Remote updating- upgrading of vehicle firmware
Securing remote and in-vehicle communications against cyber-attacks, possibly performed with quantum computers in the near future, is a major goal in the automotive sector. For such a purpose I-FEV focused on a thorough study and an architecture and protocol design to develop and implement a Service Over the Air (SOtA )system, starting from Electronic Control Unit (ECU) firmware update on its electric vehicles from remote.
UPTANE (a de-facto standard in the automotive sector) guidelines have been successfully taken as a reference for the implementation of the system. The achievements have been integrated in the first prototypes.
February 2023Describe the innovation content of the result:
The UPTANE based implementation of SOtA brings security feature to an otherwise vulnerable communication system on-board electric vehicles.
Who will be the customer?
Users of transportation means in a urban mobility framework (e.g. commuters)
What benefit will it bring to the customers?
Secure communications brings not only privacy but safety as well when it comes to vehicle operations, especially for electric ones, which are equipped with high energy density battery packs and autonomous drive.
When is the expected date of achievement in the project (Mth/yr)?
Within the time span of the project.
When is the time to market (Mth/yr)?
What are the costs to be incurred after the project and before exploitation?
What is the approximate price range of this result/price of licences?
What are the market size in Millions € for this result and relevant trend?
How will this result rank against competing products in terms of price/performance?
Who are the competitors for this result?
Proprietary architecture and protocols developed by large Automotive OEMs.
How fast and in what ways will the competition respond to this result?
It will take about 3 years for other implementations of similar solutions.
Who are the partners involved in the result?
Not defined yet.
Who are the industrial partners interested in the result (partners, sponsors, etc.)?
Not defined yet.
Have you protected or will you protect this result? How? When?
Patents will be filed for those aspects of the design not covered yet and for the specific solutions adopted in the implementation.
BIECO Integrated Platform will integrate the tools in a loosely coupled way.
Data Collection Tool (DCT) stores information from relevant vulnerability related datasets, providing a single access point to information required by the vulnerability detection and forecasting tools developed in T3.3, as well as for the failure prediction tools developed in T4.2.
Vulnerability Detection Tool will detect existing vulnerabilities within the source code which may lead to the successful execution of an attack.
Vulnerability Exploitability Forecasting Tool will estimate the probability of a vulnerability to be exploited in the next 3, 6 or 12 months.
Vulnerability Propagation Tool will calculate and offer the paths affected by a vulnerability in the source code.
Fuzzing Tool will test System Under Test (SUT) security vulnerabilities or inputs not contemplated that could compromise the system; as a black-box process, by using unintended or incorrect inputs and monitoring their corresponding outputs.