TY - GEN
T1 - A framework for self-verification of firmwareupdates over the air in vehicle ecus
AU - Nilsson, Dennis K.
AU - Sun, Lei
AU - Nakajima, Tatsuo
PY - 2008
Y1 - 2008
N2 - An upcoming trend for automobile manufacturers is to provide firmware updates over the air (FOTA) as a service. Since the firmware controls the functionality of a vehicle, security is important. To this end, several secure FOTA protocols have been d veloped. However, the secure FOTA protocols only solve the security for the transmission of the firmware binary. Once the firm ware is downloaded, an attacker could potentially modify its contents before it is flashed to the corresponding ECU's ROM. Thus, there is a need to extend the flashing procedure to also verify that the correct firmware has been flashed to the ECU. We present a framework for self-verification of firmware updates over the air. We include a verification code in the transmission to the vehicle, and after the firmware has been flashed, the integrity of the memory contents can be verified using the verification code. The verification procedure entails only simple hash functionnsand is thus suitable for the limited resources in the vehicle. Virtualization techniques are employed to establish a truste computing base in the ECU, which is then u ed to perform the verification. The proposed framework allows the ECU it selfto perform self-verification and can thus ensure the successful flashing of the firmwa e
AB - An upcoming trend for automobile manufacturers is to provide firmware updates over the air (FOTA) as a service. Since the firmware controls the functionality of a vehicle, security is important. To this end, several secure FOTA protocols have been d veloped. However, the secure FOTA protocols only solve the security for the transmission of the firmware binary. Once the firm ware is downloaded, an attacker could potentially modify its contents before it is flashed to the corresponding ECU's ROM. Thus, there is a need to extend the flashing procedure to also verify that the correct firmware has been flashed to the ECU. We present a framework for self-verification of firmware updates over the air. We include a verification code in the transmission to the vehicle, and after the firmware has been flashed, the integrity of the memory contents can be verified using the verification code. The verification procedure entails only simple hash functionnsand is thus suitable for the limited resources in the vehicle. Virtualization techniques are employed to establish a truste computing base in the ECU, which is then u ed to perform the verification. The proposed framework allows the ECU it selfto perform self-verification and can thus ensure the successful flashing of the firmwa e
UR - http://www.scopus.com/inward/record.url?scp=62949201811&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=62949201811&partnerID=8YFLogxK
U2 - 10.1109/GLOCOMW.2008.ECP.56
DO - 10.1109/GLOCOMW.2008.ECP.56
M3 - Conference contribution
AN - SCOPUS:62949201811
SN - 9781424430628
T3 - 2008 IEEE Globecom Workshops, GLOBECOM 2008
BT - 2008 IEEE Globecom Workshops, GLOBECOM 2008
T2 - 2008 IEEE Globecom Workshops, GLOBECOM 2008
Y2 - 30 November 2008 through 4 December 2008
ER -