摘要
为了应对频繁的需求变动和技术迭代对嵌入式系统软件升级带来的挑战,文章设计了一种安全型软件升级方法和流程。其采用基于散列消息认证码(HMAC)算法的软件签名和校验方法,有效识别目标码是否被篡改;并通过特定软件更新工具,在软件升级前进行授权认证,同时对目标码名称和大小属性进行认证,防止异常文件入侵文件系统;采用CRC校验方法识别目标码的完整性;设计了一种基于双目标码加载区冗余式的文件管理方式,避免软件升级失败造成的系统工作异常问题。实际应用表明,该方法可有效保证嵌入式控制软件升级的高安全性与高可靠性。
In order to respond to challenges encountered in the software upgrade of embedded systems due to frequent demand changes and technological iterations,this paper presents the design of a secure software upgrade methodology and process.A software signature and check method based on the hash-based message authentication code(HMAC)algorithm is employed,to effectively identify any tampering of object codes.A specific software update tool is introduced to initiate authorization authentication before software upgrades,alongside authentication of object codes,including names and sizes attribute,thereby preventing the invasion of abnormal files into the file system.A cyclic redundancy check(CRC)method is incorporated to verify the integrity of object codes.Additionally,the design includes a redundant file management method based on double target code loading areas,to mitigate the risk of system malfunction resulting from failed software upgrades.Subsequent practical applications demonstrated the effectiveness of this method in ensuring high security and reliability in the upgrade process of embedded control software.
作者
陈俊波
邹军阳
张天昱
CHEN Junbo;ZOU Junyang;ZHANG Tianyu(Zhuzhou CRRC Times Electric Co.,Ltd.,Zhuzhou,Hunan 412001,China)
出处
《控制与信息技术》
2024年第6期104-109,共6页
CONTROL AND INFORMATION TECHNOLOGY
关键词
嵌入式系统
软件升级
轨道交通
安全性
HMAC算法
CRC校验
embedded system
software upgrade
rail transit
security
hash-based message authentication code(HMAC)algorithm
cyclic redundancy check(CRC)
作者简介
通信作者:陈俊波(1984-),男,高级工程师,主要从事新能源控制平台软件架构设计与开发工作,chenjb@csrzic.com。
