CN117944592A - Method for executing application program by control device of vehicle and control device - Google Patents
Method for executing application program by control device of vehicle and control device Download PDFInfo
- Publication number
- CN117944592A CN117944592A CN202211273089.XA CN202211273089A CN117944592A CN 117944592 A CN117944592 A CN 117944592A CN 202211273089 A CN202211273089 A CN 202211273089A CN 117944592 A CN117944592 A CN 117944592A
- Authority
- CN
- China
- Prior art keywords
- verification
- verification value
- hsm
- application program
- host
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 25
- 238000012795 verification Methods 0.000 claims abstract description 147
- VIEYMVWPECAOCY-UHFFFAOYSA-N 7-amino-4-(chloromethyl)chromen-2-one Chemical compound ClCC1=CC(=O)OC2=CC(N)=CC=C21 VIEYMVWPECAOCY-UHFFFAOYSA-N 0.000 claims 4
- 230000006870 function Effects 0.000 description 2
- 230000002035 prolonged effect Effects 0.000 description 2
- 238000001514 detection method Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Classifications
-
- B—PERFORMING OPERATIONS; TRANSPORTING
- B60—VEHICLES IN GENERAL
- B60R—VEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
- B60R16/00—Electric or fluid circuits specially adapted for vehicles and not otherwise provided for; Arrangement of elements of electric or fluid circuits specially adapted for vehicles and not otherwise provided for
- B60R16/02—Electric or fluid circuits specially adapted for vehicles and not otherwise provided for; Arrangement of elements of electric or fluid circuits specially adapted for vehicles and not otherwise provided for electric constitutive elements
- B60R16/023—Electric or fluid circuits specially adapted for vehicles and not otherwise provided for; Arrangement of elements of electric or fluid circuits specially adapted for vehicles and not otherwise provided for electric constitutive elements for transmission of signals between vehicle parts or subsystems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Mechanical Engineering (AREA)
- Stored Programmes (AREA)
Abstract
The invention discloses a method for executing an application program by a control device of a vehicle, when the application program is not executed for the first time, an HSM directly sends a stored verification result (namely verification success information or verification failure information) of the application program executed for the previous time to an HOST, and after the verification result is sent, the HOST carries out new verification on the application program, thereby enabling the HOST to decide whether to execute the application program by means of the previous verification result stored by the HSM without waiting for the latest verification result of the HSM, thereby saving the time required by the verification of the application program and improving the use experience of a vehicle user.
Description
Technical Field
The present invention relates to the field of vehicles and electronics, and more particularly, to a method and a control device for executing an application program by a control device of a vehicle.
Background
In a vehicle, a control apparatus is generally provided for controlling an engine, a brake system, and the like of the vehicle. These control devices include HOST (also referred to as HOST or processor core) and HSM (Hardware Security Module ). HOST is used to execute an application program stored in the memory of the control device in order to implement the functions of the control device. For security reasons, it is necessary to check the authenticity of an application before it is executed by the HOST to prevent the HOST from executing a tampered application. This check is performed by the HSM. Therefore, before executing an application, it is first necessary for the HSM to check the authenticity of the application to be executed by the HOST, and after the authenticity check passes, the HOST will execute the application.
However, in general, the data size of the application program is very large and is limited by the main frequency of the chip hardware of the HSM, and the HSM needs to take a long time to complete the detection of the authenticity of the application program, so that the time spent for executing the application program is prolonged, and the use experience of a vehicle user is affected. For example, if the application is an application for starting a vehicle, the starting time of the vehicle may be prolonged, increasing the waiting time of the vehicle user.
Disclosure of Invention
The present invention is based on the insight that the above-mentioned problems of the prior art are solved by providing a method and a control device for executing an application program by means of a control device of a vehicle.
An embodiment of the present invention provides a method of executing an application program by a control apparatus of a vehicle, the control apparatus including an HSM and a HOST, the method including:
After the application is refreshed, the HSM calculates and stores an initial authentication value of the application;
Before the application program is executed for the first time, the HSM sends permission start information to the HOST, then calculates the latest verification value of the application program and compares the latest verification value with the initial verification value, if the latest verification value is the same as the initial verification value, the HSM stores verification success information, and if the latest verification value is different from the initial verification value, the HSM stores verification failure information;
Before the application program is executed for the first time, the HSM sends stored verification success information or verification failure information to the HOST, then the HSM calculates the latest verification value of the application program and compares the latest verification value with the initial verification value, if the latest verification value is the same as the initial verification value, the HSM stores the verification success information, and if the latest verification value is different from the initial verification value, the HSM stores the verification failure information;
If the HOST receives permission start information or verification success information from the HSM, the HOST executes the application program; if the HOST receives authentication failure information from the HSM, the HOST does not execute the application.
Optionally, if the HOST receives authentication failure information from the HSM, the HOST triggers a refresh of the application.
Optionally, the verification value is a CMAC value obtained by calculating data of the application program by a CMAC algorithm.
Optionally, the application is an application for starting the vehicle.
Optionally, the initial verification value, verification success information, and verification failure information are stored in a non-volatile memory.
An embodiment of the present invention also provides a control apparatus of a vehicle, the control apparatus including an HSM and a HOST,
The HSM is used for:
after the application is refreshed, calculating and storing an initial verification value of the application;
Before the application program is executed for the first time, transmitting permission start information to the HOST, then calculating the latest verification value of the application program, comparing the latest verification value with the initial verification value, storing verification success information if the latest verification value is the same as the initial verification value, and storing verification failure information if the latest verification value is different from the initial verification value;
Before the application program is executed for the first time, the stored verification success information or verification failure information is sent to the HOST, then the latest verification value of the application program is calculated, the latest verification value is compared with the initial verification value, if the latest verification value is the same as the initial verification value, the verification success information is stored, and if the latest verification value is different from the initial verification value, the verification failure information is stored;
The HOST is used for:
executing the application program if permission start information or verification success information from the HSM is received; and if authentication failure information from the HSM is received, not executing the application program.
Optionally, the HOST is further configured to: and triggering the refreshing of the application program if verification failure information from the HSM is received.
Optionally, the verification value is a CMAC value obtained by calculating data of the application program by a CMAC algorithm.
Optionally, the application is an application for starting the vehicle.
Optionally, the initial verification value, verification success information, and verification failure information are stored in a non-volatile memory.
The method and the control device for executing an application program in the control device of a vehicle of the embodiments of the present invention have at least the following advantages:
In the invention, when the application program is not executed for the first time, the HSM directly sends the stored verification result (namely, verification success information or verification failure information) of the application program executed for the previous time to the HOST, and after the sent verification result, the application program is verified for the new time, thereby enabling the HOST to decide whether to execute the application program by means of the previous verification result stored by the HSM without waiting for the latest verification result of the HSM, thereby saving the time required for verifying the application program and improving the use experience of a vehicle user.
Drawings
Further details and advantages of the application will become apparent from the detailed description provided hereinafter. It is to be understood that the following drawings are merely schematic and are not drawn to scale and, therefore, are not considered limiting of the present application, and the detailed description will be given with reference to the accompanying drawings in which:
Fig. 1 shows a flow chart of a method of executing an application program by a control device of a vehicle according to an embodiment of the present invention.
Fig. 2 illustrates an application scenario of a method of executing an application program by a control device of a vehicle according to another embodiment of the present invention.
Detailed Description
Embodiments of the present invention are described below with reference to the accompanying drawings. In the following description, numerous specific details are set forth in order to provide a thorough understanding and enabling description of the invention to one skilled in the art. It will be apparent, however, to one skilled in the art that the present invention may be practiced without some of these specific details. Furthermore, it should be understood that the invention is not limited to specific described embodiments. Rather, any combination of the features and elements described below is contemplated to implement the invention, whether or not they relate to different embodiments. Thus, the following aspects, features, embodiments and advantages are merely illustrative and should not be considered elements or limitations of the claims except where explicitly set out in a claim.
Referring now to FIG. 1, a flowchart of a method of executing an application by a control device of a vehicle is shown, in accordance with one embodiment of the present invention. The control devices include HSM and HOST. As shown in fig. 1, the method includes:
In step S101, after the application program is refreshed, the HSM calculates and stores an initial authentication value of the application program.
The control device may be any suitable electronic control device, such modifications not exceeding the scope of the invention. For example, the control device may be an ECU (Electronic Control Unit ) of the vehicle.
The application may be any application for any function of the vehicle, such variations not exceeding the scope of the invention. For example, the application may be an application for starting a vehicle.
The HSM may verify the authenticity of the application by any suitable verification means and verification algorithm, without exceeding the scope of the invention. For example, the verification value may be a CMAC value obtained by calculating data of the application program by a CMAC (Cipher Block Chaining-Message Authentication Code) algorithm (e.g., an AES128CMAC algorithm).
