• English
  • Deutsch
  • Log In
    Password Login
    Research Outputs
    Fundings & Projects
    Researchers
    Institutes
    Statistics
Repository logo
Fraunhofer-Gesellschaft
  1. Home
  2. Fraunhofer-Gesellschaft
  3. Konferenzschrift
  4. Secure and Lightweight Over-the-Air Software Update Distribution for Connected Vehicles
 
  • Details
  • Full
Options
December 4, 2023
Conference Paper
Title

Secure and Lightweight Over-the-Air Software Update Distribution for Connected Vehicles

Abstract
Connected vehicles are increasingly threatened by cyberattacks during their long lifecycle. Therefore, timely Over-the-Air (OTA) update processes are becoming a mandatory mitigation mechanism and their security a critical task. In this paper, we present a novel secure OTA update distribution mechanism for connected vehicles that addresses threats and requirements of recent automotive security regulations and standards. We tailor our security concept to the capabilities of a Trusted Platform Module 2.0 (TPM) that we deploy as hardware trust anchor at the vehicle telematics unit and show its benefits and uniqueness regarding security guarantees and functionality in comparison to related work. In our concept, the TPM acts as trusted update distribution point that securely translates the asymmetric backend cryptography to the symmetric in-vehicle cryptography and as update authorization point that coordinates the update installation, e.g., regarding the vehicle state. These concepts are completely enforced inside the shielded location of the TPM, which then represents our minimal hardened trusted computing base on the telematics unit. The solution does not rely on boot time integrity mechanisms and thus even mitigates against advanced runtime and physical hardware cyberattacks. We evaluate our solution using a prototypical implementation within an automotive evaluation platform.
Author(s)
Plappert, Christian  orcid-logo
Fraunhofer-Institut für Sichere Informationstechnologie SIT  
Fuchs, Andreas  
Fraunhofer-Institut für Sichere Informationstechnologie SIT  
Mainwork
39th Annual Computer Security Applications Conference, ACSAC 2023. Proceedings  
Conference
Annual Computer Security Applications Conference 2023  
Open Access
DOI
10.1145/3627106.3627135
Additional full text version
Landing Page
Language
English
Fraunhofer-Institut für Sichere Informationstechnologie SIT  
  • Cookie settings
  • Imprint
  • Privacy policy
  • Api
  • Contact
© 2024