WO2025123728A1 - Doip transmission upgrade package-based verification field generation method and system - Google Patents

Doip transmission upgrade package-based verification field generation method and system Download PDF

Info

Publication number
WO2025123728A1
WO2025123728A1 PCT/CN2024/111086 CN2024111086W WO2025123728A1 WO 2025123728 A1 WO2025123728 A1 WO 2025123728A1 CN 2024111086 W CN2024111086 W CN 2024111086W WO 2025123728 A1 WO2025123728 A1 WO 2025123728A1
Authority
WO
WIPO (PCT)
Prior art keywords
upgrade package
verification
upgrade
transmission
doip
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
PCT/CN2024/111086
Other languages
French (fr)
Chinese (zh)
Inventor
李芳�
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Faw Beijing Software Technology Co Ltd
FAW Group Corp
Original Assignee
Faw Beijing Software Technology Co Ltd
FAW Group Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Faw Beijing Software Technology Co Ltd, FAW Group Corp filed Critical Faw Beijing Software Technology Co Ltd
Publication of WO2025123728A1 publication Critical patent/WO2025123728A1/en
Pending legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Definitions

  • the third byte length is one-third to one-fifth of the first byte length; for example, after obtaining a 16-byte digest or a 32-byte hashing value, the value can be verified by a verification method such as crc32 (4 bytes) or crc64 (8 bytes); filling the digest or hashing value verified by the crc into the memoryAddress field of the 0x34 service; before filling, it is also necessary to extract the length of the storage field of memoryAddress, which can be a length of the ALFID
  • the address is confirmed by the lower 4 bits of (addressAndLengthFormatIdentifier), which is a maximum of 16 bytes, and usually 4 bytes are used.
  • the upgrade package verification field obtained by this solution contains the total size of the upgrade package and the digest or hashing value of the upgrade package content, which can be sent to the vehicle system through the 0x34 service.
  • the vehicle system obtains the size and digest or hashing value of the upgrade package to be transmitted, and can perform integrity verification with the subsequent upgrade package obtained through the 0x36 service, without the need for additional DID or RID to passively verify the upgrade package.
  • the present invention discloses a verification field generation system based on DoIP transmission upgrade package, as shown in FIG2, the generation system includes
  • a message detection module used to detect whether the request message information meets the preset conditions, and identify the storage area corresponding to the first address in the request message information as the area to be filled;
  • the message detection module and the upgrade package detection module can be operated in parallel.
  • the message detection module identifies the preset area in the request message information while detecting the upgrade package. If the storage area corresponding to the first address is a meaningless storage area, the area is set as the area to be filled.
  • S2 Enter bootloader mode, and after security unlocking, send an upgrade download request to the host computer;
  • the diagnostic instrument or host computer establishes a DoIP connection with the vehicle
  • the receiving host computer sends the upgrade package through the data transmission service, including
  • S42 Determine the maximum amount of data transmitted by the data transmission service each time according to the size of the upgrade package, and feed it back to the host computer;
  • the present invention records a verification upgrade device based on DoIP transmission upgrade package, including
  • the upgrade verification end receives the upgrade download request sent by the host computer, and after receiving the complete upgrade package, verifies the upgrade package through the upgrade package verification field;
  • Verification field generation system used to generate upgrade package verification fields
  • the data link module in response to the upgrade download service and the data transmission service, enables the upgrade verification end and the host computer to be in a data link open state in the upgrade package verification field and the upgrade package data transmission;
  • the check field generation system is based on the check field generation system of the DoIP transmission upgrade package mentioned above.
  • the solution of the present invention makes full use of the memoryAddress field in the UDS 0x34 service as an integrity check for the upgrade package; it avoids the additional operation of adding DID or RID to the integrity check in the prior art, realizes active verification of vehicle upgrades, and avoids the risk of tampering with the upgrade package.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Information Transfer Between Computers (AREA)
  • Stored Programmes (AREA)

Abstract

A DoIP transmission upgrade package-based verification field generation method and system, and a DoIP transmission upgrade package-based verification upgrade method and apparatus. The verification field generation method comprises the following steps: S1, in response to an upgrade downloading request, obtaining a first fixed value by performing an integrity check on an upgrade package, and obtaining a first verification value by measuring the size of the upgrade package; S2, checking whether the starting address of the upgrade package stored in request packet information meets a preset condition; and if yes, setting a storage area corresponding to the starting address as an area to be filled; S3, verifying the first fixed value, and then filling the first fixed value into said area to obtain a second verification value; and S4, encapsulating the first verification value and the second verification value to obtain an upgrade package verification field. According to the present invention, no additional instruction is required, and an upgrade verification end actively verifies the received upgrade package, thereby eliminating the risk that a vehicle system gets bricked due to the upgrade package failing to decompress normally or install correctly, without increasing the load of the upgrade system.

Description

一种基于DoIP传输升级包的校验字段生成方法及系统A method and system for generating a check field based on DoIP transmission upgrade package 技术领域Technical Field

本发明涉及车辆诊断升级控制领域,尤其涉及一种基于DoIP传输升级包的校验字段生成方法、系统、校验升级方法及装置。The present invention relates to the field of vehicle diagnosis upgrade control, and in particular to a verification field generation method, system, verification upgrade method and device based on DoIP transmission upgrade package.

背景技术Background Art

现有的基于DoIP(基于因特网协议的诊断通信协议)传输升级包流程可以参考标准ISO 13400-1,该标准中,升级包传输前、中、后都没有对升级包进行校验等操作,虽然可以在步骤之后增加新的DID(Data Identification,数据ID)或者RID(Routine Control Identification,路由控制ID)对升级包进行校验,但会存在如下技术问题。The existing DoIP (diagnostic communication protocol based on Internet Protocol) based upgrade package transmission process can refer to the standard ISO 13400-1. In this standard, there is no verification of the upgrade package before, during, and after the upgrade package transmission. Although a new DID (Data Identification) or RID (Routine Control Identification) can be added after the step to verify the upgrade package, there will be the following technical problems.

1、存在升级包不一致风险:0x34服务请求车辆下载升级包,和通过0x36实际传输升级包不一致的风险;目前采用的校验方法,只对收到的数据包做一下简单完整性校验,比如是否能完整组成一个压缩包,调用升级服务是否能正常解压包等,如202210670170.5公开的一种基于DoIP协议的车载信息娱乐系统的OTA升级系统及方法。因对升级包里的内容无法进行校验,会存在安装过程中篡改系统或者让系统变砖等风险。1. There is a risk of inconsistent upgrade packages: the risk of inconsistent upgrade packages between the 0x34 service requesting the vehicle to download the upgrade package and the actual transmission of the upgrade package through 0x36; the current verification method only performs a simple integrity check on the received data packet, such as whether it can form a complete compressed package, whether the upgrade service can decompress the package normally, etc., such as the OTA upgrade system and method for an in-vehicle infotainment system based on the DoIP protocol disclosed in 202210670170.5. Because the contents of the upgrade package cannot be verified, there is a risk of tampering with the system or bricking the system during installation.

2、增加系统负载与操作次数:后续增加DID或者RID等额外来对升级包做校验的方式,也增加了DoIP的负载和操作的次数,需要额外的命令,也无法实现对升级包的主动校验。2. Increase system load and operation times: Subsequent addition of DID or RID to verify the upgrade package also increases the DoIP load and operation times, requires additional commands, and cannot implement active verification of the upgrade package.

实际基于DoIP进行诊断升级部署时,满足相应环境下,升级包对应的请求报文中某些字段是浪费的。例如当Autosar诊断模块部署到android平台上,对于android来说,没有存储区首地址(memoryAddress)了,升级包直接放 在android的某个路径下,这样对于0x34服务来说,memoryAddress这个字段就浪费了,没起到作用,可以是任意值,没有意义。When deploying diagnostic upgrades based on DoIP, some fields in the request message corresponding to the upgrade package are wasted under the corresponding environment. For example, when the Autosar diagnostic module is deployed on the Android platform, there is no memory address for Android, so the upgrade package is directly placed in the In a certain path of Android, for the 0x34 service, the memoryAddress field is wasted and has no effect. It can be any value and has no meaning.

因此,如何改进DoIP传输升级包技术,在不增加系统负载的情况下,有效利用特定无效字段,改进升级包校验字段生成及校验方法,仍然有很大必要性。Therefore, there is still a great need to improve the DoIP upgrade package transmission technology, effectively utilize specific invalid fields without increasing the system load, and improve the upgrade package verification field generation and verification method.

发明内容Summary of the invention

本发明的目的在于提供一种基于DoIP传输升级包的校验字段生成方法、系统、校验升级方法及装置,本发明解决了校验字段生成与升级包内容关联性差影响升级包准确性,及额外校验指令增加升级系统负载的问题。The purpose of the present invention is to provide a verification field generation method, system, verification upgrade method and device based on DoIP transmission upgrade package. The present invention solves the problem that the poor correlation between verification field generation and upgrade package content affects the accuracy of the upgrade package, and additional verification instructions increase the load of the upgrade system.

本发明提供了下述方案The present invention provides the following solution

第一方面,本发明记载了一种基于DoIP传输升级包的校验字段生成方法,包括如下步骤In the first aspect, the present invention records a method for generating a check field based on a DoIP transmission upgrade package, comprising the following steps:

S1:响应于升级下载请求,基于对升级包进行完整性检测获得第一固定值,基于对升级包大小的检测获得第一校验值;S1: In response to an upgrade download request, obtaining a first fixed value based on integrity detection of the upgrade package, and obtaining a first check value based on detection of the size of the upgrade package;

S2:检测请求报文信息中存储所述升级包的首地址是否满足预设条件,若满足,则将所述首地址对应存储区设置为待填充区;S2: Detect whether the first address of the upgrade package stored in the request message information meets the preset condition. If so, set the storage area corresponding to the first address as the area to be filled;

S3:对所述第一固定值进行校验后,将所述第一固定值填入到所述待填充区,获得第二校验值;S3: after verifying the first fixed value, fill the first fixed value into the to-be-filled area to obtain a second verification value;

S4:封装所述第一校验值和第二校验值,获得升级包校验字段。S4: Encapsulate the first verification value and the second verification value to obtain the upgrade package verification field.

所述基于对升级包进行完整性检测获得第一固定值,包括通过预设算法对升级包进行完整性检测,得到具有第一字节长度的第一固定值。The obtaining of the first fixed value based on the integrity detection of the upgrade package includes performing the integrity detection on the upgrade package through a preset algorithm to obtain the first fixed value having a first byte length.

所述检测请求报文信息中存储所述升级包的首地址是否满足预设条件,若满足,则将所述首地址设置为待填充区;包括响应于诊断服务命令,检测对应 操作平台是否有存储区对应所述升级包的首地址,若无,确认所述首地址对应存储区满足第二字节长度,并将该所述存储区设置为待填充区。The detection request message information stores whether the first address of the upgrade package meets the preset condition. If it does, the first address is set as the to-be-filled area; including responding to the diagnostic service command, detecting the corresponding Check whether the operating platform has a storage area corresponding to the first address of the upgrade package. If not, confirm that the storage area corresponding to the first address meets the second byte length, and set the storage area to be filled.

所述对所述第一固定值进行校验后,将所述第一固定值填入到所述待填充区,获得第二校验值,包括通过循环冗余校验方式对第一固定值进行校验,使校验后的第一固定值具有第三字节长度,所述第三字节长度小于所述第一字节长度;After verifying the first fixed value, filling the first fixed value into the to-be-filled area to obtain a second verification value includes verifying the first fixed value by a cyclic redundancy check so that the verified first fixed value has a third byte length, and the third byte length is less than the first byte length;

当第三字节长度不超过所述第二字节长度时,将所述第一固定值填入到所述待填充区,获得第二校验值。When the third byte length does not exceed the second byte length, the first fixed value is filled into the area to be filled to obtain a second check value.

第二方面,本发明记载了一种基于DoIP传输升级包的校验字段生成系统,所述生成系统包括In a second aspect, the present invention describes a verification field generation system based on DoIP transmission upgrade package, the generation system includes

升级包检测模块,用于对待升级包进行检测,以获得用于对应升级包完整性的第一固定值和对应升级包大小的第一校验值;An upgrade package detection module, used to detect the package to be upgraded to obtain a first fixed value corresponding to the integrity of the upgrade package and a first check value corresponding to the size of the upgrade package;

报文检测模块,用于检测请求报文信息是否满足预设条件,并识别请求报文信息中的首地址对应存储区为待填充区;A message detection module, used to detect whether the request message information meets the preset conditions, and identify the storage area corresponding to the first address in the request message information as the area to be filled;

校验模块,用于对第一固定值进行校验,使校验后的第一固定值的字节长度不超过待填充区的长度;A verification module, used for verifying the first fixed value so that the byte length of the verified first fixed value does not exceed the length of the area to be filled;

填充模块,用于将所述第一固定值填入到所述待填充区,获得第二校验值。A filling module is used to fill the first fixed value into the to-be-filled area to obtain a second verification value.

所述校验字段生成系统还包括The check field generation system also includes

封装发送模块,用于对第一校验值和第二校验值进行封装后获得升级包校验字段,并将升级包校验字段发送给升级校验端。The encapsulation and sending module is used to encapsulate the first verification value and the second verification value to obtain the upgrade package verification field, and send the upgrade package verification field to the upgrade verification end.

第三方面,本发明记载了一种基于DoIP传输升级包的校验升级方法,包括如下步骤In a third aspect, the present invention records a verification upgrade method based on DoIP transmission upgrade package, comprising the following steps:

S1:与上位机链接,停止状态更新等操作;S1: connect with the host computer, stop status update and other operations;

S2:进入bootloader模式(编程会话),在进行安全解锁后,向上位机发送升级下载请求; S2: Enter bootloader mode (programming session), after security unlocking, send an upgrade download request to the host computer;

S3:接收上位机通过升级下载服务发送的升级包校验字段;S3: receiving the upgrade package verification field sent by the host computer through the upgrade download service;

S4:接收上位机通过数据传输服务发送的升级包;S4: receiving the upgrade package sent by the host computer through the data transmission service;

S5:用升级包校验字段对接收到的升级包进行校验,校验完成后进行升级包安装;S5: Use the upgrade package verification field to verify the received upgrade package, and install the upgrade package after the verification is completed;

所述升级包校验字段以上述校验字段生成方法生成。The upgrade package verification field is generated using the verification field generation method described above.

所述接收上位机通过数据传输服务发送的升级包,包括The receiving host computer sends the upgrade package through the data transmission service, including

S41:接收所述上位机通过升级下载服务发送的升级包大小;S41: receiving the upgrade package size sent by the host computer through the upgrade download service;

S42:依据升级包大小,确定数据传输服务每次传输的最大数据量,并反馈给上位机;S42: Determine the maximum amount of data transmitted by the data transmission service each time according to the size of the upgrade package, and feed it back to the host computer;

S43:接收上位机通过数据传输服务不断循环发送的升级包数据,直至发送完成。S43: receiving the upgrade package data continuously and cyclically sent by the host computer through the data transmission service until the sending is completed.

所述用升级包校验字段对接收到的升级包进行校验,校验完成后进行升级包安装,包括The upgrade package verification field is used to verify the received upgrade package, and after the verification is completed, the upgrade package is installed, including

发送完成后,通过请求退出传输服务反馈升级包传输完毕,用升级包校验字段对接收到的升级包进行校验。After the transmission is completed, the upgrade package transmission completion is fed back by requesting to exit the transmission service, and the received upgrade package is verified using the upgrade package verification field.

第四方面,本发明记载了一种基于DoIP传输升级包的校验升级装置,包括In a fourth aspect, the present invention describes a verification and upgrade device based on DoIP transmission upgrade package, comprising:

升级校验端,接收上位机发送的升级下载请求,并在接收到完整升级包后,通过升级包校验字段对升级包进行校验;The upgrade verification end receives the upgrade download request sent by the host computer, and after receiving the complete upgrade package, verifies the upgrade package through the upgrade package verification field;

校验字段生成系统,用于生成升级包校验字段;Verification field generation system, used to generate upgrade package verification fields;

数据链接模块,响应于升级下载服务和数据传输服务,在升级包校验字段和升级包数据传输中,使升级校验端与上位机处于数据链接开启状态;The data link module, in response to the upgrade download service and the data transmission service, enables the upgrade verification terminal and the host computer to be in a data link open state during the upgrade package verification field and the upgrade package data transmission;

所述校验字段生成系统基于上述DoIP传输升级包的校验字段生成系统。The check field generation system is based on the check field generation system of the DoIP transmission upgrade package mentioned above.

本发明与现有技术相比具有以下的优点:本发明生成的升级包校验字段源自于升级包内容信息,其包含的升级包校验字段不仅能进行大小还能进行内容的校验,且部分校验字段填充于报文信息中,无需额外的指令,升级校验端对 收到的升级包进行主动校验,不仅消除了升级包不能正常解压或者安装出错使车辆系统变砖等风险,还不增加升级系统负载。Compared with the prior art, the present invention has the following advantages: the upgrade package verification field generated by the present invention is derived from the upgrade package content information, the upgrade package verification field contained in the present invention can not only verify the size but also the content, and part of the verification field is filled in the message information, without the need for additional instructions, and the upgrade verification end is Active verification of received upgrade packages not only eliminates the risk of the upgrade package failing to be decompressed or incorrectly installed, causing the vehicle system to become bricked, but also does not increase the load on the upgrade system.

附图说明BRIEF DESCRIPTION OF THE DRAWINGS

为了更清楚地说明本发明具体实施方式或现有技术中的技术方案,下面将对具体实施方式或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图是本发明的一些实施方式,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the specific implementation methods of the present invention or the technical solutions in the prior art, the drawings required for use in the specific implementation methods or the description of the prior art will be briefly introduced below. Obviously, the drawings described below are some implementation methods of the present invention. For ordinary technicians in this field, other drawings can be obtained based on these drawings without paying creative work.

图1为本发明校验字段生成方法一个实施例的流程图。FIG. 1 is a flow chart of an embodiment of a method for generating a check field according to the present invention.

图2为本发明校验字段生成系统一个实施例的结构框图。FIG. 2 is a structural block diagram of an embodiment of a check field generation system of the present invention.

图3为本发明校验升级方法一个实施例的流程图。FIG. 3 is a flow chart of an embodiment of a verification and upgrading method of the present invention.

图4为本发明校验升级装置一个实施例的结构框图。FIG. 4 is a structural block diagram of an embodiment of a verification and upgrading device of the present invention.

具体实施方式DETAILED DESCRIPTION

为了使本申请的目的、技术方案和优点更加清楚,下面将结合附图对本申请作进一步地详细描述,显然,所描述的实施例仅仅是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其它实施例,都属于本申请保护的范围。In order to make the purpose, technical solutions and advantages of the present application clearer, the present application will be further described in detail below in conjunction with the accompanying drawings. Obviously, the described embodiments are only part of the embodiments of the present application, rather than all the embodiments. Based on the embodiments in the present application, all other embodiments obtained by ordinary technicians in this field without making creative work are within the scope of protection of the present application.

在本申请实施例中使用的术语是仅仅出于描述特定实施例的目的,而非旨在限制本申请。在本申请实施例和所附权利要求书中所使用的单数形式的“一种”、“所述”和“该”也旨在包括多数形式,除非上下文清楚地表示其他含义,“多种”一般包含至少两种。The terms used in the embodiments of the present application are only for the purpose of describing specific embodiments, and are not intended to limit the present application. The singular forms "a", "said" and "the" used in the embodiments of the present application and the appended claims are also intended to include plural forms, unless the context clearly indicates other meanings, and "multiple" generally includes at least two.

应当理解,本文中使用的术语“和/或”仅仅是一种描述关联对象的关联关系,表示可以存在三种关系,例如,A和/或B,可以表示:单独存在A,同时存在A和B,单独存在B这三种情况。另外,本文中字符“/”,一般表示前后关联对象是一种“或”的关系。 It should be understood that the term "and/or" used in this article is only a description of the association relationship of associated objects, indicating that there can be three relationships. For example, A and/or B can represent: A exists alone, A and B exist at the same time, and B exists alone. In addition, the character "/" in this article generally indicates that the associated objects before and after are in an "or" relationship.

应当理解,尽管在本申请实施例中可能采用术语第一、第二、第三等来描述,但这些描述不应限于这些术语。这些术语仅用来将描述区分开。例如,在不脱离本申请实施例范围的情况下,第一也可以被称为第二,类似地,第二也可以被称为第一。It should be understood that although the terms first, second, third, etc. may be used to describe in the embodiments of the present application, these descriptions should not be limited to these terms. These terms are only used to distinguish the descriptions. For example, without departing from the scope of the embodiments of the present application, the first may also be referred to as the second, and similarly, the second may also be referred to as the first.

取决于语境,如在此所使用的词语“如果”、“若”可以被解释成为“在……时”或“当……时”或“响应于确定”或“响应于检测”。类似地,取决于语境,短语“如果确定”或“如果检测(陈述的条件或事件)”可以被解释成为“当确定时”或“响应于确定”或“当检测(陈述的条件或事件)时”或“响应于检测(陈述的条件或事件)”。As used herein, the words "if" and "if" may be interpreted as "at the time of" or "when" or "in response to determining" or "in response to detecting", depending on the context. Similarly, the phrases "if it is determined" or "if (stated condition or event) is detected" may be interpreted as "when it is determined" or "in response to determining" or "when detecting (stated condition or event)" or "in response to detecting (stated condition or event)", depending on the context.