In step S102, before the application is executed for the first time, the HSM sends the permission start information to the HOST, which executes the application upon receiving the permission start information from the HSM. Meanwhile, the HSM calculates the latest verification value of the application program and compares the latest verification value with the initial verification value, if the latest verification value is the same as the initial verification value, the HSM stores verification success information, and if the latest verification value is different from the initial verification value, the HSM stores verification failure information.
In step S103, before the application is not executed for the first time, the HSM transmits the stored authentication success information or authentication failure information to the HOST, and the HOST executes the application upon receiving the authentication success information from the HSM and does not execute the application upon receiving the authentication failure information from the HSM. Meanwhile, the HSM further calculates the latest verification value of the application program and compares the latest verification value with the initial verification value, if the latest verification value is the same as the initial verification value, the HSM stores verification success information, and if the latest verification value is different from the initial verification value, the HSM stores verification failure information.
Preferably, HOST may trigger refreshing of the application upon receiving authentication failure information from the HSM to address the problem of the application not being able to be executed due to an application authentication failure.
Preferably, the initial verification value, verification success information, and verification failure information may be stored in a NVM (Non-Volatile Memory), thereby preventing loss of power-down of related information.
Based on the principle of the method of executing an application program by the control device of the vehicle in fig. 1, fig. 2 shows an application scenario of the method of executing an application program by the control device of the vehicle according to another embodiment of the present invention. Wherein the operational steps of HSM and HOST are shown when the application is not first executed.
As shown in fig. 2, when an application is not executed for the first time, first, the HSM reads the authentication result of the application stored in the NVM and sends the authentication result to the HOST. The Boot Manager (Boot Manager) in HOST decides whether to execute the application program according to the verification result. And executing the application program when the verification result is that the verification is successful. When the verification result is that the verification fails, the Boot manager starts a Boot Loader (Boot Loader) to trigger refreshing of the application program.
Compared with the prior art, the method and the control device for executing an application program in the control device of the vehicle of the embodiment of the invention have at least the following advantages:
In the invention, when the application program is not executed for the first time, the HSM directly sends the stored verification result (namely, verification success information or verification failure information) of the application program executed for the previous time to the HOST, and the application program is verified for the new time after the sent verification result, thereby enabling the HOST to decide whether to execute the application program by means of the previous verification result stored by the HSM without waiting for the latest verification result of the HSM, thereby saving the time required for verifying the application program and improving the use experience of a vehicle user.
It should be noted that the above description is illustrative only and not limiting of the invention. In other embodiments of the invention, the method may have more, fewer, or different steps, and the order, inclusion, functional relationship between steps may be different than that described and illustrated. For example, typically multiple steps may be combined into a single step, which may also be split into multiple steps. It is within the scope of the present invention for one of ordinary skill to vary the sequence of steps without undue burden.
The technical solution of the present invention may be embodied in essence or in a part contributing to the prior art or in whole or in part in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) or a processor or a microcontroller to perform all or part of the steps of the method according to the embodiments of the present invention.
Those of ordinary skill in the art will appreciate that: all or part of the steps for implementing the method embodiments described above may be performed by hardware associated with program instructions. The foregoing program may be stored in a computer readable storage medium. The program, when executed, performs steps including the method embodiments described above; and the aforementioned storage medium includes: various media that can store program code, such as ROM, RAM, magnetic or optical disks.
While the invention has been described in terms of preferred embodiments, the invention is not limited thereto. Any person skilled in the art shall not depart from the spirit and scope of the present invention and shall accordingly fall within the scope of the invention as defined by the appended claims.
Claims (10)
1. A method of executing an application program by a control device of a vehicle, the control device including an HSM and a HOST, the method comprising:
After the application is refreshed, the HSM calculates and stores an initial authentication value of the application;
Before the application program is executed for the first time, the HSM sends permission start information to the HOST, then calculates the latest verification value of the application program and compares the latest verification value with the initial verification value, if the latest verification value is the same as the initial verification value, the HSM stores verification success information, and if the latest verification value is different from the initial verification value, the HSM stores verification failure information;
Before the application program is executed for the first time, the HSM sends stored verification success information or verification failure information to the HOST, then calculates the latest verification value of the application program and compares the latest verification value with the initial verification value, if the latest verification value is the same as the initial verification value, the HSM stores the verification success information, and if the latest verification value is different from the initial verification value, the HSM stores the verification failure information;
If the HOST receives permission start information or verification success information from the HSM, the HOST executes the application program; if the HOST receives authentication failure information from the HSM, the HOST does not execute the application.
