车载控制器FOTA固件安全多重校验方案
DOI:
CSTR:
作者:
作者单位:

1.中国科学院合肥物质科学研究院 合肥 230031;2.中国科学技术大学 合肥 230026

作者简介:

通讯作者:

中图分类号:

TP309

基金项目:

安徽省重点研究与开发计划项目(202004a05020041)资助


Multiple check scheme of the security of vehicle-mounted controller FOTA
Author:
Affiliation:

1. Hefei Institutes of Physical Science, Chinese Academy of Sciences, Hefei 230031, China; 2. University of Science and Technology of China, Hefei 230026, China

Fund Project:

  • 摘要
  • |
  • 图/表
  • |
  • 访问统计
  • |
  • 参考文献
  • |
  • 相似文献
  • |
  • 引证文献
  • |
  • 资源附件
  • |
  • 文章评论
    摘要:

    固件空中升级(FOTA)是一种利用无线通信实现电子控制单元软件升级的技术。FOTA在汽车电子控制器中的大规模应用,使得汽车控制系统面临来自于公共网络中的安全威胁日益增多,而目前主流的FOTA方案着重关注固件从服务端到汽车端的远程传输,车内固件的安全性处理仍是薄弱环节。本文提出一种固件安全多重校验方案,服务端通过基于ECC的数字签名算法签名固件得到两个校验码,分别用于远程传输以及车内处理流程中的固件完整性和身份验证,以保证FOTA全流程的安全。实验结果表明本文所提的方案可以很好的识别固件远程传输和存储时篡改的风险,增加的时间成本仅约为5%,同时与使用RSA算法实现的方案相比,同等安全条件下,还具有验签速度快、占用存储资源少等优点。

    Abstract:

    Firmware Over-The-Air (FOTA) is a technology which uses wireless communication to upgrade the software of electronic control unit. FOTA has been applied in a large scale in automobile electronic control devices, as a result, the vehicle control system is faced with increasing security threats from the public network. However, the present mainstream FOTA schemes merely focus on the remote transmission from the server side to the vehicle side, and the security handling of the in-vehicle firmware is still a weak link. This thesis proposes a multi-check scheme of firmware security, the server signs the firmware through the Elliptic Curve Cryptography-based digital signature algorithm, so as to get two check codes, which are respectively used for remote transmission and check of firmware integrity and identity in-vehicle handling process, thereby ensuring full-process security of FOTA. The experimental results show that the scheme proposed in this thesis can well identify the risk of tampering during remote transmission and storage of firmware, and the time cost increased is only about 5%. Meanwhile, compared with the scheme realized by using RSA, this scheme is advantaged by fast speed of signature verification and small occupancy rate of resources.

    参考文献
    相似文献
    引证文献
引用本文

武 恪,李超超,杨兴达,方 菱.车载控制器FOTA固件安全多重校验方案[J].电子测量技术,2021,44(22):7-13

复制
分享
文章指标
  • 点击次数:
  • 下载次数:
  • HTML阅读次数:
  • 引用次数:
历史
  • 收稿日期:
  • 最后修改日期:
  • 录用日期:
  • 在线发布日期: 2024-07-04
  • 出版日期:
文章二维码
×
《电子测量技术》
财务封账不开票通知