还需要说明的是,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的商品或者装置不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种商品或者装置所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括所述要素的商品或者装置中还存在另外的相同要素。It should also be noted that the term "includes", "comprising" or any other variation thereof is intended to cover non-exclusive inclusion, so that a commodity or device including a series of elements includes not only those elements, but also other elements not explicitly listed, or also includes elements inherent to such commodity or device. In the absence of more restrictions, the elements defined by the sentence "comprising a ..." do not exclude the existence of other identical elements in the commodity or device including the elements.

特别需要说明的是,在说明书中存在的符号和/或数字,如果在附图说明中未被标记的,均不是附图标记。It should be particularly noted that any symbols and/or numbers in the specification that are not marked in the accompanying drawings are not drawing marks.

实施例一Embodiment 1

如图1所示,本申请公开了一种基于DoIP传输升级包的校验字段生成方法,包括如下步骤As shown in FIG1 , the present application discloses a method for generating a check field based on a DoIP transmission upgrade package, comprising the following steps:

S1:响应于升级下载请求,基于对升级包进行完整性检测获得第一固定值,基于对升级包大小的检测获得第一校验值;S1: In response to an upgrade download request, obtaining a first fixed value based on integrity detection of the upgrade package, and obtaining a first check value based on detection of the size of the upgrade package;

S2:检测请求报文信息中存储所述升级包的首地址是否满足预设条件,若满足,则将所述首地址对应存储区设置为待填充区;S2: Detect whether the first address of the upgrade package stored in the request message information meets the preset condition. If so, set the storage area corresponding to the first address as the area to be filled;

S3:对所述第一固定值进行校验后,将所述第一固定值填入到所述待填充区,获得第二校验值; S3: after verifying the first fixed value, fill the first fixed value into the to-be-filled area to obtain a second verification value;

S4:封装所述第一校验值和第二校验值,获得升级包校验字段。S4: Encapsulate the first verification value and the second verification value to obtain the upgrade package verification field.

基于DoIP协议诊断车辆时,会用到诊断仪或上位机等工具来对车辆进行升级操作,升级包传输用到的UDS命令是0x34、0x36和0x37;其过程为,利用0x34服务告知车辆该升级包的大小,再通过0x36服务发送该升级包的数据,直到发送完成;发送完成后再通过0x37服务告知车辆该升级包已传输完毕。车辆系统开始安装升级包,这过程可能会涉及到车辆的重启,那么诊断仪或上位机就会和车辆系统短暂地断开连接;车辆系统重新和诊断仪或上位机建立连接后,需要恢复DTC状态位的更新等。这样一次DoIP刷写流程就结束了。可以看到升级包传输前、中、后都没有对升级包进行校验等操作。When diagnosing a vehicle based on the DoIP protocol, tools such as a diagnostic instrument or a host computer are used to upgrade the vehicle. The UDS commands used for the upgrade package transmission are 0x34, 0x36, and 0x37; the process is to use the 0x34 service to inform the vehicle of the size of the upgrade package, and then send the data of the upgrade package through the 0x36 service until the transmission is completed; after the transmission is completed, the 0x37 service is used to inform the vehicle that the upgrade package has been transmitted. The vehicle system starts to install the upgrade package, which may involve restarting the vehicle, then the diagnostic instrument or host computer will be temporarily disconnected from the vehicle system; after the vehicle system reconnects to the diagnostic instrument or host computer, it needs to restore the update of the DTC status bit, etc. This completes the DoIP flashing process. It can be seen that no verification of the upgrade package is performed before, during, or after the upgrade package is transmitted.

为解决该问题,本申请技术方案升级包校验字段生成方法至少包含用于表征升级包大小的第一校验值的生成,第一校验值用于验证升级包传输大小为预设大小;还包括用于标记升级包内容唯一和完整性性的第二校验值的生成。这样,通过升级包校验字段生方法升级包校验字段能够实现对升级包大小和内容完整性的双重校验,确保升级包不被篡改。To solve this problem, the upgrade package verification field generation method of the technical solution of the present application at least includes the generation of a first verification value for characterizing the size of the upgrade package, the first verification value is used to verify that the upgrade package transmission size is a preset size; and also includes the generation of a second verification value for marking the uniqueness and integrity of the upgrade package content. In this way, the upgrade package verification field generation method can realize a double verification of the upgrade package size and content integrity, ensuring that the upgrade package is not tampered with.

同时,第二校验值的生成依赖于对升级包进行完整性检测获得的一个固定值,该完整性检测可以是升级包特定存储位置/特定内容的表征数据,升级包内容的改动将导致该表征数据的改变。将该固定值填充到首地址对应存储区,获得的第二校验值将在发送到车辆后,对升级包内容进行内容校验,无需额外的发送校验命令。At the same time, the generation of the second check value depends on a fixed value obtained by performing integrity check on the upgrade package. The integrity check can be the characterization data of the specific storage location/specific content of the upgrade package. Changes to the content of the upgrade package will result in changes to the characterization data. The fixed value is filled into the storage area corresponding to the first address. The obtained second check value will be used to verify the content of the upgrade package after it is sent to the vehicle, without the need to send an additional check command.

其中对于升级包进行完整性检测获得的一个固定值的方式,可以是升级包报文内容、也可以是升级包本身内容的摘取,或报文内容与升级包内容的合并。The method of obtaining a fixed value by performing integrity detection on the upgrade package may be the message content of the upgrade package, an extract of the content of the upgrade package itself, or a combination of the message content and the content of the upgrade package.

实施例二Embodiment 2

所述基于对升级包进行完整性检测获得第一固定值,包括通过预设算法对升级包进行完整性检测,得到具有第一字节长度的第一固定值。其中的第一固 定值具有根据不同的检测方式具有不同的且固定的字节长度,第一固定值包含了代表升级包内容完整性的一个或多个标记点。The step of obtaining the first fixed value based on the integrity check of the upgrade package includes performing integrity check on the upgrade package using a preset algorithm to obtain a first fixed value having a first byte length. The fixed value has different and fixed byte lengths according to different detection methods, and the first fixed value includes one or more marking points representing the integrity of the content of the upgrade package.

以UDS协议中0x34服务的请求报文格式为例;Take the request message format of 0x34 service in UDS protocol as an example;

0x34服务中的memoryAddress字段可以作为升级包完成检测的第一固定值,然后通过md5sum或者sha256sum等算法程序对升级包进行完整性检测,会得到一个固定长度的digest或hashing值,如md5sum是16字节,sha256sum是32字节。The memoryAddress field in the 0x34 service can be used as the first fixed value to complete the upgrade package detection. Then, the upgrade package is integrity checked through algorithms such as md5sum or sha256sum, and a fixed-length digest or hashing value is obtained. For example, md5sum is 16 bytes and sha256sum is 32 bytes.

