Search

CN-122027471-A - OTA high concurrency upgrading method and system for heterogeneous system of vehicle

CN122027471ACN 122027471 ACN122027471 ACN 122027471ACN-122027471-A

Abstract

The invention belongs to the technical field of Internet of vehicles, in particular relates to an OTA high concurrency upgrading method and system for a heterogeneous system of a vehicle, and aims to solve the problems of low ECU upgrading efficiency, poor synergy and complex fault handling of a CAN bus under a hybrid network architecture. The upgrading method comprises the steps of dividing atomic groups based on a functional domain and a dependency relationship, binding a strong-dependency ECU (electronic control unit) into an atomic upgrading group to ensure version consistency, reserving split flexibility by an independent ECU as a concurrency unit, carrying out packet type decision optimization based on ECU security grading, realizing parallel transmission by utilizing high bandwidth characteristics aiming at an Ethernet domain, providing a high concurrency scheduling strategy aiming at CAN bus characteristics, alternately transmitting data blocks among a plurality of buses by utilizing an ECU check empty stage, breaking the bottleneck of traditional serial upgrading, constructing an ECU check failure processing mechanism, and realizing accurate positioning and efficient recovery of fault data blocks by depending on a paging check table. According to the technical scheme, the bandwidth characteristics of different network domains are fully exerted, the CAN bus utilization rate and the whole OTA upgrading overall rate are obviously improved, the abnormal blocking of the whole flow of a single ECU is avoided, the priority upgrading of a core ECU is ensured, and the upgrading efficiency and the functional safety are both considered.

Inventors

  • ZHANG LUYAO
  • ZHAO JIYANG
  • LI DANDAN
  • Qiang Chenxi
  • YANG MAN
  • WANG HAO
  • DONG QIWEI
  • ZHANG HENG
  • PAN YONGJIA

Assignees

  • 安徽江淮汽车集团股份有限公司

Dates

Publication Date
20260512
Application Date
20260330

Claims (10)

  1. 1. The OTA high concurrency upgrading method for the heterogeneous system of the vehicle is characterized in that the method takes an atomic group with strong dependency and an independent ECU as basic dispatching units, an upgrading task sequence considering priority and parallelism is generated, simultaneously, diagnosis sessions are established with a plurality of ECUs, data blocks are alternately sent to other ECUs in a neutral period waiting for the verification of the ECUs, the ECUs without the dependency can be dispatched in parallel, and the high-safety-level ECUs obtain higher dispatching priority, and the method comprises the following steps: S1, dividing atomic groups based on functional domains and dependency relations; s2, carrying out packet type decision optimization based on ECU security grading; And S3, when the vehicle meets the upgrading conditions, the T-BOX completes identity authentication from the cloud, downloads upgrading task metadata and software packages, transmits the encrypted upgrading task metadata and software packages to the central gateway, and starts to execute intelligent scheduling and upgrading processes after the central gateway verifies the metadata.
  2. 2. The OTA high concurrency upgrade method for heterogeneous systems of vehicles according to claim 1, wherein the atomic group division principle based on the functional domain is as follows: s11, eliminating weak related ECUs in the same atomic group based on the functional domain; s12, the atomic group scale is as small as possible, and unnecessary ECU inclusion is avoided, so that the influence range of upgrade failure is reduced.
  3. 3. The OTA high concurrency upgrade method for heterogeneous systems of vehicles according to claim 1, wherein in step S2, for the ECUs belonging to the same atomic group, a packet type corresponding to the highest security level in the group is adopted, and for the ECU with a single partition, a rollback mechanism is required to be reserved.
  4. 4. The OTA high concurrency upgrade method for heterogeneous systems of vehicles according to claim 3, wherein if the differential packet is adopted for upgrade, decompression and data reconstruction are needed to be performed on the differential packet at a vehicle end first, a data block sequence consistent with the physical format of the whole packet during upgrade is generated, and then the data block sequence is distributed through a high concurrency debug mechanism.
  5. 5. The OTA high concurrency upgrade method for heterogeneous systems of vehicles according to claim 4, wherein when the overlap ratio of the differential packet and the whole packet exceeds a design threshold, the cloud server calculates redundancy between the differential packet and the whole packet while generating the differential packet, and when the redundancy exceeds a set threshold, the cloud server is forced to switch to the whole packet.
  6. 6. The OTA high concurrency upgrade method for vehicle heterogeneous systems of claim 5, wherein redundancy = (differential packet size + base version firmware size)/target full packet size.
  7. 7. The method for upgrading OTA high concurrency of heterogeneous system of vehicle according to claim 1, wherein in step S3, specifically, in the software package publishing stage, the system generates a paging check table for it, the unique check code of each block of data is recorded in the table one by one, the paging check table is stored in an independent read-only partition and is physically isolated from the data partition in the ECU burning process, the central gateway dynamically generates and transmits upgrading task stream according to the function domain, network position and atom group constraint of the ECU, for the ECU located in the same Ethernet exchange domain, realizing the parallel transmission of data in the domain, and for the ECU in CAN bus, implementing the high concurrency scheduling strategy based on time slices.
  8. 8. The OTA high concurrency upgrade method for heterogeneous systems of vehicles according to claim 1, further comprising an ECU verification failure processing mechanism in S4, high concurrency mode, specifically comprising the steps of: S41, recording failure of verification of the data block sent to the ECU in real time in the local storage of the ECU, and keeping the scheduling state of the ECU unchanged without interrupting the subsequent block downloading of the ECU; s42, after all the ECUs participating in upgrading complete first block downloading, the central gateway collects failure information in a concentrated mode; S43, analyzing the failure reason and retrying; s44, the central gateway processes the retransmission flow in batches based on the global failure block total list, and adopts an adaptive high concurrency resource allocation mode; s45, final failure processing.
  9. 9. The OTA high concurrency upgrade method for heterogeneous systems of vehicles according to claim 8, wherein the strategy of analyzing the failure cause relationship retry in step S43 is: s431, requesting the T-BOX from the cloud to acquire a corresponding complete packet and a complete paging check table by the central gateway when the differential packet is failed to upgrade, extracting corresponding data blocks in the complete packet according to the ECU identification and the failed block sequence number, and waiting for retransmission; S432, aiming at the ECU of whole packet upgrading, directly multiplexing whole packet data and a complete paging check table locally cached by a central gateway, extracting a failure block serial number of a corresponding ECU from a global failure block total list, and independently extracting a corresponding data block in an original packet to wait for retransmission; S433, the retransmission counter counts independently according to each block of the ECU, and the retransmission of a single block still fails after exceeding a preset threshold value, and the final failure is judged.
  10. 10. An OTA high concurrency upgrading system for a vehicle heterogeneous system is used for the OTA high concurrency upgrading method for the vehicle heterogeneous system according to any one of claims 1 to 9, and is characterized by comprising a central gateway integrating Ethernet and multiple CAN/CAN-FD interfaces, wherein a T-BOX is used as a vehicle cloud interaction hub, is accessed into a vehicle hybrid network through the Ethernet and is cooperated with the central gateway to realize data interaction and responsibility, the central gateway receives upgrading task metadata and software packages forwarded by the T-BOX, and upgrading scheduling and data distribution of a cross-domain ECU are completed based on the vehicle network topology.

Description

OTA high concurrency upgrading method and system for heterogeneous system of vehicle Technical Field The invention belongs to the technical field of Internet of vehicles, and particularly relates to an OTA high concurrency upgrading method and system for a heterogeneous system of a vehicle. Background Current vehicle electronics and electrical architecture is evolving from traditional distributed controller area network (Controller Area Network, CAN) bus architecture, gradually towards architecture that is centralized in the domain or even centrally computing, area controlled. In the process, the vehicle-mounted network presents typical hybrid network characteristics that the vehicle-mounted Ethernet is used as a core communication backbone and is connected with high-computation-power and high-data throughput core nodes such as an intelligent driving domain and an intelligent cabin domain, and the traditional CAN/CAN-FD bus continuously carries functional units with high response timeliness requirements such as vehicle body control and power execution, but relatively smaller data volume. Such a hybrid network architecture requires that the OTA system must be able to co-schedule network resources of different bandwidths, different protocols. However, the current industry faces multiple common and key contradictions that the characteristics of high Ethernet bandwidth and low CAN network rate in the hybrid network are difficult to cooperatively exert efficacy, a large number of heterogeneous ECUs have adaptation conflicts in safety level, hardware architecture difference and unified upgrading strategy, meanwhile, the traditional serial upgrading paradigm cannot meet the high concurrent upgrading requirement caused by the rapid increase of the quantity of ECUs, and the functional safety guarantee and task splitting flexibility in the upgrading process are difficult to balance, so that CAN bus upgrading becomes an efficiency depression and reliability bottleneck of the whole OTA process, and the improvement of the whole OTA efficiency and the intelligent level is severely restricted. In a vehicle adopting a hybrid network architecture formed by an on-board ethernet and a CAN/CAN-FD bus, for OTA upgrade of a conventional electronic control unit (ECU, such as a vehicle body controller, various actuators, etc.) connected to a CAN network, a serial upgrade paradigm based on a pure CAN architecture is still basically used by the current mainstream scheme. After the T-BOX downloads the software upgrade packages applicable to the traditional ECUs from the cloud through the vehicle-mounted Ethernet backbone and completes caching, the T-BOX is switched to a CAN bus interface through a gateway in an upgrade execution stage, and the ECUs on the CAN network are addressed one by one and sequentially, data transmission and verification are carried out according to a traditional diagnosis protocol. In the prior art, although the physical connection of the hybrid network is adapted, the upgrade flow of the CAN network ECU cannot be optimized essentially, and the serial polling mode has the inherent defects of low bus utilization rate, long upgrade time consumption, poor fault tolerance and the like, and is specifically as follows: 1) The function dependency relationship among ECUs is not considered, the requirement of upgrading synergy of the highly dependent ECUs conflicts with the flexibility of upgrading task splitting, the traditional scheme either ignores the function abnormality caused by the dependency relationship or excessively merges an upgrading unit to expand the fault influence range and increase the retry cost; 2) According to the scheme, a unified and indiscriminate serial processing strategy is adopted for all ECUs in a CAN network, so that the difference of the ECUs in the aspects of functional safety level, hardware system, software package size and the like is completely ignored, the high-safety-level ECU upgrading risk or the low-safety-level ECU resource waste is easily caused, and the problem that the suitability of heterogeneous ECU upgrading strategies is insufficient cannot be solved; 3) The traditional serial upgrading method causes the CAN bus to become an efficiency depression of the whole vehicle OTA, so that the bandwidth characteristics of different networks cannot be fully utilized, and the high-efficiency collaborative scheduling of the cross-network domain is required to be realized; 4) The CAN network OTA serial upgrading flow is fragile, when multiple ECUs are upgraded concurrently, the scattered failure processing mode is easy to cause bus resource waste and flow blockage, and an accurate fault positioning and retransmission mechanism is lacked, so that the upgrading success rate is low and the retry period is long. The prior art scheme shows that the bottleneck of the efficiency and reliability of the upgrading of the CAN network ECU CAN not be fundamentally solved by simply transplanting t