2. The method of claim 1, wherein the HOST triggers a refresh of the application if the HOST receives authentication failure information from the HSM.
3. The method of claim 1, wherein the verification value is a CMAC value obtained by calculating data of the application by a CMAC algorithm.
4. The method of claim 1, wherein the application is an application for starting the vehicle.
5. The method of claim 1, wherein the initial authentication value, authentication success information, and authentication failure information are stored in a non-volatile memory.
6. A control apparatus for a vehicle, the control apparatus including an HSM and a HOST, characterized in that,
The HSM is used for:
after the application is refreshed, calculating and storing an initial verification value of the application;
Before the application program is executed for the first time, transmitting permission start information to the HOST, then calculating the latest verification value of the application program, comparing the latest verification value with the initial verification value, storing verification success information if the latest verification value is the same as the initial verification value, and storing verification failure information if the latest verification value is different from the initial verification value;
Before the application program is executed for the first time, the stored verification success information or verification failure information is sent to the HOST, then the latest verification value of the application program is calculated, the latest verification value is compared with the initial verification value, if the latest verification value is the same as the initial verification value, the verification success information is stored, and if the latest verification value is different from the initial verification value, the verification failure information is stored;
The HOST is used for:
executing the application program if permission start information or verification success information from the HSM is received; and if authentication failure information from the HSM is received, not executing the application program.
7. The control device of claim 6, wherein the HOST is further configured to: and triggering the refreshing of the application program if verification failure information from the HSM is received.
8. The control device according to claim 6, wherein the verification value is a CMAC value obtained by calculating data of the application program by a CMAC algorithm.
9. The control apparatus according to claim 6, wherein the application is an application for starting the vehicle.
10. The control device according to claim 6, wherein the initial authentication value, authentication success information, and authentication failure information are stored in a nonvolatile memory.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211273089.XA CN117944592A (en) | 2022-10-18 | 2022-10-18 | Method for executing application program by control device of vehicle and control device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211273089.XA CN117944592A (en) | 2022-10-18 | 2022-10-18 | Method for executing application program by control device of vehicle and control device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117944592A true CN117944592A (en) | 2024-04-30 |
Family
ID=90793165
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211273089.XA Pending CN117944592A (en) | 2022-10-18 | 2022-10-18 | Method for executing application program by control device of vehicle and control device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117944592A (en) |
-
2022
- 2022-10-18 CN CN202211273089.XA patent/CN117944592A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10437680B2 (en) | Relay apparatus, relay method, and computer program product | |
| JP4980064B2 (en) | Method for differentially updating data stored in portable terminal from first data version to updated data version, portable terminal and computer program | |
| CN108810831B (en) | Short message verification code pushing method, electronic device and readable storage medium | |
| CN111723383B (en) | Data storage and verification method and device | |
| US8972591B2 (en) | Method for downloading software | |
| CN106020865A (en) | System upgrading method and device | |
| US20070150857A1 (en) | Method and apparatus for remotely verifying memory integrity of a device | |
| CN108510287B (en) | Client return visit judgment method, electronic device and computer readable storage medium | |
| US9262631B2 (en) | Embedded device and control method thereof | |
| US8930318B1 (en) | Systems and methods for handling interruptions while updating of an electronic device | |
| CN115220796A (en) | Secure boot device | |
| CN113645590A (en) | Method, apparatus, device and medium for remotely controlling vehicle based on encryption algorithm | |
| CN114363008B (en) | Virtual device authentication method and device, electronic device and storage medium | |
| CN105550071A (en) | System file upgrading and detecting method and communication device | |
| KR102610730B1 (en) | Apparatus for providing update of vehicle and computer-readable storage medium | |
| CN113348110A (en) | Electronic control device and safety verification method for electronic control device | |
| CN110781478A (en) | Method and device for realizing debugging by temporarily authorizing Root | |
| CN108256351B (en) | File processing method and device, storage medium and terminal | |
| CN117944592A (en) | Method for executing application program by control device of vehicle and control device | |
| JP2004503860A (en) | Data processing method and apparatus for execution of protected instructions | |
| CN112732676B (en) | Block chain-based data migration method, device, equipment and storage medium | |
| CN112905218B (en) | Firmware upgrading method, device and equipment | |
| CN113779511A (en) | Software authorization method, device, server and readable storage medium | |
| CN111522686A (en) | Nonvolatile data reading and writing method and device | |
| JP7461755B2 (en) | Information processing device, program update system, and program update method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |