[go: up one dir, main page]

CN115226093A - Robot OTA upgrade package integrity verification method and system - Google Patents

Robot OTA upgrade package integrity verification method and system Download PDF

Info

Publication number
CN115226093A
CN115226093A CN202210739508.8A CN202210739508A CN115226093A CN 115226093 A CN115226093 A CN 115226093A CN 202210739508 A CN202210739508 A CN 202210739508A CN 115226093 A CN115226093 A CN 115226093A
Authority
CN
China
Prior art keywords
upgrade package
package
ota
merkle tree
upgrade
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210739508.8A
Other languages
Chinese (zh)
Inventor
刘鹏
李朝铭
王建华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong New Generation Information Industry Technology Research Institute Co Ltd
Original Assignee
Shandong New Generation Information Industry Technology Research Institute Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong New Generation Information Industry Technology Research Institute Co Ltd filed Critical Shandong New Generation Information Industry Technology Research Institute Co Ltd
Priority to CN202210739508.8A priority Critical patent/CN115226093A/en
Publication of CN115226093A publication Critical patent/CN115226093A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/22Processing or transfer of terminal data, e.g. status or physical capabilities
    • H04W8/24Transfer of terminal data
    • H04W8/245Transfer of terminal data from a network towards a terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/0813Configuration setting characterised by the conditions triggering a change of settings
    • H04L41/082Configuration setting characterised by the conditions triggering a change of settings the condition being updates or upgrades of network functionality
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/34Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters 
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Stored Programmes (AREA)

Abstract

The invention discloses a method and a system for verifying the integrity of a robot OTA (over the air) upgrade package, belonging to the technical field of robot OTA upgrade, wherein the method uses a Merkle tree to verify the integrity of the OTA upgrade package and uses the structural characteristics of the Merkle tree to quickly position an error data package; packaging original data of an upgrade package to manufacture a complete upgrade package or a differential package, and then segmenting the upgrade package or the differential package; performing hash calculation on each partition packet to generate a hash value of each partition packet, taking the generated hash value as a leaf node of the Merkle tree, and then generating the Merkle tree; and the robot terminal needing to be upgraded downloads the upgrade package and reads the content in the Merkle tree, simultaneously acquires the root hash value of the Merkle tree, and compares the root hash values of the two Merkle trees. The invention can quickly verify the integrity of the upgrading packet in the OTA upgrading process of the robot and ensure the safety and accuracy of the OTA upgrading.

Description

一种机器人OTA升级包完整性验证方法及系统A kind of robot OTA upgrade package integrity verification method and system

技术领域technical field

本发明涉及机器人OTA升级技术领域,具体地说是一种机器人OTA升级包完整性验证方法及系统。The invention relates to the technical field of robot OTA upgrade, in particular to a method and system for verifying the integrity of a robot OTA upgrade package.

背景技术Background technique

机器人空中下载技术(OTA),是一种远程无线升级技术。该技术可以通过云端为具备联网功能的机器人终端提供固件或软件升级服务。机器人OTA升级中一方面要确保云端和终端设备的通信安全可信,另一方面也要通过可靠的方法验证升级包的完整性,确保不会因为网络终端、恶意篡改等造成升级包完整性被破坏。现有的机器人OTA升级包在传输过程中出现完整性验证错误导致整个升级包必须全部重新传输。Robot Over-the-Air Technology (OTA) is a remote wireless upgrade technology. This technology can provide firmware or software upgrade services for robot terminals with networking capabilities through the cloud. In the robot OTA upgrade, on the one hand, it is necessary to ensure the security and trustworthiness of the communication between the cloud and the terminal device. destroy. The existing robot OTA upgrade package has an integrity verification error during the transmission process, so the entire upgrade package must be retransmitted.

发明内容SUMMARY OF THE INVENTION

本发明的技术任务是针对以上不足之处,提供一种机器人OTA升级包完整性验证方法及系统,能够对机器人OTA升级过程升级包完整性的快速验证,确保OTA升级的安全准确。The technical task of the present invention is to provide a method and system for verifying the integrity of a robot OTA upgrade package in view of the above shortcomings, which can quickly verify the integrity of the upgrade package in the robot OTA upgrade process and ensure the safety and accuracy of the OTA upgrade.

本发明解决其技术问题所采用的技术方案是:The technical scheme adopted by the present invention to solve its technical problems is:

一种机器人OTA升级包完整性验证方法,使用Merkle树验证OTA升级包的完整性,并利用Merkle树自身结构特性快速定位出错数据包;A method for verifying the integrity of the OTA upgrade package of a robot, which uses a Merkle tree to verify the integrity of the OTA upgrade package, and utilizes the structural characteristics of the Merkle tree itself to quickly locate error packets;

对升级包原始数据进行打包制作成完整升级包或差分包,然后对所述升级包或差分包进行分割;对每个分割包进行哈希计算,生成每个分割包的哈希值,将生成的哈希值作为Merkle树的叶子节点然后生成Merkle树;The original data of the upgrade package is packaged to make a complete upgrade package or a differential package, and then the upgrade package or differential package is segmented; hash calculation is performed on each segmented package to generate a hash value of each segmented package, and the generated The hash value of the Merkle tree is used as the leaf node of the Merkle tree and then the Merkle tree is generated;

需要升级的机器人终端下载升级包并读取Merkle树中的内容,同时获取Merkle树的根哈希值,比较两个Merkle树的根哈希值,如果一致,升级包完整性验证通过;否则,获取完整的Merkle树,比较两棵Merkle树的哈希值链表,确定出现错误的数据块,然后请求重新发送该数据块和Merkel树的根哈希值,比较最新的根哈希值是否正确,如果正确升级包完整性验证通过,否则重新请求该数据块,直到成功或次数超限。即仅需要重传出错数据包和该数据包相关的Merkle树值并再次验证根哈希值。The robot terminal that needs to be upgraded downloads the upgrade package and reads the content in the Merkle tree. At the same time, it obtains the root hash value of the Merkle tree, and compares the root hash values of the two Merkle trees. If they are consistent, the integrity verification of the upgrade package passes; otherwise, Obtain the complete Merkle tree, compare the hash value lists of the two Merkle trees, determine the data block with errors, and then request to resend the data block and the root hash value of the Merkel tree, and compare whether the latest root hash value is correct, If the integrity verification of the correct upgrade package is passed, otherwise the data block is re-requested until it succeeds or the number of times exceeds the limit. That is, it is only necessary to retransmit the error packet and the Merkle tree value associated with the packet and verify the root hash value again.

Merkle树是一颗完全二叉树,二叉树中的每个节点都有一个哈希函数值与之对应。对于叶子节点的哈希函数值是通过对认证数据进行哈希运算得到的,而中间节点的哈希函数值是由其孩子节点的哈希函数值得到的。以此类推,可以得到根节点的哈希函数值.将根节点的哈希函数值作为公钥。每个叶子节点都有一个与之对应的认证路径,每个叶子节点都能通过其自身的哈希函数值和其对应的认证路径上的节点的哈希函数值计算得到根节点的值,将计算得到的根节点值与公钥比较,若相等则接受签名。Merkle tree is a complete binary tree, each node in the binary tree has a hash function value corresponding to it. The hash function value of the leaf node is obtained by hashing the authentication data, and the hash function value of the intermediate node is obtained by the hash function value of its child nodes. By analogy, the hash function value of the root node can be obtained. The hash function value of the root node can be used as the public key. Each leaf node has an authentication path corresponding to it, and each leaf node can calculate the value of the root node through its own hash function value and the hash function value of the node on its corresponding authentication path. The calculated root node value is compared with the public key, and if they are equal, the signature is accepted.

本方法通过通过合理设计OTA升级包的生成结构,可以用Merkle树验证升级包的完整性,并能利用Merkle树自身结构特性快速定位出错数据包,从而解决OTA升级过程中由于网络中断、恶意篡改等造成的升级包完整性缺失的问题,解决现有的机器人OTA升级包在传输过程中出现完整性验证错误导致整个升级包必须全部重新传输的技术问题。By rationally designing the generation structure of the OTA upgrade package, the method can use the Merkle tree to verify the integrity of the upgrade package, and can use the structural characteristics of the Merkle tree to quickly locate the wrong data package, so as to solve the problem of network interruption and malicious tampering during the OTA upgrade process. It solves the technical problem that the integrity verification error of the existing robot OTA upgrade package occurs during the transmission process, and the entire upgrade package must be retransmitted.

优选的,该方法的实现包括用于升级包的制作、管理的云端OTA管理服务器、用于升级包的保存的OTA对象存储服务器和用于升级包安装的机器人终端,Preferably, the implementation of the method includes a cloud OTA management server for making and managing the upgrade package, an OTA object storage server for saving the upgrade package, and a robot terminal for installing the upgrade package,

云端OTA管理服务器存储相关的升级包摘要信息和Merkle树信息,云端OTA管理服务器提供安全的通信通道,通过该通信通道机器人终端可获取升级包的概要信息和相关Merkle树信息。The cloud OTA management server stores relevant upgrade package summary information and Merkle tree information. The cloud OTA management server provides a secure communication channel through which the robot terminal can obtain the upgrade package summary information and related Merkle tree information.

进一步的,所述云端OTA管理服务器拥有一对私钥、公钥密钥对,该密钥对采用非对称加密技术,通过云端OTA管理服务器进行升级包制作时,会提取该升级包的摘要信息,包括升级包名称、升级包版本、升级内容、是否差分包,同时通过哈希算法计算生成升级包的Merkke树并写入相关文本文件;使用非对称秘钥中的私钥对升级包摘要和Merkle树数据进行加密,加密后的升级包摘要信息和Merkle树信息可以通过安全通道主动发送给机器人终端或机器人终端查询时作为响应数据反馈。Further, the cloud OTA management server has a pair of private key and public key key pair, and the key pair adopts asymmetric encryption technology. When the upgrade package is produced by the cloud OTA management server, the summary information of the upgrade package will be extracted. , including the name of the upgrade package, the version of the upgrade package, the upgrade content, and whether it is a differential package, and at the same time, the Merkke tree of the upgrade package is calculated and generated by the hash algorithm and written into the relevant text file; the private key in the asymmetric key is used to pair the upgrade package abstract and The Merkle tree data is encrypted, and the encrypted upgrade package summary information and Merkle tree information can be actively sent to the robot terminal through a secure channel or as a response data feedback when the robot terminal is queried.

优选的,在云端OTA管理服务器上对升级包原始数据进行打包制作成完整升级包或差分包,使用压缩包分割软件对升级包或差分包进行分割,将分割包和Merkle文件重新打包成新的升级包,并将分割包和升级包全部上传到OTA对象存储服务器。Preferably, the original data of the upgrade package is packaged on the cloud OTA management server to make a complete upgrade package or a differential package, the upgrade package or the differential package is split using a compressed package splitting software, and the split package and the Merkle file are repackaged into a new one Upgrade the package, and upload the split package and the upgrade package to the OTA object storage server.

优选的,所述机器人终端支持无线通信模式,支持4G、5G和/或WIFI通信,该机器人通过无线通信模式可以获取升级包摘要信息、Merkle树信息和具体的升级包。Preferably, the robot terminal supports wireless communication mode, supports 4G, 5G and/or WIFI communication, and the robot can obtain upgrade package summary information, Merkle tree information and specific upgrade package through wireless communication mode.

优选的,使用SHA256算法计算该数据包的哈希值,将该哈希值作为Merkle树的叶子结点,每两个叶子结点再经过哈希计算生成相应的父节点,直到构建完成只包含一个根节点的完整Merkle二叉树;然后将该Merkle树写入文件并打入OTA升级包,同时在云端OTA管理服务器中记录该升级包信息和Merkle树信息;Preferably, the SHA256 algorithm is used to calculate the hash value of the data packet, and the hash value is used as the leaf node of the Merkle tree, and each two leaf nodes are then hashed to generate corresponding parent nodes, until the construction is completed and only contains A complete Merkle binary tree of the root node; then write the Merkle tree into a file and enter the OTA upgrade package, and record the upgrade package information and Merkle tree information in the cloud OTA management server;

机器人终端接收到OTA升级包后通过加密通道从云端OTA管理服务器获取该升级包的根哈希值并和升级包中的Merkle树的根哈希值进行比较,当根哈希值一致时,OTA升级包完整性验证通过,当根哈希值不一致时再通过加密通道从云端OTA管理服务器获取该升级包的完整Merkle树,通过和升级包中的Mekle树对比确定出错数据包,然后仅需要重传出错数据包和该数据包相关的Merkle树值并再次验证根哈希值。After receiving the OTA upgrade package, the robot terminal obtains the root hash value of the upgrade package from the cloud OTA management server through the encrypted channel and compares it with the root hash value of the Merkle tree in the upgrade package. When the root hash value is consistent, the OTA The integrity of the upgrade package is verified. When the root hash value is inconsistent, the complete Merkle tree of the upgrade package is obtained from the cloud OTA management server through the encrypted channel, and the error packet is determined by comparing it with the Mekle tree in the upgrade package. Pass the error packet and the Merkle tree value associated with that packet and verify the root hash again.

优选的,该方法的实现过程如下:Preferably, the implementation process of the method is as follows:

1)、在云端OTA管理服务器上对升级包原始数据进行打包制作成完整升级包或差分包,使用压缩包分割软件对升级包或差分包进行分割;1), package the original data of the upgrade package on the cloud OTA management server to make a complete upgrade package or differential package, and use the compressed package segmentation software to divide the upgrade package or differential package;

2)、采用SHA256算法对每个分割包进行哈希计算,生成每个分割包的哈希值,将生成的哈希值作为Merkle树的叶子结点,然后计算每两个叶子结点的父节点的哈希值,生成具有唯一的Merkle根节点完整Merkle树,并将生成的Merkle树以链表的形式保存到文本文件中;2) Use the SHA256 algorithm to hash each split packet, generate the hash value of each split packet, use the generated hash value as the leaf node of the Merkle tree, and then calculate the parent of each two leaf nodes. Hash value of the node, generate a complete Merkle tree with a unique Merkle root node, and save the generated Merkle tree to a text file in the form of a linked list;

3)、将分割包和Merkle文件从新打包成新的升级包,并将分割包和升级包全部上传到OTA对象存储服务器,同时通知相应的机器人终端有最新的升级包;3), repackage the split package and Merkle file into a new upgrade package, upload all the split package and upgrade package to the OTA object storage server, and notify the corresponding robot terminal that there is the latest upgrade package;

4)、机器人终端通过网络下载最新的升级包到本地,解压后读取Merkle树中的内容,同时通过OTA管理服务器提供的安全通道从云端获取Merkle树的根哈希值,比较两个Merkle树的根哈希值,如果一致,升级包完整性验证通过;否则转入步骤5);4), the robot terminal downloads the latest upgrade package to the local through the network, decompresses and reads the content in the Merkle tree, and at the same time obtains the root hash value of the Merkle tree from the cloud through the secure channel provided by the OTA management server, and compares the two Merkle trees If the root hash value is consistent, the upgrade package integrity verification is passed; otherwise, go to step 5);

5)、通过安全通道从云端获取完整的Merkle树,比较两棵Merkle树的哈希值链表,确定出现错误的数据块,然后请求OTA对象存储服务器重新发送该数据块和Merkel树的根哈希值,比较最新的根哈希值是否正确,如果正确升级包完整性验证通过;否则从新请求该数据块,直到成功或次数超限。5) Obtain the complete Merkle tree from the cloud through a secure channel, compare the hash value linked lists of the two Merkle trees, determine the data block with errors, and then request the OTA object storage server to resend the data block and the root hash of the Merkel tree value, compare whether the latest root hash value is correct, if the integrity verification of the correct upgrade package passes; otherwise, re-request the data block until it succeeds or the number of times exceeds the limit.

优选的,所述步骤1)中,分割后的压缩包个数应为偶数,且每个压缩包的大小应小于10M。Preferably, in the step 1), the number of divided compressed packages should be an even number, and the size of each compressed package should be less than 10M.

优选的,所述步骤2)中,按照(0,1)(2,3)……(n-1,n)的顺序计算每两个叶子结点的父节点的哈希值,迭代使用SHA256算法生成具有唯一的Merkle根节点完整Merkle树。Preferably, in the step 2), the hash value of the parent node of each two leaf nodes is calculated in the order of (0, 1) (2, 3)...(n-1, n), and SHA256 is used iteratively. The algorithm generates a complete Merkle tree with a unique Merkle root node.

本发明还要求保护一种机器人OTA升级包完整性验证系统,包括The present invention also claims to protect a robot OTA upgrade package integrity verification system, comprising:

至少一台OTA升级管理服务器,用于升级包的制作、管理,并存储相关的升级包摘要信息和Merkle树信息;At least one OTA upgrade management server is used for the production and management of upgrade packages, and stores relevant upgrade package summary information and Merkle tree information;

至少一台OTA升级包对象存储服务器,用于保存升级包;和At least one OTA upgrade package object storage server for saving the upgrade package; and

OTA升级终端;OTA upgrade terminal;

该系统通过上述的机器人OTA升级包完整性验证方法实现OTA升级终端OTA升级包的完整性验证。The system realizes the integrity verification of the OTA upgrade package of the OTA upgrade terminal through the above-mentioned robot OTA upgrade package integrity verification method.

本发明的一种机器人OTA升级包完整性验证方法与现有技术相比,具有以下有益效果:Compared with the prior art, a robot OTA upgrade package integrity verification method of the present invention has the following beneficial effects:

本方法实现了对机器人OTA升级过程升级包完整性的快速验证,确保OTA升级的安全准确。The method realizes rapid verification of the integrity of the upgrade package in the OTA upgrade process of the robot, and ensures the safety and accuracy of the OTA upgrade.

机器人OTA升级包上传和下载全部通过4G、5G或WIFI进行,为了防止升级包在传输过程中出现数据丢失、篡改,使用Merkle树对升级包信息进行验证,确保机器人终端能够接收到完整可靠的升级包。The upload and download of the robot OTA upgrade package are all carried out through 4G, 5G or WIFI. In order to prevent data loss and tampering of the upgrade package during the transmission process, the Merkle tree is used to verify the upgrade package information to ensure that the robot terminal can receive a complete and reliable upgrade. Bag.

附图说明Description of drawings

图1是本发明实施例提供的机器人OTA升级包完整性验证方法的总体设计示意图;1 is a schematic diagram of the overall design of a robot OTA upgrade package integrity verification method provided by an embodiment of the present invention;

图2是本发明实施例提供的Merkle树生成示意图;Fig. 2 is a schematic diagram of Merkle tree generation provided by an embodiment of the present invention;

图3是本发明实施例提供的错误数据块查找示意图。FIG. 3 is a schematic diagram of searching for an error data block according to an embodiment of the present invention.

具体实施方式Detailed ways

下面结合具体实施例对本发明作进一步说明。The present invention will be further described below in conjunction with specific embodiments.

本发明实施例提供了一种机器人OTA升级包完整性验证方法,将Merkle树引入OTA升级包的制作过程,使用Merkle树验证OTA升级包的完整性,并利用Merkle树自身结构特性快速定位出错数据包。The embodiment of the present invention provides a method for verifying the integrity of an OTA upgrade package of a robot. The Merkle tree is introduced into the production process of the OTA upgrade package, the Merkle tree is used to verify the integrity of the OTA upgrade package, and the error data is quickly located by utilizing the structural characteristics of the Merkle tree itself. Bag.

如图1所示,该方法的实现包括用于升级包的制作、管理的云端OTA管理服务器、用于升级包的保存的OTA对象存储服务器和用于升级包安装的机器人终端,As shown in Figure 1, the implementation of the method includes a cloud OTA management server for making and managing the upgrade package, an OTA object storage server for saving the upgrade package, and a robot terminal for installing the upgrade package,

在云端OTA管理服务器上对升级包原始数据进行打包制作成完整升级包或差分包,使用压缩包分割软件对升级包或差分包进行分割;On the cloud OTA management server, package the original data of the upgrade package into a complete upgrade package or differential package, and use the compressed package splitting software to split the upgrade package or differential package;

采用SHA256算法对每个分割包进行哈希计算,生成每个分割包的哈希值,将生成的哈希值作为Merkle树的叶子节点然后生成Merkle树;Use the SHA256 algorithm to hash each split packet, generate the hash value of each split packet, use the generated hash value as the leaf node of the Merkle tree, and then generate the Merkle tree;

将分割包和Merkle文件从新打包成新的升级包,并将分割包和升级包全部上传到OTA对象存储服务器;同时通知相应的机器人终端有最新的升级包;Repackage the split package and Merkle file into a new upgrade package, and upload all the split package and upgrade package to the OTA object storage server; at the same time, notify the corresponding robot terminal that there is the latest upgrade package;

机器人终端通过网络下载最新的升级包到本地,解压后读取Merkle树中的内容,同时通过OTA管理服务器提供的安全通道从云端获取Merkle树的根哈希值,比较两个Merkle树的根哈希值,如果一致,则升级包完整性验证通过;The robot terminal downloads the latest upgrade package to the local through the network, decompresses and reads the content in the Merkle tree, and at the same time obtains the root hash value of the Merkle tree from the cloud through the secure channel provided by the OTA management server, and compares the root hash value of the two Merkle trees. If the value is the same, the integrity verification of the upgrade package is passed;

否则,通过安全通道从云端获取完整的Merkle树,比较两棵Merkle树的哈希值链表,确定出现错误的数据块,然后请求OTA对象存储服务器重新发送该数据块快和Merkel树的根哈希值,比较最新的根哈希值是否正确,如果正确升级包完整性验证通过,否则从新请求该数据块,直到成功或次数超限。Otherwise, obtain the complete Merkle tree from the cloud through a secure channel, compare the hash value lists of the two Merkle trees, determine the data block with errors, and then request the OTA object storage server to resend the data block and the root hash of the Merkel tree. value, compare whether the latest root hash value is correct, if the integrity verification of the correct upgrade package passes, otherwise re-request the data block until it succeeds or the number of times exceeds the limit.

云端OTA管理服务器存储相关的升级包摘要信息和Merkle树信息,云端OTA管理服务器提供安全的通信通道,通过该通信通道机器人终端可获取升级包的概要信息和相关Merkle树信息。所述云端OTA管理服务器拥有一对私钥、公钥密钥对,该密钥对采用非对称加密技术,通过云端OTA管理服务器进行升级包制作时,会提取该升级包的摘要信息,包括升级包名称、升级包版本、升级内容、是否差分包等,同时通过哈希算法计算生成升级包的Merkke树并写入相关文本文件;使用非对称秘钥中的私钥对升级包摘要和Merkle树数据进行加密,加密后的升级包摘要信息和Merkle树信息可以通过安全通道主动发送给机器人终端或机器人终端查询时作为响应数据反馈。The cloud OTA management server stores relevant upgrade package summary information and Merkle tree information. The cloud OTA management server provides a secure communication channel through which the robot terminal can obtain the upgrade package summary information and related Merkle tree information. The cloud OTA management server has a pair of private key and public key key pair, and the key pair adopts asymmetric encryption technology. When the upgrade package is produced by the cloud OTA management server, the summary information of the upgrade package, including the upgrade package, will be extracted. Package name, upgrade package version, upgrade content, whether it is a differential package, etc. At the same time, the Merkke tree of the upgrade package is generated by hash algorithm and written into the relevant text file; the private key in the asymmetric key is used to pair the upgrade package digest and Merkle tree The data is encrypted, and the encrypted upgrade package summary information and Merkle tree information can be actively sent to the robot terminal through a secure channel or fed back as response data when the robot terminal is queried.

在云端OTA管理服务器上对升级包原始数据进行打包制作成完整升级包或差分包,使用压缩包分割软件对升级包或差分包进行分割,将分割包和Merkle文件重新打包成新的升级包,并将分割包和升级包全部上传到OTA对象存储服务器。On the cloud OTA management server, package the original data of the upgrade package into a complete upgrade package or differential package, use the compressed package splitting software to split the upgrade package or differential package, and repackage the split package and Merkle file into a new upgrade package. Upload the split package and upgrade package to the OTA object storage server.

所述机器人终端支持无线通信模式,支持4G、5G和/或WIFI通信,该机器人通过无线通信模式可以获取升级包摘要信息、Merkle树信息和具体的升级包。The robot terminal supports wireless communication mode, supports 4G, 5G and/or WIFI communication, and the robot can obtain upgrade package summary information, Merkle tree information and specific upgrade package through the wireless communication mode.

参考图2-3所示,该方法的具体实现过程如下:Referring to Figure 2-3, the specific implementation process of this method is as follows:

1)、在云端OTA管理服务器上对升级包原始数据进行打包制作成完整升级包或差分包,使用压缩包分割软件对升级包或差分包进行分割;分割后的压缩包个数应为偶数,且每个压缩包的大小应小于10M。1) Pack the original data of the upgrade package on the cloud OTA management server to make a complete upgrade package or differential package, and use the compressed package segmentation software to divide the upgrade package or differential package; the number of compressed packages after division should be an even number, And the size of each compressed package should be less than 10M.

2)、采用SHA256算法对每个分割包进行哈希计算,生成每个分割包的哈希值,将生成的哈希值作为Merkle树的叶子结点,然后按照(0,1)(2,3)……(n-1,n)的顺序计算每两个叶子结点的父节点的哈希值,迭代使用SHA256算法生成具有唯一的Merkle根节点完整Merkle树,并将生成的Merkle树以链表的形式保存到文本文件中。具体生成过程如图2所示。2) Use the SHA256 algorithm to hash each split packet, generate the hash value of each split packet, use the generated hash value as the leaf node of the Merkle tree, and then follow (0, 1) (2, 3) Calculate the hash value of the parent node of each two leaf nodes in the order of (n-1, n), iteratively use the SHA256 algorithm to generate a complete Merkle tree with a unique Merkle root node, and combine the generated Merkle tree with The form of a linked list is saved to a text file. The specific generation process is shown in Figure 2.

3)、将分割包和Merkle文件从新打包成新的升级包,并将分割包和升级包全部上传到OTA对象存储服务器,同时通知相应的机器人终端有最新的升级包。3) Repackage the split package and Merkle file into a new upgrade package, upload all the split package and upgrade package to the OTA object storage server, and notify the corresponding robot terminal of the latest upgrade package.

4)、机器人终端通过网络下载最新的升级包到本地,解压后读取Merkle树中的内容,同时通过OTA管理服务器提供的安全通道从云端获取Merkle树的根哈希值,比较两个Merkle树的根哈希值,如果一致,升级包完整性验证通过;否则转入步骤5)。4), the robot terminal downloads the latest upgrade package to the local through the network, decompresses and reads the content in the Merkle tree, and at the same time obtains the root hash value of the Merkle tree from the cloud through the secure channel provided by the OTA management server, and compares the two Merkle trees If the root hash value is consistent, the upgrade package integrity verification is passed; otherwise, go to step 5).

5)、通过安全通道从云端获取完整的Merkle树,比较两棵Merkle树的哈希值链表,确定出现错误的数据块,然后请求OTA对象存储服务器重新发送该数据块和Merkel树的根哈希值,比较最新的根哈希值是否正确,如果正确升级包完整性验证通过;否则从新请求该数据块,直到成功或次数超限。5) Obtain the complete Merkle tree from the cloud through a secure channel, compare the hash value linked lists of the two Merkle trees, determine the data block with errors, and then request the OTA object storage server to resend the data block and the root hash of the Merkel tree value, compare whether the latest root hash value is correct, if the integrity verification of the correct upgrade package passes; otherwise, re-request the data block until it succeeds or the number of times exceeds the limit.

如图3所示,比对的云端和升级包中的Merkle树,如果根哈希一致,则数据相同,如果根哈希不一致,则通过Merkle树快速检索到不一致的数据。具体检索过程,如图3中右侧箭头所示:假设升级包中DATA3数据块不一致,我们对比根哈希,发现根哈希不一致,即,数据不一致,此时需要找出是哪一块不一致,分别对比Hash Middle0和Hash Middle1,发现是Hash Middle1不一致,接着向下发现是Hash Leaf3不一致,这样就定位到是DATA3数据块不一致。As shown in Figure 3, for the Merkle tree in the compared cloud and the upgrade package, if the root hashes are consistent, the data is the same, and if the root hashes are inconsistent, the inconsistent data can be quickly retrieved through the Merkle tree. The specific retrieval process is shown by the arrow on the right in Figure 3: Assuming that the DATA3 data block in the upgrade package is inconsistent, we compare the root hash and find that the root hash is inconsistent, that is, the data is inconsistent. At this time, it is necessary to find out which block is inconsistent. Comparing Hash Middle0 and Hash Middle1 respectively, it is found that Hash Middle1 is inconsistent, and then it is found that Hash Leaf3 is inconsistent, so it is located that the DATA3 data block is inconsistent.

上述步骤中涉及到OTA升级包数据的转存和下载全部通过4G、5G或WIFI进行,云端Merkle树的传输通过非对称秘钥进行加密,确保信息在传输过程中不被篡改。The above steps involve the dumping and downloading of the OTA upgrade package data all through 4G, 5G or WIFI, and the transmission of the cloud Merkle tree is encrypted by an asymmetric key to ensure that the information is not tampered with during the transmission process.

本方法通过通过合理设计OTA升级包的生成结构,可以用Merkle树验证升级包的完整性,并能利用Merkle树自身结构特性快速定位出错数据包,从而解决OTA升级过程中由于网络中断、恶意篡改等造成的升级包完整性缺失的问题,解决现有的机器人OTA升级包在传输过程中出现完整性验证错误导致整个升级包必须全部重新传输的技术问题。By rationally designing the generation structure of the OTA upgrade package, the method can use the Merkle tree to verify the integrity of the upgrade package, and can use the structural characteristics of the Merkle tree to quickly locate the wrong data package, so as to solve the problem of network interruption and malicious tampering during the OTA upgrade process. It solves the technical problem that the integrity verification error of the existing robot OTA upgrade package occurs during the transmission process, and the entire upgrade package must be retransmitted.

本发明实施例还提供一种机器人OTA升级包完整性验证系统,包括The embodiment of the present invention also provides a robot OTA upgrade package integrity verification system, comprising:

至少一台OTA升级管理服务器,用于升级包的制作、管理,并存储相关的升级包摘要信息和Merkle树信息;At least one OTA upgrade management server is used for the production and management of upgrade packages, and stores relevant upgrade package summary information and Merkle tree information;

至少一台OTA升级包对象存储服务器,用于保存升级包;At least one OTA upgrade package object storage server is used to save the upgrade package;

和OTA升级终端;and OTA upgrade terminal;

本系统通过上述实施例所述的机器人OTA升级包完整性验证方法实现OTA升级终端OTA升级包的完整性验证。The system realizes the integrity verification of the OTA upgrade package of the OTA upgrade terminal by using the robot OTA upgrade package integrity verification method described in the above embodiment.

本系统将Merkle树引入OTA升级包的制作过程,通过Merkel树记录升级包的完整性。首先将升级包中的每个升级模块或差分模块作为一个数据包,使用SHA256算法计算该数据包的哈希值,将该哈希值作为Merkle树的叶子结点,每两个叶子结点再经过哈希计算生成相应的父节点,直到构建完成只包含一个根节点的完整Merkle二叉树。This system introduces Merkle tree into the process of making OTA upgrade package, and records the integrity of upgrade package through Merkel tree. First, take each upgrade module or differential module in the upgrade package as a data packet, use the SHA256 algorithm to calculate the hash value of the data packet, and use the hash value as the leaf node of the Merkle tree. After hash calculation, the corresponding parent node is generated until the complete Merkle binary tree containing only one root node is constructed.

然后将该Merkle树写入文件并打入OTA升级包,同时在云端OTA管理服务器中记录该升级包信息和Merkle树信息。Then write the Merkle tree into a file and enter the OTA upgrade package, and record the upgrade package information and Merkle tree information in the cloud OTA management server.

机器人终端接收到OTA升级包后通过加密通道从云端OTA管理服务器获取该升级包的根哈希值并和升级包中的Merkle树的根哈希值进行比较。当根哈希值一致时,OTA升级包完整性验证通过,当根哈希值不一致时再通过加密通道从云端OTA管理服务器获取该升级包的完整Merkle树,通过和升级包中的Mekle树对比确定出错数据包,然后仅需要重传出错数据包和该数据包相关的Merkle树值并再次验证根哈希值。After receiving the OTA upgrade package, the robot terminal obtains the root hash value of the upgrade package from the cloud OTA management server through an encrypted channel and compares it with the root hash value of the Merkle tree in the upgrade package. When the root hash value is consistent, the integrity verification of the OTA upgrade package passes, and when the root hash value is inconsistent, obtain the complete Merkle tree of the upgrade package from the cloud OTA management server through the encrypted channel, and compare it with the Mekle tree in the upgrade package The erroneous packet is determined, and then only the erroneous packet and the Merkle tree value associated with that packet need to be retransmitted and the root hash value verified again.

本系统通过上述方法实现了对机器人OTA升级过程升级包完整性的快速验证,确保OTA升级的安全准确。The system realizes the rapid verification of the integrity of the upgrade package of the robot OTA upgrade process through the above method, and ensures the safety and accuracy of the OTA upgrade.

通过上面具体实施方式,所述技术领域的技术人员可容易的实现本实用新型。但是应当理解,本发明并不限于上述的具体实施方式。在公开的实施方式的基础上,所述技术领域的技术人员可任意组合不同的技术特征,从而实现不同的技术方案。Through the above specific embodiments, those skilled in the technical field can easily realize the present invention. However, it should be understood that the present invention is not limited to the specific embodiments described above. On the basis of the disclosed embodiments, those skilled in the technical field can arbitrarily combine different technical features to realize different technical solutions.

除说明书所述的技术特征外,均为本专业技术人员的已知技术。Except for the technical features described in the specification, they are all known technologies by those skilled in the art.

Claims (10)

1.一种机器人OTA升级包完整性验证方法,其特征在于,使用Merkle树验证OTA升级包的完整性,并利用Merkle树自身结构特性快速定位出错数据包;1. a robot OTA upgrade package integrity verification method, is characterized in that, uses Merkle tree to verify the integrity of OTA upgrade package, and utilizes Merkle tree self-structural characteristic to locate error packet quickly; 对升级包原始数据进行打包制作成完整升级包或差分包,然后对所述升级包或差分包进行分割;对每个分割包进行哈希计算,生成每个分割包的哈希值,将生成的哈希值作为Merkle树的叶子节点然后生成Merkle树;The original data of the upgrade package is packaged to make a complete upgrade package or a differential package, and then the upgrade package or differential package is segmented; hash calculation is performed on each segmented package to generate a hash value of each segmented package, and the generated The hash value of the Merkle tree is used as the leaf node of the Merkle tree and then the Merkle tree is generated; 需要升级的机器人终端下载升级包并读取Merkle树中的内容,同时获取Merkle树的根哈希值,比较两个Merkle树的根哈希值,如果一致,升级包完整性验证通过;否则,获取完整的Merkle树,比较两棵Merkle树的哈希值链表,确定出现错误的数据块,然后请求重新发送该数据块和Merkel树的根哈希值,比较最新的根哈希值是否正确,如果正确升级包完整性验证通过,否则重新请求该数据块,直到成功或次数超限。The robot terminal that needs to be upgraded downloads the upgrade package and reads the content in the Merkle tree. At the same time, it obtains the root hash value of the Merkle tree, and compares the root hash values of the two Merkle trees. If they are consistent, the integrity verification of the upgrade package passes; otherwise, Obtain the complete Merkle tree, compare the hash value lists of the two Merkle trees, determine the data block with errors, and then request to resend the data block and the root hash value of the Merkel tree, and compare whether the latest root hash value is correct, If the integrity verification of the correct upgrade package is passed, otherwise the data block is re-requested until it succeeds or the number of times exceeds the limit. 2.根据权利要求1所述的一种机器人OTA升级包完整性验证方法,其特征在于,该方法的实现包括用于升级包的制作、管理的云端OTA管理服务器、用于升级包的保存的OTA对象存储服务器和用于升级包安装的机器人终端,2. a kind of robot OTA upgrade package integrity verification method according to claim 1, is characterized in that, the realization of this method comprises the cloud OTA management server that is used for the making of upgrade package, the management, be used for the preservation of upgrade package. OTA object storage server and robot terminal for upgrade package installation, 云端OTA管理服务器存储相关的升级包摘要信息和Merkle树信息,云端OTA管理服务器提供安全的通信通道,通过该通信通道机器人终端可获取升级包的概要信息和相关Merkle树信息。The cloud OTA management server stores relevant upgrade package summary information and Merkle tree information. The cloud OTA management server provides a secure communication channel through which the robot terminal can obtain the upgrade package summary information and related Merkle tree information. 3.根据权利要求2所述的一种机器人OTA升级包完整性验证方法,其特征在于,所述云端OTA管理服务器拥有一对私钥、公钥密钥对,该密钥对采用非对称加密技术,通过云端OTA管理服务器进行升级包制作时,会提取该升级包的摘要信息,包括升级包名称、升级包版本、升级内容、是否差分包,同时通过哈希算法计算生成升级包的Merkke树并写入相关文本文件;使用非对称秘钥中的私钥对升级包摘要和Merkle树数据进行加密,加密后的升级包摘要信息和Merkle树信息可以通过安全通道主动发送给机器人终端或机器人终端查询时作为响应数据反馈。3. a kind of robot OTA upgrade package integrity verification method according to claim 2, is characterized in that, described cloud OTA management server has a pair of private key, public key key pair, and this key pair adopts asymmetric encryption Technology, when the upgrade package is produced through the cloud OTA management server, the summary information of the upgrade package will be extracted, including the upgrade package name, upgrade package version, upgrade content, whether it is a differential package, and the Merkke tree of the upgrade package will be generated by hash algorithm calculation. And write the relevant text file; use the private key in the asymmetric key to encrypt the upgrade package digest and Merkle tree data, and the encrypted upgrade package digest information and Merkle tree information can be actively sent to the robot terminal or robot terminal through a secure channel Feedback as response data when querying. 4.根据权利要求2所述的一种机器人OTA升级包完整性验证方法,其特征在于,在云端OTA管理服务器上对升级包原始数据进行打包制作成完整升级包或差分包,使用压缩包分割软件对升级包或差分包进行分割,将分割包和Merkle文件重新打包成新的升级包,并将分割包和升级包全部上传到OTA对象存储服务器。4. a kind of robot OTA upgrade package integrity verification method according to claim 2 is characterized in that, on the cloud OTA management server, the upgrade package original data is packaged and made into a complete upgrade package or a differential package, and the compressed package is used to divide The software splits the upgrade package or differential package, repackages the split package and Merkle file into a new upgrade package, and uploads the split package and upgrade package to the OTA object storage server. 5.根据权利要求2所述的一种机器人OTA升级包完整性验证方法,其特征在于,所述机器人终端支持无线通信模式,支持4G、5G和/或WIFI通信,该机器人通过无线通信模式可以获取升级包摘要信息、Merkle树信息和具体的升级包。5. The method for verifying the integrity of a robot OTA upgrade package according to claim 2, wherein the robot terminal supports a wireless communication mode, supports 4G, 5G and/or WIFI communication, and the robot can communicate through the wireless communication mode. Get upgrade package summary information, Merkle tree information, and specific upgrade packages. 6.根据权利要求2-5任一所述的一种机器人OTA升级包完整性验证方法,其特征在于,使用SHA256算法计算该数据包的哈希值,将该哈希值作为Merkle树的叶子结点,每两个叶子结点再经过哈希计算生成相应的父节点,直到构建完成只包含一个根节点的完整Merkle二叉树;然后将该Merkle树写入文件并打入OTA升级包,同时在云端OTA管理服务器中记录该升级包信息和Merkle树信息;6. according to the arbitrary described a kind of robot OTA upgrade package integrity verification method of claim 2-5, it is characterized in that, use SHA256 algorithm to calculate the hash value of this data packet, this hash value is used as the leaf of Merkle tree node, each two leaf nodes are then hashed to generate the corresponding parent node, until the complete Merkle binary tree containing only one root node is constructed; then the Merkle tree is written to the file and entered into the OTA upgrade package, and at the same time in the OTA upgrade package. The upgrade package information and Merkle tree information are recorded in the cloud OTA management server; 机器人终端接收到OTA升级包后通过加密通道从云端OTA管理服务器获取该升级包的根哈希值并和升级包中的Merkle树的根哈希值进行比较,当根哈希值一致时,OTA升级包完整性验证通过,当根哈希值不一致时再通过加密通道从云端OTA管理服务器获取该升级包的完整Merkle树,通过和升级包中的Mekle树对比确定出错数据包,然后仅需要重传出错数据包和该数据包相关的Merkle树值并再次验证根哈希值。After receiving the OTA upgrade package, the robot terminal obtains the root hash value of the upgrade package from the cloud OTA management server through the encrypted channel and compares it with the root hash value of the Merkle tree in the upgrade package. When the root hash value is consistent, the OTA The integrity of the upgrade package is verified. When the root hash value is inconsistent, the complete Merkle tree of the upgrade package is obtained from the cloud OTA management server through the encrypted channel, and the error packet is determined by comparing it with the Mekle tree in the upgrade package. Pass the error packet and the Merkle tree value associated with that packet and verify the root hash again. 7.根据权利要求6所述的一种机器人OTA升级包完整性验证方法,其特征在于,该方法的实现过程如下:7. a kind of robot OTA upgrade package integrity verification method according to claim 6, is characterized in that, the realization process of this method is as follows: 1)、在云端OTA管理服务器上对升级包原始数据进行打包制作成完整升级包或差分包,使用压缩包分割软件对升级包或差分包进行分割;1), package the original data of the upgrade package on the cloud OTA management server to make a complete upgrade package or differential package, and use the compressed package segmentation software to divide the upgrade package or differential package; 2)、采用SHA256算法对每个分割包进行哈希计算,生成每个分割包的哈希值,将生成的哈希值作为Merkle树的叶子结点,然后计算每两个叶子结点的父节点的哈希值,生成具有唯一的Merkle根节点完整Merkle树,并将生成的Merkle树以链表的形式保存到文本文件中;2) Use the SHA256 algorithm to hash each split packet, generate the hash value of each split packet, use the generated hash value as the leaf node of the Merkle tree, and then calculate the parent of each two leaf nodes. Hash value of the node, generate a complete Merkle tree with a unique Merkle root node, and save the generated Merkle tree to a text file in the form of a linked list; 3)、将分割包和Merkle文件从新打包成新的升级包,并将分割包和升级包全部上传到OTA对象存储服务器,同时通知相应的机器人终端有最新的升级包;3), repackage the split package and Merkle file into a new upgrade package, upload all the split package and upgrade package to the OTA object storage server, and notify the corresponding robot terminal that there is the latest upgrade package; 4)、机器人终端通过网络下载最新的升级包到本地,解压后读取Merkle树中的内容,同时通过OTA管理服务器提供的安全通道从云端获取Merkle树的根哈希值,比较两个Merkle树的根哈希值,如果一致,升级包完整性验证通过;否则转入步骤5);4), the robot terminal downloads the latest upgrade package to the local through the network, decompresses and reads the content in the Merkle tree, and at the same time obtains the root hash value of the Merkle tree from the cloud through the secure channel provided by the OTA management server, and compares the two Merkle trees If the root hash value is consistent, the upgrade package integrity verification is passed; otherwise, go to step 5); 5)、通过安全通道从云端获取完整的Merkle树,比较两棵Merkle树的哈希值链表,确定出现错误的数据块,然后请求OTA对象存储服务器重新发送该数据块和Merkel树的根哈希值,比较最新的根哈希值是否正确,如果正确升级包完整性验证通过;否则从新请求该数据块,直到成功或次数超限。5) Obtain the complete Merkle tree from the cloud through a secure channel, compare the hash value list of the two Merkle trees, determine the data block with errors, and then request the OTA object storage server to resend the data block and the root hash of the Merkel tree value, compare whether the latest root hash value is correct, if the integrity verification of the correct upgrade package passes; otherwise, re-request the data block until it succeeds or the number of times exceeds the limit. 8.根据权利要求7所述的一种机器人OTA升级包完整性验证方法,其特征在于,所述步骤1)中,分割后的压缩包个数应为偶数,且每个压缩包的大小应小于10M。8. a kind of robot OTA upgrade package integrity verification method according to claim 7, is characterized in that, in described step 1), the compressed package number after the division should be an even number, and the size of each compressed package should be an even number. less than 10M. 9.根据权利要求7所述的一种机器人OTA升级包完整性验证方法,其特征在于,所述步骤2)中,按照(0,1)(2,3)……(n-1,n)的顺序计算每两个叶子结点的父节点的哈希值,迭代使用SHA256算法生成具有唯一的Merkle根节点完整Merkle树。9. The method for verifying the integrity of a robot OTA upgrade package according to claim 7, wherein in the step 2), according to (0,1)(2,3)...(n-1,n ) in order to calculate the hash value of the parent node of each two leaf nodes, and iteratively use the SHA256 algorithm to generate a complete Merkle tree with a unique Merkle root node. 10.一种机器人OTA升级包完整性验证系统,其特征在于,包括10. a robot OTA upgrade package integrity verification system, is characterized in that, comprises 至少一台OTA升级管理服务器,用于升级包的制作、管理,并存储相关的升级包摘要信息和Merkle树信息;At least one OTA upgrade management server is used for the production and management of upgrade packages, and stores relevant upgrade package summary information and Merkle tree information; 至少一台OTA升级包对象存储服务器,用于保存升级包;和At least one OTA upgrade package object storage server for saving the upgrade package; and OTA升级终端;OTA upgrade terminal; 该系统通过权利要求1至9任一所述的机器人OTA升级包完整性验证方法实现OTA升级终端OTA升级包的完整性验证。The system realizes the integrity verification of the OTA upgrade package of the OTA upgrade terminal through the robot OTA upgrade package integrity verification method described in any one of claims 1 to 9.
CN202210739508.8A 2022-06-28 2022-06-28 Robot OTA upgrade package integrity verification method and system Pending CN115226093A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210739508.8A CN115226093A (en) 2022-06-28 2022-06-28 Robot OTA upgrade package integrity verification method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210739508.8A CN115226093A (en) 2022-06-28 2022-06-28 Robot OTA upgrade package integrity verification method and system

Publications (1)

Publication Number Publication Date
CN115226093A true CN115226093A (en) 2022-10-21

Family

ID=83609764

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210739508.8A Pending CN115226093A (en) 2022-06-28 2022-06-28 Robot OTA upgrade package integrity verification method and system

Country Status (1)

Country Link
CN (1) CN115226093A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115758477A (en) * 2022-11-18 2023-03-07 海南大学 Novel data integrity verification method
CN118101272A (en) * 2024-02-26 2024-05-28 常州工学院 Intelligent network connection automobile OTA remote security upgrading method and system

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011109772A2 (en) * 2010-03-05 2011-09-09 Interdigital Patent Holdings, Inc. Method and apparatus for providing security to devices
WO2017135669A1 (en) * 2016-02-02 2017-08-10 주식회사 코인플러그 Method and server for providing notary service for file and verifying file recorded by notary service
KR20180005542A (en) * 2016-07-06 2018-01-16 주식회사 케이티 Apparatus and method for verifing data integrity
WO2020151330A1 (en) * 2019-01-23 2020-07-30 平安科技(深圳)有限公司 Data possession verification method and terminal device
CN111949602A (en) * 2020-07-16 2020-11-17 桂林电子科技大学 Outsourcing data safety migration method and system supporting integrity verification
CN112131609A (en) * 2020-08-27 2020-12-25 国网湖北省电力有限公司电力科学研究院 Merkle tree-based electric energy quality data exchange format file integrity verification method and system
US20210344480A1 (en) * 2020-04-30 2021-11-04 Dell Products L.P. Install time creation of forward error correction data and integrity checksums
CN114546460A (en) * 2022-02-25 2022-05-27 上海商汤科技开发有限公司 Firmware upgrade method and device, electronic device and storage medium

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011109772A2 (en) * 2010-03-05 2011-09-09 Interdigital Patent Holdings, Inc. Method and apparatus for providing security to devices
WO2017135669A1 (en) * 2016-02-02 2017-08-10 주식회사 코인플러그 Method and server for providing notary service for file and verifying file recorded by notary service
KR20180005542A (en) * 2016-07-06 2018-01-16 주식회사 케이티 Apparatus and method for verifing data integrity
WO2020151330A1 (en) * 2019-01-23 2020-07-30 平安科技(深圳)有限公司 Data possession verification method and terminal device
US20210344480A1 (en) * 2020-04-30 2021-11-04 Dell Products L.P. Install time creation of forward error correction data and integrity checksums
CN111949602A (en) * 2020-07-16 2020-11-17 桂林电子科技大学 Outsourcing data safety migration method and system supporting integrity verification
CN112131609A (en) * 2020-08-27 2020-12-25 国网湖北省电力有限公司电力科学研究院 Merkle tree-based electric energy quality data exchange format file integrity verification method and system
CN114546460A (en) * 2022-02-25 2022-05-27 上海商汤科技开发有限公司 Firmware upgrade method and device, electronic device and storage medium

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115758477A (en) * 2022-11-18 2023-03-07 海南大学 Novel data integrity verification method
CN118101272A (en) * 2024-02-26 2024-05-28 常州工学院 Intelligent network connection automobile OTA remote security upgrading method and system
CN118101272B (en) * 2024-02-26 2025-01-03 常州工学院 A method and system for OTA remote security upgrade of intelligent connected vehicles

Similar Documents

Publication Publication Date Title
US12105822B2 (en) Immutable bootloader and firmware validator
US20220318417A1 (en) Replacing distinct data in a relational database with a distinct reference to that data and distinct de-referencing of database data
KR102618665B1 (en) Version history management using blockchain
CN110163007A (en) Data integrity verification method, equipment and storage medium based on block chain
CN102045356B (en) Cloud-storage-oriented trusted storage verification method and system
CN111201519A (en) Immutable data store for low-latency reads and writes of large datasets
US8578170B2 (en) Bundle verification
CN115226093A (en) Robot OTA upgrade package integrity verification method and system
WO2022237497A1 (en) Data storage method and apparatus based on blockchain network
CN112035144A (en) Block chain system upgrading method and device, computer equipment and storage medium
US20250124156A1 (en) Immutable bootloader and firmware validator
US20240163119A1 (en) Device management method, system, and apparatus
US20200143031A1 (en) Device attestation techniques
WO2017124736A1 (en) Method, device and system for transmitting upgrade abnormality information
CN104182418A (en) Method and device for obtaining node metadata
CN113835642B (en) A distributed storage network construction method based on IPFS and a distributed storage network
CN107888548A (en) A kind of Information Authentication method and device
CN113961908A (en) Data storage method and device, computer equipment and storage medium
CN119065699A (en) Firmware differential upgrade method, system, electronic device and storage medium
CN115208573B (en) Method and device for collecting and protecting weblog
KR102836887B1 (en) Obfuscation method for controller area network message
EP2116953B1 (en) Modified bundle signature verification
CN112989404A (en) Log management method based on block chain and related equipment
CN114020346B (en) A configuration file processing method, device, electronic equipment and storage medium
CN113918975B (en) A trusted computing software whitelist management method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20221021

RJ01 Rejection of invention patent application after publication