device upgrade method and related device |
| CN110515637A (en) * | 2019-07-12 | 2019-11-29 | 湖南新云网科技有限公司 | A kind of programme upgrade method, system and terminal device |
| CN115396121A (en) * | 2022-10-26 | 2022-11-25 | 广州万协通信息技术有限公司 | Security authentication method for security chip OTA data packet and security chip device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116541046A (en) | 2023-08-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10812261B2 (en) | Vehicle system and key distribution method | |
| JP7371103B2 (en) | In-vehicle device upgrade method and related equipment | |
| CN110661748B (en) | Log encryption method, log decryption method and log encryption device | |
| CN102065077B (en) | Method and system for distributing application software to terminal | |
| CN110708164B (en) | Control method and device for Internet of things equipment, storage medium and electronic device | |
| JP6190404B2 (en) | Receiving node, message receiving method and computer program | |
| US20130039495A1 (en) | Secure key management | |
| CN110621014A (en) | Vehicle-mounted equipment, program upgrading method thereof and server | |
| US20220209944A1 (en) | Secure Server Digital Signature Generation For Post-Quantum Cryptography Key Encapsulations | |
| CN111355684A (en) | Internet of things data transmission method, device and system, electronic equipment and medium | |
| CN104836784A (en) | Information processing method, client, and server | |
| JP2018519596A (en) | Application download method and apparatus | |
| CN109361681A (en) | The close certificate authentication method of state, device and equipment | |
| CN114142995B (en) | Key security distribution method and device for block chain relay communication network | |
| CN113613227B (en) | Data transmission method and device of Bluetooth equipment, storage medium and electronic device | |
| CN108846671B (en) | Online secure transaction method and system based on block chain | |
| CN115242413A (en) | Internet of things equipment firmware safety upgrading method and device, electronic equipment and medium | |
| CN114095277A (en) | Power distribution network secure communication method, secure access device and readable storage medium | |
| CN116541046B (en) | Energy storage system upgrading method and device, computer equipment and readable storage medium | |
| CN112311528A (en) | Data secure transmission method based on state cryptographic algorithm | |
| CN117041956A (en) | Communication authentication method, device, computer equipment and storage medium | |
| CN114650182B (en) | Identity authentication method, system, device, gateway equipment, equipment and terminal | |
| CN111884818B (en) | Data file processing method, system, server and storage medium | |
| CN113132409B (en) | Data transmission method and device | |
| CN112925532B (en) | Software installation method, information sending method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |