Firmware Over-The-Air (FOTA) is a technology which uses wireless communication to upgrade the software of electronic control unit. FOTA has been applied in a large scale in automobile electronic control devices, as a result, the vehicle control system is faced with increasing security threats from the public network. However, the present mainstream FOTA schemes merely focus on the remote transmission from the server side to the vehicle side, and the security handling of the in-vehicle firmware is still a weak link. This thesis proposes a multi-check scheme of firmware security, the server signs the firmware through the Elliptic Curve Cryptography-based digital signature algorithm, so as to get two check codes, which are respectively used for remote transmission and check of firmware integrity and identity in-vehicle handling process, thereby ensuring full-process security of FOTA. The experimental results show that the scheme proposed in this thesis can well identify the risk of tampering during remote transmission and storage of firmware, and the time cost increased is only about 5%. Meanwhile, compared with the scheme realized by using RSA, this scheme is advantaged by fast speed of signature verification and small occupancy rate of resources.