Search

CN-121996273-A - Firmware updating method, device, equipment, vehicle, storage medium and program product

CN121996273ACN 121996273 ACN121996273 ACN 121996273ACN-121996273-A

Abstract

The embodiment of the application provides a firmware updating method, a device, equipment, a vehicle, a storage medium and a program product, and relates to the technical field of embedded software. The firmware updating method comprises the steps of responding to a firmware updating instruction for a controller, obtaining first firmware data of target firmware to be updated in the controller, determining a firmware reading address corresponding to the target firmware as a first software partition, writing the first firmware data into a second software partition which is different from the first software partition, reading second firmware data written in the second software partition aiming at the first firmware data, verifying whether the second firmware data is consistent with the first firmware data, and switching the firmware reading address of the target firmware to the second software partition if the second firmware data is consistent with the first firmware data. The application is used for ensuring the normal operation of the controller after the firmware is updated.

Inventors

  • WANG HANPING

Assignees

  • 小米汽车科技有限公司

Dates

Publication Date
20260508
Application Date
20260126

Claims (20)

  1. 1. A firmware update method, comprising: in response to receiving a firmware update instruction for a controller, acquiring first firmware data of target firmware to be updated in the controller, and determining a firmware read address corresponding to the target firmware as a first software partition; writing the first firmware data to a second software partition in the memory, the second software partition being different from the first software partition; reading second firmware data written in the second software partition for the first firmware data in response to the first firmware data writing being completed, and verifying whether the second firmware data is consistent with the first firmware data; And if the second firmware data is consistent with the first firmware data, switching the firmware reading address of the target firmware to the second software partition.
  2. 2. The firmware updating method of claim 1, wherein said verifying whether said second firmware data is consistent with said first firmware data comprises: obtaining firmware verification data, wherein the firmware verification data is verification data generated by applying a verification algorithm according to the first firmware data; and verifying whether the second firmware data is consistent with the first firmware data according to the firmware verification data.
  3. 3. The firmware updating method of claim 2, wherein the verification algorithm is a secure hash algorithm, and wherein verifying whether the second firmware data is consistent with the first firmware data based on the firmware verification data comprises: applying the secure hash algorithm to obtain a hash value corresponding to the second firmware data; if the hash value is consistent with the firmware verification data, determining that the second firmware data is consistent with the first firmware data; and if the hash value is inconsistent with the firmware verification data, determining that the second firmware data is inconsistent with the first firmware data.
  4. 4. A firmware updating method according to any one of claims 1 to 3, wherein the controller is provided with a hardware security module, the firmware update package of the controller includes firmware data of a first firmware corresponding to the hardware security module and firmware data of a second firmware, the second firmware is other firmware in the controller than the first firmware, and the obtaining the first firmware data of the target firmware to be updated in the controller in response to receiving a firmware update instruction for the controller includes: acquiring the firmware update package in response to receiving a firmware update instruction for the controller; Comparing the firmware data in the firmware update package, and judging whether application firmware data corresponding to the first firmware and the second firmware respectively are different; If the difference exists, taking the firmware with the difference of the firmware data as the target firmware, and acquiring the firmware data corresponding to the target firmware in the firmware update package as the first firmware data.
  5. 5. The firmware update method of claim 4, wherein the firmware update package further includes firmware verification information, and further comprising, prior to writing the first firmware data to the second software partition: and verifying the validity of the first firmware data according to the firmware verification information.
  6. 6. A firmware updating method as recited in any of claims 1 to 3, further comprising, before writing said first firmware data to a second software partition in: And determining that the firmware updating instruction is effective according to the identity verification information carried by the firmware updating instruction.
  7. 7. The firmware updating method of claim 6 wherein said determining that said firmware update instruction is valid based on authentication information carried by said firmware update instruction comprises: if the identity verification information carried by the firmware updating instruction is consistent with the one-machine-one-secret verification information stored by the controller, the firmware updating instruction is determined to be effective, and the one-machine-one-secret verification information corresponding to different controllers is different.
  8. 8. A firmware updating method as recited in any of claims 1 to 3, further comprising, after switching the firmware read address of the target firmware to the second software partition: And starting write protection of the second software partition.
  9. 9. A firmware updating method as recited in any of claims 1 to 3, further comprising, before writing said first firmware data to a second software partition in: And determining that the version number corresponding to the first firmware data is newer than the version number corresponding to the firmware data in the first software partition.
  10. 10. A firmware updating method as recited in any of claims 1 to 3, further comprising, before writing said first firmware data to a second software partition in: it is determined that the vehicle is in a non-running state.
  11. 11. A firmware updating apparatus, which is applied to a controller, wherein a storage medium corresponding to the controller is provided with a physical partition, the physical partition includes a plurality of software partitions divided by preset partition addresses, and the firmware updating method includes: The system comprises an acquisition module, a control module and a control module, wherein the acquisition module is used for responding to a firmware updating instruction for a controller, acquiring first firmware data of target firmware to be updated in the controller, determining a firmware reading address corresponding to the target firmware as a first software partition, and the first software partition is any one of the software partitions; A writing module for writing the first firmware data into a second software partition, the second software partition being different from the first software partition; the verification module is used for responding to the completion of the writing of the first firmware data, reading second firmware data written in the second software partition aiming at the first firmware data, and verifying whether the second firmware data is consistent with the first firmware data or not; And the switching module is used for switching the firmware reading address of the target firmware to the second software partition if the second firmware data is consistent with the first firmware data.
  12. 12. The firmware updating apparatus of claim 11, wherein the verification module is specifically configured to: obtaining firmware verification data, wherein the firmware verification data is verification data generated by applying a verification algorithm according to the first firmware data; and verifying whether the second firmware data is consistent with the first firmware data according to the firmware verification data.
  13. 13. The firmware updating apparatus of claim 12, wherein the verification algorithm is a secure hash algorithm, the verification module further configured to: applying the secure hash algorithm to obtain a hash value corresponding to the second firmware data; if the hash value is consistent with the firmware verification data, determining that the second firmware data is consistent with the first firmware data; and if the hash value is inconsistent with the firmware verification data, determining that the second firmware data is inconsistent with the first firmware data.
  14. 14. The firmware updating apparatus of any of claims 11 to 13, wherein the controller is provided with a hardware security module, the firmware update packet of the controller includes firmware data of a first firmware corresponding to the hardware security module and firmware data of a second firmware, the second firmware is other firmware in the controller than the first firmware, and the acquiring module is specifically configured to: acquiring the firmware update package in response to receiving a firmware update instruction for the controller; Comparing the firmware data in the firmware update package, and judging whether application firmware data corresponding to the first firmware and the second firmware respectively are different; If the difference exists, taking the firmware with the difference of the firmware data as the target firmware, and acquiring the firmware data corresponding to the target firmware in the firmware update package as the first firmware data.
  15. 15. The firmware update apparatus of claim 14, wherein the firmware update package further comprises firmware verification information, the verification module further configured to, prior to writing the first firmware data to the second software partition: and verifying the validity of the first firmware data according to the firmware verification information.
  16. 16. The firmware updating apparatus of any of claims 11 to 13, wherein the verification module is further configured to, prior to writing the first firmware data to the second software partition in: And determining that the firmware updating instruction is effective according to the identity verification information carried by the firmware updating instruction.
  17. 17. The firmware updating apparatus of claim 16, wherein the verification module is further configured to: if the identity verification information carried by the firmware updating instruction is consistent with the one-machine-one-secret verification information stored by the controller, the firmware updating instruction is determined to be effective, and the one-machine-one-secret verification information corresponding to different controllers is different.
  18. 18. The firmware updating apparatus of any of claims 11 to 13, wherein after switching the firmware read address of the target firmware to the second software partition, the switching module is further configured to: And starting write protection of the second software partition.
  19. 19. The firmware updating apparatus of any of claims 11 to 13, wherein, prior to writing the first firmware data to the second software partition, the verification module is further to: And determining that the version number corresponding to the first firmware data is newer than the version number corresponding to the firmware data in the first software partition.
  20. 20. The firmware updating apparatus of any of claims 11 to 13, wherein, prior to writing the first firmware data to the second software partition, the verification module is further to: it is determined that the vehicle is in a non-running state.

Description

Firmware updating method, device, equipment, vehicle, storage medium and program product Technical Field The present disclosure relates to the field of embedded software technologies, and in particular, to a firmware update method, apparatus, device, vehicle, storage medium, and program product. Background The controller is updated with firmware to repair functional security holes, resist network attack risks, optimize vehicle-mounted system performance and newly-added intelligent functions, so that dynamic iteration of the functions of the vehicle electronic system in the whole life cycle is realized, and the method is a core technical means for guaranteeing stability, safety and intelligent experience of vehicle-mounted equipment. The firmware of the controller is typically stored in a memory corresponding to the controller. In the related art, when updating the firmware of the controller, the new firmware data is overlaid on the old firmware data, and after the writing of the firmware data is completed, the new firmware data is read to start the controller function. In this way, there is a case that the controller fails to start after the firmware update. Disclosure of Invention In order to overcome the problems in the related art, the present disclosure provides a firmware update method, apparatus, device, vehicle, storage medium and program product, which ensure that a controller operates normally after firmware update. In a first aspect, an embodiment of the present application provides a firmware update method, including: In response to receiving a firmware update instruction for a controller, acquiring first firmware data of target firmware to be updated in the controller, and determining a firmware read address corresponding to the target firmware as a first software partition; writing the first firmware data into a second software partition, the second software partition being different from the first software partition; Reading second firmware data written in the second software partition aiming at the first firmware data in response to the completion of the writing of the first firmware data, and verifying whether the second firmware data is consistent with the first firmware data; And if the second firmware data is consistent with the first firmware data, switching the firmware reading address of the target firmware to the second software partition. The controller can update the firmware data while retaining the original firmware data in the controller, even if the firmware data is failed to update, the controller can start based on the original firmware data, the starting failure problem caused by the firmware update of the controller is reduced, the written firmware data is verified after the firmware data is written, the integrity of the firmware data update can be ensured, the firmware reading address is switched after the integrity and the correctness of the firmware data update are confirmed, and the normal starting of the functions of the controller is ensured. In one possible implementation, verifying whether the second firmware data is consistent with the first firmware data includes: obtaining firmware verification data, wherein the firmware verification data is verification data generated by applying a verification algorithm according to first firmware data; and verifying whether the second firmware data is consistent with the first firmware data according to the firmware verification data. This may enable efficient consistency verification between the first firmware data and the second firmware data. In one possible implementation, the verification algorithm is a secure hash algorithm, and verifying whether the second firmware data is consistent with the first firmware data according to the firmware verification data includes: applying a secure hash algorithm to obtain a hash value corresponding to the second firmware data; if the hash value is consistent with the firmware verification data, determining that the second firmware data is consistent with the first firmware data; And if the hash value is inconsistent with the firmware verification data, determining that the second firmware data is inconsistent with the first firmware data. Therefore, the safety performance of the safety hash algorithm can be fully utilized, and high-safety consistency verification can be carried out on the first firmware data and the second firmware data. In one possible implementation manner, the controller is provided with a hardware security module, the firmware update packet of the controller includes firmware data of a first firmware corresponding to the hardware security module and firmware data of a second firmware, the second firmware is other firmware in the controller except the first firmware, and the obtaining, in response to receiving a firmware update instruction for the controller, the first firmware data of a target firmware to be updated in the controller includes: in response to receiv