CN116996248A - Vehicle-mounted ECU file security management method, device, equipment and storage medium - Google Patents

Vehicle-mounted ECU file security management method, device, equipment and storage medium Download PDF

Info

Publication number
CN116996248A
CN116996248A CN202310580131.0A CN202310580131A CN116996248A CN 116996248 A CN116996248 A CN 116996248A CN 202310580131 A CN202310580131 A CN 202310580131A CN 116996248 A CN116996248 A CN 116996248A
Authority
CN
China
Prior art keywords
file
vehicle
mounted ecu
ecu
encryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310580131.0A
Other languages
Chinese (zh)
Inventor
刘毅
杨雪珠
李木犀
陈后立
吴淼
边泽宇
陈明
高铭霞
胡闯
王茂洋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
FAW Group Corp
Original Assignee
FAW Group Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by FAW Group Corp filed Critical FAW Group Corp
Priority to CN202310580131.0A priority Critical patent/CN116996248A/en
Publication of CN116996248A publication Critical patent/CN116996248A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0478Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02TCLIMATE CHANGE MITIGATION TECHNOLOGIES RELATED TO TRANSPORTATION
    • Y02T10/00Road transport of goods or passengers
    • Y02T10/10Internal combustion engine [ICE] based vehicles
    • Y02T10/40Engine management systems

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the invention discloses a vehicle-mounted ECU file security management method, a device, equipment and a storage medium, wherein the method comprises the following steps: acquiring a target vehicle-mounted ECU file, encrypting the target vehicle-mounted ECU file, and generating a vehicle-mounted ECU encrypted file; carrying out encryption signature on the abstract of the vehicle-mounted ECU encryption file to obtain a vehicle-mounted ECU signature value; packaging the vehicle-mounted ECU encryption file and the vehicle-mounted ECU signature value to obtain a final packaged file; and sending the final package file to a target vehicle terminal so that the target vehicle terminal analyzes and verifies the final package file. The technical scheme of the embodiment of the invention solves the problem that the ECU upgrade file cannot be encrypted in the prior art, and can double encrypt the ECU upgrade file, thereby improving the security of the ECU upgrade file.

Description

Vehicle-mounted ECU file security management method, device, equipment and storage medium
Technical Field
The embodiment of the invention relates to the technical field of terminal application management, in particular to a vehicle-mounted ECU file security management method, device, equipment and storage medium.
Background
The security of the upgrade file of the vehicle-mounted ECU (Electronic Control Unit ) is guaranteed, and the upgrade file has important significance for improving the safety of the whole vehicle. In the prior art, whether the current ECU receives attack in the upgrading process can be analyzed by adding an intrusion detection module, a protection ECU module and the like to monitor the in-vehicle network in real time, so that the security of the in-vehicle ECU upgrading file is improved. However, this method requires the introduction of an additional detection module, increases maintenance costs, and cannot accurately upgrade the security of the ECU upgrade file itself only from the network security aspect.
Disclosure of Invention
The embodiment of the invention provides a vehicle-mounted ECU file security management method, a device, equipment and a storage medium, which can double encrypt an ECU upgrade file and improve the security of the ECU upgrade file.
In a first aspect, an embodiment of the present invention provides a vehicle-mounted ECU file security management method, applied to a security management end, where the method includes:
acquiring a target vehicle-mounted ECU file, encrypting the target vehicle-mounted ECU file, and generating a vehicle-mounted ECU encrypted file;
carrying out encryption signature on the abstract of the vehicle-mounted ECU encryption file to obtain a vehicle-mounted ECU signature value;
Packaging the vehicle-mounted ECU encryption file and the vehicle-mounted ECU signature value to obtain a final packaged file;
and sending the final package file to a target vehicle terminal so that the target vehicle terminal analyzes and verifies the final package file.
In a second aspect, an embodiment of the present invention provides a vehicle-mounted ECU file security management method, which is applied to a vehicle terminal, and the method includes:
when a packaging file of a target vehicle-mounted ECU file is obtained, analyzing and checking a vehicle-mounted ECU signature value in the packaging file;
and when the analysis and verification of the vehicle-mounted ECU signature value are successful, decrypting the vehicle-mounted ECU encrypted file to finish the analysis and verification of the packaged file.
In a third aspect, an embodiment of the present invention provides a vehicle-mounted ECU file security management device configured at a security management end, where the device includes:
the file encryption file module is used for acquiring a target vehicle-mounted ECU file, encrypting the target vehicle-mounted ECU file and generating a vehicle-mounted ECU encryption file;
the digest file signing module is used for carrying out encryption signature on the digest of the vehicle-mounted ECU encryption file to obtain a vehicle-mounted ECU signature value;
The package file generation module is used for packaging the vehicle-mounted ECU encryption file and the vehicle-mounted ECU signature value to obtain a final package file;
and the packaged file sending module is used for sending the final packaged file to a target vehicle terminal so that the target vehicle terminal can analyze and verify the final packaged file.
In a fourth aspect, an embodiment of the present invention provides an on-vehicle ECU file security management device configured in a vehicle terminal, the device including:
the package file verification module is used for analyzing and verifying the vehicle-mounted ECU signature value in the package file when the package file of the target vehicle-mounted ECU file is acquired;
and the packaged file decryption module is used for decrypting the vehicle-mounted ECU encrypted file when the analysis and verification of the vehicle-mounted ECU signature value are successful, so as to complete the analysis and verification of the packaged file.
In a fifth aspect, embodiments of the present invention provide a computer apparatus, comprising:
one or more processors;
a memory for storing one or more programs;
the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the vehicle-mounted ECU file security management method of any of the embodiments.
In a sixth aspect, an embodiment of the present invention provides a computer readable storage medium having stored thereon a computer program that, when executed by a processor, implements the vehicle-mounted ECU file security management method according to any of the embodiments.
According to the technical scheme provided by the embodiment of the invention, the vehicle-mounted ECU encrypted file is generated by acquiring the target vehicle-mounted ECU file and encrypting the target vehicle-mounted ECU file; carrying out encryption signature on the abstract of the vehicle-mounted ECU encryption file to obtain a vehicle-mounted ECU signature value; packaging the vehicle-mounted ECU encryption file and the vehicle-mounted ECU signature value to obtain a final packaged file; and sending the final package file to a target vehicle terminal so that the target vehicle terminal analyzes and verifies the final package file. The technical scheme of the embodiment of the invention solves the problem that the ECU upgrade file cannot be encrypted in the prior art, and can double encrypt the ECU upgrade file, thereby improving the security of the ECU upgrade file.
Drawings
FIG. 1 is a flowchart of a method for managing vehicle-mounted ECU files applied to a security management end according to an embodiment of the present invention;
FIG. 2 is a flowchart of another method for managing the security of a vehicle-mounted ECU file applied to a security management end according to an embodiment of the present invention;
FIG. 3 is a flowchart of a method for managing security of a vehicle-mounted ECU file applied to a vehicle terminal according to an embodiment of the present invention;
FIG. 4 is a flowchart of another method for managing the security of an on-board ECU file applied to a vehicle terminal according to an embodiment of the present invention;
FIG. 5 is a flowchart of a method for performing security management of an on-board ECU file according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a vehicle-mounted ECU file security management device configured at a security management end according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of an ECU file security management apparatus configured in a vehicle according to an embodiment of the present invention;
fig. 8 is a schematic structural diagram of a computer device according to an embodiment of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Fig. 1 is a flowchart of a vehicle-mounted ECU file security management method applied to a security management end, which is provided by the embodiment of the present invention, where the embodiment of the present invention is applicable to a scenario in which a vehicle-mounted ECU file is cryptographically signed, and the method may be performed by a vehicle-mounted ECU file security management device configured at the security management end, and the device may be implemented by software and/or hardware.
As shown in fig. 1, the vehicle-mounted ECU file security management method includes the steps of:
s110, acquiring a target vehicle-mounted ECU file, encrypting the target vehicle-mounted ECU file, and generating a vehicle-mounted ECU encrypted file.
The target vehicle-mounted ECU file may be a vehicle-mounted ECU file requiring encryption of security information. The target vehicle-mounted ECU file can be a vehicle-mounted ECU upgrading package, and the target vehicle-mounted ECU file contains original data required by vehicle-mounted ECU upgrading, but does not carry out corresponding encryption measures, so that the safety information of the target vehicle-mounted ECU file is required to be encrypted so as to ensure the information safety of the target vehicle-mounted ECU file.
The in-vehicle ECU encryption file may be a target in-vehicle ECU file after the encryption process. Specifically, the target vehicle-mounted ECU file may be encrypted based on a private key in a preset file encryption public-private key pair pre-generated by the security management end, so as to generate a vehicle-mounted ECU encrypted file.
The preset file encryption public and private key pair can be a preset pair of keys for encrypting the target vehicle-mounted ECU file. Specifically, the preset file encryption public and private key can be generated in advance by the security management terminal based on a preset file encryption algorithm. The preset file encryption algorithm may be, for example, an AES (Advanced Encryption Standard ) 128 algorithm.
Further, the preset file encryption public and private keys comprise a preset file encryption public key and a preset file encryption private key, and the preset file encryption public key and the preset file encryption private key have a one-to-one correspondence. The preset file encryption private key can be used for encrypting the target vehicle-mounted ECU file at the safety management end; accordingly, the preset file encryption public key can be used for decrypting the target vehicle-mounted ECU file encrypted based on the preset file encryption private key at the vehicle terminal.
S120, carrying out encryption signature on the abstract of the vehicle-mounted ECU encryption file to obtain a vehicle-mounted ECU signature value.
The vehicle-mounted ECU signature value may be a signature value obtained by cryptographically signing the file hash value. Specifically, the file hash value can be encrypted and signed based on a private key in a preset summary encryption public-private key pair which is pre-generated by the safety management end, so as to obtain a vehicle-mounted ECU signature value. Specifically, the abstract of the vehicle-mounted ECU encrypted file can be extracted first, then the hash value of the abstract is calculated, and finally the hash value is encrypted and signed based on a private key in a preset abstract encrypted public-private key pair, so as to obtain the vehicle-mounted ECU signature value.
The encryption signature may be a process of encrypting and signing the updated package file, specifically, the encryption and signing may be performed on the updated package file according to a preset encryption and signing rule, and the security and the identifiability of the updated package file may be improved through the encryption signature process.
S130, packaging the vehicle-mounted ECU encrypted file and the vehicle-mounted ECU signature value to obtain a final packaged file.
The final package file may be a file formed by cryptographically signing the target vehicle-mounted ECU file. Specifically, the vehicle-mounted ECU encryption file and the vehicle-mounted ECU signature value may be packaged to obtain a final packaged file.
And S140, the final package file is sent to a target vehicle terminal, so that the target vehicle terminal analyzes and verifies the final package file.
The target vehicle terminal may be a vehicle terminal that needs to install the target vehicle-mounted ECU file. After the final package file is obtained, the final package file can be sent to a target vehicle terminal, so that the target vehicle terminal analyzes and verifies the final package file. After the final package file is successfully analyzed and verified, the target vehicle terminal can upgrade the vehicle-end ECU according to the target vehicle-mounted ECU file in the final package file.
According to the technical scheme provided by the embodiment of the invention, the vehicle-mounted ECU encrypted file is generated by acquiring the target vehicle-mounted ECU file and encrypting the target vehicle-mounted ECU file; carrying out encryption signature on the abstract of the vehicle-mounted ECU encryption file to obtain a vehicle-mounted ECU signature value; packaging the vehicle-mounted ECU encryption file and the vehicle-mounted ECU signature value to obtain a final packaged file; and sending the final package file to a target vehicle terminal so that the target vehicle terminal analyzes and verifies the final package file. The technical scheme of the embodiment of the invention solves the problem that the ECU upgrade file cannot be encrypted in the prior art, and can double encrypt the ECU upgrade file, thereby improving the security of the ECU upgrade file.
Fig. 2 is a flowchart of another vehicle-mounted ECU file security management method applied to a security management end, which is provided by the embodiment of the present invention, where the embodiment of the present invention is applicable to a scenario in which a vehicle-mounted ECU file is cryptographically signed, and on the basis of the foregoing embodiment, how to cryptographically sign a digest of the vehicle-mounted ECU encrypted file and how to cryptographically sign a digest of the vehicle-mounted ECU encrypted file are further described.
As shown in fig. 2, the vehicle-mounted ECU file security management method includes the steps of:
s210, acquiring a target vehicle-mounted ECU file, encrypting the target vehicle-mounted ECU file based on a private key in a preset file encryption public-private key pair which is generated in advance by the safety management end, and generating a vehicle-mounted ECU encryption file.
The target vehicle-mounted ECU file may be a vehicle-mounted ECU file requiring encryption of security information. The target vehicle-mounted ECU file can be a vehicle-mounted ECU upgrading package, and the target vehicle-mounted ECU file contains original data required by vehicle-mounted ECU upgrading, but does not carry out corresponding encryption measures, so that the safety information of the target vehicle-mounted ECU file is required to be encrypted so as to ensure the information safety of the target vehicle-mounted ECU file.
The preset file encryption public-private key pair may be a preset pair of keys that encrypt the target vehicle-mounted ECU file. Specifically, the preset file encryption public and private key can be generated in advance by the security management terminal based on a preset file encryption algorithm. The preset file encryption algorithm may be, for example, an AES (Advanced Encryption Standard ) 128 algorithm.
Further, the preset file encryption public and private keys comprise a preset file encryption public key and a preset file encryption private key, and the preset file encryption public key and the preset file encryption private key have a one-to-one correspondence. The preset file encryption private key can be used for encrypting the target vehicle-mounted ECU file at the safety management end; accordingly, the preset file encryption public key can be used for decrypting the target vehicle-mounted ECU file encrypted based on the preset file encryption private key at the vehicle terminal.
The in-vehicle ECU encryption file may be a target in-vehicle ECU file after the encryption process. Specifically, the target vehicle-mounted ECU file may be encrypted based on a private key in a preset file encryption public-private key pair pre-generated by the security management end, so as to generate a vehicle-mounted ECU encrypted file.
S220, extracting a data abstract of the vehicle-mounted ECU encrypted file, and calculating a hash value of the data abstract.
The data summary may be a summary message of the vehicle-mounted ECU encrypted file. Specifically, a one-way Hash function may be used to "digest" the vehicle-mounted ECU encrypted file into a string of ciphertext of fixed length (128 bits). The file hash value may be a hash value of an in-vehicle ECU encrypted file. The hash value is a fixed-length smaller binary value that maps binary values of arbitrary length to in a hash algorithm, and is a unique and extremely compact numerical representation of a piece of data. The file hash value may be used as a unique identity credential for the vehicle-mounted ECU to encrypt the file. The file hash value can be obtained through calculation through a preset hash value algorithm, and the hash value of the vehicle-mounted ECU encrypted file can be calculated by using an SHA256 algorithm to obtain the file hash value.
S230, carrying out encryption signature on the file hash value based on a private key in a preset summary encryption public-private key pair which is pre-generated by the safety management end, and obtaining a vehicle-mounted ECU signature value.
The preset summary encryption public and private key pair can be a preset pair of keys for carrying out encryption signature on the file hash value. Specifically, the preset summary encryption public and private key may be pre-generated by the security management terminal based on a preset summary encryption algorithm. The preset digest encryption algorithm may be, for example, an RSA (Secure Hash Algorithm, secure hash) algorithm.
The preset digest encryption public and private keys comprise a preset digest encryption public key and a preset digest encryption private key, and the preset digest encryption public key and the preset digest encryption private key have a one-to-one correspondence. The preset abstract encryption private key can be used for carrying out encryption signature on the file hash value at the security management end; correspondingly, the preset digest encryption public key can be used for decrypting the file hash value encrypted and signed based on the preset digest encryption private key at the vehicle terminal.
The vehicle-mounted ECU signature value may be a signature value obtained by cryptographically signing the file hash value. Specifically, the file hash value can be encrypted and signed based on a private key in a preset summary encryption public-private key pair which is pre-generated by the safety management end, so as to obtain a vehicle-mounted ECU signature value.
Further, the encryption signature may be a process of encrypting and signing the updated package file, specifically, the encryption and signing may be performed on the file hash value according to a preset encryption and signing rule, and the security and identifiability of the file hash value may be improved through the encryption signature process.
By generating two pairs of keys, namely a preset file encryption public key and a preset abstract encryption public key, and then using the two pairs of keys to mutually nest and encrypt the target vehicle-mounted ECU file, the security of the target vehicle-mounted ECU file can be improved, and the file is prevented from being illegally stolen or tampered.
S240, packaging the vehicle-mounted ECU encrypted file and the vehicle-mounted ECU signature value to obtain a final packaged file.
The final package file may be a file formed by cryptographically signing the target vehicle-mounted ECU file. Specifically, the vehicle-mounted ECU encryption file and the vehicle-mounted ECU signature value may be packaged to obtain a final packaged file.
S250, the final package file is sent to a target vehicle terminal, so that the target vehicle terminal analyzes and verifies the final package file.
The target vehicle terminal may be a vehicle terminal that needs to install the target vehicle-mounted ECU file. After the final package file is obtained, the final package file can be sent to a target vehicle terminal, so that the target vehicle terminal analyzes and verifies the final package file. After the final package file is successfully analyzed and verified, the target vehicle terminal can upgrade the vehicle-end ECU according to the target vehicle-mounted ECU file in the final package file.
According to the technical scheme provided by the embodiment of the invention, the target vehicle-mounted ECU file is obtained, and the target vehicle-mounted ECU file is encrypted based on the private key in the preset file encryption public-private key pair which is pre-generated by the safety management end, so that the vehicle-mounted ECU encrypted file is generated; extracting a data abstract of the vehicle-mounted ECU encrypted file, and calculating a hash value of the data abstract; the file hash value is encrypted and signed based on a private key in a preset summary encryption public-private key pair which is pre-generated by the safety management end, so that a vehicle-mounted ECU signature value is obtained; packaging the vehicle-mounted ECU encryption file and the vehicle-mounted ECU signature value to obtain a final packaged file; and sending the final package file to a target vehicle terminal so that the target vehicle terminal analyzes and verifies the final package file. The technical scheme of the embodiment of the invention solves the problem that the ECU upgrade file cannot be encrypted in the prior art, and can double encrypt the ECU upgrade file, thereby improving the security of the ECU upgrade file.
Fig. 3 is a flowchart of a vehicle-mounted ECU file security management method applied to a vehicle terminal according to an embodiment of the present invention, where the embodiment of the present invention is applicable to a scenario where an encrypted package file is parsed and verified during installation of a vehicle-mounted ECU file, and the method may be executed by a vehicle-mounted ECU file security management device configured in the vehicle terminal, and the device may be implemented by software and/or hardware.
As shown in fig. 3, the vehicle-mounted ECU file security management method includes the steps of:
s310, when a packaging file of the target vehicle-mounted ECU file is obtained, analyzing and checking the vehicle-mounted ECU signature value in the packaging file.
The target vehicle-mounted ECU file may be a vehicle-mounted ECU file that needs to be received by the vehicle terminal. The packaged file may be the final packaged file sent by the security manager. The package file contains the encrypted target vehicle-mounted ECU file, and the vehicle terminal needs to analyze and verify the package file to further obtain the target vehicle-mounted ECU file in the package file
The vehicle-mounted ECU signature value may be a signature value obtained by cryptographically signing the target vehicle-mounted ECU file. Whether the packaged file is illegally tampered or not can be verified by analyzing and verifying the vehicle-mounted ECU signature value, and the safety of the packaged file is verified. The analysis can be a process of decrypting the vehicle-mounted ECU signature value, and the analysis can be performed on the package file through a preset decryption rule corresponding to the encryption rule of the security management end. The verification may be a process of checking the accuracy of the package file, specifically, the verification term in the package file may be checked according to a preset verification rule, so as to ensure the accuracy of the package file.
Specifically, the vehicle-mounted ECU signature value can be decrypted based on a public key in a preset summary encryption public-private key pair, so that analysis of the vehicle-mounted ECU signature value is realized. In addition, the hash value obtained after the vehicle-mounted ECU signature value is decrypted and the hash value of the vehicle-mounted ECU encrypted file in the recalculated package file can be further compared, and a verification result of the vehicle-mounted ECU signature value is determined according to the comparison result.
And S320, when the analysis and verification of the vehicle-mounted ECU signature value are successful, decrypting the vehicle-mounted ECU encrypted file to finish the analysis and verification of the packaged file.
When the analysis and verification of the vehicle-mounted ECU signature value are successful, the fact that the packaged file is not stolen or tampered is indicated, and the method is legal. Therefore, when the analysis and verification of the vehicle-mounted ECU signature value succeed, the vehicle-mounted ECU encrypted file can be decrypted, and the analysis and verification of the packaged file are completed. Specifically, the vehicle-mounted ECU encrypted file can be decrypted based on a public key in a preset file encrypted public-private key pair, so that a target vehicle-mounted ECU file in the packaged file is obtained, and analysis and verification of the packaged file are completed.
According to the technical scheme provided by the embodiment of the invention, when the package file of the target vehicle-mounted ECU file is obtained, the vehicle-mounted ECU signature value in the package file is analyzed and checked; and when the analysis and verification of the vehicle-mounted ECU signature value are successful, decrypting the vehicle-mounted ECU encrypted file to finish the analysis and verification of the packaged file. The technical scheme of the embodiment of the invention can verify the encrypted package file and improve the security of the ECU upgrade file.
Fig. 4 is a flowchart of a vehicle-mounted ECU file security management method applied to a vehicle terminal according to an embodiment of the present invention, where the embodiment of the present invention may be applied to a scenario where an encrypted package file is parsed and checked during a process of installing a vehicle-mounted ECU file, and on the basis of the foregoing embodiment, how to parse and check application authority information of an automobile is further described in this embodiment, and the device may be implemented by software and/or hardware, and is integrated into a computer device with an application development function.
As shown in fig. 4, the vehicle-mounted ECU file security management method includes the steps of:
s410, decrypting the vehicle-mounted ECU signature value based on a public key in a preset summary encryption public-private key pair to obtain a hash value of the file to be verified.
The vehicle-mounted ECU signature value can be an encryption signature value in a final package file sent by the security management end. The public key in the preset digest encryption public-private key pair is the preset digest encryption public key, and the preset digest encryption public key can decrypt the vehicle-mounted ECU signature value encrypted and signed based on the preset digest encryption private key. The hash value of the file to be checked can be a hash value obtained by decrypting the vehicle-mounted ECU signature value based on a public key in a preset summary encryption public-private key pair. Since the hash value of the file to be checked is obtained by decrypting the vehicle-mounted ECU signature value, the hash value of the file to be checked cannot be ensured to be the original hash value in the packaged file. Therefore, in order to verify whether the hash value in the packaged file is illegally tampered, a subsequent verification operation can be performed on the hash value of the file to be verified, so as to ensure the security of the packaged file.
S420, calculating a hash value of the vehicle-mounted ECU encrypted file in the packaged file, comparing the calculated hash value with the hash value of the file to be checked, and determining a verification result of the vehicle-mounted ECU signature value according to the comparison result.
In order to verify the hash value of the file to be verified, the hash value of the vehicle-mounted ECU encrypted file in the packaged file can be recalculated. Specifically, in order to create objective original conditions, the hash value of the ECU encrypted file may be calculated again using the same hash value algorithm as when the hash value is calculated at the security management side. And the hash value of the vehicle-mounted ECU encrypted file can be calculated again by utilizing the SHA256 algorithm, so that the hash value of the vehicle-mounted ECU encrypted file after being calculated again is obtained.
After the hash value of the vehicle-mounted ECU encrypted file in the packaged file is recalculated, the calculated hash value can be compared with the hash value of the file to be checked, and the checking result of the vehicle-mounted ECU signature value is determined according to the comparison result. Specifically, the calculated hash value can be compared with the hash value of the file to be checked, and if the calculated hash value is consistent with the hash value of the file to be checked, the analysis and the check of the vehicle-mounted ECU signature value are successful, and the validity is achieved; if the two are inconsistent, the analysis and verification of the vehicle-mounted ECU signature value are failed, the packaged file is at risk of being stolen and tampered, and the method is not legal.
And S430, decrypting the vehicle-mounted ECU encrypted file when the analysis and verification of the vehicle-mounted ECU signature value are successful, and completing the analysis and verification of the packaged file.
When the analysis and verification of the vehicle-mounted ECU signature value are successful, the fact that the packaged file is not stolen or tampered is indicated, and the method is legal. Therefore, when the analysis and verification of the vehicle-mounted ECU signature value succeed, the vehicle-mounted ECU encrypted file can be decrypted, and the analysis and verification of the package file are completed. Specifically, the vehicle-mounted ECU encrypted file can be decrypted based on a public key in a preset file encrypted public-private key pair, so that a target vehicle-mounted ECU file in the packaged file is obtained, and analysis and verification of the packaged file are completed.
In an alternative embodiment, when the analysis and verification of the vehicle-mounted ECU signature value fail, the event time and the event type corresponding to the analysis and verification failure are recorded, an event failure record log is obtained, and the event failure record log is stored.
The event failure record log may be a log for recording failure events occurring in the process of analyzing and checking the package file. The event failure log may parse event times and event types corresponding to verification failures. The event type may be a step event type in the parsing and verification failure process. For example, resolving event types corresponding to verification failures may include: failure in decryption of the signature value of the vehicle-mounted ECU, failure in calculation of hash value of the encrypted file of the vehicle-mounted ECU, failure in comparison of the hash value, inconsistent comparison of the hash value and the like. By recording the failure event occurring in the analysis and verification process, the simple and rough processing modes such as discarding the upgrade file and the like are often adopted when verification fails in the prior art, verification failure conditions existing in the packaged file can be recorded, subsequent corresponding safety management measures are conveniently adjusted by staff according to event failure recording logs, and the safety and effectiveness of vehicle-mounted ECU file verification are improved.
Fig. 5 is a flowchart illustrating a method for performing security management of an ECU file in a vehicle according to an embodiment of the present invention. As shown in fig. 5, the workflow of the vehicle-mounted ECU file security management method is: an upgrade file is manufactured at a security management end in advance, and an AES key pair and an RSA key pair are generated while the upgrade file is manufactured; encrypting the upgrade file by using an AES private key in an AES key pair to obtain an ECU encrypted file, calculating an abstract of the ECU encrypted file, encrypting and signing the abstract of the ECU encrypted file by using an RSA private key in an RSA key pair to obtain a vehicle-mounted ECU signature value, packaging the vehicle-mounted ECU encrypted file and the vehicle-mounted ECU signature value to obtain a reinforced upgrade file, and transmitting the reinforced upgrade file to a vehicle terminal; correspondingly, after receiving the reinforced upgrade file, the vehicle terminal decrypts the vehicle-mounted ECU signature value in the reinforced upgrade file by utilizing an RSA public key in an RSA key pair to obtain a hash value of the file to be checked, then recalculates the hash value of the vehicle-mounted ECU encrypted file in the reinforced upgrade file, judges whether the calculated hash value is consistent with the hash value of the file to be checked, and decrypts the ECU encrypted file by utilizing the RSA public key in the RSA key pair when the calculated hash value is consistent with the hash value of the file to be checked, so as to complete a safety management flow; and when the two are inconsistent, recording the event time and the event type corresponding to the analysis and verification failure, and ending the safety management flow.
According to the technical scheme, the vehicle-mounted ECU signature value is decrypted based on a public key in a preset summary encryption public-private key pair, and a file hash value to be verified is obtained; calculating a hash value of a vehicle-mounted ECU encrypted file in the packaged file, comparing the calculated hash value with a hash value of the file to be checked, and determining a checking result of a vehicle-mounted ECU signature value according to the comparison result; and when the analysis and verification of the vehicle-mounted ECU signature value are successful, decrypting the vehicle-mounted ECU encrypted file to finish the analysis and verification of the packing file. The technical scheme of the embodiment of the invention can verify the encrypted package file and improve the security of the ECU upgrade file.
Fig. 6 is a schematic structural diagram of a vehicle-mounted ECU file security management device provided by the embodiment of the present invention, which is configured at a security management end, and the embodiment of the present invention may be applied to a scenario in which a vehicle-mounted ECU file is encrypted and signed, where the device may be implemented by software and/or hardware, and integrated into a computer device having an application development function.
As shown in fig. 6, the in-vehicle ECU file security management device includes: a file encryption file module 510, a digest file signing module 520, a packaged file generation module 530, and a packaged file transmission module 540.
The file encryption file module is used for acquiring a target vehicle-mounted ECU file, encrypting the target vehicle-mounted ECU file and generating a vehicle-mounted ECU encryption file; the digest file signing module is used for carrying out encryption signature on the digest of the vehicle-mounted ECU encryption file to obtain a vehicle-mounted ECU signature value; the package file generation module is used for packaging the vehicle-mounted ECU encrypted file and the vehicle-mounted ECU signature value to obtain a final package file; and the packaged file sending module is used for sending the final packaged file to the target vehicle terminal so as to enable the target vehicle terminal to analyze and verify the final packaged file.
According to the technical scheme provided by the embodiment of the invention, the vehicle-mounted ECU encrypted file is generated by acquiring the target vehicle-mounted ECU file and encrypting the target vehicle-mounted ECU file; carrying out encryption signature on the abstract of the vehicle-mounted ECU encryption file to obtain a vehicle-mounted ECU signature value; packaging the vehicle-mounted ECU encryption file and the vehicle-mounted ECU signature value to obtain a final packaged file; and sending the final package file to the target vehicle terminal so that the target vehicle terminal analyzes and verifies the final package file. The technical scheme of the embodiment of the invention solves the problem that the ECU upgrade file cannot be encrypted in the prior art, and can double encrypt the ECU upgrade file, thereby improving the security of the ECU upgrade file.
In an alternative embodiment, the file encryption file module 510 is specifically configured to: and encrypting the target vehicle-mounted ECU file based on a private key in a preset file encryption public-private key pair which is pre-generated by the safety management end.
In an alternative embodiment, digest file signature module 520 is specifically configured to: extracting a data abstract of the vehicle-mounted ECU encrypted file, and calculating a hash value of the data abstract; and carrying out encryption signature on the file hash value based on a private key in a preset summary encryption public-private key pair which is pre-generated by the safety management end, so as to obtain a vehicle-mounted ECU signature value.
The vehicle-mounted ECU file security management device provided by the embodiment of the invention can execute the vehicle-mounted ECU file security management method applied to the security management end provided by any embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method.
Fig. 7 is a schematic structural diagram of a vehicle-mounted ECU file security management device provided by the embodiment of the invention, which is applied to a vehicle terminal, and the embodiment of the invention is applicable to resolving and checking an encrypted package file in the process of installing a vehicle-mounted ECU file.
As shown in fig. 7, the in-vehicle ECU file security management device includes: a packaged file verification module 610 and a packaged file decryption module 620.
The package file verification module 610 is configured to analyze and verify a vehicle-mounted ECU signature value in a package file when obtaining a package file of a target vehicle-mounted ECU file; and the packaged file decryption module 620 is configured to decrypt the vehicle-mounted ECU encrypted file when the analysis and verification of the vehicle-mounted ECU signature value succeeds, and complete the analysis and verification of the packaged file.
According to the technical scheme provided by the embodiment of the invention, when the package file of the target vehicle-mounted ECU file is obtained, the vehicle-mounted ECU signature value in the package file is analyzed and checked; and when the analysis and verification of the vehicle-mounted ECU signature value are successful, decrypting the vehicle-mounted ECU encrypted file to finish the analysis and verification of the packing file. The technical scheme of the embodiment of the invention can verify the encrypted package file and improve the security of the ECU upgrade file.
In an alternative embodiment, the packed file verification module 610 is specifically configured to: decrypting the vehicle-mounted ECU signature value based on a public key in a preset summary encryption public-private key pair to obtain a hash value of the file to be verified;
And calculating the hash value of the vehicle-mounted ECU encrypted file in the packaged file, comparing the calculated hash value with the hash value of the file to be checked, and determining the checking result of the vehicle-mounted ECU signature value according to the comparison result.
In an alternative embodiment, the vehicle-mounted ECU file security management device further includes: a failure event recording module, configured to: when the analysis and verification of the vehicle-mounted ECU signature value fail, recording event time and event type corresponding to the analysis and verification failure, obtaining an event failure record log, and storing the event failure record log.
The vehicle-mounted ECU file security management device provided by the embodiment of the invention can execute the vehicle-mounted ECU file security management method applied to the vehicle terminal provided by any embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method.
Fig. 8 is a schematic structural diagram of a computer device according to an embodiment of the present invention. FIG. 8 illustrates a block diagram of an exemplary computer device 12 suitable for use in implementing embodiments of the present invention. The computer device 12 shown in fig. 8 is merely an example and should not be construed as limiting the functionality and scope of use of embodiments of the present invention. The computer device 12 may be any terminal device having computing power, and may be configured in an in-vehicle ECU file security management device.
As shown in FIG. 8, the computer device 12 is in the form of a general purpose computing device. Components of computer device 12 may include, but are not limited to: one or more processors or processing units 16, a system memory 28, a bus 18 that connects the various system components, including the system memory 28 and the processing units 16.
Bus 18 may be one or more of several types of bus structures including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, a processor, or a local bus using any of a variety of bus architectures. By way of example, and not limitation, such architectures include Industry Standard Architecture (ISA) bus, micro channel architecture (MAC) bus, enhanced ISA bus, video Electronics Standards Association (VESA) local bus, and Peripheral Component Interconnect (PCI) bus.
Computer device 12 typically includes a variety of computer system readable media. Such media can be any available media that is accessible by computer device 12 and includes both volatile and nonvolatile media, removable and non-removable media.
The system memory 28 may include computer system readable media in the form of volatile memory, such as Random Access Memory (RAM) 30 and/or cache memory 32. The computer device 12 may further include other removable/non-removable, volatile/nonvolatile computer system storage media. By way of example only, storage system 34 may be used to read from or write to non-removable, nonvolatile magnetic media (not shown in FIG. 8, commonly referred to as a "hard disk drive"). Although not shown in fig. 8, a magnetic disk drive for reading from and writing to a removable non-volatile magnetic disk (e.g., a "floppy disk"), and an optical disk drive for reading from or writing to a removable non-volatile optical disk (e.g., a CD-ROM, DVD-ROM, or other optical media) may be provided. In such cases, each drive may be coupled to bus 18 through one or more data medium interfaces. The system memory 28 may include at least one program product having a set (e.g., at least one) of program modules configured to carry out the functions of the embodiments of the invention.
A program/utility 40 having a set (at least one) of program modules 42 may be stored in, for example, system memory 28, such program modules 42 including, but not limited to, an operating system, one or more application programs, other program modules, and program data, each or some combination of which may include an implementation of a network environment. Program modules 42 generally perform the functions and/or methods of the embodiments described herein.
The computer device 12 may also communicate with one or more external devices 14 (e.g., keyboard, pointing device, display 24, etc.), one or more devices that enable a user to interact with the computer device 12, and/or any devices (e.g., network card, modem, etc.) that enable the computer device 12 to communicate with one or more other computing devices. Such communication may occur through an input/output (I/O) interface 22. Moreover, computer device 12 may also communicate with one or more networks such as a Local Area Network (LAN), a Wide Area Network (WAN) and/or a public network, such as the Internet, through network adapter 20. As shown, network adapter 20 communicates with other modules of computer device 12 via bus 18. It should be appreciated that although not shown in fig. 8, other hardware and/or software modules may be used in connection with computer device 12, including, but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, data backup storage systems, and the like.
The processing unit 16 executes various functional applications and data processing by running a program stored in the system memory 28, for example, implementing the vehicle-mounted ECU file security management method provided by the embodiment of the present invention, the method including:
acquiring a target vehicle-mounted ECU file, encrypting the target vehicle-mounted ECU file, and generating a vehicle-mounted ECU encrypted file;
carrying out encryption signature on the abstract of the vehicle-mounted ECU encryption file to obtain a vehicle-mounted ECU signature value;
packaging the vehicle-mounted ECU encryption file and the vehicle-mounted ECU signature value to obtain a final packaged file;
and sending the final package file to a target vehicle terminal so that the target vehicle terminal analyzes and verifies the final package file.
The present embodiment provides a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the vehicle-mounted ECU file security management method as provided by any embodiment of the present invention, including:
acquiring a target vehicle-mounted ECU file, encrypting the target vehicle-mounted ECU file, and generating a vehicle-mounted ECU encrypted file;
carrying out encryption signature on the abstract of the vehicle-mounted ECU encryption file to obtain a vehicle-mounted ECU signature value;
Packaging the vehicle-mounted ECU encryption file and the vehicle-mounted ECU signature value to obtain a final packaged file;
and sending the final package file to a target vehicle terminal so that the target vehicle terminal analyzes and verifies the final package file.
The computer storage media of embodiments of the invention may take the form of any combination of one or more computer-readable media. The computer readable medium may be a computer readable signal medium or a computer readable storage medium. The computer readable storage medium may be, for example, but not limited to: an electrical, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the computer-readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, either in baseband or as part of a carrier wave. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations of the present invention may be written in one or more programming languages, including an object oriented programming language such as Java, smalltalk, C ++ and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computer (for example, through the Internet using an Internet service provider).
It will be appreciated by those of ordinary skill in the art that the modules or steps of the invention described above may be implemented in a general purpose computing device, they may be centralized on a single computing device, or distributed over a network of computing devices, or they may alternatively be implemented in program code executable by a computer device, such that they are stored in a memory device and executed by the computing device, or they may be separately fabricated as individual integrated circuit modules, or multiple modules or steps within them may be fabricated as a single integrated circuit module. Thus, the present invention is not limited to any specific combination of hardware and software.
Note that the above is only a preferred embodiment of the present invention and the technical principle applied. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, while the invention has been described in connection with the above embodiments, the invention is not limited to the embodiments, but may be embodied in many other equivalent forms without departing from the spirit or scope of the invention, which is set forth in the following claims.

Claims (10)

1. The vehicle-mounted ECU file security management method is applied to a security management end and is characterized by comprising the following steps of:
acquiring a target vehicle-mounted ECU file, encrypting the target vehicle-mounted ECU file, and generating a vehicle-mounted ECU encrypted file;
carrying out encryption signature on the abstract of the vehicle-mounted ECU encryption file to obtain a vehicle-mounted ECU signature value;
packaging the vehicle-mounted ECU encryption file and the vehicle-mounted ECU signature value to obtain a final packaged file;
and sending the final package file to a target vehicle terminal so that the target vehicle terminal analyzes and verifies the final package file.
2. The method of claim 1, wherein encrypting the target vehicle ECU file comprises:
and encrypting the target vehicle-mounted ECU file based on a private key in a preset file encryption public-private key pair which is generated in advance by the safety management end.
3. The method according to claim 2, wherein the cryptographically signing the digest of the onboard ECU cryptographically encrypted file to obtain an onboard ECU signature value comprises:
extracting a data abstract of the vehicle-mounted ECU encrypted file, and calculating a hash value of the data abstract;
And carrying out encryption signature on the file hash value based on a private key in a preset summary encryption public-private key pair which is pre-generated by the safety management end, so as to obtain the vehicle-mounted ECU signature value.
4. A vehicle-mounted ECU file security management method applied to a vehicle terminal, characterized by comprising:
when a packaging file of a target vehicle-mounted ECU file is obtained, analyzing and checking a vehicle-mounted ECU signature value in the packaging file;
and when the analysis and verification of the vehicle-mounted ECU signature value are successful, decrypting the vehicle-mounted ECU encrypted file to finish the analysis and verification of the packaged file.
5. The method of claim 4, wherein the parsing and verifying the vehicle-mounted ECU signature value in the packaged file comprises:
decrypting the vehicle-mounted ECU signature value based on a public key in a preset summary encryption public-private key pair to obtain a hash value of the file to be verified;
and calculating the hash value of the vehicle-mounted ECU encrypted file in the packaged file, comparing the calculated hash value with the hash value of the file to be checked, and determining the verification result of the vehicle-mounted ECU signature value according to the comparison result.
6. The method according to claim 4, further comprising:
When analysis and verification of the vehicle-mounted ECU signature value fail, recording event time and event type corresponding to the analysis and verification failure to obtain an event failure record log, and storing the event failure record log.
7. An on-vehicle ECU file safety control device, dispose in the safety control end, characterized by that, include:
the file encryption file module is used for acquiring a target vehicle-mounted ECU file, encrypting the target vehicle-mounted ECU file and generating a vehicle-mounted ECU encryption file;
the digest file signing module is used for carrying out encryption signature on the digest of the vehicle-mounted ECU encryption file to obtain a vehicle-mounted ECU signature value;
the package file generation module is used for packaging the vehicle-mounted ECU encryption file and the vehicle-mounted ECU signature value to obtain a final package file;
and the packaged file sending module is used for sending the final packaged file to a target vehicle terminal so that the target vehicle terminal can analyze and verify the final packaged file.
8. An in-vehicle ECU file security management device provided in a vehicle terminal, comprising:
the package file verification module is used for analyzing and verifying the vehicle-mounted ECU signature value in the package file when the package file of the target vehicle-mounted ECU file is acquired;
And the packaged file decryption module is used for decrypting the vehicle-mounted ECU encrypted file when the analysis and verification of the vehicle-mounted ECU signature value are successful, so as to complete the analysis and verification of the packaged file.
9. A server device, characterized in that the server device comprises:
one or more processors;
a memory for storing one or more programs;
the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the in-vehicle ECU file security management method of any one of claims 1-6.
10. A computer-readable storage medium having stored thereon a computer program, which when executed by a processor implements the vehicle-mounted ECU file security management method according to any one of claims 1 to 6.
CN202310580131.0A 2023-05-22 2023-05-22 Vehicle-mounted ECU file security management method, device, equipment and storage medium Pending CN116996248A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310580131.0A CN116996248A (en) 2023-05-22 2023-05-22 Vehicle-mounted ECU file security management method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310580131.0A CN116996248A (en) 2023-05-22 2023-05-22 Vehicle-mounted ECU file security management method, device, equipment and storage medium

Publications (1)

Publication Number Publication Date
CN116996248A true CN116996248A (en) 2023-11-03

Family

ID=88525500

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310580131.0A Pending CN116996248A (en) 2023-05-22 2023-05-22 Vehicle-mounted ECU file security management method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN116996248A (en)

Similar Documents

Publication Publication Date Title
CN110414268B (en) Access control method, device, equipment and storage medium
CN110176990B (en) Vehicle component replacement recognition method and device, computer equipment and storage medium
CN110061846B (en) Method, device and computer readable storage medium for identity authentication and confirmation of user node in block chain
CN111291339B (en) Method, device, equipment and storage medium for processing blockchain data
JP2021500816A (en) Vehicle-mounted equipment upgrade method and related equipment
US20130185564A1 (en) Systems and methods for multi-layered authentication/verification of trusted platform updates
CN102171652A (en) Method for provisioning trusted software to an electronic device
CN111835774B (en) Data processing method, device, equipment and storage medium
CN110324416B (en) Download path tracking method, device, server, terminal and medium
CN112883382B (en) Vehicle writing method, internet of vehicles box, vehicle and storage medium
CN111931158A (en) Bidirectional authentication method, terminal and server
CN109714171B (en) Safety protection method, device, equipment and medium
CN110245466B (en) Software integrity protection and verification method, system, device and storage medium
CN113610526A (en) Data trust method and device, electronic equipment and storage medium
CN113225351B (en) Request processing method and device, storage medium and electronic equipment
CN113872770A (en) Security verification method, system, electronic device and storage medium
CN114513310A (en) Authentication method and device for vehicle diagnosis equipment, electronic equipment and medium
CN113792319B (en) File encryption method, device, storage medium and electronic equipment
CN109446752B (en) Copyright file management method, system, device and storage medium
EP3499398A2 (en) Secure storage of monotonic odo value inside a secure hardware elements update counter
CN113592625A (en) Credit report generation method and device and electronic equipment
CN112883397B (en) Data storage method, data reading method, device, equipment and storage medium
CN116996248A (en) Vehicle-mounted ECU file security management method, device, equipment and storage medium
CN115906109A (en) Data auditing method and device and storage medium
CN116975792A (en) Data processing method, apparatus, computer device, storage medium, and program product

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination