Implementing Secure Over-the-Air Updates in an Automotive ECU
To avoid bricking a device with a failed OTA update, engineers need to identify potential points of failure and create a system-level architecture to mitigate against them. This architecture’s key components will comprise a telematics unit, which is in communication with the server that will be delivering the update; a gateway, or manager, which handles the local reception and distribution of the update; and a client, which is the device receiving the update.
The automotive industry is an excellent example of a high-reliability application that must adhere to a strict process when implementing OTA updates. There can be no scenario where an ECU could be allowed to brick either during or after an OTA update. Security is critical here. At every stage in the process, security needs to be observed. This typically means using encryption and authentication with keys and certificates stored in a secure, tamper-proof way.
Disclaimer: by clicking on this button, you accept that your data might be communicated to this company. If you do not want us to communicate your data, please update your details on your profile
If you enjoyed this article, you will like the following ones: don't miss them by subscribing to :
