Technological Field
The described technology generally relates to a method for managing the installation of a software application on an electronic device. The described technology also relates to a method for generating a software pack and the associated computer program product. The described technology also relates to an electronic device.
Description of the Related Technology
Electronic devices are using more and more onboard applications. A programmable automaton or a circuit breaker are two examples of such electronic devices.
The onboard applications periodically require updating, in particular when improvements of the application appear or flaws are corrected. During the installation of a new version of an application on an electronic device, it is important to verify that the new version is appropriate for the electronic device in question and that the new version has been generated by an authorized company (an approved supplier or the manufacturer of the electronic device). Installing a version modified by an ill-intentioned third party may prevent the operation of the device, or worse still, make operation of the device dangerous for the user.
It is therefore desirable to update the applications of an electronic device by confidently authenticating the origin of any updates.
To that end, it is known to use electronic signatures present in the update of the application, the electronic device being provided with specific electronic signature identification capability. As an example, document EP-A-2,402,879 describes an application tool making it possible to generate a signature of the application comprising a code generator for producing a binary code, a generator generating certificates separate from the binary codes, and a platform combining at least one certificate with at least one binary code to facilitate the update of the onboard applications in an electronic device.
However, since industry is seeking to minimize operating losses, the electronic devices are updated infrequently, for example over several years of operation. As a result, when the electronic device has not been updated for some time and several versions of the application's signature have been created in the interim, the identification capability of the electronic device is only able to identify electronic signatures that have become obsolete. The aforementioned document does not make it possible to manage such a situation effectively.