Abstract: A method and an apparatus for processing a vehicle upgrade package. In the method, a first terminal receives a first data block from a server, where the first data block is used for upgrading the vehicle. The first terminal obtains a second data block from a second terminal, where the second data block is used for upgrading the vehicle. The second data block is sent by the server to the second terminal, and the first terminal obtains the vehicle upgrade package based on the first data block and the second data block. The terminals no longer need to obtain the complete vehicle upgrade package from an OTA server. Therefore, the load of the OTA server can be reduced.

Abstract: Embodiments of this application provide a security protection method in an in-vehicle system and a device, relate to the field of internet of vehicles technologies, to deploy a first security protection module on an electronic control unit, deploy a second security protection module on a domain controller, and deploy a third security protection module on a gateway based on security level requirements of the gateway, the domain controller, and the electronic control unit, so that the gateway, the domain controller, and the electronic control unit have different security levels. A security level of the first security protection module is a first security level, a security level of the second security protection module is a second security level, and a security level of the third security protection module is a third security level.

Abstract: An authentication server may obtain information about a plurality of nodes or information about a replacement node in an in-vehicle system, and perform authentication on the nodes based on the information about the nodes or perform authentication on the replacement node based on the information about the replacement node. After the authentication succeeds, the authentication server may further send an identifier of a subnode of a node, key information of the subnode of the node, an identifier of a parent node of the node, and key information of the parent node of the node to the node in the in-vehicle system. Therefore, when the in-vehicle system is started, the node performs authentication on another node in the in-vehicle system.

Abstract: An integrated chip and a data processing method are provided, to improve system security and service processing efficiency of a system. The integrated chip includes: an application processor, configured to write first data into an off-chip memory in a normal secure mode by using a storage controller, where an address of the first data in the off-chip memory is a first address; a security processor, configured to send a first read instruction to the storage controller in an enhanced secure mode, where the first read instruction is used to request to read the first data at the first address; and the storage controller, configured to control the security processor to read the first data from the off-chip memory.