WO2009103728A1 - Procédé et dispositif de stockage de données d’information - Google Patents
Procédé et dispositif de stockage de données d’information Download PDFInfo
- Publication number
- WO2009103728A1 WO2009103728A1 PCT/EP2009/051902 EP2009051902W WO2009103728A1 WO 2009103728 A1 WO2009103728 A1 WO 2009103728A1 EP 2009051902 W EP2009051902 W EP 2009051902W WO 2009103728 A1 WO2009103728 A1 WO 2009103728A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- memory
- information data
- data
- writing
- memory area
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1415—Saving, restoring, recovering or retrying at system level
- G06F11/1441—Resetting or repowering
Definitions
- the invention relates to a method for storing information data according to the preamble of claim 1, an apparatus for carrying out this method, a computer program and a computer program product.
- the present invention provides a method for storing information data, furthermore a device which uses this method and finally a corresponding computer program and a computer program product according to the independent patent claims.
- Advantageous embodiments emerge from the respective subclaims and the following description.
- the present invention is based on the finding that information data can be stored as part of an operating program. As a result, required information data can be reliably stored and evaluated. Using the method in conjunction with a bootloader obviates the need for the bootloader to write non-volatile data to a data store as mentioned above.
- the present invention provides a method for storing information data in a memory having at least two memory areas, which is characterized in that the information data and a first portion of an operating program in one of the at least two memory areas of the memory and the information data and a second portion of the operating program another of the at least two memory areas of the memory are written.
- already existing information data can be checked in one of the at least two memory areas before the further of the at least two memory areas is described. As a result, it can be ensured that no loss of the information data occurs even in the event of a failed write attempt.
- an arrangement of the information data in the at least two memory areas may be predetermined. This makes it possible to control the writing of the information data and the operating program into the memory.
- the operating program may have information about the arrangement of the information data in the at least two memory areas. This makes it easier for the operating program to access the information data.
- the operating program may have gaps into which the information data may be written.
- appropriate sections can be predefined in the operating program to which the information data can be integrated.
- the method can have the following steps:
- This procedure is suitable for the case that the information data in the second memory area are intact.
- the method may include the following steps:
- This procedure is suitable, for example, in the event that the information data in the second memory area are not intact.
- a third memory area may have previous information data. This allows the memory to have both new and previous informational data.
- At least the information data written in one of the at least two memory areas can be compared with further information data.
- conclusions can be drawn on failed attempts to write.
- the method can be executed by a start program of a control unit and the operating program can be operating software of the control unit and the information data can be non-volatile data. This avoids that the writing of non-volatile data in the bootloader of a controller leads to difficulties with the architecture of the controller or problems with the system behavior.
- the memory may be a flash memory and the memory areas may be sectors of the flash memory.
- a device according to the invention performs all the steps of the method according to the invention.
- the computer program with program code means according to the invention is designed to perform all the steps of the method according to the invention when this computer program is carried out on a computer or a corresponding computing unit, in particular a device according to the invention.
- the computer program product according to the invention with program code means which are stored on a computer-readable data carrier is provided for carrying out the method according to the invention when this computer program is carried out on a computer or a corresponding arithmetic unit, in particular a device according to the invention.
- Figure 1 shows a schematic representation of an embodiment of the device according to the invention
- Figure 2 shows a schematic representation of a memory according to an embodiment of the invention
- FIG. 3 shows a schematic representation of memory areas according to an embodiment of the invention.
- FIG. 4 shows a schematic representation of an embodiment of the method according to the invention.
- Fig. 1 shows a device with a writing device 102 and a memory 104 according to an embodiment of the present invention.
- the writing device is configured to write information data 106 into the memory 104.
- the writing device 102 is configured to write an operating program to the memory 104.
- the memory 104 is configured to store the information data 106 and the operating program.
- the storage 104 has at least two storage areas.
- the information data 106 is stored in each of the at least two memory areas of the memory 104.
- the operating program can be divided into several sections, which can be distributed to the at least two memory areas of the memory.
- the memory 104 may be a flash memory.
- the flash memory is divided into a plurality of areas or sectors.
- a sector generally has a size of a few hundred bytes to a few kilobytes in an automotive memory.
- Each sector has a plurality of memory cells. Each memory cell in a sector can be described once. Before the next writing, the entire sector must be deleted.
- the device may be part of an automotive control device, for example.
- the operating program may be a driving software which is written into the memory 104, for example, by a boot program in the form of a bootloaf.
- the writing device 102 may be a processor configured to execute the bootloader.
- the boot loader may have the task of deciding after a system start whether the driving software should be started or replaced and if necessary, replace the driving software.
- the bootloader can either be executed directly after the system start or can be called up by the driving software. It may also be possible to replace the bootloader with a new software version. Since the boot loader is generally not to be replaced, it should be designed simply so that it contains as possible no errors.
- the driving software can fulfill a functionality required by the control unit.
- the information data 106 may be nonvolatile data. Such data may include, for example, information about the identification of a workshop and of a workshop tester, eg a diagnostic device, a date and type of update, a software version or software versions and a version of data statuses as well as a number of all, unsuccessful or successful software updates.
- FIG. 2 shows a schematic representation of a flash memory 104.
- the memory 104 has eight sectors. Of the sectors, the first four and the seventh sector are provided with reference numerals 206a, 206b, 206c, 206d, 206g.
- the sectors 206a, 206b, 206c, 206d, 206g are indicated by vertical lines.
- the boot loader may be arranged.
- the driving software can be stored in another five sectors 206c, 206d ... 206g.
- the driving software can be subdivided into individual sections driving SW 1,..., Driving SW 5.
- the driving SW 1 section in the third sector 206 c and the driving SW 5 section may be stored in the seventh sector 206 g of the memory 104.
- FIG. 3 shows the sectors 206c, 206d of the memory 104 shown in FIG. 2.
- the information data 106 is stored.
- the first section of the driving software driving SW 1 314 is stored in the sector 206 c.
- the second section of the driving software driving SW 2 316 is stored in the sector 206d.
- the information data 106 are respectively arranged at the beginning of a sector 206c, 206d and the sections 312, 314 of the driving software fill the sectors 206c, 206d on.
- the data 106 may also be at the end of the sectors 206c and / or 206d.
- other sectors may be inserted before and / or in between.
- the bootloader does not use the full sector size to store the driving software 314, 316. In the unused areas, the data 106 are stored. These places of information storage should be known to the driving software, if they should access it. Furthermore, the compilation, the linking and the integration should ensure that the driving software works with these "gaps".
- gaps may be present in the driving software known to the boot loader.
- the gaps can be fixed size.
- Corresponding data are entered in the gaps as part of the software update.
- the boot loader places certain data 106 at previously known locations along with the driving software 314, 316 into at least two sectors 206c, 206d of the flash 104, as illustrated in FIG. 3 for the two sectors 206c, 206d.
- the embodiment is shown, in which there are no gaps in the driving software.
- the data 106 can be stored at one or more locations in the driving software.
- the data 106 may also be located at other locations, such as at the end of the sectors 206c, 206d.
- the method according to the invention is a secure method in which data 106 are stored in two sectors 206c, 206d together with the driving software 314, 316.
- the order of the writing operations is important, in which in particular the information data 106 are written into the memory 104.
- An important scenario to consider is several consecutive power outages. These must not result in information being lost, such as the number of unsuccessful update attempts that may be included in data 106.
- a first method step 452 may comprise the instruction "delete sector 1", which may be the sector 206c shown in Fig. 3.
- a second method step 454 may comprise the instruction "write data in sector 1".
- a third method step 456 may include the instruction "write driving software in sector 1.”
- a fourth method step 458 may include the instruction "delete sector 2". It can be about act the sector 206d shown in Fig. 3.
- a fifth method step 460 may include the instruction "write data in sector 2.”
- a sixth method step 462 may include the instruction "write driving software in sector 2".
- This sequence of method steps 452, 454, 456, 458, 460, 462 should only be used if the data 106 in sector 2 are intact. This can be checked for example by a checksum. If the data 106 in sector 2 are not intact, the sequence of method steps 452, 454, 456, 458, 460, 462 should be changed.
- the new data 106 are already present on the storage medium 104 after the second step. They can be determined by a control unit software or by a readout of the memory 104, for example by a feedback analysis.
- sequences of the method steps are possible.
- sequences of the method steps are defined which leave the new and the previous data 106 simultaneously on the flash memory 104.
- the approach according to the invention includes, in addition to the layout on the flash memory, also a comparison of the data with existing persistent data by the driving software. After successfully flashing the driving software, it can draw conclusions by comparing the data written by the bootloader during the update and the persistent data in the data flash. For example, data transmitted by the bootloader, such as the number of unsuccessful update attempts, can be processed and transferred to the area in the data flash containing the persistent data.
- the inventive method has a number of other advantages.
- the bootloader and the software architecture can be simpler since the bootloader does not have to store any persistent data in the data flash. Timing issues that can arise from using Flash technology for data storage do not exist in the boot loader. In particular, there is no waiting for the state change.
- the protocols of the ECUs with the testers can remain unchanged. The code can be transmitted as a data stream from "front to back" from the tester to the ECU.
- the described embodiments are chosen only by way of example and can be combined with each other. In particular, the method steps described can also be carried out in sequences other than those described, provided that secure storage of the information data remains ensured.
- any memory can be used which are suitable for the application for which the inventive method is used.
Abstract
L'invention concerne un procédé de stockage de données d'information (106) dans un dispositif de stockage (104) doté d'au moins deux zones de stockage. Selon ledit procédé, les données d'information (106) et un premier segment d'un programme de commande sont écrits dans une desdites deux zones de stockage ou plus de du dispositif de stockage (104) et les données d'informations (106) et un second segment d'un programme de commande sont écrits dans une autre desdites deux zones de stockage ou plus du dispositif de stockage (104).
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE102008010556.2 | 2008-02-22 | ||
DE200810010556 DE102008010556A1 (de) | 2008-02-22 | 2008-02-22 | Verfahren und Vorrichtung zum Speichern von Informationsdaten |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2009103728A1 true WO2009103728A1 (fr) | 2009-08-27 |
Family
ID=40512592
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/EP2009/051902 WO2009103728A1 (fr) | 2008-02-22 | 2009-02-18 | Procédé et dispositif de stockage de données d’information |
Country Status (2)
Country | Link |
---|---|
DE (1) | DE102008010556A1 (fr) |
WO (1) | WO2009103728A1 (fr) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101763279B (zh) * | 2010-01-15 | 2012-12-12 | 上海维宏电子科技股份有限公司 | 一种BootLoader架构设计方法 |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE102013220523B4 (de) | 2013-10-11 | 2023-05-25 | Continental Automotive Technologies GmbH | Verfahren zum Aktualisieren einer Betriebsfunktion eines Sensors und ein Sensormodul |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2000007106A1 (fr) * | 1998-07-31 | 2000-02-10 | Intel Corporation | Techniques et dispositif permettant d'actualiser une memoire remanente - |
US6442067B1 (en) * | 2000-05-23 | 2002-08-27 | Compaq Information Technologies Group, L.P. | Recovery ROM for array controllers |
EP1265135A2 (fr) * | 2000-01-06 | 2002-12-11 | Nec Corporation | Réécriture des zones d'amorçage |
US20030163664A1 (en) * | 2002-02-28 | 2003-08-28 | Yasushi Kanda | Method and apparatus for updating a distributed program |
EP1372068A2 (fr) * | 2002-06-11 | 2003-12-17 | Seiko Epson Corporation | Système, méthode et programme pour réinscrire une mémoire flash |
WO2005002060A2 (fr) * | 2003-06-16 | 2005-01-06 | Intel Corporation | Methode pour un stockage variable de micrologiciel permettant une compression facile, une extraction a securite integree et un balayage de compression de duree de redemarrage |
EP1605352A2 (fr) * | 2004-06-07 | 2005-12-14 | Hewlett-Packard Development Company, L.P. | Localiser des variables d'environnement dans un mémoire non volatile |
EP1693740A2 (fr) * | 2005-02-16 | 2006-08-23 | Seiko Epson Corporation | Appareil de traitement de données et procédé de contrôle d'un appareil de traitement de données |
-
2008
- 2008-02-22 DE DE200810010556 patent/DE102008010556A1/de not_active Withdrawn
-
2009
- 2009-02-18 WO PCT/EP2009/051902 patent/WO2009103728A1/fr active Application Filing
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2000007106A1 (fr) * | 1998-07-31 | 2000-02-10 | Intel Corporation | Techniques et dispositif permettant d'actualiser une memoire remanente - |
EP1265135A2 (fr) * | 2000-01-06 | 2002-12-11 | Nec Corporation | Réécriture des zones d'amorçage |
US6442067B1 (en) * | 2000-05-23 | 2002-08-27 | Compaq Information Technologies Group, L.P. | Recovery ROM for array controllers |
US20030163664A1 (en) * | 2002-02-28 | 2003-08-28 | Yasushi Kanda | Method and apparatus for updating a distributed program |
EP1372068A2 (fr) * | 2002-06-11 | 2003-12-17 | Seiko Epson Corporation | Système, méthode et programme pour réinscrire une mémoire flash |
