Global Sources
EE Times-India
Stay in touch with EE Times India
 
EE Times-India > RF/Microwave
 
 
RF/Microwave  

Advantages of over-the-air updates for automotives

Posted: 11 Jan 2016     Print Version  Bookmark and Share

Keywords:Internet of Things  IoT  over-the-air  OTA  software updates 

Many IoT solution vendors tout security as a paramount feature, but few truly provide end-to-end security. Without such security, malicious parties can use numerous points of vulnerability to compromise vehicle software. Considering that components like the instrument cluster or engine control unit can be critical to the safety of the driver and passengers, this is no small risk.

So what, exactly, are the key pieces needed for end-to-end security in OTA updates?

Security starts on the assembly line, with the injection of private keys or certificates into vehicle components.

This technique prevents component counterfeiting, but more importantly for OTA software updates, binds a private/public key pair to each component along with credential information such as vehicle identification number (VIN), model, or manufacturing date.

The automaker should also use a trusted certification authority as a root for key management. Adding security after deployment is always more difficult than building it in from the start, and a vehicle system that supports private key or certificate injection can benefit both the supply chain and the software management process.

An OTA service should run on a secured and redundant network.

To start, servers and infrastructure should reside in physically secured buildings with well-defined emergency response plans. Next, the service should use a secure firewall to prevent unauthorised network access to data and to protect connected systems. Further, the host data centres should be monitored around the clock for security risks and breaches such as denial-of-service (DoS) attacks.

Should an incident occur, staff should be available for immediate response to mitigate threats and to ensure data is not compromised.

To ensure reliability and uptime, data centres should be globally distributed with redundant systems in place to prevent loss of data. They should also use active-active server clusters to minimise downtime.

Finally, good practice ('practise' when verb) dictates that the host data centres use elastic computing technologies to respond autonomously to varying workloads.

From authentication to authorisation
Authentication is the first important step in delivering a secure service.

With authentication, a user or device in the vehicle provides credentials to establish that they are approved to receive services or content. This could be as simple as verifying the owner of a key fob for the vehicle. Ideally, authentication for an OTA service is integrated with the manufacturing key or certificate injection process described previously.

A well-designed OTA solution will provide a single point of authentication and will enable the linking of services, otherwise known as federation of services, on the backend. The solution can also achieve federation through a single sign-on approach that allows users to use a central identity when accessing services from multiple providers. With federation, the automaker can make identity information portable across separately running services, and the consumer needs to log in only once to access multiple applications.

Where personal data may be shared, the OTA solution should use tokenisation to protect end-point and user credentials.

Tokenisation anonymizes personal data by substituting it with non-sensitive data. This method minimises exposure of a customer's data to intruders, as well as to people and systems on the automaker's end that may not be sources of threat, but have no need to see sensitive information.

OAuth, an open standard for handling protected data, can provide user and password authentication where only a token gets passed to the automaker. Many people use OAuth every day to log in to websites like Facebook, Google, and Twitter, and it offers an effective way to authenticate vehicle owners for OTA updates without releasing their passwords to multiple apps.

The second step for secure service delivery is encrypted communications.

Encryption of both stored data and data in transit is important. Encryption will not prevent others from gaining access to the data being transferred, but it makes the message content unreadable to any eavesdropper.

RSA is a widely used public-key encryption system, but it can be too resource intensive when millions of vehicles are being updated, data transfers are frequent, and devices are constrained with limited battery power, modest CPUs, and minimal RAM.

It is better, then, to choose an encryption solution that requires less computing power and a smaller memory footprint. For example, Elliptic Curve Cryptography (ECC) provides the same strength of encryption as RSA, with 30 to 70 times the efficiency for resource usage.

Regardless of the method, encryption is imperative for protecting data and potentially even the privacy of the customer. For example, a data transmission may contain personal information such as a user's home address that was saved on the navigation system.

 First Page Previous Page 1 • 2 • 3 Next Page Last Page



Comment on "Advantages of over-the-air updates f..."
Comments:  
*  You can enter [0] more charecters.
*Verify code:
 
 
Webinars

Seminars

Visit Asia Webinars to learn about the latest in technology and get practical design tips.

 

Go to top             Connect on Facebook      Follow us on Twitter      Follow us on Orkut

 
Back to Top