ESCRYPT and SYSGO develop secure over-the-air update solution
Driven by new features such as automatic emergency calls or advanced driver assistant systems, the overall complexity of automotive software is on the rise. This leads to more electronic control units (ECUs) and ultimately more lines of code to be executed. More complexity also inherently means a higher probability of programming errors. Therefore, software updates become an essential part of the car’s lifecycle. In the automotive world, software updates are still predominantly performed during service intervals at the service station. However, in order to take timely action against emerging vulnerabilities and new threats, more frequent updates are desirable, ideally using a wireless connection to a remote server. To prevent attackers from modifying the firmware, security becomes a crucial part of the firmware update process. ESCRYPT and SYSGO are developing a joint solution to provide reliable cryptographic services to applications executed in PikeOS partitions. The services provided by ESCRYPT’s CycurLIB are executed as a crypto server in a partition provided by SYSGO’s PikeOS. The work represents the initial results of
SAFURE, the European collaborative project that targets safety and security by design for interconnected mixed-critical cyber-physical systems. The SAFURE project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 644080.