车载控制器FOTA固件安全多重校验方案  被引量：2

作　　者：武恪 李超超 杨兴达 方菱 Wu Ke;Li Chaochao;Yang Xingda;Fang Ling(Hefei Institutes of Physical Science,Chinese Academy of Sciences,Hefei 230031,China;University of Science and Technology of China,Hefei 230026,China)

机构地区：[1]中国科学院合肥物质科学研究院,合肥230031 [2]中国科学技术大学,合肥230026

出　　处：《电子测量技术》2021年第22期7-13,共7页Electronic Measurement Technology

基　　金：安徽省重点研究与开发计划项目(202004a05020041)资助。

摘　　要：固件空中升级(FOTA)是一种利用无线通信实现电子控制单元软件升级的技术。FOTA在汽车电子控制器中的大规模应用,使得汽车控制系统面临来自于公共网络中的安全威胁日益增多,而目前主流的FOTA方案着重关注固件从服务端到汽车端的远程传输,车内固件的安全性处理仍是薄弱环节。本文提出一种固件安全多重校验方案,服务端通过基于ECC的数字签名算法签名固件得到两个校验码,分别用于远程传输以及车内处理流程中的固件完整性和身份验证,以保证FOTA全流程的安全。实验结果表明所提的方案可以很好的识别固件远程传输和存储时篡改的风险,增加的时间成本仅约为5%,同时与使用RSA算法实现的方案相比,同等安全条件下,还具有验签速度快、占用存储资源少等优点。Firmware Over-The-Air(FOTA)is a technology which uses wireless communication to upgrade the software of electronic control unit.FOTA has been applied in a large scale in automobile electronic control devices,as a result,the vehicle control system is faced with increasing security threats from the public network.However,the present mainstream FOTA schemes merely focus on the remote transmission from the server side to the vehicle side,and the security handling of the in-vehicle firmware is still a weak link.This thesis proposes a multi-check scheme of firmware security,the server signs the firmware through the Elliptic Curve Cryptography-based digital signature algorithm,so as to get two check codes,which are respectively used for remote transmission and check of firmware integrity and identity in-vehicle handling process,thereby ensuring full-process security of FOTA.The experimental results show that the scheme proposed in this thesis can well identify the risk of tampering during remote transmission and storage of firmware,and the time cost increased is only about 5%.Meanwhile,compared with the scheme realized by using RSA,this scheme is advantaged by fast speed of signature verification and small occupancy rate of resources.

关 键 词：固件空中在线升级 数字签名 身份验证 固件完整性 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]