Abstract: With the rapid development of the vehicle industry in the direction of intelligence, connectivity, and electrification, the Electronic Control Unit (ECU) is frequently increasing in the automotive system. The updates iterations for the entire vehicle and ECU have been implemented from physical methods to software upgrades of OTA. At present, there are frequent hacking incidents targeting automobiles. As a significant function of intelligent connected vehicles, the OTA function has additionally become a key target of hackers. Attackers use hijacking, tampering, replacing, and other attack methods to attack the OTA upgrade link of the vehicles. This paper proposes a design of a safe OTA upgrade scheme through a security analysis based on the current OTA upgrade architecture of intelligent, connected vehicles to improve the security of the entire process of OTA upgrade.

Key words: Intelligent connected vehicle; Software upgrade; Information security; Security upgrade

摘要： 随着汽车行业快速向智能化、网联化、电动化的方向发展，车载电子器件（ECU）在整车 系统中逐渐增多，整车和 ECU 已经实现从物理方式到软件升级（OTA）的更新迭代。当前针对汽 车的黑客攻击事件频发，OTA 功能作为智能网联汽车的重要功能，也成为黑客的重点攻击对象。 攻击者通过劫持、篡改、替换等攻击方法对智能网联汽车 OTA 升级链接发起攻击。文章基于当前 智能网联汽车 OTA 升级架构进行安全分析，通过设计安全的 OTA 升级方案，提升整车 OTA 升级 的安全性。

关键词: 智能汽车；软件升级；信息安全；安全升级