WO2021093334A1 - 车辆升级包处理方法和装置 - Google Patents
车辆升级包处理方法和装置 Download PDFInfo
- Publication number
- WO2021093334A1 WO2021093334A1 PCT/CN2020/097666 CN2020097666W WO2021093334A1 WO 2021093334 A1 WO2021093334 A1 WO 2021093334A1 CN 2020097666 W CN2020097666 W CN 2020097666W WO 2021093334 A1 WO2021093334 A1 WO 2021093334A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- vehicle
- terminal
- data block
- server
- upgrade package
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
- G06F8/658—Incremental updates; Differential updates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/70—Software maintenance or management
- G06F8/71—Version control; Configuration management
Definitions
- This application relates to communication technology, and in particular to a method and device for processing a vehicle upgrade package.
- the vehicle can download the vehicle upgrade package from the OTA server based on the over-the-air (OTA) technology, and realize the software update through the vehicle upgrade package.
- OTA over-the-air
- the OTA server needs to respond to the upgrade request of the vehicle and issue the vehicle upgrade package to the vehicle.
- the OTA server has to provide a vehicle upgrade package for each vehicle, the load on the OTA server is relatively large.
- the embodiments of the present application provide a method and device for processing a vehicle upgrade package to reduce the load of an OTA server.
- an embodiment of the present application provides a method for processing a vehicle upgrade package, including: a first terminal receives one or more first data blocks from a server, the first data blocks are used for vehicle upgrade; the first terminal receives from the second terminal Obtain one or more second data blocks, the second data block is used for the on-board system upgrade, the second data block is sent by the server to the second terminal; the first terminal obtains the vehicle upgrade based on the first data block and the second data block package. That is, the server can divide the vehicle upgrade package into blocks to obtain multiple data blocks, and then deliver the multiple data blocks to multiple terminals.
- each terminal can be peer-to-peer (P2P) based on the terminal
- P2P peer-to-peer
- the received data blocks and the data blocks obtained by the terminal from other terminals are used to obtain the vehicle upgrade package.
- each terminal does not need to obtain the complete vehicle upgrade package from the OTA server, thus reducing the cost of the OTA server. load.
- the first data block and the second data block are both encrypted data blocks
- the data block length of the first data block and the data block length of the at least one second data block are both based on the encryption algorithm An integer multiple of the packet length.
- the first terminal obtains the vehicle upgrade package according to the first data block and at least one second data block, including: the first terminal starts to decrypt the first data block at the first time; the first terminal starts to decrypt the first data block at the first time; The second data block is received at the second time, and the first time is before the second time; or, the first terminal starts to decrypt the second data block at the third time, and the first terminal receives the first data block at the fourth time, and the third time is at Before the fourth time.
- the first terminal is a process of decrypting while receiving data blocks. Therefore, compared with the method of decrypting all data blocks after the first terminal completes all data blocks, the method of this embodiment of this application can improve the efficiency and efficiency of decryption. Reduce the download time of the upgrade package.
- both the first data block and the second data block include: the signature of the server that generates the upgrade package for the vehicle system upgrade; the first terminal starts to decrypt the first data block at the first time, including: When a terminal confirms that the signature of the first data block is the signature of the server of the upgrade package of the vehicle system upgrade, the first terminal starts to decrypt the first data block at the first time; the first terminal starts to decrypt the second data at the third time.
- the block includes: when the first terminal confirms that the signature of the second data block is the signature of the server of the upgrade package of the vehicle system upgrade, the first terminal starts to decrypt the second data block at the third time.
- the signatures carried in the first data block and the second data block are not the signature of the OTA server, they can be discarded, and the first data block and the second data block containing the signature of the OTA server can be retrieved, so as to prevent the first terminal from receiving Insecure data blocks sent by other devices enhance the security of data block transmission.
- the server stores the association relationship between the data block after the vehicle upgrade package is divided into blocks and the terminal receiving the data block; the first terminal obtains one or more second data blocks from the second terminal, including : The first terminal sends a data block acquisition request to the second terminal according to the association relationship; the first terminal receives one or more second data blocks returned by the second terminal in response to the data block acquisition request. Then, the first terminal can accurately obtain the second data block from the corresponding second terminal according to the foregoing association relationship provided by the server.
- the server is a proxy server, and the vehicle upgrade package is obtained by downloading the OTA server from the air by the proxy server; the first terminal is a vehicle.
- the proxy server can assist the vehicle to upgrade and reduce the load on the OTA server.
- the first terminal is a charging pile.
- the charging pile receives the upgrade package acquisition request sent by the vehicle; in the case that the vehicle passes the safety verification of the charging pile, the charging pile returns the vehicle upgrade package to the vehicle according to the upgrade package acquisition request. Therefore, the vehicle can download the vehicle upgrade package while charging. It is understandable that on the one hand, the vehicle is usually in a stationary state when the vehicle is being charged, and usually has a better network environment. On the other hand, because the vehicle is connected to the charging auxiliary equipment, it is also It can avoid the interruption of the download of the in-vehicle upgrade package due to insufficient vehicle power, and can better improve the user experience of vehicle upgrades
- the first terminal receiving the first data block from the server includes: when the first terminal passes the security authentication of the server, the first terminal receives the first data block from the server. The first terminal receives the first data block after performing security authentication with the server, which can improve the security of the first data block received by the first terminal.
- an embodiment of the present application provides a vehicle upgrade package processing method, including: a server divides the vehicle upgrade package into blocks to obtain multiple data blocks; the server distributes the multiple data blocks to at least one terminal; each terminal is used for According to the data blocks received by the terminal and the data blocks of other terminals in at least one terminal, a vehicle upgrade package is obtained.
- the server dividing the vehicle upgrade package into blocks to obtain multiple data blocks includes: the server encrypts the vehicle upgrade package according to an encryption algorithm, and dividing the encrypted vehicle upgrade package into blocks to obtain multiple data blocks.
- the server is a proxy server, and before the server divides the vehicle upgrade package into blocks, it also includes: the proxy server downloads the OTA server from the air to obtain the vehicle upgrade package.
- the proxy server obtains the vehicle upgrade package from the over-the-air download OTA server, including: the proxy server sends the vehicle upgrade package acquisition request to the over-the-air download OTA server; the vehicle upgrade package acquisition request includes: the type and version of the vehicle operating system
- the proxy server passes the security verification of the OTA server, the proxy server receives the vehicle upgrade package sent by the OTA server; wherein, the vehicle upgrade package is generated by the OTA server according to the type and version of the operating system of the vehicle.
- the method further includes: the server records the association relationship between the data block after the vehicle upgrade package is divided into blocks and the terminal receiving the data block.
- an embodiment of the present application provides a first terminal, including: a receiving module, configured to receive one or more first data blocks from a server, the first data blocks being used for vehicle upgrades; and a processing module, used for the first The terminal obtains one or more second data blocks from the second terminal, the second data block is used for the on-board system upgrade, and the second data block is sent by the server to the second terminal; and, according to the first data block and the second data block , Get the vehicle upgrade package.
- the first data block and the second data block are both encrypted data blocks
- the data block length of the first data block and the data block length of the at least one second data block are both based on the encryption algorithm An integer multiple of the packet length.
- the processing module is specifically configured to start decrypting the first data block at the first time; to receive the second data block at the second time, the first time is before the second time; or, at the third time Start to decrypt the second data block, receive the first data block at the fourth time, and the third time is before the fourth time.
- both the first data block and the second data block include: the signature of the server that generates the upgrade package for the vehicle system upgrade; the processing module is specifically used to: confirm that the signature of the first data block is the vehicle In the case of the signature of the server of the upgrade package of the system upgrade, decrypt the first data block at the first time; in the case of confirming that the signature of the second data block is the signature of the server of the upgrade package of the vehicle system upgrade, in the third Time to start decrypting the second data block.
- the server saves the association relationship between the data block after the vehicle upgrade package is divided into blocks and the terminal receiving the data block; the processing module is specifically used to: send the data block to the second terminal according to the association relationship Obtaining request; receiving one or more second data blocks returned by the second terminal in response to the data block obtaining request.
- the server is a proxy server
- the vehicle upgrade package is obtained by downloading the OTA server from the air by the proxy server
- the first terminal is a vehicle.
- the first terminal is a charging pile.
- it further includes: a receiving module, which is also used to receive an upgrade package acquisition request sent by the vehicle; a processing module, which is also used to send an upgrade package acquisition request to the vehicle when the vehicle passes the safety verification of the charging pile The vehicle returns to the vehicle upgrade package.
- the receiving module is specifically configured to: when the first terminal passes the security authentication of the server, the first terminal receives the first data block from the server.
- an embodiment of the present application provides a server, including: a processing module, configured to divide a vehicle upgrade package to obtain multiple data blocks; a sending module, configured to distribute multiple data blocks to at least one terminal; Each terminal is used to obtain the vehicle upgrade package according to the data block received by the terminal and the data blocks of other terminals in at least one terminal.
- the processing module is specifically used to encrypt the vehicle upgrade package according to the encryption algorithm, and divide the encrypted vehicle upgrade package into blocks to obtain multiple data blocks.
- the server is a proxy server, and the processing module is also used to download the OTA server from the air to obtain the vehicle upgrade package.
- the processing module is specifically used to: send an on-board upgrade package acquisition request to the over-the-air download OTA server; the on-board upgrade package acquisition request includes: the type and version of the vehicle operating system; the proxy server passes the security verification of the OTA server In the case of receiving the vehicle upgrade package sent by the OTA server; wherein, the vehicle upgrade package is generated by the OTA server according to the type and version of the operating system of the vehicle.
- the processing module is also used to record the association relationship between the data block after the vehicle upgrade package is divided into blocks and the terminal receiving the data block.
- an embodiment of the present application provides a vehicle upgrade package processing device.
- the vehicle upgrade package processing device may be a chip in a first terminal or a system on a chip, including a processor and an interface circuit, and the interface circuit is used to receive code instructions And transmitted to the processor; the processor is used to run code instructions to execute any possible design method such as the first aspect or the first aspect.
- an embodiment of the present application provides a vehicle upgrade package processing device.
- the vehicle upgrade package processing device may be a chip in a server or a system on a chip, including a processor and an interface circuit, and the interface circuit is used to receive and transmit code instructions.
- the processor is used to run code instructions to execute any possible design method such as the second aspect or the second aspect.
- an embodiment of the present application provides a vehicle upgrade package processing device, including a memory and a processor, and the processor executes program instructions in the memory to implement any possible design such as the first aspect or the first aspect Methods.
- an embodiment of the present application provides a vehicle upgrade package processing device, including a memory and a processor, and the processor executes program instructions in the memory to implement any possible design such as the second aspect or the second aspect Methods.
- an embodiment of the present application provides a readable computer storage medium, the readable computer storage medium is used to store a computer program, and the computer program is used to implement any possible design method such as the first aspect or the first aspect .
- an embodiment of the present application provides a readable computer storage medium, the readable computer storage medium is used to store a computer program, and the computer program is used to implement any possible design method such as the second aspect or the second aspect .
- an embodiment of the present application provides a vehicle upgrade package processing system, including the communication device of the third aspect and corresponding feasible implementation manners, and the communication device of the fourth aspect and corresponding feasible implementation manners.
- FIG. 1 is a schematic diagram of a network system to which the method for processing a vehicle upgrade package according to an embodiment of the application is applied;
- FIG. 2 is a schematic flowchart of a method for processing a vehicle upgrade package provided by an embodiment of the application
- FIG. 3 is a schematic diagram of another network system to which the method for processing a vehicle upgrade package according to an embodiment of the application is applied;
- FIG. 4 is a schematic diagram of a logical framework of on-board equipment in a vehicle according to an embodiment of the application;
- FIG. 5 is a schematic flowchart of a method for processing a specific vehicle upgrade package provided by an embodiment of the application
- FIG. 6 is a schematic diagram of another network system to which the method for processing a vehicle upgrade package according to an embodiment of the application is applied;
- FIG. 7 is a schematic flowchart of another specific method for processing a vehicle upgrade package provided by an embodiment of the application.
- FIG. 8 is a schematic structural diagram of a first terminal provided by an embodiment of this application.
- FIG. 9 is a schematic structural diagram of a server provided by an embodiment of the application.
- FIG. 10 is a schematic diagram of the hardware structure of a vehicle upgrade package processing apparatus provided by an embodiment of the application.
- the vehicle upgrade package processing method provided by the embodiment of the present application can be applied to the network system of FIG. 1.
- the system may include the server 11, the first terminal 121, and the second terminal 122.
- the number of the second terminal 122 may be one or Multiple.
- the server 11 may be an OTA server for issuing vehicle upgrade packages, or a fleet server that has obtained vehicle upgrade packages from the OTA server, or any other possible server, which is not specifically limited in the embodiment of the present application.
- the first terminal 121 can be any form of vehicle, the first terminal 121 can also be any form of vehicle auxiliary equipment (such as a vehicle charging pile, etc.), and the first terminal 121 can also be a mobile terminal (such as a mobile phone, a tablet, a wearable device, etc.). Etc.), the embodiment of the present application does not specifically limit this.
- the second terminal 122 can be any form of vehicle, the second terminal 122 can also be any form of vehicle auxiliary equipment (such as a vehicle charging pile, etc.), and the second terminal 122 can also be a mobile terminal (such as a mobile phone, a tablet, a wearable device, etc.). Etc.), the embodiment of the present application does not specifically limit this.
- the first terminal 121 and the second terminal 122 may be the same type of equipment.
- the first terminal 121 and the second terminal 122 are both vehicles or vehicle auxiliary equipment or mobile terminals.
- the first terminal 121 and the second terminal 122 may also be different types of devices.
- the first terminal 121 is a vehicle
- the second terminal 122 is a vehicle auxiliary device or a mobile terminal, which is not specifically limited in the embodiment of the present application.
- the vehicle upgrade package processing method when the server 11, the first terminal 121, and the second terminal 122 are various specific devices will be introduced in detail, which will not be repeated here.
- the first terminal 121 and the second terminal 122 both establish a communication connection with the server 11.
- both the first terminal 121 and the second terminal 122 can use hypertext transfer protocol (hypertext tansfer protocol, HTTP) or based on secure sockets.
- hypertext transfer protocol hypertext tansfer protocol, HTTP
- HTTPS hypertext transfer trotocol over secure socket layer
- the first terminal 121 and the second terminal 122 can realize P2P communication through any form of communication connection.
- the first terminal 121 and the second terminal 122 can realize P2P communication through wireless transmission, such as bluetooth. Transmission, ultrawideband (UWB), or infrared transmission, etc.
- wireless transmission such as bluetooth. Transmission, ultrawideband (UWB), or infrared transmission, etc.
- first terminal 121 and the second terminal 122 may also implement P2P communication through wired transmission, which is not specifically limited in the embodiment of the present application.
- the first terminal 121 and the second terminal 122 may implement P2P communication based on an index server, and the index server may be the server 11 or any other server.
- the index server may store a resource list including the association relationship between the resource identifiers in the first terminal 121 and the first terminal 121, and the resources in the second terminal 122 and the second terminal 122. The association relationship of the identifier.
- the first terminal 121 wants to obtain a certain resource
- the first terminal 121 obtains the resource list in each terminal from the index server, and determines from the resource list that the terminal including the identifier of the resource is the second terminal 122, the first terminal 121 may further obtain the resource from the second terminal 122 through the aforementioned wired communication or wireless communication.
- FIG. 2 is a schematic flowchart of a method for processing a vehicle upgrade package provided by an embodiment of the application. As shown in FIG. 2, the method includes:
- Step S101 The first terminal receives one or more first data blocks from the server, and the first data blocks are used for vehicle upgrade.
- the server may be an OTA server, or may be another server other than the OTA server.
- the server can generate an upgrade package for vehicle upgrade.
- the server may first obtain the upgrade package for vehicle upgrade from the OTA server.
- the server can divide a complete upgrade package for vehicle upgrade to obtain multiple data blocks. It is understandable that, according to the device specifically targeted by the upgrade package, each upgrade package can correspond to a device number and an upgrade package serial number.
- the data blocks can be identified according to the position of each data block in the upgrade package, so that the data blocks can be integrated according to the identifications of the multiple data blocks to obtain the complete upgrade package.
- the marking method and marking content are not specifically limited. In an embodiment, a data block may be a complete data packet.
- the header of each data block after block division may include one of the version number, the upgrade package serial number i, the device number j, and the order k of the data block in the upgrade package i, or Multiple.
- the types of upgrade packages usually do not exceed 256.
- the total number of upgrade package serial numbers i does not exceed 256, you can set the upgrade package serial number i to occupy 1 byte in the data block.
- the type of car usually does not exceed 256, so the device number (such as the car's ECU number) j can also occupy 1 byte.
- the order k of the data blocks in the upgrade package i is related to the size of the upgrade package and the upgrade method.
- the larger the upgrade package the larger k is, or the smaller k is when the differential upgrade method is adopted, and when the entire package upgrade method is adopted,
- the larger the k is, the exemplary k may occupy 1 to 3 bytes, which is not specifically limited in the embodiment of the present application.
- the server can distribute the multiple data blocks to multiple terminals.
- the first terminal of the multiple terminals is used as the execution subject, and the multiple terminals are other than the first terminal.
- the terminal is the second terminal as an example, and the first terminal and the second terminal may also be terminals other than the multiple terminals.
- the data block received by the first terminal is the first data block, and the number of the first data block may be one or more.
- the data block received by the second terminal is the second data block, and the number of the second data block may be one or more.
- All the first data blocks and all the second data blocks can form the complete upgrade package, of course, there may also be a package similar to redundancy, and a complete upgrade package can also be formed in the case of parsing some data packages.
- the first data block here may also refer to a type of data block, and the second data block may refer to another type of data block.
- the transmission paths of different types of data blocks may be different, for example, reaching the destination through different devices.
- the first terminal may send an upgrade request to the server.
- the upgrade request may include basic information of the first terminal.
- the basic information may include software information and/or hardware information or vehicle model (such as vehicle A unique identification code (vehicle identification number, VIN)), the server can respond to the upgrade request and send to the first terminal one or more first data blocks that match the basic information in the upgrade request.
- VIN vehicle identification number
- the first terminal may also first receive an upgrade notification.
- the sending of the upgrade request is triggered according to the timing set in the first terminal, or according to the user clicking on the in-vehicle infotainment (IVI) screen of the first terminal
- the upgrade control triggers the sending of an upgrade request, or sends an upgrade request through the application of a mobile device such as a mobile phone that communicates with the first terminal, or automatically sends an upgrade request when the network environment of the first terminal meets the upgrade requirements (or called silent upgrade) Wait.
- two-way authentication may be performed between the first terminal and the server to establish secure communication.
- a public key infrastructure (PKI) method can be used for mutual authentication between the first terminal and the server.
- the first terminal can verify the digital certificate of the server in the PKI to realize the
- the server can verify the digital certificate of the first terminal in the PKI to realize the authentication of the server to the first terminal.
- the first terminal and the server may also use other methods to perform mutual authentication according to actual application scenarios, which is not specifically limited in the embodiment of the present application.
- Step S102 The first terminal obtains one or more second data blocks from the second terminal, the second data blocks are used for vehicle upgrade, and the second data blocks are sent by the server to the second terminal.
- the first terminal may obtain one or more second data blocks from the second terminal through any of the P2P methods described above.
- the number of second terminals may be one or multiple, and the embodiment of the present application does not limit the number of second terminals. For example, when the number of second terminals is one, the first terminal obtains one or more second data blocks from one second terminal. When the number of second terminals is multiple, the first terminal obtains one or more second data blocks from one or more second terminals.
- step S102 and step S101 can be interchanged, that is, the first terminal may first obtain one or more first data blocks, and then obtain one or more second data blocks.
- the first terminal may also first obtain one or more second data blocks, and then obtain one or more first data blocks, which is not specifically limited in the embodiment of the present application.
- step S102 may be: the first terminal sends data to the terminal according to the association relationship.
- the second terminal sends a data block acquisition request; the first terminal receives at least one second data block returned by the second terminal in response to the data block acquisition request.
- each data block can uniquely correspond to a data block identifier
- the data block identifier can be an identifier such as a number, a name, etc.
- each terminal can uniquely correspond to a terminal identifier
- the terminal identifier can be the device serial number of the terminal and the communication of the terminal.
- the specific form of the terminal identifier used by each terminal may be different, and for different data blocks, the data block identifier used by each data block may be different.
- the server can store the association relationship between the identifier of the data block and the identifier of the terminal receiving the data block, and the first terminal can determine the data block that has been received in the first terminal according to the association relationship (e.g.
- the first terminal may separately send a data block acquisition request to each second terminal according to the association relationship, and receive one or more second data blocks returned by each second terminal.
- the server can also verify through simple technical methods, or use other verification methods to ensure that the data block is not missing, or to ensure that the data block can meet the conditions for normal upgrade.
- two-way authentication may be performed between the first terminal and the second terminal to establish secure communication.
- the first terminal and the second terminal can use PKI for mutual authentication.
- the first terminal can verify the digital certificate of the second terminal in the PKI to realize the authentication of the first terminal to the second terminal.
- the second terminal can verify the digital certificate of the first terminal in the PKI to realize the authentication of the first terminal by the second terminal. It can be understood that the first terminal and the second terminal may also use other methods to perform mutual authentication according to actual application scenarios, which is not specifically limited in the embodiment of the present application.
- Step S103 The first terminal obtains the vehicle upgrade package according to the first data block and the second data block.
- the first terminal may, according to the identification of the second data block and the identification of the first data block, divide the first data block according to the sequence in the data block, etc. Integrate with the second data block to obtain a vehicle upgrade package.
- the vehicle upgrade package can be an upgrade package for a single component system or software upgrade in a vehicle, or it can be a system or software upgrade for multiple components in a vehicle or a complete vehicle component.
- the implementation of this application The example does not make specific restrictions on this.
- the server can divide the vehicle upgrade package into blocks to obtain multiple data blocks, and then deliver the multiple data blocks to multiple terminals.
- the terminal can use P2P from other terminals.
- Obtain the data block from the OTA and obtain the vehicle upgrade package based on the data block that the terminal has received and the data block that the terminal has obtained from other terminals.
- each terminal does not need to obtain the complete vehicle from the OTA server. Upgrade package, so it can reduce the load of the OTA server.
- both the first data block and the second data block may be encrypted data blocks.
- the server when the server divides the vehicle upgrade package into blocks, it may first encrypt the vehicle upgrade package, and then divide the encrypted vehicle upgrade package into blocks to obtain the encrypted first data block and the encrypted second data block. Or, when the server divides the vehicle upgrade package into blocks, it can first divide the vehicle upgrade package to obtain one or more first data blocks and one or more second data blocks, and then divide each first data block The block and each second data block are encrypted separately.
- the embodiments of the present application do not specifically limit the specific implementation of encryption.
- the first data block and the second data block may be stored in each terminal separately, or may be a terminal stored centrally, such as the first terminal and/or the second terminal; or the first terminal and/or the second terminal;
- the information contained in the data block and the second data block may be separately stored in each terminal, or may be a terminal stored centrally, such as the first terminal and/or the second terminal.
- the encryption algorithm used by the server to obtain the encrypted data block can be a symmetric encryption algorithm, or an asymmetric encryption algorithm, or any other encryption algorithm.
- the embodiment of this application does not specifically limit the encryption algorithm, which can be It is understood that for data blocks encrypted by using different encryption methods, the identification of the encryption algorithm can be carried in the data block. When decrypting, the corresponding decryption algorithm can be adopted according to the identification of the encryption algorithm, which is not specifically limited in the embodiment of this application. .
- the data block length of the first data block and the data block length of the at least one second data block are both integer multiples of the packet length of the symmetric encryption algorithm.
- the length of the vehicle upgrade package inputting the symmetric encryption algorithm may be an integer multiple of the packet length of the encryption algorithm, for example, the packet length may be 8 bytes, 16 bytes, or 128 bytes.
- the length of the vehicle upgrade package is usually random and may not meet the condition of an integer multiple of the packet length. Therefore, the vehicle upgrade package can be added with a padding part to make the total length reach an integer multiple of the packet length, and then the vehicle upgrade package can be divided into blocks. Multiple data blocks whose length is an integer multiple of the packet length of the encryption algorithm. For example, when the packet length is 128 bytes, the length of the first data block and the second data block may both be 128*n, and n is a natural number.
- the decapsulator by dividing the vehicle upgrade package into data blocks of integer multiples of the packet length, it can be ensured that the decapsulator always consumes the same amount of time to process the encrypted message, thereby effectively resisting timing attacks and making the encrypted message confidential. Sexual protection and integrity protection are guaranteed.
- the first terminal when the first terminal is connected to the OTA server, the first terminal can obtain the packet length of the first data block and the second data block from the OTA server, as well as the key and key for encrypting the data block The first terminal can decrypt the first data block and the second data block according to the key within the valid time of the key.
- the The decryption method can be:
- the first terminal receives a data block (including the first data block or the second data block), the received data block is immediately decrypted.
- the first terminal may Having completed the decryption of the previously received data block, the first terminal only needs to wait for the time to decrypt the last data block to complete the decryption of all data blocks. That is, in the embodiment of this application, the first terminal is receiving The process of decrypting data blocks at the same time. Therefore, compared with the method of unified decryption after the first terminal completes receiving all data blocks, the method of the embodiment of the present application can improve the decryption efficiency and reduce the download time of the upgrade package.
- the first terminal may also perform unified decryption on all data blocks after receiving all data blocks (including the first data block or the second data block), which is not specifically limited in the embodiment of the present application.
- both the first data block and the second data block include: the signature of the server that generates the upgrade package for the vehicle system upgrade.
- the OTA server may sign the upgrade package or digitally sign the content of the upgrade package based on the public key password before dividing the upgrade package of the complete vehicle system upgrade, and the signature may be corresponding to the OTA server Identification, for example, the signature may be the device identification of the OTA server, or the identification of the operator operating the OTA server, or the signature may also include the identification of the operator of the vehicle, etc., and the signature may be added to the first In the first data block and the second data block, when the first terminal obtains the first data block and the second data block, it can determine the first data block and the second data block according to the signatures carried in the first data block and the second data block.
- the second data block is sent by the OTA server allowed by the first terminal, it can be understood that if the signatures carried by the first data block and the second data block are not the signature of the OTA server, they can be discarded and the signature containing the OTA server can be obtained again In order to prevent the first terminal from receiving unsafe data blocks sent by other devices, the security of data block transmission is improved.
- both the first data block and the second data block include the signature of the server that generates the upgrade package of the vehicle upgrade, and when the first terminal confirms that the signature of the first data block is the signature of the server that the vehicle upgrade package is downloaded , The first terminal starts to decrypt the first data block at the first time, and receives the second data block at the second time, the first time is before the second time; or the first terminal confirms that the signature of the second data block is a vehicle upgrade package In the case of downloading the signature of the server, the first terminal starts to decrypt the second data block at the third time, receives the first data block at the fourth time, and the third time is before the fourth time.
- FIG. 3 is a specific upgrade system that can be applied to the vehicle upgrade package processing method provided by the embodiment of the application.
- the upgrade system includes: a server 30, a first terminal 31, and a second terminal 32.
- the number of the second terminal 32 is three, which are respectively numbered as the second terminal 320, the second terminal 321, and the second terminal 32.
- the server 30 may be an OTA server.
- the server 30 can also be a proxy server.
- the proxy server can be a server serving the fleet.
- the proxy server can first pass two-way authentication with the OTA server to establish secure communication.
- the hardware and software information of the vehicle is sent to the OTA server.
- the OTA server After the OTA server generates the vehicle upgrade package, it can issue the vehicle upgrade package to the proxy server.
- the OTA server can also divide the vehicle upgrade package into blocks and issue it to multiple Proxy server, multiple proxy servers obtain the vehicle upgrade package through the above-mentioned P2P method, which is not specifically limited in the embodiment of the present application.
- the first terminal and the second terminal may both be vehicles.
- Figure 4 shows a schematic diagram of the logical framework of the vehicle-mounted equipment in the vehicle. It is understandable that the vehicle-mounted equipment in Figure 4 may be all the vehicles included in the vehicle. Vehicle-mounted equipment or parts of vehicle-mounted equipment. These vehicle-mounted devices can be divided into several domains, each domain includes one or more vehicle-mounted devices, and each domain has a domain administrator, which can also be called a domain controller.
- a mobile data center mobile data center
- MDC mobile data center
- sensors sensors
- global positioning system global positioning system
- the vehicle control unit (VCU), one or more electronic control units (ECU) and wireless power transmission (WPT) belong to a domain, and the VCU is the domain controller of this domain .
- the human machine interface (HMI) and one or more ECUs belong to a domain, and the HMI is the domain controller of this domain.
- the body control module (BCM), one or more ECUs, and passive entry passive start (PEPS) belong to one domain, and the BCM is the domain controller of this domain.
- the domain controller is connected to a gateway (gateway, GW), and the gateway is connected to devices such as on-board diagnostics (OBD) and telematics box (T-Box).
- OBD on-board diagnostics
- T-Box telematics box
- the domain controller can communicate with T-Box and other devices through the gateway, and the devices in the domain can communicate with the gateway and other devices through the domain controller.
- the vehicle downloads the vehicle upgrade package through T-Box, and determines the source of the vehicle upgrade package. After determining that the vehicle upgrade package is issued by the OTA server, it can be forwarded to it according to the corresponding device number of the upgrade package.
- Corresponding in-vehicle equipment in the vehicle for vehicle-mounted equipment with relatively large computing and storage capabilities (such as MDC, HMI, etc.) can be packaged by itself, which can reduce the consumption of T-Box storage resources. After grouping, the vehicle-mounted components in the vehicle can be packaged.
- the signature verification of the upgrade package is further performed, and after it is determined that the vehicle upgrade package is issued by the OTA server, operations such as upgrade installation are performed, so that the reliability of the upgrade data package can be improved.
- an optional specific implementation step of the vehicle upgrade package processing method may be:
- Step S301 The first vehicle obtains one or more first data blocks from the server, and the second vehicle obtains one or more second data blocks from the server.
- Step S302 The first vehicle obtains one or more second data blocks from the second vehicle.
- Step S303 The first vehicle obtains the vehicle upgrade package according to the acquired first data block and second data block.
- the method for partitioning the vehicle upgrade package by the server and the method for obtaining the first data block and the second data block by the first vehicle may refer to the record in the embodiment corresponding to FIG. 2, which will not be repeated here.
- the server 30 is a fleet server, and the fleet server obtains the fleet (for example, including the first vehicle 31, the first vehicle 31, the first vehicle 31, the first vehicle 31, the first vehicle The vehicle upgrade package required by the second vehicle 320, the second vehicle 321, and the second vehicle 322), and then during the routine maintenance of the fleet, in the case of wireless-fidelity (Wireless-Fidelity, Wi-Fi), the first vehicle 31 , The second vehicle 320, the second vehicle 321, and the second vehicle 322 are linked to the fleet server.
- the fleet server is connected to the first vehicle 31, the second vehicle 320, the second vehicle 321, and the second vehicle 322 Perform two-way authentication (such as PKI-based authentication).
- the encryption key k of the upgrade package is encrypted (encrypted with the public key of the vehicle) and then sent to the first vehicle 31, the second vehicle 320, and the second vehicle 321 and the second vehicle 322, for example, the first vehicle 31 downloads the first part of the vehicle upgrade package, the second vehicle 320 downloads the second part of the vehicle upgrade package, and the second vehicle 321 downloads the third part of the vehicle upgrade package;
- a vehicle 31 can download the second part of the vehicle upgrade package from the second vehicle 320 and download the third part of the vehicle upgrade package from the second vehicle 321, and then use the key k to decrypt to obtain the complete vehicle upgrade package.
- the second vehicle 320 may also obtain a complete vehicle upgrade package from the first vehicle 31 and the second vehicle 321, and the second vehicle 321 may also obtain a complete vehicle upgrade package from the first vehicle 31 and the second vehicle 320. .
- the second vehicle 322 can be the first vehicle 31, the second vehicle 320, or the second vehicle 321.
- the specific process for each vehicle to download the vehicle upgrade package is not limited.
- the fleet server serves as a proxy server, so that the vehicle can be easily upgraded during maintenance and other processes.
- the performance of the vehicle upgrade package can be tested before step S301. For example, you can first A vehicle A obtains the vehicle upgrade package from the server 30, and then vehicle A updates according to the vehicle upgrade package. If the update is successful, vehicle A sends a message indicating that the update is successful to the server 30, and then further performs step S301 and subsequent steps, so that Increase the probability of successful vehicle upgrades.
- FIG. 6 is a specific upgrade system that can be applied to the vehicle upgrade package processing method provided by the embodiment of the application.
- the upgrade system includes: a server 60, a first terminal 61, and a second terminal 62.
- the number of the second terminal 62 is three, which are respectively numbered as the second terminal 620, the second terminal 621, and the second terminal 621.
- the server 60 may be an OTA server.
- the server 60 can also be a proxy server.
- the proxy server can first pass the two-way authentication with the OTA server to establish secure communication. After that, the proxy server sends the hardware and software information of the vehicle served by the vehicle auxiliary equipment. Send it to the OTA server.
- the OTA server After the OTA server generates the vehicle upgrade package, it can send the vehicle upgrade package to the proxy server. It is understandable that the OTA server can also divide the vehicle upgrade package into blocks and send it to multiple proxy servers.
- the server obtains the vehicle upgrade package through the aforementioned P2P method, which is not specifically limited in the embodiment of the present application.
- the second vehicle auxiliary device may be a device for charging the vehicle (such as a charging pile, etc.), or a mobile device.
- the terminal, etc., as shown in Fig. 7, an optional specific implementation step of the vehicle upgrade package processing method may be:
- Step S701 The first vehicle auxiliary device obtains one or more first data blocks from the server, and the second vehicle auxiliary device obtains one or more second data blocks from the server.
- Step S702 The first vehicle auxiliary device obtains one or more second data blocks from the second vehicle auxiliary device.
- Step S703 The first vehicle auxiliary device obtains the vehicle upgrade package according to the acquired first data block and second data block.
- the method for partitioning the vehicle upgrade package by the server and the method for obtaining the first data block and the second data block by the first vehicle auxiliary device may refer to the record in the embodiment corresponding to FIG. 2, which will not be repeated here.
- the server 60 is an OTA server, and the OTA server generates a vehicle upgrade package, and then notifies the first vehicle auxiliary device 61, the second vehicle auxiliary device 620, The second vehicle auxiliary equipment 621 and the second vehicle auxiliary equipment 622 have vehicle upgrade packages to be downloaded.
- the OTA server and the first vehicle auxiliary equipment 61, the second vehicle auxiliary equipment 620, the second vehicle auxiliary equipment 621 and the second vehicle auxiliary equipment 622 Perform two-way authentication (such as PKI-based authentication).
- the data block encrypted with the key k is issued to the first vehicle auxiliary equipment 61, the second vehicle auxiliary equipment 620, the second vehicle auxiliary equipment 621, and the first vehicle auxiliary equipment 61, the second vehicle auxiliary equipment 620, and the second vehicle auxiliary equipment 620.
- the second vehicle auxiliary device 622 for example, the first vehicle auxiliary device 61 downloads the first part of the vehicle upgrade package, the second vehicle auxiliary device 620 downloads the second part of the vehicle upgrade package, and the second vehicle auxiliary device 621 downloads the first part of the vehicle upgrade package.
- the first vehicle auxiliary device 61 can download the second part of the vehicle upgrade package from the second vehicle auxiliary device 620, and download the third part of the vehicle upgrade package from the second vehicle auxiliary device 621, and then use the key k to decrypt Get a complete vehicle upgrade package.
- the second vehicle auxiliary equipment 620 may also obtain a complete vehicle upgrade package from the first vehicle auxiliary equipment 61 and the second vehicle auxiliary equipment 621, and the second vehicle auxiliary equipment 621 may also obtain a complete vehicle upgrade package from the first vehicle auxiliary equipment 61 and the second vehicle auxiliary equipment 61. Second, a complete vehicle upgrade package is obtained from the vehicle auxiliary equipment 620.
- the second vehicle auxiliary device 622 can obtain the complete vehicle upgrade package from the first vehicle auxiliary device 61, the second vehicle auxiliary device The device 620 or the second vehicle auxiliary device 621 obtains the vehicle upgrade package.
- the embodiment of the present application does not limit the specific process of downloading the vehicle upgrade package by each vehicle auxiliary device.
- the vehicle 63 after the vehicle 63 receives the upgrade notification, it can establish a link with the OTA server to obtain the encryption key k of the vehicle upgrade package, and pass the first vehicle auxiliary device 61, the second vehicle auxiliary device 61, and the second vehicle 63 on the vehicle 63.
- the vehicle auxiliary equipment 620, the second vehicle auxiliary equipment 621, or the second vehicle auxiliary equipment 622 When the vehicle auxiliary equipment 620, the second vehicle auxiliary equipment 621, or the second vehicle auxiliary equipment 622 is charged, the first vehicle auxiliary equipment 61, the second vehicle auxiliary equipment 620, the second vehicle auxiliary equipment 621, or the second vehicle auxiliary equipment 622 may be Receive the upgrade package acquisition request sent by the vehicle, and perform two-way authentication with the vehicle.
- the first vehicle auxiliary device 61, the second vehicle auxiliary device 620, the second vehicle auxiliary device 621, or the second vehicle auxiliary device 622 can encrypt the encrypted vehicle
- the upgrade package is sent to the vehicle, and the vehicle 63 decrypts the encrypted vehicle upgrade package with the key k to obtain the vehicle upgrade package. Therefore, the vehicle 63 can download the vehicle upgrade package while charging. In a static state, you can usually have a better network environment. On the other hand, because the vehicle is connected to the charging auxiliary equipment, it can also avoid the interruption of the on-board upgrade package download due to insufficient vehicle power, which can better improve the user’s vehicle An upgraded experience.
- the correctness of the vehicle upgrade package can be tested before step S701. For example, you can First, a vehicle A obtains the vehicle upgrade package from the first vehicle auxiliary device 61, the second vehicle auxiliary device 620, the second vehicle auxiliary device 621, or the second vehicle auxiliary device 622, and then the vehicle A is updated according to the vehicle upgrade package.
- step S701 and the subsequent steps are further executed, so that it can Improve the probability of a successful upgrade of the on-board system.
- Figure 8 is a schematic structural diagram of a first terminal provided by an embodiment of the application, including a receiving module 801 and a processing module 802.
- the receiving module is configured to receive one or more first data blocks from the server. Used for vehicle upgrade; processing module, used for the first terminal to obtain one or more second data blocks from the second terminal, the second data block is used for vehicle system upgrade, the second data block is sent by the server to the second terminal; And, according to the first data block and the second data block, a vehicle upgrade package is obtained.
- the first data block and the second data block are both encrypted data blocks
- the data block length of the first data block and the data block length of the at least one second data block are both based on the encryption algorithm An integer multiple of the packet length.
- the processing module is specifically configured to start decrypting the first data block at the first time; to receive the second data block at the second time, the first time is before the second time; or, at the third time Start to decrypt the second data block, receive the first data block at the fourth time, and the third time is before the fourth time.
- both the first data block and the second data block include: the signature of the server that generates the upgrade package for the vehicle system upgrade; the processing module is specifically used to: confirm that the signature of the first data block is the vehicle In the case of the signature of the server of the upgrade package of the system upgrade, decrypt the first data block at the first time; in the case of confirming that the signature of the second data block is the signature of the server of the upgrade package of the vehicle system upgrade, in the third Time to start decrypting the second data block.
- the server saves the association relationship between the data block after the vehicle upgrade package is divided into blocks and the terminal receiving the data block; the processing module is specifically used to: send the data block to the second terminal according to the association relationship Obtaining request; receiving one or more second data blocks returned by the second terminal in response to the data block obtaining request.
- the server is a proxy server
- the vehicle upgrade package is obtained by downloading the OTA server from the air by the proxy server
- the first terminal is a vehicle.
- the first terminal is a charging pile.
- it further includes: a receiving module, which is also used to receive an upgrade package acquisition request sent by the vehicle; a processing module, which is also used to send an upgrade package acquisition request to the vehicle when the vehicle passes the safety verification of the charging pile The vehicle returns to the vehicle upgrade package.
- the receiving module is specifically configured to: when the first terminal passes the security authentication of the server, the first terminal receives the first data block from the server.
- the device in this embodiment can be used to execute the steps executed by the first terminal in the foregoing method embodiment, and its implementation principles and technical effects are similar, and will not be repeated here.
- FIG. 9 is a schematic structural diagram of a first terminal provided by an embodiment of the application, including a processing module 901 and a sending module 902, where the processing module is used to block the vehicle upgrade package to obtain multiple data blocks; the sending module, It is used to distribute multiple data blocks to at least one terminal; each terminal is used to obtain a vehicle upgrade package according to the data block received by the terminal and the data blocks of other terminals in at least one terminal.
- the processing module is specifically used to encrypt the vehicle upgrade package according to the encryption algorithm, and divide the encrypted vehicle upgrade package into blocks to obtain multiple data blocks.
- the server is a proxy server, and the processing module is also used to download the OTA server from the air to obtain the vehicle upgrade package.
- the processing module is specifically used to: send an on-board upgrade package acquisition request to the over-the-air download OTA server; the on-board upgrade package acquisition request includes: the type and version of the vehicle operating system; the proxy server passes the security verification of the OTA server In the case of receiving the vehicle upgrade package sent by the OTA server; wherein, the vehicle upgrade package is generated by the OTA server according to the type and version of the operating system of the vehicle.
- the processing module is also used to record the association relationship between the data block after the vehicle upgrade package is divided into blocks and the terminal receiving the data block.
- the device in this embodiment can be used to execute the steps executed by the server in the foregoing method embodiment, and its implementation principles and technical effects are similar, and will not be repeated here.
- FIG. 10 is a schematic diagram of the hardware structure of the vehicle upgrade package processing device provided by this application.
- the vehicle upgrade package processing device includes: a memory 1001, a processor 1002, and a communication interface 1003.
- the memory 1001, the processor 1002, and the communication interface 1003 can communicate; for example, the memory 1001, the processor 1002, and the communication interface 1003 can communicate.
- the communication interface 1003 may communicate via a communication bus 1004, the memory 1001 is used to store a computer program, and the processor 1002 executes the computer program to implement the method shown in the foregoing method embodiment.
- the communication interface 1003 may also include a transmitter and/or a receiver.
- the foregoing processor may be a central processing unit (CPU), or other general-purpose processors, digital signal processors (digital signal processors, DSP), application specific integrated circuits (ASICs). )Wait.
- the general-purpose processor may be a microprocessor or the processor may also be any conventional processor or the like. The steps of the method disclosed in this application can be directly embodied as being executed and completed by a hardware processor, or executed and completed by a combination of hardware and software modules in the processor.
- the present application provides a readable computer storage medium, where the readable computer storage medium is used to store a computer program, and the computer program is used to implement the method shown in the foregoing method embodiment.
- the present application also provides a communication system, including a first terminal as shown in FIG. 8 and a server as shown in FIG. 9.
- This application provides a system chip, which is used to support a communication device to implement the functions shown in the embodiments of this application (for example, a first terminal receives one or more first data blocks from a server, and the first data blocks are used for vehicles). Upgrade; the first terminal obtains one or more second data blocks from the second terminal. The second data blocks are used to upgrade the in-vehicle system. The second data blocks are sent by the server to the second terminal; the first terminal is based on the first data block. And the second data block to obtain the vehicle upgrade package), the chip is specifically used for a chip system, and the chip system may be composed of a chip, or may include a chip and other discrete devices.
- the chip includes a processing unit.
- the chip may also include a communication unit.
- the processing unit may be, for example, a processor.
- the communication unit For example, it can be an input/output interface, a pin, or a circuit.
- the processing unit executes all or part of the actions performed by each processing module in the embodiment of this application, and the communication unit can execute corresponding receiving or sending actions.
- the processing module of the receiving device in this application may be The processing unit of the chip, the receiving module or the sending module of the control device is the communication unit of the chip.
- These computer program instructions can be provided to the processing unit of a general-purpose computer, a special-purpose computer, an embedded processor, or other programmable data processing equipment to generate a machine, so that the instructions executed by the processing unit of the computer or other programmable data processing equipment can be used to generate It is a device that realizes the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
- These computer program instructions can also be stored in a computer-readable memory that can guide a computer or other programmable data processing equipment to work in a specific manner, so that the instructions stored in the computer-readable memory produce an article of manufacture including the instruction device.
- the device implements the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
- These computer program instructions can also be loaded on a computer or other programmable data processing equipment, so that a series of operation steps are executed on the computer or other programmable equipment to produce computer-implemented processing, so as to execute on the computer or other programmable equipment.
- the instructions provide steps for implementing the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
- the disclosed device and method can be implemented in other ways.
- the device embodiments described above are merely illustrative, for example, the division of the units is only a logical function division, and there may be other divisions in actual implementation, for example, multiple units or components may be combined or It can be integrated into another system, or some features can be ignored or not implemented.
- the displayed or discussed mutual coupling or direct coupling or communication connection may be indirect coupling or communication connection through some interfaces, devices or units, and may be in electrical, mechanical or other forms.
- the units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, they may be located in one place, or they may be distributed on multiple network units. Some or all of the units may be selected according to actual needs to achieve the objectives of the solutions of the embodiments.
- the functional units in the various embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units may be integrated into one unit.
- the above-mentioned integrated unit may be implemented in the form of hardware, or may be implemented in the form of hardware plus software functional units.
- the above-mentioned integrated unit implemented in the form of a software functional unit may be stored in a computer readable storage medium.
- the above-mentioned software functional unit is stored in a storage medium, and includes several instructions to make a computer device (which can be a personal computer, a server, or a network device, etc.) or a processor to execute the method described in each embodiment of the present application. Part of the steps.
- the aforementioned storage media include: U disk, mobile hard disk, read-only memory (read-only memory, ROM), random access memory (random access memory, RAM), magnetic disks or optical disks and other media that can store program codes. .
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Information Transfer Between Computers (AREA)
- Stored Programmes (AREA)
Abstract
Description
Claims (35)
- 一种车辆升级包处理方法,其特征在于,包括:第一终端从服务器接收一个或多个第一数据块,所述第一数据块用于车辆升级;所述第一终端从第二终端获取一个或多个第二数据块,所述第二数据块用于所述车载系统升级,所述第二数据块是所述服务器发送给所述第二终端的;所述第一终端根据所述第一数据块和所述第二数据块,得到所述车辆升级包。
- 根据权利要求1所述的方法,其特征在于,所述第一数据块和第二数据块均为加密后的数据块,且所述第一数据块的数据块长度和所述至少一个第二数据块的数据块长度均为加密算法的分组长度的整数倍。
- 根据权利要求2所述的方法,其特征在于,所述第一终端根据所述第一数据块和所述至少一个第二数据块,得到所述车辆升级包,包括:所述第一终端在第一时间开始解密所述第一数据块;所述第一终端在第二时间接收所述第二数据块,所述第一时间在所述第二时间之前;或,所述第一终端在第三时间开始解密所述第二数据块,所述第一终端在第四时间接收所述第一数据块,所述第三时间在所述第四时间之前。
- 根据权利要求3所述的方法,其特征在于,所述第一数据块和第二数据块均包括:生成所述车辆系统升级的升级包的服务器的签名;所述第一终端在第一时间开始解密所述第一数据块,包括:在所述第一终端确认所述第一数据块的签名为所述车辆系统升级的升级包的服务器的签名的情况下,所述第一终端在第一时间开始解密所述第一数据块;所述第一终端在第三时间开始解密所述第二数据块,包括:在所述第一终端确认所述第二数据块的签名为所述车辆系统升级的升级包的服务器的签名的情况下,所述第一终端在第三时间开始解密所述第二数据块。
- 根据权利要求1所述的方法,其特征在于,所述服务器中保存有所述车辆升级包被分块后的数据块与接收数据块的终端的关联关系;所述第一终端从第二终端获取一个或多个第二数据块,包括:所述第一终端根据所述关联关系,向所述第二终端发送数据块获取请求;所述第一终端接收所述第二终端响应于所述数据块获取请求返回的所述一个或多个第二数据块。
- 根据权利要求1-5任一项所述的方法,其特征在于,所述服务器为代理服务器,所述车辆升级包为所述代理服务器从空中下载OTA服务器获取的;所述第一终端为车辆。
- 根据权利要求1-5任一项所述的方法,其特征在于,所述第一终端为充电桩。
- 根据权利要求7所述的方法,其特征在于,所述方法还包括:所述充电桩接收车辆发送的升级包获取请求;在所述车辆通过所述充电桩的安全验证的情况下,所述充电桩根据所述升级包获取请求向所述车辆返回所述车辆升级包。
- 根据权利要求1-5任一项所述的方法,其特征在于,所述第一终端从服务器接 收第一数据块,包括:在所述第一终端通过所述服务器的安全认证的情况下,所述第一终端从服务器接收第一数据块。
- 一种车辆升级包处理方法,其特征在于,包括:服务器对车辆升级包分块,得到多个数据块;所述服务器将所述多个数据块分发给至少一个终端;每个所述终端用于根据该终端所接收的数据块,以及所述至少一个终端中其他终端的数据块,得到所述车辆升级包。
- 根据权利要求10所述的方法,其特征在于,所述服务器对车辆升级包分块,得到多个数据块包括:所述服务器根据加密算法对所述车辆升级包加密,以及将加密后的车辆升级包分块得到多个数据块。
- 根据权利要求10或11所述的方法,其特征在于,所述服务器为代理服务器,所述服务器对车辆升级包分块之前,还包括:所述代理服务器从空中下载OTA服务器获取所述车辆升级包。
- 根据权利要求12所述的方法,其特征在于,所述代理服务器从空中下载OTA服务器获取所述车辆升级包,包括:所述代理服务器向空中下载OTA服务器发送车载升级包获取请求;所述车载升级包获取请求包括:车辆的操作系统类型和版本;在所述代理服务器通过OTA服务器的安全验证的情况下,所述代理服务器接收所述OTA服务器发送的车辆升级包;其中,所述车辆升级包为所述OTA服务器根据所述车辆的操作系统类型和版本生成的。
- 根据权利要求10-13任一项所述的方法,其特征在于,所述服务器将所述多个数据块分发给至少一个终端之后,还包括:所述服务器记录所述车辆升级包被分块后的数据块与接收数据块的终端的关联关系。
- 一种第一终端,其特征在于,包括:接收模块,用于从服务器接收一个或多个第一数据块,所述第一数据块用于车辆升级;处理模块,用于第一终端从第二终端获取一个或多个第二数据块,所述第二数据块用于所述车载系统升级,所述第二数据块是所述服务器发送给所述第二终端的;以及,根据所述第一数据块和所述第二数据块,得到所述车辆升级包。
- 根据权利要求15所述的第一终端,其特征在于,所述第一数据块和第二数据块均为加密后的数据块,且所述第一数据块的数据块长度和所述至少一个第二数据块的数据块长度均为加密算法的分组长度的整数倍。
- 根据权利要求16所述的第一终端,其特征在于,所述处理模块,具体用于在第一时间开始解密所述第一数据块;在第二时间接收所述第二数据块,所述第一时间在所述第二时间之前;或,在第三时间开始解密所述第二数据块,在第四时间接收所述第一数据块,所述第三时间在所述第四时间之前。
- 根据权利要求17所述的第一终端,其特征在于,所述第一数据块和第二数据块均包括:生成所述车辆系统升级的升级包的服务器的签名;所述处理模块,具体还用于:在确认所述第一数据块的签名为所述车辆系统升级的升级包的服务器的签名的情况下,在第一时间开始解密所述第一数据块;在确认所述第二数据块的签名为所述车辆系统升级的升级包的服务器的签名的情况下,在第三时间开始解密所述第二数据块。
- 根据权利要求15所述的第一终端,其特征在于,所述服务器中保存有所述车辆升级包被分块后的数据块与接收数据块的终端的关联关系;所述处理模块具体还用于:根据所述关联关系,向所述第二终端发送数据块获取请求;接收所述第二终端响应于所述数据块获取请求返回的所述一个或多个第二数据块。
- 根据权利要求15-19任一项所述的第一终端,其特征在于,所述服务器为代理服务器,所述车辆升级包为所述代理服务器从空中下载OTA服务器获取的;所述第一终端为车辆。
- 根据权利要求15-19任一项所述的第一终端,其特征在于,所述第一终端为充电桩。
- 根据权利要求21所述的第一终端,其特征在于,还包括:所述接收模块,还用于接收车辆发送的升级包获取请求;所述处理模块,还用于在所述车辆通过所述充电桩的安全验证的情况下,根据所述升级包获取请求向所述车辆返回所述车辆升级包。
- 根据权利要求15-19任一项所述的第一终端,其特征在于,所述接收模块,具体用于:在所述第一终端通过所述服务器的安全认证的情况下,所述第一终端从服务器接收第一数据块。
- 一种服务器,其特征在于,包括:处理模块,用于对车辆升级包分块,得到多个数据块;发送模块,用于将所述多个数据块分发给至少一个终端;每个所述终端用于根据该终端所接收的数据块,以及所述至少一个终端中其他终端的数据块,得到所述车辆升级包。
- 根据权利要求24所述的服务器,其特征在于,所述处理模块具体用于:根据加密算法对所述车辆升级包加密,以及将加密后的车辆升级包分块得到多个数据块。
- 根据权利要求24或25所述的服务器,其特征在于,所述服务器为代理服务器,所述处理模块还用于:从空中下载OTA服务器获取所述车辆升级包。
- 根据权利要求26所述的服务器,其特征在于,所述处理模块具体用于:向空中下载OTA服务器发送车载升级包获取请求;所述车载升级包获取请求包括:车辆的操作系统类型和版本;在所述代理服务器通过OTA服务器的安全验证的情况下,接收所述OTA服务器发送的车辆升级包;其中,所述车辆升级包为所述OTA服务器根据所述车辆的操作系统类型和版本生成的。
- 根据权利要求24-27任一项所述的服务器,其特征在于,所述处理模块,还用于记录所述车辆升级包被分块后的数据块与接收数据块的终端的关联关系。
- 一种车辆升级包处理装置,其特征在于,包括处理器和接口电路,所述接口电路用于接收代码指令并传输至所述处理器;所述处理器用于运行所述代码指令,以执行如权利要求1-9任一项所述的方法。
- 一种车辆升级包处理装置,其特征在于,包括处理器和接口电路,所述接口电路用于接收代码指令并传输至所述处理器;所述处理器用于运行所述代码指令,以执行如权利要求10-14任一项所述的方法。
- 一种车辆升级包处理装置,其特征在于,包括存储器和处理器,所述处理器执行所述存储器中的程序指令,用于实现如权利要求1-9任一项所述的方法。
- 一种车辆升级包处理装置,其特征在于,包括存储器和处理器,所述处理器执行所述存储器中的程序指令,用于实现如权利要求10-14任一项所述的方法。
- 一种可读计算机存储介质,其特征在于,所述可读计算机存储介质用于存储计算机程序,所述计算机程序用于实现如权利要求1-9任一项所述的方法。
- 一种可读计算机存储介质,其特征在于,所述可读计算机存储介质用于存储计算机程序,所述计算机程序用于实现如权利要求10-14任一项所述的方法。
- 一种车辆升级包处理系统,其特征在于,包括如权利要求15-23任一项所述的第一终端和如权利要求24-28任一项所述的服务器。
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP20888565.7A EP4050474A4 (en) | 2019-11-14 | 2020-06-23 | METHOD AND APPARATUS FOR PROCESSING VEHICLE UPGRADE PACKAGES |
KR1020227018960A KR20220092606A (ko) | 2019-11-14 | 2020-06-23 | 차량의 업그레이드 패키지를 처리하는 방법 및 장치 |
JP2022528103A JP2023501665A (ja) | 2019-11-14 | 2020-06-23 | 車両のアップグレードパッケージを処理するための方法および装置 |
US17/743,885 US20220276855A1 (en) | 2019-11-14 | 2022-05-13 | Method and apparatus for processing upgrade package of vehicle |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911113667.1A CN112799706A (zh) | 2019-11-14 | 2019-11-14 | 车辆升级包处理方法和装置 |
CN201911113667.1 | 2019-11-14 |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US17/743,885 Continuation US20220276855A1 (en) | 2019-11-14 | 2022-05-13 | Method and apparatus for processing upgrade package of vehicle |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2021093334A1 true WO2021093334A1 (zh) | 2021-05-20 |
Family
ID=75803995
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2020/097666 WO2021093334A1 (zh) | 2019-11-14 | 2020-06-23 | 车辆升级包处理方法和装置 |
Country Status (6)
Country | Link |
---|---|
US (1) | US20220276855A1 (zh) |
EP (1) | EP4050474A4 (zh) |
JP (1) | JP2023501665A (zh) |
KR (1) | KR20220092606A (zh) |
CN (1) | CN112799706A (zh) |
WO (1) | WO2021093334A1 (zh) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113626056A (zh) * | 2021-08-20 | 2021-11-09 | 中国第一汽车股份有限公司 | 车辆远程升级方法、装置、电子设备、车载终端及存储介质 |
Families Citing this family (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113923622A (zh) * | 2021-09-30 | 2022-01-11 | 重庆长安汽车股份有限公司 | 一种基于手机蓝牙钥匙升级车载控制器的方法 |
CN114040381A (zh) * | 2021-11-08 | 2022-02-11 | 百度在线网络技术(北京)有限公司 | 加密方法、解密方法、装置及电子设备 |
WO2023108618A1 (zh) * | 2021-12-17 | 2023-06-22 | 华为技术有限公司 | 一种基于空中下载ota技术的升级方法及通信装置 |
WO2023138248A1 (zh) * | 2022-01-21 | 2023-07-27 | 浙江春风动力股份有限公司 | 鞍座式车辆 |
CN115277671A (zh) * | 2022-06-27 | 2022-11-01 | 重庆长安汽车股份有限公司 | 车辆的ota升级方法、装置、车辆及存储介质 |
CN115061711A (zh) * | 2022-07-04 | 2022-09-16 | 海南大学 | 智能充电桩的升级方法和装置 |
CN115567496A (zh) * | 2022-09-21 | 2023-01-03 | 润芯微科技(江苏)有限公司 | 一种ota升级方法及其系统 |
CN116418655B (zh) * | 2023-06-12 | 2023-08-08 | 广汽埃安新能源汽车股份有限公司 | 一种tbox故障修复方法及系统 |
CN117009992B (zh) * | 2023-07-28 | 2024-04-16 | 广州汽车集团股份有限公司 | 升级包处理方法、装置、电子设备及存储介质 |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103475710A (zh) * | 2013-09-10 | 2013-12-25 | 镇江青思网络科技有限公司 | 基于反馈方式的车辆间合作下载方案 |
US20150082297A1 (en) * | 2013-09-17 | 2015-03-19 | Blackberry Corporation | Updating firmware on mobile devices |
CN105204887A (zh) * | 2014-06-12 | 2015-12-30 | 福特全球技术公司 | 通过远程移动装置的车辆下载 |
Family Cites Families (21)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7194504B2 (en) * | 2000-02-18 | 2007-03-20 | Avamar Technologies, Inc. | System and method for representing and maintaining redundant data sets utilizing DNA transmission and transcription techniques |
JP2004158981A (ja) * | 2002-11-05 | 2004-06-03 | Toshiba Corp | 通信装置及び通信方法 |
US7693612B2 (en) * | 2005-06-23 | 2010-04-06 | International Business Machines Corporation | Method and system for updating code embedded in a vehicle |
US8190322B2 (en) * | 2009-01-13 | 2012-05-29 | GM Global Technology Operations LLC | Autonomous vehicle maintenance and repair system |
US9854062B2 (en) * | 2013-12-18 | 2017-12-26 | Panasonic Intellectual Property Management Co., Ltd. | Data relay apparatus and method, server apparatus, and data sending method |
KR101538331B1 (ko) * | 2013-12-20 | 2015-07-22 | 전자부품연구원 | V2v 및 v2i 협력 통신 기반 차량용 소프트웨어 업데이트 장치 및 그 방법 |
EP2986043A1 (fr) * | 2014-08-13 | 2016-02-17 | Gemalto Sa | Procédé d'établissement de sessions OTA entre des terminaux et un serveur OTA, serveur OTA et serveur proxy inverse correspondants |
US10755356B1 (en) * | 2015-08-12 | 2020-08-25 | State Farm Mutual Automobile Insurance Company | System and method for providing customers with rates from insurance providers for purchasing passenger insurance in an autonomous vehicle |
US20170274789A1 (en) * | 2016-03-25 | 2017-09-28 | Le Holdings (Beijing) Co., Ltd. | Charging pile control system, multi-functional charging pile and electric vehicle |
EP3528428B1 (en) * | 2016-10-13 | 2022-05-04 | Hitachi Astemo, Ltd. | In-vehicle gateway |
US10223098B2 (en) * | 2017-03-31 | 2019-03-05 | Intel Corporation | Method and system to accelerate IoT patch propagation and reduce security vulnerabilities exposure time |
WO2019070235A1 (en) * | 2017-10-03 | 2019-04-11 | Google Llc | UPDATE MESSAGING FOR VEHICLE COMPUTING DEVICES |
EP3746880A1 (en) * | 2018-01-30 | 2020-12-09 | Volkswagen Aktiengesellschaft | Method for distributing a software to a plurality of motor vehicles, corresponding system, motor vehicle, and data storage medium |
US10430178B2 (en) * | 2018-02-19 | 2019-10-01 | GM Global Technology Operations LLC | Automated delivery and installation of over the air updates in vehicles |
WO2019168907A1 (en) * | 2018-02-27 | 2019-09-06 | Excelfore Corporation | Broker-based bus protocol and multi-client architecture |
US20190294135A1 (en) * | 2018-03-22 | 2019-09-26 | Ford Global Technologies, Llc | Content delivery to vehicle via charging station |
DK201870700A1 (en) * | 2018-06-20 | 2020-01-14 | Aptiv Technologies Limited | OVER-THE-AIR (OTA) MOBILITY SERVICES PLATFORM |
US11228884B2 (en) * | 2019-01-16 | 2022-01-18 | Ford Global Technologies, Llc | Vehicle-to-vehicle file sharing system and method |
US10853495B2 (en) * | 2019-03-29 | 2020-12-01 | Microsoft Technology Licensing, Llc | Method for patching and updating encrypted disk images in a reliable and secure fashion |
US11130419B2 (en) * | 2019-09-03 | 2021-09-28 | Yu-Shun Lin | Electric vehicle charging system |
KR20210028422A (ko) * | 2019-09-04 | 2021-03-12 | 삼성전자주식회사 | 전자장치 및 그 제어방법 |
-
2019
- 2019-11-14 CN CN201911113667.1A patent/CN112799706A/zh active Pending
-
2020
- 2020-06-23 JP JP2022528103A patent/JP2023501665A/ja active Pending
- 2020-06-23 WO PCT/CN2020/097666 patent/WO2021093334A1/zh unknown
- 2020-06-23 EP EP20888565.7A patent/EP4050474A4/en active Pending
- 2020-06-23 KR KR1020227018960A patent/KR20220092606A/ko not_active Application Discontinuation
-
2022
- 2022-05-13 US US17/743,885 patent/US20220276855A1/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103475710A (zh) * | 2013-09-10 | 2013-12-25 | 镇江青思网络科技有限公司 | 基于反馈方式的车辆间合作下载方案 |
US20150082297A1 (en) * | 2013-09-17 | 2015-03-19 | Blackberry Corporation | Updating firmware on mobile devices |
CN105204887A (zh) * | 2014-06-12 | 2015-12-30 | 福特全球技术公司 | 通过远程移动装置的车辆下载 |
Non-Patent Citations (1)
Title |
---|
See also references of EP4050474A1 |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113626056A (zh) * | 2021-08-20 | 2021-11-09 | 中国第一汽车股份有限公司 | 车辆远程升级方法、装置、电子设备、车载终端及存储介质 |
Also Published As
Publication number | Publication date |
---|---|
US20220276855A1 (en) | 2022-09-01 |
EP4050474A4 (en) | 2022-11-30 |
JP2023501665A (ja) | 2023-01-18 |
CN112799706A (zh) | 2021-05-14 |
KR20220092606A (ko) | 2022-07-01 |
EP4050474A1 (en) | 2022-08-31 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2021093334A1 (zh) | 车辆升级包处理方法和装置 | |
US10965450B2 (en) | In-vehicle networking | |
KR102479224B1 (ko) | 서비스 지향 아키텍처에 기초하는 집중식 서비스 ecu를 구현하도록 구성된 관련 디바이스들을 갖는 특별히 프로그래밍된 컴퓨팅 시스템들 및 그 사용 방법들 | |
CN111279310A (zh) | 一种车载设备升级方法及相关设备 | |
Iorio et al. | Securing SOME/IP for in-vehicle service protection | |
Zelle et al. | On using TLS to secure in-vehicle networks | |
US11321074B2 (en) | Vehicle-mounted device upgrade method and related apparatus | |
CN110621014B (zh) | 一种车载设备及其程序升级方法、服务器 | |
CN112913189B (zh) | 一种ota升级方法及装置 | |
CN110086755B (zh) | 实现物联网服务的方法、应用服务器、物联网设备和介质 | |
JPWO2018070242A1 (ja) | 車載ゲートウェイ、鍵管理装置 | |
CN113439425B (zh) | 报文传输方法及装置 | |
WO2020036070A1 (ja) | 端末登録システムおよび端末登録方法 | |
WO2022160124A1 (zh) | 一种服务授权管理方法及装置 | |
CN109314644A (zh) | 数据提供系统、数据保护装置、数据提供方法以及计算机程序 | |
Bella et al. | Designing and implementing an AUTOSAR-based Basic Software Module for enhanced security | |
Wei et al. | Authenticated can communications using standardized cryptographic techniques | |
Guštin | CAN Bus Security Protocol: lightweight message confidentiality, authentication, and freshness on an automotive bus | |
CN117597683A (zh) | 中心装置、车辆侧系统、内容的保护方法以及内容保护用程序 | |
Iorio | Protecting In-Vehicle Services with a Secure SOME/IP Protocol | |
CN118101173A (zh) | 充电桩的调试端口密码更新方法、装置及系统 | |
CN117616388A (zh) | 车载通信系统、重编策略元数据的数据结构以及下载元数据的数据结构 | |
CN116865993A (zh) | 数据传输方法、装置、电子设备及存储介质 | |
CN117909961A (zh) | 基于金融软件供应链的程序发布方法及装置 | |
CN118119042A (zh) | 一种数据读取方法及相关装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 20888565 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2022528103 Country of ref document: JP Kind code of ref document: A |
|
ENP | Entry into the national phase |
Ref document number: 2020888565 Country of ref document: EP Effective date: 20220523 |
|
ENP | Entry into the national phase |
Ref document number: 20227018960 Country of ref document: KR Kind code of ref document: A |
|
NENP | Non-entry into the national phase |
Ref country code: DE |