Skip to main content

Advertisement

SpringerLink
Log in

A Hybrid Approach to Enhance Data Security in Wireless Vehicle Firmware Update Process

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

The significant growth of software, processing, and connectivity in automobiles has progressively placed cyber security in the forefront of automotive system design. In the modern era, the concept of connected vehicles facilitates advanced features like vehicle diagnostics and firmware updates over the Internet. As the diagnostic data and firmware update files are highly sensitive, the integrity and authentication of these are highly imperative. A hybrid technique for the enhanced data security using the blend of cryptography and image steganography is proposed for the Vehicle Firmware Update Over-the-Air (FOTA) Process. In the proposed method, Elliptic Curve Integrated Encryption Scheme followed by 3-bit least significant bit Image Steganography technique is used to ensure data integrity and gray level co-occurence matrix (GLCM) is used for authentication of firmware update patch. A prototype using AURIX TC275-TRB as Electronic Control Unit and Raspberry Pi as the telematics unit, has been developed to illustrate the viability of the proposed method. From the results obtained, it is inferred that the proposed method for data security in FOTA performs better than the method recommended by the AUTOSAR.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14

Similar content being viewed by others

Data availability

Enquiries about data availability should be directed to the authors.

Abbreviations

AES:

Advanced encryption standard

AES-GCM:

Advanced encryption standard Galois counter mode

CAN:

Controller area network

CGW:

Central gateway

CLI:

Command line interface

ECC:

Elliptic curve cryptography

ECDH:

Elliptic-curve Diffie–Hellman

ECDLP:

Elliptic curve discrete logarithm problem

ECIES:

Elliptic curve integrated encryption scheme

ECU:

Electronic control unit

FOTA:

Firmware update over-the-air

GLCM:

Gray level co-occurence matrix

HAT:

Hardware at top

LSB:

Least significant bit

MAC:

Message authentication code

MAC:

Media access control

MSE:

Mean square error

OEM:

Original equipment manufacturer

OS:

Operating system

PBKDF2:

Password based key derivation function 2

PSNR:

Peak signal-to-noise ratio

RAM:

Random access memory

RSA:

Rivest, Shamir, Adleman

SHA:

Secure Hash Algorithm

SoC:

System on chip

SOTA:

Software update over-the-air

SPI:

Serial peripheral interface

TCU:

Telematics control unit

UCM:

Update and configuration management

WLAN:

Wireless local area network

References

  1. Kathiresh, M., Neelaveni, R., Benny, M. A., & Moses, B. J. S. (2021). Vehicle diagnostics over internet protocol and over-the-air updates. In M. Kathiresh & R. Neelaveni (Eds.), Automotive embedded systems. EAI/Springer innovations in communication and computing. Springer.

  2. Halder, S., Ghosal, A., & Conti, M. (2020). Secure over-the-air software updates in connected vehicles: A survey, computer networks. Computer Networks. https://doi.org/10.1016/j.comnet.2020.107343

    Article  Google Scholar 

  3. Shavit, M., Gryc, A., & Miucic, R. (2007). Firmware update over the air (FOTA) for automotive industry, SAE Technical Paper Asia Pacific Automotive Engineering Conference. https://doi.org/10.4271/2007-01-3523

  4. Le, V. H., den Hartog, J., & Zannone, N. (2018). Security and privacy for innovative automotive applications: A survey. Computer Communications, 132, 17–41. https://doi.org/10.1016/j.comcom.2018.09.010

    Article  Google Scholar 

  5. Florian, S., Martin, L., Sebastian, S., Marko, W., Alexandre, B., Harris, W. R., Somesh, J., Thomas, P., Axel, P., & Samarjit, C. (2013). Security challenges in automotive hardware/software architecture design. In Design, automation & test in europe conference & exhibition, pp 458–463. https://doi.org/10.7873/DATE.2013.102

  6. Yu, H., Lin, C.-W. (2016). Security concerns for automotive communication and software architecture. In IEEE conference on computer communications workshops (INFOCOM WKSHPS), pp 600–603. https://doi.org/10.1109/INFCOMW.2016.7562147

  7. Pike, L., Sharp, J., Tullsen, M., & Hickey Bielman J, P. C. (2013). Secure automotive software: The next steps. IEEE Software, 34(3), 49–55. https://doi.org/10.1109/MS.2017.78

    Article  Google Scholar 

  8. Qiang, Hu., & Luo, F. (2018). Review of secure communication approaches for in-vehicle network. International Journal of Automotive Technology, 19, 879–894. https://doi.org/10.1007/s12239-018-0085-1

    Article  Google Scholar 

  9. Specification of Update and Configuration Management AUTOSAR AP Release 17-10, AUTOSAR, Document ID 888, October 27, (2017). autosar.org/fileadmin/user_upload/standards/adaptive/17-10/AUTOSAR_SWS_UpdateAndConfigManagement.pdf

  10. Specification of Crypto Interface for Adaptive Platform AUTOSAR AP Release 17-10, AUTOSAR, Document ID 883, October 27, (2017). https://www.autosar.org/fileadmin/user_upload/standards/adaptive/17-10/AUTOSAR_SWS_AdaptiveCryptoInterface.pdf

  11. Steger, M., Boano, C. A., Niedermayr, T., Karner, M., Hillebrand, J., Roemer, K., & Rom, W. (2018). An efficient and secure automotive wireless software update framework. IEEE Transactions on Industrial Informatics, 14(5), 2181–2193. https://doi.org/10.1109/TII.2017.2776250

    Article  Google Scholar 

  12. Steger, M., Karner, M., Hillebrand, J., Rom, W., Boano, C., & Römer, K. (2016). Generic framework enabling secure and efficient automotive wireless SW updates. In IEEE 21st international conference on emerging technologies and factory automation (ETFA), pp. 1–8. https://doi.org/10.1109/ETFA.2016.7733575

  13. Mayilsamy, K., Ramachandran, N., & Raj, V. S. (2018). An integrated approach for data security in vehicle diagnostics over IP and software update over the air. Computers & Electrical Engineering, 71, 578–593. https://doi.org/10.1016/j.compeleceng.2018.08.002

    Article  Google Scholar 

  14. Liu, Z., Seo, H., Großschädl, J., & Kim, H. (2016). Efficient implementation of NIST-compliant elliptic curve cryptography for 8-bit AVR-based sensor nodes. IEEE Transactions on Information Forensics and Security, 11(7), 1385–1397. https://doi.org/10.1109/TIFS.2015.2491261

    Article  Google Scholar 

  15. Liu, Z., Weng, J., Hu, Z., & Seo, H. (2016). Efficient elliptic curve cryptography for embedded devices. ACM Transactions Embedded Computing Systems, 16(2), 53:1-53:18. https://doi.org/10.1145/2967103

    Article  Google Scholar 

  16. Chandra, S., Paira, S., Alam, S. S., & Sanyal, G. (2014). A comparative survey of symmetric and asymmetric key cryptography. In Proceedings of 2014 international conference on electronics, communication and computational engineering (ICECCE), pp. 83–93, https://doi.org/10.1109/ICECCE.2014.7086640.

  17. Lara-Nino, C. A., Diaz-Perez, A., & Morales-Sandoval, M. (2018). Elliptic curve lightweight cryptography: A survey. IEEE Access, 6, 72514–72550. https://doi.org/10.1109/ACCESS.2018.2881444

    Article  Google Scholar 

  18. Standards for Efficient Cryptography 2 (SEC 2), Certicom Research, 2010. Retrieved December 15, 2021 from https://info.isl.ntt.co.jp/crypt/eng/archive/dl/oef/nttdoc-oef2-en-20080806.pdf

  19. Kaur, N., & Behal, S. (2014). A survey on various types of steganography and analysis of hiding techniques. International Journal of Engineering Trends and Technology (IJETT), 11(8), 392. https://doi.org/10.14445/22315381/IJETT-V11P276

    Article  Google Scholar 

  20. Sugathan, S. (2016). An improved LSB embedding technique for image steganography. In Proceedings of 2016 2nd international conference on applied and theoretical computing and communication technology (iCATccT), pp 609–612, https://doi.org/10.1109/ICATCCT.2016.7912072

  21. Xing, Z., & Jia, H. (2019). Multilevel color image segmentation based on GLCM and improved Salp Swarm Algorithm. IEEE Access, 7, 37672–37690. https://doi.org/10.1109/ACCESS.2019.2904511

    Article  Google Scholar 

  22. Roberto de Oliveira, P., Delisandra Feltrim, V., Andreia Fondazzi Martimiano, L., & Brasilino Marcal Zanoni, G. (2014). Energy consumption analysis of the cryptographic key generation process of RSA and ECC algorithms in embedded systems. IEEE Latin America Transactions, 12(6), 1141–1148. https://doi.org/10.1109/TLA.2014.6894012

    Article  Google Scholar 

  23. Dumitrescu, S., Wu, X., & Wang, Z. (2003). Detection of LSB steganography via sample pair analysis. IEEE Transactions on Signal Processing, 51(7), 1995–2007. https://doi.org/10.1109/TSP.2003.812753

    Article  MATH  Google Scholar 

  24. Benedikt Boehm. (2014). StegExpose—A tool for detecting LSB steganography, arXiv.org. School of Computing University of Kent. https://arxiv.org/abs/1410.6656

Download references

Funding

The authors declare that no funds, grants, or other support were received during the preparation of this manuscript. The manuscript has no associated data

Author information

Authors and Affiliations

  1. PSG College of Technology, Coimbatore, India

    Kathiresh Mayilsamy, Neelaveni Ramachandran, B. Jeffrin Samuel Moses & Archana Ravikumar

Authors
  1. Kathiresh Mayilsamy
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Neelaveni Ramachandran
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. B. Jeffrin Samuel Moses
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Archana Ravikumar
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

All authors contributed to the study conception, material preparation, algorithms development and their analysis. The first draft of the manuscript was written by KM and all authors commented on previous versions of the manuscript. All authors read and approved the final manuscript.

Corresponding author

Correspondence to Kathiresh Mayilsamy.

Ethics declarations

Conflict of interest

The authors have not disclosed any competing interests.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Mayilsamy, K., Ramachandran, N., Moses, B.J.S. et al. A Hybrid Approach to Enhance Data Security in Wireless Vehicle Firmware Update Process. Wireless Pers Commun 125, 665–684 (2022). https://doi.org/10.1007/s11277-022-09571-8

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-022-09571-8

Keywords

Search

Navigation