WO2005002060A2 (fr) * | 2003-06-16 | 2005-01-06 | Intel Corporation | Methode pour un stockage variable de micrologiciel permettant une compression facile, une extraction a securite integree et un balayage de compression de duree de redemarrage |
EP1605352A2 (fr) * | 2004-06-07 | 2005-12-14 | Hewlett-Packard Development Company, L.P. | Localiser des variables d'environnement dans un mémoire non volatile |
EP1693740A2 (fr) * | 2005-02-16 | 2006-08-23 | Seiko Epson Corporation | Appareil de traitement de données et procédé de contrôle d'un appareil de traitement de données |
Non-Patent Citations (1)
Title |
---|
KIRK CR ET AL: "Fully Reprogrammable Fault-Tolerant FLASH Memory System", IP.COM JOURNAL, IP.COM INC., WEST HENRIETTA, NY, US, 1 August 1995 (1995-08-01), XP013104080, ISSN: 1533-0001 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101763279B (zh) * | 2010-01-15 | 2012-12-12 | 上海维宏电子科技股份有限公司 | 一种BootLoader架构设计方法 |
Also Published As
Publication number | Publication date |
---|---|
DE102008010556A1 (de) | 2009-09-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2318920B1 (fr) | Appareil de commande destiné à un véhicule et procédé d'actualisation de données pour un appareil de commande destiné à un véhicule | |
DE19839680B4 (de) | Verfahren und Vorrichtung zur Veränderung des Speicherinhalts von Steuergeräten | |
DE102009024605A1 (de) | Vorrichtung und Verfahren zum Umgehen eines ersten Programmcodeabschnitts mit einem Ersatzprogrammcodeabschnitt | |
EP2943748B1 (fr) | Procédé et dispositif pour la gestion des données cartographiques d'une carte numérisée d'un système de navigation | |
EP3378006B1 (fr) | Procédé pour charger unne image mémoire sécurisée d'un microcontrôleur et arrangement avec un microcontrôleur | |
EP2539899B1 (fr) | Procédé pour contrôler le bon fonctionnement d'un élément de mémoire | |
WO2009103728A1 (fr) | Procédé et dispositif de stockage de données d’information | |
EP1665031A2 (fr) | Procede d'installation d'une composante programme | |
DE3820728A1 (de) | Verfahren zum pruefen eines festwertspeichers und anordnung zur durchfuehrung des verfahrens | |
DE102009002898A1 (de) | Verfahren zur Aktualisierung eines Steuergeräts eines Fahrzeugs | |
DE10260103A1 (de) | Verfahren und Vorrichtung zur Änderung von Software in einem Steuergerät sowie entsprechendes Steuergerät | |
WO2020099023A2 (fr) | Appareil de commande pour un composant de véhicule, kit comprenant un appareil de commande et un dispositif d'essai, véhicule, procédé pour la mise à jour d'un appareil de commande et support de stockage lisible par ordinateur | |
DE102004006308B4 (de) | Verfahren zum Verändern von Programmcode eines tragbaren Datenträgers mittels Patchdaten | |
DE19701323C2 (de) | Verfahren und Vorrichtung zur Aktualisierung der Betriebssoftware | |
DE102021002079B3 (de) | Verfahren zum effizienten Ablegen von Daten | |
EP1967920A1 (fr) | Procédé de mise à jour logicielle dans un système d'automatisation à base de FPGAs | |
DE10235380B4 (de) | Verfahren zur dynamischen Speicherverwaltung | |
DE102009047974A1 (de) | Verfahren zur Programmierung eines Steuergeräts | |
DE112021002282T5 (de) | Elektronische steuervorrichtung und aktualisierungsverfahren für steuerungssoftware | |
WO2020025372A1 (fr) | Procédé, dispositif de commande, programme informatique et progiciel informatique destiné à actualiser un logiciel pour un dispositif de commande | |
DE102008002494A1 (de) | Verfahren zum Aktualisieren eines Speichersegments, Datenverarbeitungsschaltung und Speichersegment | |
WO2023006531A1 (fr) | Procédé de vérification de signatures numériques, unité de calcul de véhicule et véhicule | |
DE102017118348A1 (de) | Aktualisierung eines in einer Recheneinrichtung eines Kraftfahrzeugs hinterlegten Anwendungsprogramms mit mehreren Programmdateien | |
DE102020216481A1 (de) | Verfahren zum Betreiben eines Steuergeräts und Steuergerät | |
WO2002003193A2 (fr) | Systeme electronique pour developper un logiciel et procede pour acceder a des donnees internes du logiciel |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 09713323 Country of ref document: EP Kind code of ref document: A1 |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 09713323 Country of ref document: EP Kind code of ref document: A1 |