CN117527262A - Method for constructing automobile security OTA based on chip - Google Patents

Method for constructing automobile security OTA based on chip Download PDF

Info

Publication number
CN117527262A
CN117527262A CN202311706201.9A CN202311706201A CN117527262A CN 117527262 A CN117527262 A CN 117527262A CN 202311706201 A CN202311706201 A CN 202311706201A CN 117527262 A CN117527262 A CN 117527262A
Authority
CN
China
Prior art keywords
ota
firmware
key
certificate
security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202311706201.9A
Other languages
Chinese (zh)
Other versions
CN117527262B (en
Inventor
谭乐安
杨晶
张东
冯世杰
李桂良
江浩良
邱鑫荣
李子豪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jifei Shuchi Shanghai Technology Co ltd
Zhiji Guangzhou Technology Co ltd
Original Assignee
Jifei Shuchi Shanghai Technology Co ltd
Zhiji Guangzhou Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jifei Shuchi Shanghai Technology Co ltd, Zhiji Guangzhou Technology Co ltd filed Critical Jifei Shuchi Shanghai Technology Co ltd
Priority to CN202311706201.9A priority Critical patent/CN117527262B/en
Publication of CN117527262A publication Critical patent/CN117527262A/en
Application granted granted Critical
Publication of CN117527262B publication Critical patent/CN117527262B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/0813Configuration setting characterised by the conditions triggering a change of settings
    • H04L41/082Configuration setting characterised by the conditions triggering a change of settings the condition being updates or upgrades of network functionality
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/84Vehicles

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Stored Programmes (AREA)

Abstract

The invention discloses a method for constructing an automobile safety OTA based on a chip, which belongs to the technical field of the automobile safety OTA and comprises the following steps: s1, presetting a certificate and a secret key at a factory safety station; s2, encryption, downloading, decryption and flushing of OTA firmware. Through the mode, the OTA key and the certificate preset on the vehicle machine are 128, each vehicle type is different, and leakage of one key or a group of keys is avoided, and the OTA key and the certificate are connected to vehicles using other keys; when the security service of the invention encrypts the firmware, randomly selects a certificate and a key corresponding to the index, strengthens the complexity by adding a salt, an exclusive-or table and other methods, and reduces the risk of collision of the password factors; the OTA upgrading activity message and the firmware issued by the OTA platform are both ciphertext, so that the data can be ensured not to be stolen or tampered.

