• Software Life Cycle Protection

    Software lifecycle protection

    The vast majority of all new vehicle features are defined by software. Software manipulations via an update interface or resulting from attacks on the hardware can compromise the security of the components and, ultimately, driver and passenger safety. For vehicle manufacturers, this may lead to liability and warranty claims – quite aside from serious damage to their reputation.

Beyond that, manufacturers have a justified interest in preventing manipulation so that they can create and protect business models based on flexible software. IP protection in control units is also becoming more of a priority. When implementing all protective features, however, it is important to ensure that no additional obstacles are incorporated into existing processes such as software logistics, production, or service. Seamless integration into existing development and testing processes must be guaranteed, which means, for example, that developers and testers must continue to have authorized access to the software.

updates
updates

Stringent controls when installing software

 

Software is first installed during the ECU manufacturing process, usually in a controlled environment. In the course of a vehicle’s life, however, software and firmware updates are unavoidable. While these may be carried out by authorized persons such as certified dealers, updates are increasingly installed by non-experts over standardized interfaces. To ensure that in all update scenarios only software that is suitable, correct, and released by the manufacturer can be installed, measures such as assigning a digital signature to the software should be taken.

ESCRYPT’s key management solution offers pre-configured modules and interfaces for creating digital software signatures based on established security standards and tailored precisely to embedded systems and ECUs. A flexible rights and role management defines who is authorized to use keys to sign the software. This makes it possible to validate and ensure the integrity and authenticity of the software in the control unit. What’s more, ESCRYPT’s key management solution also makes controlled transfer of keys onto smartcards possible, allowing them to be used in scenarios without online access. Multiple interfaces permit integration into a server-to-server scenario as well as directly into developers’ workstations.

Verification of new software when flashing the ECU is carried out by ESCRYPT’s cryptographic library CycurLIB, supplemented by use of a secure bootloader. You can additionally implement ESCRYPT’s secure boot solution on the control unit in order to check the software when starting up the ECU. A hardware security module with our CycurHSM security stack can also perform cyclical checks on the software during operation.

Your benefits:

Protection against malfunctions or damage caused as a result of manipulated or incorrect software

Protection of the algorithms embedded in the software

Protection of the intellectual property of embedded software and application files

Trade secrets and technical know-how are safe from hackers

Language:
ISO 9001-2008 Home