{"id":10909,"date":"2021-04-30T13:49:18","date_gmt":"2021-04-30T11:49:18","guid":{"rendered":"https:\/\/advancedfleetmanagementconsulting.com\/eng\/?p=10909"},"modified":"2021-04-30T13:49:18","modified_gmt":"2021-04-30T11:49:18","slug":"ota-security","status":"publish","type":"post","link":"https:\/\/advancedfleetmanagementconsulting.com\/eng\/2021\/04\/30\/ota-security\/","title":{"rendered":"Service Orientated Architectures Pitch for OTA Security"},"content":{"rendered":"

The security risks of centralized automotive architectures and over-the-air updates are clear.<\/span><\/p>\n

Meanwhile, vehicle functions are increasingly defined by software, making them more hackable. The evolution of automotive electrical engineering toward service-oriented architectures changes the paradigm for the security of OTA updates, as well as security in general. Says Luca De Ambroggi, chief analyst with Ward\u2019s Intelligence: \u201cFrom the automotive and engineering perspectives, hardware security that you can implement in silicon is known to be the safest. With software, you can update something and use the same path to hack it. The perception is that it\u2019s less safe. Nonetheless, the car is going to be controlled by software for cost and security reasons.\u201d<\/span><\/p>\n

Consumer experience: a megatrend<\/strong><\/span><\/p>\n

Consumer demand is a major influence on the move toward software-defined vehicles. Consumers expect the digital experience in the car to rival that of their phones, says Robert Redfield, director of business development for Green Hills Software. Add to that the amount of software needed for ADAS and semi-autonomous driving, and, \u201cOEMs realized the existing electrical engineering foundation couldn\u2019t scale\u201d.<\/span><\/p>\n

Whether it\u2019s adding new functionality to ADAS or infotainment, or patching vulnerabilities, OTA updates are a valuable solution. Service-oriented architectures (SOAs) make handling vehicle software more efficient and economical, and they can improve the security of OTA updates.<\/span><\/p>\n

SOAs simplify software development, De Ambroggi says, because software is broken up into small, self-contained modules that can be updated individually, whether that\u2019s an upgrade in functionality or eliminating a vulnerability. Updates can also be more frequent. When a change is made, he adds: \u201cYou don\u2019t have to requalify the entire 400 million lines of code in the vehicle. You just certify the submodule that\u2019s responsible for this area of the function.\u201d<\/span><\/p>\n

New architectures, new security<\/strong><\/span><\/p>\n

One of the advantages of siloed ECUs was security \u2013 an exploit of one ECU couldn\u2019t reach others. \u201cAs you connect those ECUs, you run the risk of, if one gets infected, others can be, too,\u201d says Redfield. \u201cYou have to think very carefully about how to separate cyber-security risks coming from outside car to life critical functions in car.\u201d<\/span><\/p>\n

SOAs can exacerbate security concerns if their architectures are not properly designed, as De Ambroggi and Redfield note. Owing to the fact that ECUs are connected, Redfield says: \u201cThe vehicle architecture better have software and hardware to either block attacks coming in from any source or safely partition them.\u201d De Ambroggi said that one issue with SOAs in the past was connectivity. \u201cThe networking of the car was really low bandwidth. Implementing a security protocol to secure transmission of data would have created unbearable overhead.\u201d<\/span><\/p>\n

Now, with ethernet in the car, automakers can implement security protocols that have long been used in the IT industry, such as TLS. With implementation of ethernet in the car, de Ambroggi says: \u201cYou need to be able to address a specific module, so each ECU in car will have its own IP address that will be secure and frequently updated by the OEM. This is exactly what major OEMs are targeting.\u201d<\/span><\/p>\n

Gradual shift to SOAs<\/strong><\/span><\/p>\n

Decoupling infotainment functions from safety-critical functions by means of domain-specific controllers will persist as a strategy for a while, De Ambroggi thinks, because it provides a more controlled and secure path for updating those safety functions. However, SOAs do allow for a more centralized architecture with software-defined functions.<\/span><\/p>\n

Within an SOA, services can be defined as largely independent software components with standardized interfaces in a modular structure, according to G\u00fcnter Reichart, spokesperson for AUTOSAR. He says: \u201cThis makes it easier to reuse these software components compared to modules that are designed for signal-based communication. The decoupling of software components in service-oriented systems significantly simplifies the update and upgrade processes.\u201d<\/span><\/p>\n

Strategy Analytics expects the use of central automotive gateway modules to grow to almost 100% by 2027, in line with the growing complexity of vehicle electronics and software, plus the concomitant need for more security. \u201cAs the automotive gateway module becomes the central focal point for increasing volumes of data, issues of security including cyber-security and the use of software and hypervisors will also become central to the automotive gateway module offering,\u201d report author Asif Anwar said in a press release.<\/span><\/p>\n

Despite the potential risks of OTA updates themselves, Reichart says: \u201cFast over-the-air updates and upgrades will play an important role in our defense against external attacks.\u201d While SOA may be the future, it\u2019s not the only future for automotive architectures. Reichart adds: \u201cSignal-based systems also have their advantages, especially when high levels of functional safety have to be achieved, and will continue to exist in vehicle networks.\u201d<\/span><\/p>\n

\n

by Susan Kuchinskas<\/p>\n

Source: https:\/\/www.tu-auto.com<\/a><\/span><\/p>\n

CUT COTS OF THE FLEET WITH OUR AUDIT PROGRAM<\/strong><\/a><\/h3>\n

\"\"<\/a><\/p>\n

The audit is a key tool to know the overall status and provide the analysis, the assessment, the advice, the suggestions and the actions to take in order to cut costs and increase the efficiency and efficacy of the fleet. We propose the following fleet management audit.<\/p>\n

FLEET MANAGEMENT AUDIT<\/strong><\/a><\/h3>\n","protected":false},"excerpt":{"rendered":"

The security risks of centralized automotive architectures and over-the-air updates are clear. Meanwhile, vehicle functions are increasingly defined by software, making them more hackable. The evolution of automotive electrical engineering toward service-oriented architectures changes the paradigm for the security of OTA updates, as well as security in general. Says Luca De Ambroggi, chief analyst with…<\/p>\n","protected":false},"author":3,"featured_media":10910,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[18],"tags":[361],"_links":{"self":[{"href":"https:\/\/advancedfleetmanagementconsulting.com\/eng\/wp-json\/wp\/v2\/posts\/10909"}],"collection":[{"href":"https:\/\/advancedfleetmanagementconsulting.com\/eng\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/advancedfleetmanagementconsulting.com\/eng\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/advancedfleetmanagementconsulting.com\/eng\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/advancedfleetmanagementconsulting.com\/eng\/wp-json\/wp\/v2\/comments?post=10909"}],"version-history":[{"count":1,"href":"https:\/\/advancedfleetmanagementconsulting.com\/eng\/wp-json\/wp\/v2\/posts\/10909\/revisions"}],"predecessor-version":[{"id":10911,"href":"https:\/\/advancedfleetmanagementconsulting.com\/eng\/wp-json\/wp\/v2\/posts\/10909\/revisions\/10911"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/advancedfleetmanagementconsulting.com\/eng\/wp-json\/wp\/v2\/media\/10910"}],"wp:attachment":[{"href":"https:\/\/advancedfleetmanagementconsulting.com\/eng\/wp-json\/wp\/v2\/media?parent=10909"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/advancedfleetmanagementconsulting.com\/eng\/wp-json\/wp\/v2\/categories?post=10909"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/advancedfleetmanagementconsulting.com\/eng\/wp-json\/wp\/v2\/tags?post=10909"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}