Description

Method for constructing automobile security OTA based on chip
Technical Field
The invention relates to the technical field of automobile safety OTA (over the air), in particular to a method for constructing the automobile safety OTA based on a chip.
Background
Many OTA upgrades in various industries are currently either simple file/plaintext downloads or simple unified encryption. The problem of disc falling exists in the process of decrypting the plaintext, meanwhile, the problems of large occupied memory and disk space and the like exist, and in addition, the security of data and keys also needs to be further improved.
Based on the above, the invention designs a method for constructing an automobile security OTA based on a chip to solve the above problems.
Disclosure of Invention
Aiming at the defects existing in the prior art, the invention provides a method for constructing an automobile security OTA based on a chip.
In order to achieve the above purpose, the invention is realized by the following technical scheme:
a method for constructing an automobile security OTA based on a chip comprises the following steps:
s1, presetting a certificate and a secret key at a factory safety station;
s2, encryption, downloading, decryption and refreshing of OTA firmware; the method comprises the following steps:
step 1, uploading plaintext firmware to a security service by an OTA platform;
step 2, the security service carries out encryption signature on the plaintext firmware;
step 3, the OTA platform downloads the encrypted OTA firmware from the security service;
step 4, the OTA platform generates current OTA upgrading activity information and invokes a security service to encrypt and sign the OTA upgrading activity information; OTA application of the vehicle subscribes to OTA upgrade activity information; the OTA platform transmits OTA upgrading activity information to OTA application of the vehicle;
step 5, after the OTA application of the vehicle receives the OTA upgrade activity message, invoking SEC SDK to verify the OTA firmware signature;
step 6, OTA application of the vehicle machine decrypts OTA firmware in a flow mode or block by block mode, and synchronously performs flow mode or block by block brushing on a partition to be upgraded on a corresponding ECU;
step 7, the other ECUs are subjected to brushing, transmission and distribution are needed, and the ECUs receive, decrypt and brush the partition to be upgraded block by block;
step 8, after the OTA firmware is refreshed, the ECU related to the upgrade is restarted;
and 9, the upgrade is successful, and the vehicle machine presents the new version.
Further, the step S1 includes the steps of:
a. the parts, namely the car machine and the upper computer are connected;
b. the upper computer starts a certificate and key presetting process;
c. the factory application of the vehicle machine requests the security service to download the certificate and the secret key through the security channel;
d. the security service returns a Keybin file which contains a certificate/private key/symmetric key group;
e. the factory application of the vehicle machine calls a key and stores the certificate and the symmetric key in the security partition;
f. the factory application of the vehicle machine calls a key, encrypts and decrypts data, verifies the correctness of the certificate and the symmetric key on line with the security service;
g. the verification of the preset certificate and the key is successful;
h. the parts are separated from the upper computer.
Further, the certificate and the symmetric key are preset in step S1, wherein the certificate and the symmetric key include 128 certificates and 128 symmetric keys.
Further, the step 2 specifically includes the following steps:
step 2.1, after receiving the uploaded firmware, the security service searches key group information of a corresponding vehicle type through vehicle type parameters;
step 2.2, randomly selecting a symmetric key and a private key corresponding to one index from the key group;
step 2.3, processing the symmetric key, such as salt adding and other operations, and generating a new key;
step 2.4, generating an encryption firmware header data structure;
step 2.5, symmetrically encrypting the firmware;
step 2.6, further processing the encrypted firmware, and performing exclusive-or operation on the firmware by using a custom exclusive-or table;
step 2.7, calculating an SHA256 hash value of the encrypted firmware;
step 2.8, signing the firmware by using a private key;
step 2.9, adding the hash value, signature data, data length and other data into the header;
and 2.10, splicing the header and the encryption firmware to synthesize the OTA firmware.
Furthermore, the OTA platform invokes the security service to encrypt and sign the OTA upgrade activity information by referring to the method of the step 2.
Further, the OTA upgrade activity information comprises version information and an upgrade policy.
Advantageous effects
The OTA keys and the certificates preset on the vehicle are 128 respectively, each vehicle type is different, and leakage of one key or a group of keys is avoided, and the OTA keys and the certificates are connected to vehicles using other keys;
when the security service of the invention encrypts the firmware, randomly selects a certificate and a key corresponding to the index, strengthens the complexity by adding a salt, an exclusive-or table and other methods, and reduces the risk of collision of the password factors;
the OTA upgrading activity message and the firmware issued by the OTA platform are both ciphertext, so that the data can be prevented from being stolen and tampered;
the OTA application of the vehicle machine invokes the key in the trusted environment by invoking the upper layer encapsulation interface of the TZ based on hardware security to decrypt the OTA upgrade activity message and the encrypted firmware, so that the key can be effectively prevented from being cracked;
the OTA firmware decryption process is carried out in the memory in the whole course, and the corresponding upgrade partition is decrypted in a stream mode or a block-by-block mode, and is written in a stream mode or a block-by-block mode, so that the plaintext is prevented from falling off, the memory is saved, the disk space is saved, and the like.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below. It is evident that the drawings in the following description are only some embodiments of the present invention and that other drawings may be obtained from these drawings without inventive effort for a person of ordinary skill in the art.
FIG. 1 is a block diagram of a system for constructing an automobile security OTA based on a chip of the present invention;
FIG. 2 is a schematic diagram of factory presets in the method of constructing an automobile security OTA based on a chip of the present invention;
FIG. 3 is a flow chart of factory presets in the method of constructing an automobile security OTA based on a chip of the present invention;
fig. 4 is a flowchart of a method for constructing an automobile security OTA based on a chip according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention more clear, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. It will be apparent that the described embodiments are some, but not all, embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The invention is further described below with reference to examples.
Example 1
Referring to fig. 1 of the drawings, a system for constructing an automobile security OTA based on a chip includes a security service (security Server), an OTA Platform (OTA Platform), an automobile (vehicular IVI), a gateway, and other ECUs;
the security service is used for managing the issuing of the secret key and the certificate and the encryption signature of the firmware;
the OTA platform is used for managing the OTA firmware version, generating and transmitting OTA upgrading activity information and the like;
the vehicle machine is used for presetting certificates and keys and verifying, decrypting and distributing OTA firmware;
the vehicle-mounted factory application, the OTA application, the SEC SDK (secure dependency library), the key store and the TZ; the security service interacts with the factory application, and the OTA platform interacts with the OTA application; the vehicle is connected with other ECUs through the gateway.
Example two
Referring to fig. 2-4 of the specification, a method for constructing an automobile security OTA based on a chip includes the following steps:
s1, presetting a certificate and a secret key at a factory safety station;
downloading certificates and keys to a vehicle machine and storing the certificates and the keys in a keystore in internal safety environments such as part production lines or before the whole vehicle assembly production line is disconnected; preferably, the keystore can adopt an android keystore, adopts a standard interface of google, and realizes chip-level encryption protection of the secret key by modulating the TZ of the vehicle machine through the keymaster;
specifically, step S1 includes the steps of:
a. the parts, namely the car machine and the upper computer are connected;
b. the upper computer starts a certificate and key presetting process;
c. the factory application of the vehicle machine requests the security service to download the certificate and the secret key through the security channel;
d. the security service returns a Keybin file which contains a certificate/private key/symmetric key group;
e. the factory application of the vehicle machine calls a keystore and stores certificates and symmetric keys in a safe partition (normal writing/upgrading does not clear data);
f. the factory application of the vehicle machine calls a key, encrypts and decrypts data, verifies the correctness of the certificate and the symmetric key on line with the security service;
g. the verification of the preset certificate and the key is successful;
h. the parts are separated from the upper computer;
the key and the certificate are preset in the internal safety environments such as the part production line or the front part of the whole vehicle assembly production line, and the like, the upper computer opens the SVPN (secure virtual private network) with the safety service through the safety network box, the part can access the safety service through the SVPN, the key certificate is ensured to be preset in the safety environment, the improper acquisition of the key leakage can be avoided, and the direct exposure of the safety service to the public network is avoided;
s2, encryption, downloading, decryption and refreshing of OTA firmware;
after the parts are loaded and shipped, in order for users to have continuous upgrading experience, OTA is very necessary, and is also a key for effectively reducing the repair rate and the repair cost after the automobiles are shipped. The certificate and the symmetric key are preset in a step S1 mode, wherein the certificate and the symmetric key comprise 128 certificates and 128 symmetric keys. Each OTA firmware and OTA upgrading activity information in each OTA activity is protected by randomly selecting certificates and keys in the OTA firmware and OTA upgrading activity information;
specifically, step S2 includes the steps of:
step 1, uploading plaintext firmware to a security service by an OTA platform;
step 2, the security service carries out encryption signature on the plaintext firmware; the method specifically comprises the following steps:
step 2.1, after receiving the uploaded firmware, the security service searches key group information of a corresponding vehicle type through a carType (vehicle type parameter);
step 2.2, randomly selecting a symmetric key and a private key corresponding to index from the key group;
step 2.3, processing the symmetric key, such as salt adding and other operations, and generating a new key;
step 2.4, generating an encryption firmware header data structure;
step 2.5, symmetrically encrypting the firmware;
step 2.6, further processing the encrypted firmware, and performing exclusive-or operation on the firmware by using a custom exclusive-or table;
step 2.7, calculating an SHA256 hash value of the encrypted firmware;
step 2.8, signing the firmware by using a private key;
step 2.9, adding the hash value, signature data, data length and other data into the header;
step 2.10, splicing the header and the encryption firmware to synthesize OTA firmware;
step 3, the OTA platform downloads the encrypted OTA firmware from the security service;
step 4, the OTA platform generates current OTA upgrading activity information comprising version information, upgrading strategy and the like, and invokes the security service to encrypt and sign the OTA upgrading activity information by referring to the method of the step 2; OTA application of the vehicle subscribes to OTA upgrade activity information; the OTA platform transmits OTA upgrading activity information to OTA application of the vehicle;
specifically, the method for encrypting and signing the OTA upgrading activity information by the OTA platform comprises the following specific steps:
step 4.1, after receiving the uploaded OTA upgrading activity information, the security service searches key group information of a corresponding vehicle type through a carType (vehicle type parameter);
step 4.2, randomly selecting a symmetric key and a private key corresponding to one index from the key group;
step 4.3, processing the symmetric key, such as salt adding and other operations, and generating a new key;
step 4.4, generating an encryption OTA upgrading activity information header data structure;
step 4.5, symmetrically encrypting OTA upgrading activity information;
step 4.6, further processing the encrypted OTA upgrading activity information, and performing exclusive OR operation on the OTA upgrading activity information by using a custom exclusive OR table;
step 4.7, calculating the SHA256 hash value of the encrypted OTA upgrade activity information;
step 4.8, signing the OTA upgrade activity information by using a private key;
step 4.9, adding the hash value, signature data, data length and other data into the header;
step 4.10, splicing the header and the encrypted OTA upgrading activity information to synthesize OTA upgrading activity information;
step 5, after the OTA application of the vehicle receives the OTA upgrade activity message, invoking SEC SDK to verify the OTA firmware signature;
step 6, OTA application of the vehicle machine decrypts OTA firmware in a flow mode or block by block mode, and synchronously performs flow mode or block by block brushing on a partition to be upgraded on a corresponding ECU;
step 7, the other ECUs are subjected to brushing, transmission and distribution are needed, and the ECUs receive, decrypt and brush the partition to be upgraded block by block;
step 8, after the OTA firmware is refreshed, the ECU related to the upgrade is restarted;
and 9, the upgrade is successful, and the vehicle machine presents the new version.
The OTA keys and the certificates preset on the vehicle are 128 respectively, each vehicle type is different, and leakage of one key or a group of keys is avoided, and the OTA keys and the certificates are connected to vehicles using other keys;
when the security service of the invention encrypts the firmware, randomly selects a certificate and a key corresponding to the index, strengthens the complexity by adding a salt, an exclusive-or table and other methods, and reduces the risk of collision of the password factors;
the OTA upgrading activity message and the firmware issued by the OTA platform are both ciphertext, so that the data can be prevented from being stolen and tampered;
the OTA application of the vehicle machine invokes the key in the trusted environment by invoking the upper layer encapsulation interface of the TZ based on hardware security to decrypt the OTA upgrade activity message and the encrypted firmware, so that the key can be effectively prevented from being cracked;
the OTA firmware decryption process is carried out in the memory in the whole course, and the corresponding upgrade partition is decrypted in a stream mode or a block-by-block mode, and is written in a stream mode or a block-by-block mode, so that the plaintext is prevented from falling off, the memory is saved, the disk space is saved, and the like.
The above embodiments are only for illustrating the technical solution of the present invention, and are not limiting; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present invention.

