Secure Wireless Automotive Software Updates Using Blockchains: A Proof of Concept

  • Marco Steger
  • Ali Dorri
  • Salil S. Kanhere
  • Kay Römer
  • Raja Jurdak
  • Michael Karner
Conference paper
Part of the Lecture Notes in Mobility book series (LNMOB)

Abstract

Future smart vehicles will employ automotive over-the-air updates to update the soft ware in the embedded electronic control units. The update process can affect the safety of the involved users, thus requires a comprehensive and elaborate security architecture ensuring the confidentiality and the integrity of the exchanged data, as well as protecting the privacy of the involved users. In this paper, we propose an automotive security architecture employing Blockchain to tackle the implicated security and privacy challenges. We describe our proof-of-concept implementation of a Blockchain-based software update system, use it to show the applicability of our architecture for automotive systems, and evaluate different aspects of our architecture.

Keywords

Automotive security architecture Blockchains Wireless software update Over-the-air updates Security Privacy Scalability 

References

  1. Aslam B, Zou C (2009) Distributed certificate and application architecture for VANETs. In: IEEE military communications conference, pp 1–7Google Scholar
  2. Dorri A, Kanhere S, Jurdak R (2017) Towards an optimized blockchain for IoT. In: Proceedings of the second international conference on internet-of-things design and implementation (IoTDI ’17). ACM, pp 173–178Google Scholar
  3. Foster D, Prudhomme A et al (2015) Fast and vulnerable: a story of telematic failures. In: USENIX workshop on offensive technologiesGoogle Scholar
  4. Gabe N (2016) Over-the-air updates on varied paths, automotive newsGoogle Scholar
  5. Hossain I, Mahmud S (2007) Analysis of a secure software upload technique in advanced vehicles using wireless links. In: Intelligent Transportation Systems Conference, pp 1010–1015Google Scholar
  6. Idrees M, Schweppe H et al (2011) Secure automotive on-board protocols: a case of over-the-air firmware updates. Lecture Notes in Computer Science. LNCS, vol 6596, pp 224–238Google Scholar
  7. Khurram M, Kumar H et al (2016) Enhancing connected car adoption: security and over the air update framework. In: IEEE world forum on internet of things (WF-IoT), vol 3, pp 194–198Google Scholar
  8. Mallissery S, Pai M et al (2014) Improving the PKI to build trust architecture for VANET by using short-time certificate mngt. and Merkle Signature Scheme. In: Asia-Pacific conference on computer aided system engineering, pp 146–151Google Scholar
  9. Nakamoto S (2008) Bitcoin: a peer-to-peer electronic cash system. http://www.bitcoin.org/bitcoin.pdf
  10. Nilsson D, Larson U (2008) Secure firmware updates over the air in intelligent vehicles. In: IEEE conference on communications, pp 380–384Google Scholar
  11. Steger M, Karner M et al (2016) Generic framework enabling secure and efficient automotive wireless SW updates. In: IEEE international conference on emerging technologies and factory automation (ETFA), vol 21, pp 1–8Google Scholar
  12. Steger M, Karner M et al (2016) SecUp: secure and efficient wireless software updates for vehicles. In: IEEE conference on digital system design (DSD), pp 628–636Google Scholar
  13. Valasek C, Miller C (2015) Remote exploitation of an unaltered passenger vehicle, White Paper, p 93Google Scholar
  14. Woo S, Jo H et al (2016) A practical security architecture for in-vehicle CAN-FD. IEEE Trans Intell Transp Syst 17:2248–2261CrossRefGoogle Scholar
  15. Yue X, Wang H et al (2016) Healthcare data gateways: found healthcare intelligence on blockchain with novel privacy risk control. J Med Syst 40:1–8MathSciNetCrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2018

Authors and Affiliations

  • Marco Steger
    • 1
  • Ali Dorri
    • 2
  • Salil S. Kanhere
    • 2
  • Kay Römer
    • 3
  • Raja Jurdak
    • 4
  • Michael Karner
    • 1
  1. 1.Virtual Vehicle Research CenterGrazAustria
  2. 2.School of Computer Science and Engineering (CSE)University of New South Wales (UNSW)SydneyAustralia
  3. 3.Institute for Technical InformaticsGraz University of TechnologyGrazAustria
  4. 4.Commonwealth Scientific and Industrial Research Organisation (CSIRO) DATA61, BrisbaneAustralia

Personalised recommendations