所述检测请求报文信息中存储所述升级包的首地址是否满足预设条件,若满足,则将所述首地址设置为待填充区;包括响应于诊断服务命令,检测对应操作平台是否有存储区对应所述升级包的首地址,若无,确认所述首地址对应存储区满足第二字节长度,并将该所述存储区设置为待填充区。在检测到memoryAddress满足预设条件的示例为,当Autosar诊断模块部署到android平台上,对于android来说,没有存储区首地址memoryAddress,升级包直接放在android的某个路径下,这样对于0x34服务来说,memoryAddress这个字段就浪费了,没起到作用,此时的memoryAddress可以作为待填充区。The detection request message information stores the first address of the upgrade package to see if it meets the preset conditions. If so, the first address is set as the area to be filled; including responding to the diagnostic service command, detecting whether the corresponding operating platform has a storage area corresponding to the first address of the upgrade package. If not, confirming that the storage area corresponding to the first address meets the second byte length, and setting the storage area as the area to be filled. An example of detecting that memoryAddress meets the preset conditions is that when the Autosar diagnostic module is deployed on the Android platform, there is no storage area first address memoryAddress for Android, and the upgrade package is directly placed in a certain path of Android. In this way, for the 0x34 service, the memoryAddress field is wasted and does not play a role. At this time, memoryAddress can be used as the area to be filled.

进一步的对于其他环境,相应的在请求报文格式中检测相对于部署平台无意义的存储区域,可以作为待填充区。Furthermore, for other environments, a storage area that is meaningless relative to the deployment platform is detected in the request message format and can be used as an area to be filled.

所述对所述第一固定值进行校验后,将所述第一固定值填入到所述待填充区,获得第二校验值,包括通过循环冗余校验方式对第一固定值进行校验,使校验后的第一固定值具有第三字节长度,所述第三字节长度小于所述第一字节长度,优先的是,所述第三字节长度是第一字节长度的三分之一到五分之一;例如,得到16字节的digest或32字节的hashing值后,可以再通过crc32(4字节)或者crc64(8字节)等校验方法对此值进行校验;将这个经过crc校验的digest或hashing值填充到0x34服务的memoryAddress字段;在填充之前,还需要摘取memoryAddress的存储字段的长度,它可以是由ALFID (addressAndLengthFormatIdentifier)的低4位来确认的,最多为16字节,一般用4字节。After verifying the first fixed value, filling the first fixed value into the to-be-filled area to obtain a second verification value, including verifying the first fixed value by a cyclic redundancy check method, so that the verified first fixed value has a third byte length, and the third byte length is less than the first byte length. Preferably, the third byte length is one-third to one-fifth of the first byte length; for example, after obtaining a 16-byte digest or a 32-byte hashing value, the value can be verified by a verification method such as crc32 (4 bytes) or crc64 (8 bytes); filling the digest or hashing value verified by the crc into the memoryAddress field of the 0x34 service; before filling, it is also necessary to extract the length of the storage field of memoryAddress, which can be a length of the ALFID The address is confirmed by the lower 4 bits of (addressAndLengthFormatIdentifier), which is a maximum of 16 bytes, and usually 4 bytes are used.

当第三字节长度不超过所述第二字节长度时,将所述第一固定值填入到所述待填充区,获得第二校验值。以上述示例,检测到第二字节长度的长度为16字节,则可将第一固定值通过crc等校验后获得的4字节或8字节的相应参数填入到待填充区,获得第二校验值。When the third byte length does not exceed the second byte length, the first fixed value is filled into the area to be filled to obtain a second check value. In the above example, if the second byte length is detected to be 16 bytes, the corresponding parameters of 4 bytes or 8 bytes obtained after the first fixed value is checked by CRC etc. can be filled into the area to be filled to obtain a second check value.

本方案获得的升级包校验字段包含了表征升级包的总大小及升级包内容的digest或hashing值,可以通过0x34服务发送到车辆系统。车辆系统得到要传输的升级包的大小及digest或hashing值,那么可以和后续通过0x36服务得到的升级包做完整性校验,不需要额外的DID或者RID来被动进行升级包的校验。The upgrade package verification field obtained by this solution contains the total size of the upgrade package and the digest or hashing value of the upgrade package content, which can be sent to the vehicle system through the 0x34 service. The vehicle system obtains the size and digest or hashing value of the upgrade package to be transmitted, and can perform integrity verification with the subsequent upgrade package obtained through the 0x36 service, without the need for additional DID or RID to passively verify the upgrade package.

实施例三Embodiment 3

第二方面,本发明公开了一种基于DoIP传输升级包的校验字段生成系统,如图2所示,所述生成系统包括In a second aspect, the present invention discloses a verification field generation system based on DoIP transmission upgrade package, as shown in FIG2, the generation system includes

升级包检测模块,用于对待升级包进行检测,以获得用于对应升级包完整性的第一固定值和对应升级包大小的第一校验值;An upgrade package detection module, used to detect the package to be upgraded to obtain a first fixed value corresponding to the integrity of the upgrade package and a first check value corresponding to the size of the upgrade package;

报文检测模块,用于检测请求报文信息是否满足预设条件,并识别请求报文信息中的首地址对应存储区为待填充区;A message detection module, used to detect whether the request message information meets the preset conditions, and identify the storage area corresponding to the first address in the request message information as the area to be filled;

校验模块,用于对第一固定值进行校验,使校验后的第一固定值的字节长度不超过待填充区的长度;A verification module, used for verifying the first fixed value so that the byte length of the verified first fixed value does not exceed the length of the area to be filled;

填充模块,用于将所述第一固定值填入到所述待填充区,获得第二校验值。A filling module is used to fill the first fixed value into the to-be-filled area to obtain a second verification value.

所述校验字段生成系统还包括封装发送模块,所述封装发送模块用于对第一校验值和第二校验值进行封装后获得升级包校验字段,并将升级包校验字段发送给升级校验端。 The verification field generation system further includes an encapsulation and sending module, which is used to encapsulate the first verification value and the second verification value to obtain an upgrade package verification field, and send the upgrade package verification field to the upgrade verification terminal.

升级包检测模块与云端链接,实时检测云端是否有待更新安装包,在获得更新响应后,启动对升级包的检测,包括对升级包大小的检测及升级包与内容相关的完整性检测,所述升级包检测模块还可以设定为对升级包版本、及升级包版本与待升级车辆匹配性的检测。The upgrade package detection module is linked to the cloud to detect in real time whether there is an installation package to be updated in the cloud. After obtaining an update response, the upgrade package detection is initiated, including detection of the upgrade package size and integrity detection of the upgrade package and its content. The upgrade package detection module can also be set to detect the upgrade package version and the compatibility of the upgrade package version with the vehicle to be upgraded.

报文检测模块与升级包检测模块可以并行进行,在获得升级下载请求时,升级包检测的同时,报文检测模块对请求报文信息中的预设区域进行识别,在首地址对应存储区为无意义存储区域,则将该区域设定为待填充区。The message detection module and the upgrade package detection module can be operated in parallel. When an upgrade download request is obtained, the message detection module identifies the preset area in the request message information while detecting the upgrade package. If the storage area corresponding to the first address is a meaningless storage area, the area is set as the area to be filled.

校验模块获取来自于升级包检测模块获得的第一固定值,对第一固定值进行校验,并校验后的第一固定值满足预设长度。The verification module obtains the first fixed value obtained from the upgrade package detection module, verifies the first fixed value, and the verified first fixed value meets the preset length.

填充模块选取合适长度的,并校验完成的第一固定值填充到填充区,能够填充到检测请求报文信息相应位置的参数为第二校验值。The filling module selects a first fixed value of appropriate length and verifies it to fill into the filling area, and the parameter that can be filled into the corresponding position of the detection request message information is the second verification value.

最后将第一校验值与第二校验值进行封装,与请求报文信息一起发送至车机系统。Finally, the first check value and the second check value are encapsulated and sent to the vehicle system together with the request message information.

实施例四Embodiment 4

基于实施例三,本发明公开了一种基于DoIP传输升级包的校验字段生成系统,还包括升级包加密模块,用于获取升级包加密密钥,并将所述加密密钥前置封装在所述升级包校验字段外部,随着升级包校验字段一起发送给车机系统,只有当车机系统通过加密密钥成功解压所述升级包,所述升级包校验字段才会进行进一步的启动后续升级包校验程序。Based on Example 3, the present invention discloses a verification field generation system for an upgrade package based on DoIP transmission, which also includes an upgrade package encryption module for obtaining an upgrade package encryption key, and pre-encapsulating the encryption key outside the upgrade package verification field, and sending it to the vehicle system together with the upgrade package verification field. Only when the vehicle system successfully decompresses the upgrade package through the encryption key, the upgrade package verification field will further start the subsequent upgrade package verification program.

实施例五Embodiment 5

如图3所述,本发明记载了一种基于DoIP传输升级包的校验升级方法,包括如下步骤As shown in FIG. 3 , the present invention records a verification upgrade method based on DoIP transmission upgrade package, comprising the following steps:

S1:与上位机链接,停止状态更新等操作; S1: connect with the host computer, stop status update and other operations;

S2:进入bootloader模式,在进行安全解锁后,向上位机发送升级下载请求;S2: Enter bootloader mode, and after security unlocking, send an upgrade download request to the host computer;

S3:接收上位机通过升级下载服务发送的升级包校验字段;S3: receiving the upgrade package verification field sent by the host computer through the upgrade download service;

S4:接收上位机通过数据传输服务发送的升级包;S4: receiving the upgrade package sent by the host computer through the data transmission service;

S5:用升级包校验字段对接收到的升级包进行校验,校验完成后进行升级包安装;S5: Use the upgrade package verification field to verify the received upgrade package, and install the upgrade package after the verification is completed;

所述升级包校验字段以上述校验字段生成方法生成。The upgrade package verification field is generated using the verification field generation method described above.

具体过程为The specific process is

(1)诊断仪或上位机和车辆建立DoIP连接;(1) The diagnostic instrument or host computer establishes a DoIP connection with the vehicle;

(2)升级前,停止DTC状态位的更新等,进入编程会话进行安全解锁等;响应于升级服务请求,启动生成升级包校验字段的生成;(2) Before upgrading, stop updating the DTC status bit, etc., enter the programming session to perform security unlocking, etc.; in response to the upgrade service request, start generating the upgrade package verification field;

(3)诊断仪或上位机利用0x34服务告知车辆该升级包的升级包校验字段、解压密钥等信息;车辆返回后续0x36服务每次传输的最大数据量;(3) The diagnostic instrument or host computer uses the 0x34 service to inform the vehicle of the upgrade package checksum field, decompression key and other information of the upgrade package; the vehicle returns the maximum amount of data transmitted each time by the subsequent 0x36 service;

(4)诊断仪或上位机通过0x36服务不断循环发送该升级包的数据,直到发送完成;(4) The diagnostic instrument or host computer continuously sends the data of the upgrade package through the 0x36 service until the sending is completed;

(5)发送完成后再通过0x37服务告知车辆该升级包已传输完毕。(5) After the transmission is completed, the 0x37 service is used to inform the vehicle that the upgrade package has been transmitted.

(6)车辆系统开始安装升级包,这过程可能会涉及到车辆的重启,那么诊断仪或上位机就会和车辆系统短暂地断开连接;(6) The vehicle system starts installing the upgrade package, which may involve restarting the vehicle. In this case, the diagnostic instrument or host computer will be temporarily disconnected from the vehicle system.

(7)车辆系统重新和诊断仪或上位机建立连接后,需要恢复DTC状态位的更新等。(7) After the vehicle system reconnects to the diagnostic instrument or host computer, it is necessary to restore the update of the DTC status bit.

所述接收上位机通过数据传输服务发送的升级包,包括The receiving host computer sends the upgrade package through the data transmission service, including

S41:接收所述上位机通过升级下载服务发送的升级包大小;S41: receiving the upgrade package size sent by the host computer through the upgrade download service;

S42:依据升级包大小,确定数据传输服务每次传输的最大数据量,并反馈给上位机;S42: Determine the maximum amount of data transmitted by the data transmission service each time according to the size of the upgrade package, and feed it back to the host computer;

S43:接收上位机通过数据传输服务不断循环发送的升级包数据,直至发送完成。 S43: receiving the upgrade package data continuously and cyclically sent by the host computer through the data transmission service until the sending is completed.

参照上述示例,诊断仪或上位机利用0x34服务告知车辆该升级包的大小,车辆返回后续0x36服务每次传输的最大数据量,以提升数据传输效率。Referring to the above example, the diagnostic instrument or host computer uses the 0x34 service to inform the vehicle of the size of the upgrade package, and the vehicle returns the maximum amount of data transmitted each time by the subsequent 0x36 service to improve data transmission efficiency.

实施例六Embodiment 6

如图4所述,本发明记载了一种基于DoIP传输升级包的校验升级装置,包括As shown in FIG. 4 , the present invention records a verification upgrade device based on DoIP transmission upgrade package, including

升级校验端,接收上位机发送的升级下载请求,并在接收到完整升级包后,通过升级包校验字段对升级包进行校验;The upgrade verification end receives the upgrade download request sent by the host computer, and after receiving the complete upgrade package, verifies the upgrade package through the upgrade package verification field;

校验字段生成系统,用于生成升级包校验字段;Verification field generation system, used to generate upgrade package verification fields;

数据链接模块,响应于升级下载服务和数据传输服务,在升级包校验字段和升级包数据传输中,使升级校验端与上位机出于数据链接开启状态;The data link module, in response to the upgrade download service and the data transmission service, enables the upgrade verification end and the host computer to be in a data link open state in the upgrade package verification field and the upgrade package data transmission;

所述校验字段生成系统基于上述DoIP传输升级包的校验字段生成系统。The check field generation system is based on the check field generation system of the DoIP transmission upgrade package mentioned above.

本发明方案充分利用UDS 0x34服务中的memoryAddress字段,用作升级包的完整性校验;避免了现有技术中完整性校验增加DID或者RID存在的额外操作,实现对车辆升级的主动校验,避免了篡改升级包的风险。The solution of the present invention makes full use of the memoryAddress field in the UDS 0x34 service as an integrity check for the upgrade package; it avoids the additional operation of adding DID or RID to the integrity check in the prior art, realizes active verification of vehicle upgrades, and avoids the risk of tampering with the upgrade package.

最后应说明的是:本说明书中各个实施例采用递进的方式描述,每个实施例重点说明的都是与其他实施例的不同之处,各个实施例之间相同相似部分互相参见即可。对于实施例公开的系统或装置而言,由于其与实施例公开的方法相对应,所以描述比较简单,相关之处参见方法部分说明即可。Finally, it should be noted that the various embodiments in this specification are described in a progressive manner, and each embodiment focuses on the differences from other embodiments. The same or similar parts between the various embodiments can be referred to each other. For the system or device disclosed in the embodiment, since it corresponds to the method disclosed in the embodiment, the description is relatively simple, and the relevant parts can be referred to the method part description.

以上实施例仅用以说明本申请的技术方案,而非对其限制;尽管参照前述实施例对本申请进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本申请各实施例技术方案的精神和范围。 The above embodiments are only used to illustrate the technical solutions of the present application, rather than to limit them. Although the present application has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that they can still modify the technical solutions described in the aforementioned embodiments, or make equivalent replacements for some of the technical features therein. However, these modifications or replacements do not deviate the essence of the corresponding technical solutions from the spirit and scope of the technical solutions of the embodiments of the present application.

Claims (10)

一种基于DoIP传输升级包的校验字段生成方法,其特征在于,包括如下步骤A method for generating a check field based on a DoIP transmission upgrade package, characterized in that it comprises the following steps: S1:响应于升级下载请求,基于对升级包进行完整性检测获得第一固定值,基于对升级包大小的检测获得第一校验值;S1: In response to an upgrade download request, obtaining a first fixed value based on integrity detection of the upgrade package, and obtaining a first check value based on detection of the size of the upgrade package; S2:检测请求报文信息中存储所述升级包的首地址是否满足预设条件,若满足,则将所述首地址对应存储区设置为待填充区;S2: Detect whether the first address of the upgrade package stored in the request message information meets the preset condition. If so, set the storage area corresponding to the first address as the area to be filled; S3:对所述第一固定值进行校验后,将所述第一固定值填入到所述待填充区,获得第二校验值;S3: after verifying the first fixed value, fill the first fixed value into the to-be-filled area to obtain a second verification value; S4:封装所述第一校验值和第二校验值,获得升级包校验字段。S4: Encapsulate the first verification value and the second verification value to obtain the upgrade package verification field. 如权利要求1所述基于DoIP传输升级包的校验字段生成方法,其特征在于,所述基于对升级包进行完整性检测获得第一固定值包括如下步骤The method for generating a check field based on DoIP transmission upgrade package according to claim 1 is characterized in that the step of obtaining the first fixed value based on integrity detection of the upgrade package comprises the following steps: 通过预设算法对升级包进行完整性检测,得到具有第一字节长度的第一固定值。The upgrade package is integrity checked using a preset algorithm to obtain a first fixed value having a first byte length. 如权利要求2所述基于DoIP传输升级包的校验字段生成方法,其特征在于,所述检测请求报文信息中存储所述升级包的首地址是否满足预设条件,若满足,则将所述首地址设置为待填充区;包括The method for generating a check field based on DoIP transmission upgrade package as claimed in claim 2 is characterized in that the first address of the upgrade package stored in the detection request message information satisfies a preset condition, and if so, the first address is set as a to-be-filled area; including 响应于诊断服务命令,检测对应操作平台是否有存储区对应所述升级包的首地址,若无,确认所述首地址对应存储区满足第二字节长度,并将该所述存储区设置为待填充区。In response to the diagnostic service command, it is detected whether the corresponding operating platform has a storage area corresponding to the first address of the upgrade package. If not, it is confirmed that the storage area corresponding to the first address meets the second byte length, and the storage area is set as the area to be filled. 如权利要求3所述基于DoIP传输升级包的校验字段生成方法,其特征在于,所述对所述第一固定值进行校验后,将所述第一固定值填入到所述待填充区,获得第二校验值,包括The method for generating a check field based on a DoIP transmission upgrade package as claimed in claim 3, characterized in that after verifying the first fixed value, the first fixed value is filled into the to-be-filled area to obtain a second check value, including 通过循环冗余校验方式对第一固定值进行校验,使校验后的第一固定值具有第三字节长度,所述第三字节长度小于所述第一字节长度; Verify the first fixed value by a cyclic redundancy check, so that the verified first fixed value has a third byte length, and the third byte length is less than the first byte length; 当第三字节长度不超过所述第二字节长度时,将所述第一固定值填入到所述待填充区,获得第二校验值。When the third byte length does not exceed the second byte length, the first fixed value is filled into the area to be filled to obtain a second check value. 一种基于DoIP传输升级包的校验字段生成系统,其特征在于,所述生成系统包括A verification field generation system based on DoIP transmission upgrade package, characterized in that the generation system includes 升级包检测模块,用于对待升级包进行检测,以获得用于对应升级包完整性的第一固定值和对应升级包大小的第一校验值;An upgrade package detection module, used to detect the package to be upgraded to obtain a first fixed value corresponding to the integrity of the upgrade package and a first check value corresponding to the size of the upgrade package; 报文检测模块,用于检测请求报文信息是否满足预设条件,并识别请求报文信息中的首地址对应存储区为待填充区;A message detection module, used to detect whether the request message information meets the preset conditions, and identify the storage area corresponding to the first address in the request message information as the area to be filled; 校验模块,用于对第一固定值进行校验,使校验后的第一固定值的字节长度不超过待填充区的长度;A verification module, used for verifying the first fixed value so that the byte length of the verified first fixed value does not exceed the length of the area to be filled; 填充模块,用于将所述第一固定值填入到所述待填充区,获得第二校验值。A filling module is used to fill the first fixed value into the to-be-filled area to obtain a second verification value. 如权利要求5所述的基于DoIP传输升级包的校验字段生成系统,其特征在于,还包括The check field generation system based on DoIP transmission upgrade package according to claim 5, characterized in that it also includes 封装发送模块,用于对第一校验值和第二校验值进行封装后获得升级包校验字段,并将升级包校验字段发送给升级校验端。The encapsulation and sending module is used to encapsulate the first verification value and the second verification value to obtain the upgrade package verification field, and send the upgrade package verification field to the upgrade verification end. 一种基于DoIP传输升级包的校验升级方法,其特征在于,包括如下步骤A verification and upgrade method based on DoIP transmission upgrade package, characterized in that it includes the following steps S1:与上位机链接,停止状态更新;S1: Link with the host computer and stop status update; S2:进入bootloader模式,在进行安全解锁后,向上位机发送升级下载请求;S2: Enter bootloader mode, and after security unlocking, send an upgrade download request to the host computer; S3:接收上位机通过升级下载服务发送的升级包校验字段;S3: receiving the upgrade package verification field sent by the host computer through the upgrade download service; S4:接收上位机通过数据传输服务发送的升级包;S4: receiving the upgrade package sent by the host computer through the data transmission service; S5:用升级包校验字段对接收到的升级包进行校验,校验完成后进行升级包安装; S5: Use the upgrade package verification field to verify the received upgrade package, and install the upgrade package after the verification is completed; 所述升级包校验字段以权利要求1-4中任意一项所述基于DoIP传输升级包的校验字段生成方法生成。The upgrade package check field is generated by the check field generation method for the upgrade package based on DoIP transmission as described in any one of claims 1-4. 如权利要求7所述基于DoIP传输升级包的校验升级方法,其特征在于,所述接收上位机通过数据传输服务发送的升级包,包括The verification and upgrade method based on DoIP transmission upgrade package as claimed in claim 7 is characterized in that the upgrade package sent by the receiving host computer through the data transmission service includes: S41:接收所述上位机通过升级下载服务发送的升级包大小;S41: receiving the upgrade package size sent by the host computer through the upgrade download service; S42:依据升级包大小,确定数据传输服务每次传输的最大数据量,并反馈给上位机;S42: Determine the maximum amount of data transmitted by the data transmission service each time according to the size of the upgrade package, and feed it back to the host computer; S43:接收上位机通过数据传输服务不断循环发送的升级包数据,直至发送完成。S43: receiving the upgrade package data continuously and cyclically sent by the host computer through the data transmission service until the sending is completed. 如权利要求8所述基于DoIP传输升级包的校验升级方法,其特征在于,所述用升级包校验字段对接收到的升级包进行校验,校验完成后进行升级包安装,包括The verification and upgrade method based on DoIP transmission upgrade package as claimed in claim 8 is characterized in that the received upgrade package is verified by using the upgrade package verification field, and the upgrade package is installed after the verification is completed, including 发送完成后,通过请求退出传输服务反馈升级包传输完毕,用升级包校验字段对接收到的升级包进行校验。After the transmission is completed, the upgrade package transmission completion is fed back by requesting to exit the transmission service, and the received upgrade package is verified using the upgrade package verification field. 一种基于DoIP传输升级包的校验升级装置,其特征在于,包括A verification and upgrade device based on DoIP transmission upgrade package, characterized in that it includes 升级校验端,接收上位机发送的升级下载请求,并在接收到完整升级包后,通过升级包校验字段对升级包进行校验;The upgrade verification end receives the upgrade download request sent by the host computer, and after receiving the complete upgrade package, verifies the upgrade package through the upgrade package verification field; 校验字段生成系统,用于生成升级包校验字段;Verification field generation system, used to generate upgrade package verification fields; 数据链接模块,响应于升级下载服务和数据传输服务,在升级包校验字段和升级包数据传输中,使升级校验端与上位机处于数据链接开启状态;The data link module, in response to the upgrade download service and the data transmission service, enables the upgrade verification terminal and the host computer to be in a data link open state during the upgrade package verification field and the upgrade package data transmission; 所述校验字段生成系统为权利要求5或6所述的基于DoIP传输升级包的校验字段生成系统。 The check field generation system is the check field generation system based on DoIP transmission upgrade package as described in claim 5 or 6.
PCT/CN2024/111086 2023-12-13 2024-08-09 Doip transmission upgrade package-based verification field generation method and system Pending WO2025123728A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202311704339.5 2023-12-13
CN202311704339.5A CN117914529A (en) 2023-12-13 2023-12-13 A method and system for generating a check field based on DoIP transmission upgrade package

Publications (1)

Publication Number Publication Date
WO2025123728A1 true WO2025123728A1 (en) 2025-06-19

Family

ID=90682995

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2024/111086 Pending WO2025123728A1 (en) 2023-12-13 2024-08-09 Doip transmission upgrade package-based verification field generation method and system

Country Status (2)

Country Link
CN (1) CN117914529A (en)
WO (1) WO2025123728A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117914529A (en) * 2023-12-13 2024-04-19 中国第一汽车股份有限公司 A method and system for generating a check field based on DoIP transmission upgrade package

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20210311720A1 (en) * 2020-02-14 2021-10-07 Huawei Technologies Co., Ltd. Vehicle-Mounted Device Upgrade Method and Related Apparatus
CN114924770A (en) * 2022-06-14 2022-08-19 一汽奔腾轿车有限公司 An OTA upgrade system and method for vehicle infotainment system based on DoIP protocol
CN116382739A (en) * 2023-04-04 2023-07-04 合众新能源汽车股份有限公司 A driving platform OTA upgrade process control method, system, equipment and medium
CN117914529A (en) * 2023-12-13 2024-04-19 中国第一汽车股份有限公司 A method and system for generating a check field based on DoIP transmission upgrade package

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20210311720A1 (en) * 2020-02-14 2021-10-07 Huawei Technologies Co., Ltd. Vehicle-Mounted Device Upgrade Method and Related Apparatus
CN114924770A (en) * 2022-06-14 2022-08-19 一汽奔腾轿车有限公司 An OTA upgrade system and method for vehicle infotainment system based on DoIP protocol
CN116382739A (en) * 2023-04-04 2023-07-04 合众新能源汽车股份有限公司 A driving platform OTA upgrade process control method, system, equipment and medium
CN117914529A (en) * 2023-12-13 2024-04-19 中国第一汽车股份有限公司 A method and system for generating a check field based on DoIP transmission upgrade package

Also Published As

Publication number Publication date
CN117914529A (en) 2024-04-19

Similar Documents

Publication Publication Date Title
CN112486554B (en) Vehicle-mounted networking terminal software upgrading method
JP7666873B2 (en) DATA PROCESSING METHOD, CONTROL DEVICE, DIAGNOSIS DEVICE, COMPUTER PROGRAM, AND ELECTRONIC DEVICE
CN111190629B (en) Embedded terminal upgrading software package and analysis method thereof
US12346686B2 (en) Program update system, program transmission device, and program transmission method
CN110460573A (en) A system and method applied to automotive ECU safety upgrade management
CN111813461A (en) A vehicle ECU calibration method, device and equipment
CN108664256A (en) Firmware updating method and device of system and battery management system
CN116382739A (en) A driving platform OTA upgrade process control method, system, equipment and medium
CN116185460A (en) Method and device for automatically upgrading embedded system software
WO2012012933A1 (en) Processing devices and methods for transmitting and receiving data
WO2025123728A1 (en) Doip transmission upgrade package-based verification field generation method and system
CN111722864A (en) ECU data flashing method and related device
CN113315681A (en) Automatic testing method and system based on intelligent home gateway plug-in
CN119987828A (en) Firmware upgrade method, device, computer equipment, storage medium and program product
CN106453629A (en) Mobile network-based automobile electronic system remote upgrading system and method
CN116962389A (en) Log transmission method, log transmission system, vehicle and server
CN113434163B (en) Online calibration method, system, device and medium suitable for electronic control unit
CN110825414B (en) A program upgrade device, embedded device and program upgrade method thereof
CN119271241A (en) Method, system and electronic device for updating firmware in electronic control unit of vehicle
CN115102855A (en) Intelligent water meter embedded software online upgrading method and system
CN114721680A (en) Vehicle-mounted applet offline updating method and vehicle-mounted applet offline updating system
CN118585499A (en) Energy storage management system update method, device and storage medium
CN114579166B (en) Component module upgrade method, component module and financial robot
CN115712412A (en) Software package manufacturing method and device, electronic equipment and storage medium
CN114546439A (en) Firmware upgrading method and system of equipment

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 24902154

Country of ref document: EP

Kind code of ref document: A1