Claims (6)

1. The method for constructing the automobile security OTA based on the chip is characterized by comprising the following steps of:
s1, presetting a certificate and a secret key at a factory safety station;
s2, encryption, downloading, decryption and refreshing of OTA firmware; the method comprises the following steps:
step 1, uploading plaintext firmware to a security service by an OTA platform;
step 2, the security service carries out encryption signature on the plaintext firmware;
step 3, the OTA platform downloads the encrypted OTA firmware from the security service;
step 4, the OTA platform generates current OTA upgrading activity information and invokes a security service to encrypt and sign the OTA upgrading activity information; OTA application of the vehicle subscribes to OTA upgrade activity information; the OTA platform transmits OTA upgrading activity information to OTA application of the vehicle;
step 5, after the OTA application of the vehicle receives the OTA upgrade activity message, invoking SEC SDK to verify the OTA firmware signature;
step 6, OTA application of the vehicle machine decrypts OTA firmware in a flow mode or block by block mode, and synchronously performs flow mode or block by block brushing on a partition to be upgraded on a corresponding ECU;
step 7, the other ECUs are subjected to brushing, transmission and distribution are needed, and the ECUs receive, decrypt and brush the partition to be upgraded block by block;
step 8, after the OTA firmware is refreshed, the ECU related to the upgrade is restarted;
and 9, the upgrade is successful, and the vehicle machine presents the new version.
2. The method for constructing an automobile security OTA based on a chip of claim 1, wherein step S1 comprises the steps of:
a. the parts, namely the car machine and the upper computer are connected;
b. the upper computer starts a certificate and key presetting process;
c. the factory application of the vehicle machine requests the security service to download the certificate and the secret key through the security channel;
d. the security service returns a Keybin file which contains a certificate/private key/symmetric key group;
e. the factory application of the vehicle machine calls a key and stores the certificate and the symmetric key in the security partition;
f. the factory application of the vehicle machine calls a key, encrypts and decrypts data, verifies the correctness of the certificate and the symmetric key on line with the security service;
g. the verification of the preset certificate and the key is successful;
h. the parts are separated from the upper computer.
3. The method for constructing an automobile security OTA based on a chip according to claim 1, wherein the method comprises presetting certificates and symmetric keys in a step S1, wherein the certificates and the symmetric keys comprise 128 certificates and 128 symmetric keys.
4. The method for constructing an automobile security OTA based on a chip of claim 1, wherein step 2 specifically comprises the following steps:
step 2.1, after receiving the uploaded firmware, the security service searches key group information of a corresponding vehicle type through vehicle type parameters;
step 2.2, randomly selecting a symmetric key and a private key corresponding to one index from the key group;
step 2.3, processing the symmetric key to generate a new key;
step 2.4, generating an encryption firmware header data structure;
step 2.5, symmetrically encrypting the firmware;
step 2.6, further processing the encrypted firmware, and performing exclusive-or operation on the firmware by using a custom exclusive-or table;
step 2.7, calculating an SHA256 hash value of the encrypted firmware;
step 2.8, signing the firmware by using a private key;
step 2.9, adding the hash value, the signature data and the data length data into the header;
and 2.10, splicing the header and the encryption firmware to synthesize the OTA firmware.
5. The method of claim 4, wherein the OTA platform invokes the security service to cryptographically sign the OTA upgrade activity information with reference to the method of step 2.
6. The method of claim 5, wherein the OTA upgrade activity information comprises version information and an upgrade policy.
CN202311706201.9A 2023-12-13 2023-12-13 Method for constructing automobile security OTA based on chip Active CN117527262B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311706201.9A CN117527262B (en) 2023-12-13 2023-12-13 Method for constructing automobile security OTA based on chip

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311706201.9A CN117527262B (en) 2023-12-13 2023-12-13 Method for constructing automobile security OTA based on chip

Publications (2)

Publication Number Publication Date
CN117527262A true CN117527262A (en) 2024-02-06
CN117527262B CN117527262B (en) 2024-06-18

Family

ID=89751372

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311706201.9A Active CN117527262B (en) 2023-12-13 2023-12-13 Method for constructing automobile security OTA based on chip

Country Status (1)

Country Link
CN (1) CN117527262B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200264864A1 (en) * 2017-10-24 2020-08-20 Huawei International Pte. Ltd. Vehicle-mounted device upgrade method and related device
CN111629002A (en) * 2020-05-28 2020-09-04 爱瑟福信息科技(上海)有限公司 OTA (over the air) safety upgrading method and system of vehicle ECU (electronic control Unit)
WO2021008184A1 (en) * 2019-07-18 2021-01-21 南京依维柯汽车有限公司 Remote upgrading system and upgrading method for fota firmware on new energy automobile
JP2021083110A (en) * 2020-02-19 2021-05-27 ベイジン バイドゥ ネットコム サイエンス テクノロジー カンパニー リミテッドBeijing Baidu Netcom Science Technology Co., Ltd. In-vehicle electronic control unit upgrade method, device, apparatus, and vehicle system
CN115022092A (en) * 2022-08-05 2022-09-06 中汽数据(天津)有限公司 Vehicle software upgrading method, device and storage medium
CN116954648A (en) * 2023-06-21 2023-10-27 南京酷沃智行科技有限公司 Whole vehicle ECU upgrading system and method based on OTA upgrading packet encryption

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200264864A1 (en) * 2017-10-24 2020-08-20 Huawei International Pte. Ltd. Vehicle-mounted device upgrade method and related device
WO2021008184A1 (en) * 2019-07-18 2021-01-21 南京依维柯汽车有限公司 Remote upgrading system and upgrading method for fota firmware on new energy automobile
JP2021083110A (en) * 2020-02-19 2021-05-27 ベイジン バイドゥ ネットコム サイエンス テクノロジー カンパニー リミテッドBeijing Baidu Netcom Science Technology Co., Ltd. In-vehicle electronic control unit upgrade method, device, apparatus, and vehicle system
CN111629002A (en) * 2020-05-28 2020-09-04 爱瑟福信息科技(上海)有限公司 OTA (over the air) safety upgrading method and system of vehicle ECU (electronic control Unit)
CN115022092A (en) * 2022-08-05 2022-09-06 中汽数据(天津)有限公司 Vehicle software upgrading method, device and storage medium
CN116954648A (en) * 2023-06-21 2023-10-27 南京酷沃智行科技有限公司 Whole vehicle ECU upgrading system and method based on OTA upgrading packet encryption

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
于正阳 等: ""一种基于PKI技术的汽车OTA安全升级方案"", 《专用汽车》, no. 2023, 15 April 2023 (2023-04-15), pages 27 - 29 *

Also Published As

Publication number Publication date
CN117527262B (en) 2024-06-18

Similar Documents

Publication Publication Date Title
CN110597538B (en) Software upgrading method and OTA upgrading system based on OTA upgrading system
JP6197000B2 (en) System, vehicle, and software distribution processing method
US11212087B2 (en) Management system, key generation device, in-vehicle computer, management method, and computer program
CN108259465B (en) Authentication encryption method for internal network of intelligent automobile
CN107409045B (en) Management device, management method, and storage medium
US11290258B2 (en) Hybrid cryptographic system and method for encrypting data for common fleet of vehicles
EP3499793B1 (en) Data provision system, data security device, data provision method, and computer program
US8363835B2 (en) Method for transmission/reception of contents usage right information in encrypted form, and device thereof
CN114327532A (en) Automobile OTA (over the air) upgrade information security implementation method based on digital signature and encryption
CN112913189A (en) OTA (over the air) upgrading method and device
JP6440334B2 (en) System, vehicle, and software distribution processing method
CN117097462B (en) Vehicle-mounted intelligent software upgrading encryption system based on quantum key system
CN115665138A (en) Automobile OTA (over the air) upgrading system and method
CN113411294A (en) Vehicle-mounted secure communication method, system and device based on secure cloud public key protection
CN114223176B (en) Certificate management method and device
CN117354016A (en) Whole car OTA security upgrading method, device, equipment and medium
CN117527262B (en) Method for constructing automobile security OTA based on chip
CN111736868B (en) Automobile remote updating method based on identity identification and bidirectional verification
WO2016208227A1 (en) Management system, vehicle, management device, vehicle-mounted computer, management method, and computer program
CN112702170A (en) Management method, management system, viewing method and viewing terminal for vehicle data
CN112738761B (en) Automobile electronic identification and V2X authentication combination method
CN118467008B (en) Security management method, system, medium and electronic equipment for OTA upgrade
JP2018026874A (en) Data providing system and data providing method
JP6519060B2 (en) Management device, vehicle, management method, and computer program
CN118101272A (en) Intelligent network connection automobile OTA remote security upgrading method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant