Method for updating the firmware of a security module

Abstract

A method for updating the firmware of a security module allowing it to “jump” towards a dedicated separate patch message stream thanks to a trigger messages stream broadcasted in a main stream of management messages. The trigger messages comprise version information allowing establishing whether the security module is up-to-date, and an identifier indicating to the security module the suitable patch stream. If the current version of the firmware of the security module is inferior to the patch version, the security module is directed towards the stream of patch messages designated by the identifier included in the trigger messages. Once the update of the firmware is complete, the security module is again directed towards the main stream. This return can be carried out automatically, namely with a switch message comprising an identifier of the first stream.

Description

BRIEF DESCRIPTION OF THE DRAWING

The invention will be better understood thanks to the following detailed description that refers to the annexed drawing given as non-limitative example.

FIG. 1 shows an overview of the mechanism allowing a security module “to jump” towards a dedicated patch message stream when the version of its firmware becomes obsolete.

Claims

1. A method for updating the firmware of a security module associated to a user unit for processing digital data broadcasted in a transport stream, said unit being connected to a conditional access system transmitting, in said transport stream, to the security module a first stream of management messages, said method comprising the steps of: broadcasting at least a second stream comprising the patch messages suitable for updating the firmware of the security module, said second stream being identified by an identifier associated to a predetermined type of security module,adding to the first stream of management messages, trigger messages comprising version information allowing establishing whether said security module is up-to-date, and an identifier indicating to said security module the suitable patch stream,if the current version of the firmware of the security module is inferior to the patch version, directing the security module towards the stream of patch messages designated by the identifier included in the trigger message,updating the firmware of the concerned security module related to the stream of patch messages,directing the security module towards the first stream of management messages when the update of the firmware is completed.

2. The method according to claim 1, wherein the security module includes an identifier of the conditional access system to which it is connected.

3. The method according to claim 2 wherein a correspondence table is defined that associates the identifier of the conditional access system to the identifier of the stream transmitted by said conditional access system.

4. The method according to claim 1, wherein, after completion of firmware update, a switch message, transmitted after the patch messages, directs the security module towards an access control system transmitting the first stream of management messages, the identifier of said stream being determined by the table with the identifier of the conditional access system.

5. The method according to claim 1, wherein the patch messages are transmitted in a chain, each message comprising at least a code of the type of security module to be updated, a parameter indicating a final version of said update, an index indicating the position of the message in the chain and program data of the update.

6. The method according to claim 1, wherein the trigger messages comprise at least a code of the type of security module to be updated, a final version reference of the firmware, as well as the identifier of the conditional access system transmitting the stream of patch messages relating to the security modules of the corresponding type, the identifier of said stream being determined by the table with the identifier of the conditional access system.

7. The method according to claim 4, wherein the switch message includes at least a code of the type of security module, a final version reference obtained after updating and the identifier of the conditional access system transmitting the first stream of management messages.

8. The method according to claim 1, wherein a new security module associated for the first time to a user unit is connected to a particular conditional access system transmitting a stream of trigger messages comprising at least one message allowing directing towards a conditional access system transmitting a stream of patch messages adapted to the type and to the version of the firmware of said security module.

9. The method according to claim 1, wherein the patch messages are transmitted grouped in one stream with a given identifier according to a family of types of security module.

10. The method according to claims 7, wherein the patch messages, the trigger messages and the switch messages comprise at least one code designating the family and the type of security module.

11. Conditional access system to which is connected at least one user unit for processing digital data broadcasted in a transport stream, said unit being associated to a security module, the conditional access system transmitting, in the transport stream, to the security module, a first stream of management messages, is configured to update the firmware of the security module by performing the steps of: broadcasting at least a second stream comprising the patch messages suitable for updating the firmware of the security module, said second stream being identified by an identifier associated to a predetermined type of security module,adding to the first stream of management messages, trigger messages comprising version information allowing establishing whether said security module is up-to-date, and an identifier indicating to said security module the suitable patch stream,if the current version of the firmware of the security module is inferior to the patch version, directing the security module towards the stream of patch messages designated by the identifier included in the trigger message,updating the firmware of the concerned security module related to the stream of patch messages,directing the security module towards the first stream of management messages when the update of the firmware is completed.

12. The conditional access system according to claim 11 wherein a correspondence table is defined that associates the identifier of the conditional access system to the identifier of the transmitted first stream.

13. The conditional access system according to claim 12, wherein, after completion of firmware update, a switch message, transmitted after the patch messages, directs the security module towards the first stream of management messages.

14. The conditional access system according to claim 11, wherein the patch messages are transmitted in a chain, each message comprising at least a code of the type of security module to be updated, a parameter indicating a final version of said update, an index indicating the position of the message in the chain and program data of the update.

15. The conditional access system according to claim 11, wherein the trigger messages comprise at least a code of the type of security module to be updated, a final version reference of the firmware, as well as the identifier of the conditional access system transmitting the stream of patch messages relating to the security modules of the corresponding type, the identifier of said stream being determined by the table with the identifier of the conditional access system.

16. The conditional access system according to claim 13, wherein the switch message includes at least a code of the type of security module, a final version reference obtained after updating and the identifier of the conditional access system transmitting the first stream of management messages.

17. The conditional access system according to claim 11, wherein the patch messages are transmitted grouped in one stream with a given identifier according to a family of types of security module.

18. The conditional access according to claim 16, wherein the patch messages, the trigger messages and the switch messages comprise at least one code designating the family and the type of security module.

19. The method according to claim 3, wherein the trigger messages comprise at least a code of the type of security module to be updated, a final version reference of the firmware, as well as the identifier of the conditional access system transmitting the stream of patch messages relating to the security modules of the corresponding type, the identifier of said stream being determined by the table with the identifier of the conditional access system.

20. The method according to claim 9, wherein the patch messages, the trigger messages and the switch messages comprise at least one code designating the family and the type of security module.

21. The conditional access system according to claim 12, wherein the trigger messages comprise at least a code of the type of security module to be updated, a final version reference of the firmware, as well as the identifier of the conditional access system transmitting the stream of patch messages relating to the security modules of the corresponding type, the identifier of said stream being determined by the table with the identifier of the conditional access system.

22. The conditional access according to claim 17, wherein the patch messages, the trigger messages and the switch messages comprise at least one code designating the family and the type of security module.