WO2020085557A1 - 저전력 무선네트워크를 이용한 펌웨어 업데이트 방법 - Google Patents
저전력 무선네트워크를 이용한 펌웨어 업데이트 방법 Download PDFInfo
- Publication number
- WO2020085557A1 WO2020085557A1 PCT/KR2018/013092 KR2018013092W WO2020085557A1 WO 2020085557 A1 WO2020085557 A1 WO 2020085557A1 KR 2018013092 W KR2018013092 W KR 2018013092W WO 2020085557 A1 WO2020085557 A1 WO 2020085557A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- firmware
- update
- server
- target terminal
- download
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/34—Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/70—Software maintenance or management
- G06F8/71—Version control; Configuration management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
Definitions
- the present invention relates to a firmware update method using a low-power wireless network, and more specifically, a firmware using a low-power wireless network implemented to wirelessly upgrade the firmware of a terminal mounted in a vehicle such as navigation using a low-power wireless network. It's about how to update.
- terminals having various services and functions for user convenience have been provided. Due to the addition of various services and functions, the probability that many bugs also occur in the software mounted on the mobile terminal increases, and the demand for adding new functions is gradually increasing after the release of the mobile terminal.
- FOTA Firmware Over The Air
- the firmware generally refers to a micro-program that controls the hardware stored in ROM, and in terms of the program, it is the same as the software, but it is distinct from general application software in that it has a close relationship with the hardware. It has the characteristics of.
- the mobile terminal's FOTA service execution process includes receiving a notification message from a DM (Device Management) server, and DM It includes a discovery process, a process of performing communication between a server and a mobile communication terminal, and a process of downloading an update package.
- DM Device Management
- the FOTA service has the advantage that the user can download the modified program of the mobile terminal wirelessly and update immediately without visiting the A / S center.
- M2M Machine to Machine
- NV Non Volatile
- One aspect of the present invention provides a firmware update method using a low-power wireless network implemented to wirelessly upgrade the firmware of a terminal mounted on a vehicle such as navigation using a low-power wireless network.
- firmware update method using a low-power wireless network that is implemented to receive and receive firmware provided by a manufacturer even though the performance of the target device for FOTA (Firmware Over The Air) is not excellent by dividing the firmware file into a plurality of files.
- FOTA Firmware Over The Air
- a method for packaging and unpacking firmware includes: a download server dividing a firmware input from a manufacturer server into a plurality of blocks; And encrypting the divided blocks by the download server, and the divided blocks in the dividing step are arranged in the order of a first block including a firmware name and a firmware version, followed by the first block, and firmware. Consisting of a plurality of firmware blocks, each of which is partially allocated to form one firmware data as a whole, and a last block disposed after the last firmware block to signal the end of packaging, and the encrypting step includes headering the firmware block.
- the header includes the output value when the firmware data is input as the hash function or the output value when the firmware data is the input of the hash function as a sign. And input the encrypted value of the firmware data into the body.
- the target terminal communicating with the download server decodes the first block, reads whether the firmware update of the target terminal is necessary through the info value included in the first block, and updates the firmware A version checking step of comparing the info value in which the sine and the hash have been canceled and the info value previously included in the first block when is necessary; And when the version check is completed in the version checking step, after downloading and decrypting the firmware blocks, the hash value of the unlocked firmware data and the hash value of the firmware data previously included in the firmware block are determined.
- the data merging step includes merging respective divided firmware data.
- a firmware update method using a low-power wireless network includes: a terminal registration step of receiving and registering terminal information of a target terminal targeted for firmware update from an update manager server; A firmware version checking step of checking firmware version information of the target terminal using a low-power wireless network in a platform that manages firmware update of the target terminal; A firmware packaging step of receiving an update firmware from the manufacturer server from a download server and packaging it for transmission to the target terminal; A firmware download step of downloading the packaged firmware from the download server through the low power wireless network at the target terminal; And a firmware update step of unpacking the firmware packaged in the target terminal to perform a firmware update.
- the terminal registration step comprises: the update manager server receiving and registering manufacturer information of the target terminal and vehicle terminal information on which the target terminal is installed from the manufacturer server; Storing manufacturer information and vehicle terminal information on which the update manager server is registered in a database; The platform receiving and registering manufacturer information and vehicle terminal information from the update manager server; Receiving, by the update manager server, a token that is a unique ID corresponding to vehicle terminal information from the platform; Transmitting the token received by the update manager server to the manufacturer server; And receiving, by the target terminal, a token from the manufacturer server, wherein the firmware version checking step comprises: the target terminal periodically transmitting its firmware version information to the platform; And checking, by the update manager server, firmware version information of the target terminal transmitted to the platform, wherein the firmware packaging step comprises: the download server receiving firmware from the manufacturer server; Packaging the firmware received by the download server to generate transmission firmware to which division and security are applied; Storing the transmission firmware generated by the download server in a database; Uploading a firmware download directory (URL) of the transmission firmware generated by the download server
- the step of generating the firmware for transmission includes: dividing the firmware input from the manufacturer server into a plurality of blocks; And encrypting the divided blocks, wherein the divided blocks in the dividing step are a first block including a firmware name and a firmware version, and are arranged in order after the first block, and a part of the firmware data is Consisting of a plurality of firmware blocks, each allocated and forming a single firmware data as a whole, and a last block disposed after the last firmware block to signal the end of packaging, and the encrypting step comprises: the firmware block with a header It is divided into a body, and in the header, a sine value (Sign) is substituted for the output value when the firmware data is the input of the hash function or the output value when the firmware data is the input of the hash function, In the body, an encrypted data value may be used as an input.
- the step of preparing the update after decoding the first block, reads whether the firmware update of the target terminal is necessary through the info value (info) included in the first block, the firmware update is required
- a data merging step of merging the divided pieces of firmware data, and the step of performing the firmware update can perform firmware update using the merged firmware data when decoding of the last block is completed.
- the firmware provided by the manufacturer is divided and transmitted to a FOTA target terminal, thereby a low-power wireless network situation or a FOTA target terminal Even if its performance is not excellent, it is possible to receive the firmware provided by the manufacturer without any burden.
- 1 is a view for explaining the relationship between an update manager server, a download server, a platform, a target terminal, and a manufacturer server.
- FIG. 2 is a flowchart illustrating a firmware update method using a low power wireless network according to an embodiment of the present invention.
- FIG. 3 is a flowchart illustrating the terminal registration step of FIG. 2.
- FIG. 4 is a flowchart illustrating the firmware version checking step of FIG. 2.
- FIG. 5 is a flowchart illustrating the firmware packaging step of FIG. 2.
- FIG. 6 is a diagram illustrating generation of transmission firmware to which division and security are applied by generating the transmission firmware of FIG. 5.
- FIG. 7 is a flowchart illustrating the firmware download step of FIG. 2.
- FIG. 8 is a flowchart illustrating the firmware update step of FIG. 2.
- 1 is a view for explaining the relationship between the manager server, download server, platform, target terminal, and manufacturer server of the updated invention.
- the network is a low-power wireless network, and LTE Cat m.1 may correspond to this.
- a method for packaging and unpacking firmware includes: a download server dividing a firmware input from a manufacturer server into a plurality of blocks; And encrypting the divided blocks by the download server, and the divided blocks in the dividing step are arranged in the order of a first block including a firmware name and a firmware version, followed by the first block, and firmware. Consisting of a plurality of firmware blocks, each of which is partially allocated to form one firmware data as a whole, and a last block disposed after the last firmware block to signal the end of packaging, and the encrypting step includes headering the firmware block.
- the header includes the output value when the firmware data is input as the hash function or the output value when the firmware data is the input of the hash function as a sign. And input the encrypted value of the firmware data into the body.
- the target terminal communicating with the download server decodes the first block, reads whether the firmware update of the target terminal is necessary through the info value included in the first block, and updates the firmware A version checking step of comparing the info value in which the sine and the hash have been canceled and the info value previously included in the first block when is necessary; And when the version check is completed in the version checking step, after downloading and decrypting the firmware blocks, the hash value of the unlocked firmware data and the hash value of the firmware data previously included in the firmware block are determined.
- the data merging step includes merging respective divided firmware data.
- firmware packaging and unpackaging methods can correspond to the steps of generating the firmware for transmission of the firmware update method using a low-power wireless network and preparing the update.
- FIG. 2 is a diagram illustrating a firmware update method using a low power wireless network according to an embodiment of the present invention.
- the firmware update method using a low-power wireless network first, the update manager server 100, the terminal information of the target terminal 400 to be the target of the firmware update from the manufacturer server ( 500) and registers (S110).
- the target terminal 400 is a device that is mounted on a vehicle, such as navigation, as a device that requires regular or irregular firmware update, for example, a V2X (vehicle to everything) information device of a smart car And so on.
- a V2X vehicle to everything
- the target terminal 400 is a communication function (eg, Cat m.1), F / W download client manager, update authentication, terminal authentication, Secure FOTA unpackaging API, Core Crypto, and functions such as a boot loader Will have to do
- the update manager server 100 displays manufacturer information of the target terminal 400 and vehicle terminal information (ie, model information) on which the target terminal 400 is installed, from the manufacturer server ( 500) (S111), the step of storing the manufacturer information and the vehicle terminal information in which the update manager server 100 is registered in the database (S112), the platform 300 is the manufacturer from the update manager server 100
- Step S113 of receiving and registering information and vehicle terminal information, step S114 in which the update manager server 100 receives a token that is a unique ID corresponding to the vehicle terminal information from the platform 300 (S114), update manager server 100 ) May include transmitting the token received from the manufacturer server 500 (S115) and the target terminal 400 receiving the token from the manufacturer server 500 (S116).
- the platform 300 that manages the firmware update of the target terminal 400 checks the firmware version information of the target terminal 400 using a low-power wireless network (for example, LTE Cat.M1) (S120).
- a low-power wireless network for example, LTE Cat.M1 (S120).
- the platform 300 may transmit and receive data through the update manager server 100 and the REST (Representational State ransfer) API.
- REST Representational State ransfer
- the target terminal 400 may periodically transmit its firmware version information to the platform 300 (S121).
- the target terminal 400 is transmitted to the platform 300 in addition to the firmware version information, as shown in Table 1 below.
- the period report and the attribute report are information that the target terminal 400 transmits to the platform 300, and the period report is information that reports at regular intervals of minutes or more. Specifically, the period report is about once every 5 minutes. It is information to report, and the attribute report is information that is reported about once every 24 hours. At this time, the firmware version information transmitted by the target terminal 400 to the platform 300 is being reported in the attribute "attfwVer, string, firmware version "to be.
- the update manager server 100 After the above-described step S121, the update manager server 100 performs a step (S122) of checking the firmware version information of the target terminal 400 transmitted to the platform 300 in the above-described step S121.
- the download server 200 receives update firmware from the manufacturer server 500 and packages it for transmission to the target terminal 400 (S130).
- the download server 200 receives the firmware input from the manufacturer server 500 (S131), and the download server 200 packages the firmware input (here, transmission) Packaging to generate the firmware for the firmware means that the firmware file is divided and applied by partitioning) to generate the firmware for transmission with division and security (S132), and the transmission firmware generated by the download server 200 Storing in the database (S133), uploading the firmware download directory (URL) of the generated firmware for the download server 200 to the update manager server 100 (S134), and the update manager server 100 Step S135 for generating a firmware update notification (S135), step S136 for transmitting the firmware update notification generated by the update manager server 100 to the platform 300 (S136), and the platform 300 received It may include a step (S137) of transmitting the firmware update notification to the target terminal 400 (S137) and the update manager server 100 transmitting the result of the firmware update notification transmission to the manufacturer server 500 (S137).
- the FOTA address is a URL generated in step S132 of generating the above-described firmware
- the number of firmware files means the number of divided files.
- a low performance FOTA target terminal is targeted to perform an update using a low power wireless network and implement the system itself at a low cost.
- the firmware packaging step (S130) according to the present invention, even if the performance of the low-power situation or the target terminal 400 of the FOTA is not excellent, it is possible to transmit the firmware provided by the manufacturer without burden.
- the step of generating firmware for transmission may first divide the firmware input from the manufacturer server 500 into a plurality of blocks, and then encrypt the divided blocks.
- Existing firmware for update includes Header (Header) and Encrypt (Firmware), which includes Sign (H (firmware)), firmware name, firmware version, Sign key (manufacturer's private key), and encryption key (derivation from the Seed key value).
- Header Header
- Encrypt Firmware
- Sign H (firmware)
- firmware name firmware name
- firmware version firmware version
- Sign key manufactured from the Seed key value
- the firmware provided by the manufacturer is transmitted even though the performance of the target terminal 400 of the firmware over the air (FOTA) is not excellent.
- FOTA firmware over the air
- the blocks divided in the step of dividing in the step of generating firmware for transmission are arranged in the following order of the first block and the first block including the firmware name and the firmware version, and a part of the firmware data is respectively It may be composed of a plurality of firmware blocks allocated to form one firmware data as a whole and a last block disposed after the last firmware block to signal the end of packaging.
- the size of each firmware block depends on the wireless network. Specifically, the size of the firmware block may be 4 KB.
- the firmware block is divided into a header and a body, and in the header, an output value when firmware data is input as a hash function or
- a sine value (Sign) is substituted for the output value, and an encrypted value is input to the body.
- each firmware block is composed of one header and one body.
- FIG. 6 is a diagram illustrating generation of transmission firmware to which division and security are applied by the step (S132) of generating transmission firmware of FIG. 5.
- "info” and “Sign (H (Info))” are encrypted data (ie, Encrypted) in the first block. ) Is stored, and in each firmware block, "firmware name”, “output value when the firmware data is input to the hash function” and “signal value that substitutes the output value when the firmware data is input to the hash function" (Sign) "is encrypted data (ie, Encrypted Encrypted ) Is stored, and "H (F / W)” and “Sign (H (FW))” are encrypted data (ie, Encrypted) in the last block. ) Is saved.
- the "signal value (Sign) substituted with the output value when the firmware data is the input of the hash function" is optional, that is, in the firmware block according to the present invention, the firmware block hashes and then signs the firmware. Any hashing can be included.
- the target terminal 400 downloads the firmware packaged from the download server 200 through a low-power wireless network (for example, LTE Cat.M1) (S140).
- a low-power wireless network for example, LTE Cat.M1 (S140).
- the target terminal 400 downloads the firmware for transmission from the download server 200 (S141), and the target terminal 400 displays the download result on the platform 300.
- the update manager server 100 checks the download result through the platform 300 (S143) and the update manager server 100 transmits the download result to the manufacturer server 500 It may include (S144).
- the firmware download is performed automatically when the remote procedure call (RPC) protocol is performed at a specific time, for example, at 4 AM on the next day of transmission, and the firmware download is performed when the vehicle has finished driving, if the download has not been completed normally. In case of this, ignore the previously downloaded file and start downloading the file again, but if the download fails more than 3 times, the issue is managed separately.
- RPC remote procedure call
- the firmware packaged in the target terminal 400 is unpackaged to perform a firmware update (S150).
- the target terminal 400 unpacks the received reception firmware to prepare a firmware update (S151), and when the update preparation is completed, the target terminal 400 )
- the step of performing the firmware update (S152), the target terminal 400 transmits the result of the firmware update to the platform (S153), the update manager server 100 updates the firmware through the platform 300
- Checking the result of the step (S154) and the update manager server 100 may include the step of transmitting the result of the firmware update to the manufacturer server 500 (S155).
- the vehicle is turned off, it is checked whether or not the firmware is updated, and the update is performed. At the same time as the firmware is unpackaged, the unpackaged firmware is loaded into the memory.
- the step of preparing the update (S151), after decoding the first block, reads whether the firmware update of the target terminal 400 is necessary through the info value (info) included in the first block, and the firmware update If necessary, check the version comparing the sign and hash released info value with the info value already included in the first block, and when the version check is completed, download and decrypt the firmware blocks and decrypt the signed data. By comparing the hash value with the hash value of the firmware data previously included in the firmware block, each divided firmware data may be merged.
- step S152 of performing a firmware update when the decoding of the last block is completed, the firmware update may be performed using the merged firmware data.
- each server is a communication function (eg, Cat m.1) F / W upload manager, F / W service web-based UI, firmware management (version, F / W), Secure FOTA packaging API , Core Crypto, etc.
- the update manager server 100 performing the above-described functions may include a backup file distribution module (not illustrated in the drawing for convenience of description).
- the backup file decentralization module generates important information such as user information or system information to be protected from external attacks such as hacking or ransomware as a backup file, and then the generated backup file is the primary backup file containing the same data. Creates and saves the secondary backup in turn, but stores the primary backup file and secondary backup file in different storage locations.
- the creation of the backup file is not limited to the primary and secondary, and it is also possible to generate a plurality of backup files of the third or higher in consideration of the performance of the system.
- the backup file decentralization module is set at a predetermined cycle (for example, once every 3 hours, which is basically set on the system, once every 5 hours, etc., but is not limited to the set cycle) It can be set even if it is set) Change the storage location of the saved primary backup file and secondary backup file to a preset location on the system or a newly created location.
- the moving location of the backup file is designated as a folder or a sub-folder generated according to an arbitrary random variable, not a location previously set or designated by a user on the system.
- the primary backup file and the secondary backup file are files that contain data of the same content, and there is no superiority between them, and the secondary backup after the primary backup file is moved even in the movement of the file.
- the file may be moved, or the primary backup file may be moved after the secondary backup file is moved.
- the backup file distribution module continuously performs replication from previously generated primary backup files and secondary backup files to generate multiple backup files of each backup file.
- the generated multiple sub-backup files may also be individually stored in different locations generated according to random variables.
- the backup file decentralization module permanently deletes a file determined to be an attacked backup file among a plurality of backup files on the system.
- a normal function on a system may not be performed due to a hacking or ransomware attack, or a zombie program that may expose other files on the system to the risk due to the attack.
- deleting the file on the system in advance it is possible to prevent the entire system from being attacked by some files.
- the backup file decentralization module when the backup file decentralization module stores a backup file in a synchronization folder linked to a cloud service, when the backup file is stored in the corresponding synchronization folder and the stored backup file is uploaded on the cloud, the corresponding synchronization You can turn off synchronization for a folder.
- the function of the backup file decentralization module as described above is implemented using the "optional synchronization service” provided by "Dropbox".
- the backup file decentralization module creates a "backup folder” on the system as a space for storing the backup file
- the cloud service creates the newly created “backup folder” on the cloud as well.
- the backup file decentralization module will store the backup file in the corresponding folder, and accordingly, the backup file is also uploaded on the cloud.
- the backup file decentralization module selectively releases only the synchronization of the "backup folder” used for uploading the backup file, and deletes the "backup folder” on the system.
- the backup file decentralization module downloads a backup file that has been uploaded to the cloud service by re-synchronizing a folder in which selective synchronization has been canceled, when the order of changing the storage location of the backup file that has been uploaded to the cloud is in order. Thereafter, the downloaded backup file may be moved to a newly created location according to random variables as described above.
- the update manager server 100 having the above-described configuration may be implemented on a development environment management system (not shown in the drawings for convenience of description).
- each development system can develop and manage software components and software under the control of the developer.
- Each development system uses the Trusted Platform Module (TPM) standard technology, so that software components can be used only in licensed development systems.
- the Trust Platform Module (TPM) is a kind of security device and can generate and manage a security key for data encryption.
- the development environment management system can limit the developer's authority to use the software component and perform security authentication for the development system used by the developer.
- the development environment management system may process permission message for creation or modification of the software component by checking authorization information of the corresponding development system.
- the software component may be configured to include at least one of a source code, a binary containing debugging information, a pure binary containing no debugging information, a document for detailed description of the code, and a process formula model for understanding the code. You can.
- the permission information may include at least one of a read permission to read the software component, a storage permission to create and modify the software component, and a permission adjustment permission to adjust the permission information.
- the development environment management system can control the software component to be created or modified by any one development system that satisfies the authority information, so that it can be stored and shared with other development systems. This is because a module built by one development system may need to be used in another development system.
- the development environment management system can build a database storing the history of creation or modification of these software components. This is because it is possible to track step-by-step how the value of a specific variable has changed through history information, and also to understand how the specific variable has changed the value of any other variable.
- the development environment management system is the type of software component, whether the software component is created / modified, the date of creation / modification of the software component, the frequency of creation / modification of the software component, and the development that creates / modifies the software component. It is possible to generate history information including the system's authority information.
- the development environment management system may assign an index to each history information generated and store it in the history information database.
- the development environment management system may build a history information database for each type of software component. That is, the development environment management system can build a history information database according to the importance of the software component, and the history information database of the software component corresponding to the type having the highest importance is in the database update target for storage space management as described below. May be excluded.
- the development environment management system may establish a history information database for each creation / modification date of the software component.
- the development environment management system may build a history information database on a specific date, and exclude the history information database from the database update target.
- the development environment management system may establish a history information database for each authority information. For example, the development environment management system constructs a database of the history information of the software component by the development system corresponding to the authority to adjust the authority information regarded as the highest authority information, and excludes the history information database from the database update target. I can do it.
- the development environment management system can update the history information database for efficient storage space management.
- the development environment management system may update the history information database when the index of the history information database reaches a preset index.
- the development environment management system may divide the entire index of the history information database into three sections in ascending order.
- the development environment management system can delete the history information corresponding to the section including the lowest index among the three sections without conditions.
- the history information corresponding to the section can be regarded as a long time elapsed since the creation / modification date, and thus it is unlikely that the history information will be referenced again, so it can be deleted without conditions.
- the development environment management system may update the history information corresponding to the middle section among the three sections by determining whether to delete or maintain it according to the type of software component. That is, the development environment management system can classify the importance according to the type of the software component, and maintains only the history information corresponding to the type of the software component having the highest importance among the history information corresponding to the middle section among the three sections and the remaining history
- the history information database can be updated by deleting all information.
- the development environment management system may update the history information corresponding to the middle section among the three sections by determining whether to delete or maintain it according to the frequency of creation / modification of the software component. That is, the history information database may be updated by deleting all history information corresponding to a middle section among the three sections whose generation / modification frequency is higher than a preset reference frequency and maintaining the remaining history information.
- the development environment management system may update the history information corresponding to the middle section among the three sections by determining whether to delete or maintain it according to the authority information of the development system.
- the history information which is the authority to adjust the authority information of which the authority information is regarded as the highest authority information, among the history information corresponding to the middle section among the three sections is maintained, and all the remaining history information is deleted.
- the history information database can be updated.
- the development environment management system can maintain history information corresponding to the section including the highest index among the three sections.
- the history information corresponding to the corresponding section can be regarded as a relatively recent creation / modification date, and as such, it is highly likely that the history information will be referenced again, so it can be maintained.
- Some of the configurations of the update manager server 100 having the above-described configuration may be implemented by artificial intelligence, and may further include a decision reason presentation unit (not illustrated in the drawings for convenience of description).
- the reason for decision-making is not only to classify and predict the data given or input by the user, but also to analyze the causality of the decision to find an appropriate basis, and why the artificial intelligence suggests the result. Can be explained at the user level.
- By enabling reliable decision-making between the user and artificial intelligence through the decision reason presentation unit feedback from the user can be appropriately reflected when problems or errors occur.
- By placing a decision-making reason presentation unit it is possible to clearly explain the cause of why such a result is not provided for the result of artificial intelligence, thereby eliminating the distrust of the user, and excessively In the case of learning, it is possible to prevent the overfitting problem that the optimal solution in the region may be selected rather than the optimal solution from the overall perspective.
- the decision reason presentation unit may further include a model building module and a reason description interface module.
- the model building module may be implemented as an in-depth description learning module, an interpretable model generation module, and a model induction module.
- the deep description learning module is a modified deep learning technology that enables deep neural networks to learn features that can be described. Nodes in the hidden layer can be trained to represent meaningful properties. For example, if you are learning a model that distinguishes the images of the arms and legs, each hidden node can be a finger or toenail shape, a finger or toe shape, or a palm or sole. By learning to indicate the location, etc., when the model determines that an image is a hand, it is possible to know the basis of the judgment through an activated hidden node. The basis for this determination may also be expressed linguistically through a natural language generation model such as RNN (Recurrent Neural Network). RNN is a model of deep learning and is a kind of artificial neural network.
- RNN Recurrent Neural Network
- It is used to learn data that changes over time, such as time series data. It uses input control vectors, oblivion vectors, and output control vectors to input and output data. Get In the input control vector, the input signal accepts the value after going through the connection layer with the activation function, and the oblivion vector serves to reflect a part of the past input into the current input. And the output control vector takes in the value using the activation function considering the past value and the modified input value. And the final result goes back to the input.
- a circulatory neural network is mainly used to classify document emotions or recognize handwriting, and may also be mainly used for speech recognition, time series prediction, or waveform generation. This is because the input data can be processed in a proper order even if it has a fixed shape without order.
- the in-depth description learning module may visually display a portion based on an image. For example, when the artificial intelligence system categorizes a cat image, the existing system derives only whether or not the input image is a cat, but the in-depth learning module derives whether it is a cat, and uses the basis image (hair, whiskers, etc.) of the user. Can provide.
- the interpretable model generation module can construct structured data into an interpretable causality model.
- an interpretable model generation module may be constructed using BPL (bayesian program learning), and BPL is a method of learning to express a combination of small pieces, for example, learning a model that generates letters. When you do, divide the letters into strokes to create the most reasonable combination of strokes. BPL can be imitated as if it were a human being without a large amount of data, and it is an evolution of the Neural Network, and when a new event is given, the probability value can be changed based on the event. That is, BPL is not a method of changing only the weight of virtual variables, but also includes creating other virtual variables in the middle.
- the interpretable model generation module may be implemented through a stochastic approach.
- the stochastic approach can be learned with just a few samples, and is similar to learning that, for example, showing long and short chairs, there are also chairs of medium length. In other words, it is a technique of learning by filling in insufficient data by itself.
- the stochastic approach may include the ability to calibrate the probability and program itself through mathematical calculations.
- the interpretable model generation module may be implemented using And-Or-Graph.
- And-Or-Graph is an AND / OR graph, which shows the condition and conclusion relationship of rules and AND / OR relationship in a graph form.
- the model decision process is logically It has the advantage of being easy to explain. That is, the graph is represented by the AND node and the OR node, and all the AND nodes must be processed and only one OR node can be processed.
- the AND / OR graph a set of rules interspersed with each other can be viewed as a structure, and the logical relationship between each sentence can be easily identified.
- the model induction module can deduce any black box model as a descriptive model.
- the model induction module may be implemented with local interpretable model-agnostic explanations (LIME), which make any black box model locally descriptive through sparse linear combinations around already descriptive data. You can. For example, if a black box model classifying an image determines that an image is a heart, a description of the heart of another model that can already be explained, that is, the pixel representing the heart is compared with a given image to determine which part is the heart. Can be presented.
- LIME local interpretable model-agnostic explanations
- the model induction module may be implemented as bayesian rule lists (BRL) representing a model as a series of if-then conditional statements.
- BRL bayesian rule lists
- the above-described in-depth description learning module, an interpretable model generation module, and a model induction module may be operated independently of each other or in combination with each other, and the implementation order thereof may also vary according to embodiments.
- the reason description interface module can express the description of the artificial intelligence decision in a way that the user can understand.
- Reason Description The interface module may include essential items such that the presented description is repetitive, includes all necessary descriptions, does not include unnecessary descriptions, and appropriate amounts. In other words, the user can easily provide the user with the language, tables, images, graphs, formulas, etc., what process and reason the AI has produced the final result and what factors or data influenced each step. .
- the reason description interface module may receive a user's correction command.
- the reason description interface module may include corrections as essential items such that the explanation is flexible, respects user feedback, and watches for gradual change. The user can evaluate and develop the effectiveness of the reason description interface module by receiving feedback from the user about the clarity and utilization of the description.
- the decision reason presentation unit may be formed as a causal relationship model.
- the causal model can be formed by combining deep learning and a Markov random field. First, the probability distribution of the deep Markov random field model is modeled from the training data, and the structure of the Markov random field indicating conditional independence between random variables is studied. Deducing the latent function of the structured Markov random field into a deep neural network alleviates the problem that the number of parameters required for the latent function increases exponentially as the number of input variables increases, and it is complex without constraints on variable association. Can learn relationships. According to an embodiment, after class learning problems such as attributes and supercategories as auxiliary tasks are learned, linear expression can be combined at the output stage to enable effective expression. It can also include an interactive learning algorithm that allows a person to verify that the causal relationship has been correctly learned and give feedback to correct it.
- the decision reason presentation unit may be implemented as an analysis module.
- the optimal kernel combination representing a kernel in a Gaussian process can be learned to explain given time series data based on the kernel combination found above.
- the combination of a kernel that is commonly expressed even when there are multiple time series data and a kernel that expresses characteristics of each time series data features that are common in multiple time series data can be described.
- the firmware update method using the low-power wireless network having the steps as described above allows the firmware update to be performed using the low-power wireless network, thereby dividing the firmware provided by the manufacturer and transmitting it to the FOTA target terminal, thereby reducing the power consumption. Even if the performance of the terminal under the FOTA or network conditions is not excellent, the firmware provided by the manufacturer can be transmitted without burden.
- the present invention relates to a firmware update method using a low-power wireless network, and more specifically, a firmware using a low-power wireless network implemented to wirelessly upgrade the firmware of a terminal mounted in a vehicle such as navigation using a low-power wireless network. It's about how to update.
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Stored Programmes (AREA)
Abstract
Description
Claims (2)
- 업데이트 매니저 서버에서 펌웨어 업데이트의 대상이 되는 대상 단말기의 단말기 정보를 상기 제조사 서버로부터 수신받아 등록하는 단말기 등록 단계;상기 대상 단말기의 펌웨어 업데이트를 관리하는 플랫폼에서 저전력 무선네트워크를 이용하여 상기 대상 단말기의 펌웨어 버전 정보를 확인하는 펌웨어 버전 확인 단계;다운로드 서버에서 상기 제조사 서버로부터 업데이트용 펌웨어를 입력받아 상기 대상 단말기로 전송하기 위해 패키징하는 펌웨어 패키징 단계;상기 대상 단말기에서 상기 다운로드 서버로부터 패키징된 펌웨어를 저전력 무선네트워크를 통해 다운로드 받는 펌웨어 다운로드 단계; 및상기 대상 단말기에서 패키징된 펌웨어를 언패키징하여 펌웨어 업데이트를 수행하는 펌웨어 업데이트 단계를 포함하는, 저전력 무선네트워크를 이용한 펌웨어 업데이트 방법.
- 제1항에 있어서,상기 단말기 등록 단계는, 상기 업데이트 매니저 서버가 상기 대상 단말기의 제조사 정보 및 상기 대상 단말기가 설치된 차량 단말 정보를 상기 제조사 서버로부터 수신받아 등록하는 단계; 상기 업데이트 매니저 서버가 등록되는 제조사 정보 및 차량 단말 정보를 데이터베이스에 저장하는 단계; 상기 플랫폼이 상기 업데이트 매니저 서버로부터 제조사 정보 및 차량 단말 정보를 전달받아 등록하는 단계; 상기 업데이트 매니저 서버가 차량 단말 정보에 대응하는 유니크 아이디인 토큰을 상기 플랫폼으로부터 전달받는 단계; 상기 업데이트 매니저 서버가 전달받은 토큰을 상기 제조사 서버로 전송하는 단계; 및 상기 대상 단말기가 상기 제조사 서버로부터 토큰을 입력받는 단계를 포함하며,상기 펌웨어 버전 확인 단계는, 상기 대상 단말기가 자신의 펌웨어 버전 정보를 주기적으로 상기 플랫폼으로 전송하는 단계; 및 상기 업데이트 매니저 서버가 상기 플랫폼으로 전송되는 상기 대상 단말기의 펌웨어 버전 정보를 확인하는 단계를 포함하며,상기 펌웨어 패키징 단계는, 상기 다운로드 서버가 상기 제조사 서버로부터 펌웨어를 입력받는 단계; 상기 다운로드 서버가 입력받은 펌웨어를 패키징하여 분할 및 보안이 적용된 전송용 펌웨어를 생성하는 단계; 상기 다운로드 서버가 생성된 전송용 펌웨어를 데이터베이스에 저장하는 단계; 상기 다운로드 서버가 생성된 전송용 펌웨어의 펌웨어 다운로드 디렉토리(URL)를 상기 업데이트 매니저 서버로 업로드하는 단계; 상기 업데이트 매니저 서버가 펌웨어 업데이트 알림(Notice)을 생성하는 단계; 상기 업데이트 매니저 서버가 생성된 펌웨어 업데이트 알림을 상기 플랫폼으로 전달하는 단계; 상기 플랫폼이 전달받은 펌웨어 업데이트 알림을 상기 대상 단말기로 전송하는 단계; 및 상기 업데이트 매니저 서버가 펌웨어 업데이트 알림의 전송 결과를 상기 제조사 서버로 전송하는 단계를 포함하며,상기 펌웨어 다운로드 단계는, 상기 대상 단말기가 상기 다운로드 서버로부터 전송용 펌웨어를 다운로드 받는 단계; 상기 대상 단말기가 다운로드 결과를 상기 플랫폼으로 전송하는 단계; 상기 업데이트 매니저 서버가 상기 플랫폼을 통해 다운로드 결과를 확인하는 단계; 및 상기 업데이트 매니저 서버가 다운로드 결과를 상기 제조사 서버로 전송하는 단계를 포함하며,상기 펌웨어 업데이트 단계는, 상기 대상 단말기가 수신받은 수신용 펌웨어를 언패키징하여 펌웨어 업데이트를 준비하는 단계; 업데이트의 준비가 완료되면, 상기 대상 단말기가 펌웨어 업데이트를 수행하는 단계; 상기 대상 단말기가 펌웨어 업데이트의 결과를 상기 플랫폼으로 전송하는 단계; 상기 업데이트 매니저 서버가 상기 플랫폼을 통해 펌웨어 업데이트의 결과를 확인하는 단계; 및 상기 업데이트 매니저 서버가 펌웨어 업데이트의 결과를 상기 제조사 서버로 전송하는 단계를 포함하는, 저전력 무선네트워크를 이용한 펌웨어 업데이트 방법.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US17/238,750 US11914984B2 (en) | 2018-10-23 | 2021-04-23 | Firmware updating method using low-power wireless network |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR10-2018-0127069 | 2018-10-23 | ||
KR1020180127069A KR102111449B1 (ko) | 2018-10-23 | 2018-10-23 | 저전력 무선네트워크를 이용한 펌웨어 업데이트 방법 |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US17/238,750 Continuation US11914984B2 (en) | 2018-10-23 | 2021-04-23 | Firmware updating method using low-power wireless network |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2020085557A1 true WO2020085557A1 (ko) | 2020-04-30 |
Family
ID=70331978
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/KR2018/013092 WO2020085557A1 (ko) | 2018-10-23 | 2018-10-31 | 저전력 무선네트워크를 이용한 펌웨어 업데이트 방법 |
Country Status (3)
Country | Link |
---|---|
US (1) | US11914984B2 (ko) |
KR (1) | KR102111449B1 (ko) |
WO (1) | WO2020085557A1 (ko) |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113794589B (zh) * | 2021-08-31 | 2023-11-07 | 新华三技术有限公司成都分公司 | 一种ac固件的打包方法、ap的升级方法和ac |
WO2023062693A1 (ja) * | 2021-10-11 | 2023-04-20 | 日本電気株式会社 | 情報提示システム、情報提示方法、及びコンピュータプログラム |
KR102411841B1 (ko) * | 2021-12-21 | 2022-06-22 | 주식회사 유니온플레이스 | 펌웨어를 수신하는 방법 및 펌웨어를 전송하는 방법 |
KR102437864B1 (ko) * | 2021-12-24 | 2022-08-30 | 주식회사 유니온플레이스 | 펌웨어를 수신하는 방법 및 펌웨어를 전송하는 방법 |
EP4206906A1 (en) * | 2021-12-28 | 2023-07-05 | Ecolux Technology Co., Ltd. | Processing system and method for updating firmware online |
TWI823311B (zh) * | 2022-03-29 | 2023-11-21 | 新唐科技股份有限公司 | 用於更新韌體的方法及資料結構產品 |
KR20240078848A (ko) | 2022-11-28 | 2024-06-04 | (주)라닉스 | 토큰 인증을 통해 전자 디바이스의 관리가 가능한 전자 시스템, 그 관리 방법 및 그 전자 디바이스 |
CN117278340B (zh) * | 2023-11-23 | 2024-02-13 | 瑞纳智能设备股份有限公司 | 实现低功耗阀固件升级的方法及存储介质、电子设备 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20090041065A (ko) * | 2007-10-23 | 2009-04-28 | 티유미디어 주식회사 | 네비게이션 정보 업데이트 장치와 그를 이용한 네비게이션정보 업데이트 시스템 |
KR20100063474A (ko) * | 2008-12-03 | 2010-06-11 | 주식회사 케이티 | Fota 서비스 제공 방법 및 그 시스템 |
KR20120117504A (ko) * | 2011-04-15 | 2012-10-24 | 삼성전자주식회사 | 통신 시스템 및 그 통신 시스템에서 소프트웨어 업데이트 방법 |
KR101417759B1 (ko) * | 2006-06-19 | 2014-07-14 | 삼성전자주식회사 | 시스템 정보 갱신 장치 및 방법 |
KR20180080916A (ko) * | 2017-01-05 | 2018-07-13 | 주식회사 쏠리드 | 분산 안테나 시스템의 데이터 관리 장치 및 데이터 관리 방법 |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7770165B2 (en) * | 2006-08-25 | 2010-08-03 | Microsoft Corporation | Providing firmware updates to portable media devices |
EP2012230A1 (en) | 2007-07-05 | 2009-01-07 | Samsung Electronics Co., Ltd. | Partitioning compression-based firmware over the air |
KR101541112B1 (ko) | 2013-07-04 | 2015-07-31 | 주식회사 미르코퍼레이션 | Fota 시스템 및 그 실행 방법 |
US10809999B2 (en) * | 2015-07-30 | 2020-10-20 | Apple Inc. | Secure firmware upgrade for cellular IoT |
US11194562B2 (en) * | 2017-05-19 | 2021-12-07 | Blackberry Limited | Method and system for hardware identification and software update control |
JP6902630B2 (ja) * | 2017-07-31 | 2021-07-14 | デジパーツ, インコーポレーテッドDigiparts, Inc. | リアルタイム車両管制サービスのためのコネクテッドゲートウェイサーバシステム |
US10437581B1 (en) * | 2018-04-20 | 2019-10-08 | At&T Mobility Ii Llc | Internet of things platform for handling firmware transfer on machine-to-machine devices |
-
2018
- 2018-10-23 KR KR1020180127069A patent/KR102111449B1/ko active IP Right Grant
- 2018-10-31 WO PCT/KR2018/013092 patent/WO2020085557A1/ko active Application Filing
-
2021
- 2021-04-23 US US17/238,750 patent/US11914984B2/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101417759B1 (ko) * | 2006-06-19 | 2014-07-14 | 삼성전자주식회사 | 시스템 정보 갱신 장치 및 방법 |
KR20090041065A (ko) * | 2007-10-23 | 2009-04-28 | 티유미디어 주식회사 | 네비게이션 정보 업데이트 장치와 그를 이용한 네비게이션정보 업데이트 시스템 |
KR20100063474A (ko) * | 2008-12-03 | 2010-06-11 | 주식회사 케이티 | Fota 서비스 제공 방법 및 그 시스템 |
KR20120117504A (ko) * | 2011-04-15 | 2012-10-24 | 삼성전자주식회사 | 통신 시스템 및 그 통신 시스템에서 소프트웨어 업데이트 방법 |
KR20180080916A (ko) * | 2017-01-05 | 2018-07-13 | 주식회사 쏠리드 | 분산 안테나 시스템의 데이터 관리 장치 및 데이터 관리 방법 |
Also Published As
Publication number | Publication date |
---|---|
KR20200045928A (ko) | 2020-05-06 |
KR102111449B1 (ko) | 2020-05-15 |
US20210240465A1 (en) | 2021-08-05 |
US11914984B2 (en) | 2024-02-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2020085557A1 (ko) | 저전력 무선네트워크를 이용한 펌웨어 업데이트 방법 | |
US20230276214A1 (en) | Method for sharing application between terminals, and terminal | |
CN110933163B (zh) | 区块链合约部署方法、装置、设备以及存储介质 | |
Asokan et al. | ASSURED: Architecture for secure software update of realistic embedded devices | |
US11582042B2 (en) | Industrial data verification using secure, distributed ledger | |
US20210365445A1 (en) | Technologies for collecting, managing, and providing contact tracing information for infectious disease response and mitigation | |
CN109791633A (zh) | 使用基于云的机器学习的静态和动态设备简档信誉 | |
JP2019121141A (ja) | デバイス、セキュアエレメント、プログラム、情報処理システム及び情報処理方法 | |
EP4216077A1 (en) | Blockchain network-based method and apparatus for data processing, and computer device | |
CN108140085A (zh) | 使用最少的硬件资源的可信平台 | |
US20230073638A1 (en) | Local data classification based on a remote service interface | |
CN107533611A (zh) | 在遥测数据的传输中保护用户可标识信息 | |
US11681513B2 (en) | Controlled scope of authentication key for software update | |
US20200379747A1 (en) | Software update mechanism | |
KR102256249B1 (ko) | 통합 보안 SoC를 이용한 IoT 디바이스의 안전한 펌웨어 업데이트 방법 | |
CN111400771A (zh) | 目标分区的校验方法及装置、存储介质、计算机设备 | |
KR102132901B1 (ko) | 펌웨어 패키징 및 언패키징 방법 | |
CN115021995B (zh) | 多渠道登录方法、装置、设备及存储介质 | |
CN109698974A (zh) | 一种显示进度的方法、装置、电子设备及介质 | |
US20190370489A1 (en) | Processing requests at a remote service to implement local data classification | |
CN107992319A (zh) | 补丁数据更新方法及装置 | |
US11323445B2 (en) | Methods and systems for accessing a network | |
Villegas et al. | OTA updates mechanisms: a taxonomy and techniques catalog | |
CN113852624A (zh) | 一种数据跨网传输方法、装置及其计算机介质 | |
WO2021089983A1 (en) | Validating distributed source content |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 18937686 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 18937686 Country of ref document: EP Kind code of ref document: A1 |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED D01/10/2021) |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 18937686 Country of ref document: EP Kind code of ref document: A1 |