Contact Us

Enhancing Security of Automotive Firmware Updates with Advanced Technology

Enhancing Security of Automotive Firmware Updates with Advanced Technology

As part of the CONFIDENTIAL6G Project, Ana Kovacevic and Nenad Gligoric from Zentrix Lab have published a journal article titled “Enhancing Security of Automotive OTA Firmware Updates via Decentralized Identifiers and Distributed Ledger Technology.” This work focuses on addressing key security challenges in the increasingly connected and complex world of automotive systems.

Modern vehicles depend on seamless over-the-air (OTA) firmware updates to ensure functionality and address emerging issues. However, traditional OTA mechanisms often fall short in providing robust security, leaving vehicles vulnerable to potential threats such as spoofing, tampering, and privilege escalation. This paper introduces a novel approach leveraging Decentralized Identifiers (DIDs) and Distributed Ledger Technology (DLT) to enhance the security of OTA updates enabling vehicle firmware updates remotely without revocation of vehicle fleets by OEM.

Key Highlights of the Research:

  • Unique Vehicle Identification: DIDs provide a secure and decentralized method for identifying individual vehicles, ensuring updates are delivered to the correct recipient.
  • Secure Information Exchange: Verifiable credentials (VCs) and verifiable presentations (VPs) are used to authenticate and verify the integrity of updates.
  • Update verification: The approach supports verification of specific updates and revocation if vulnerabilities are detected, providing an additional layer of control and security.
  • Threat Mitigation: A detailed security analysis using the STRIDE methodology identified and mitigated risks, such as spoofing and privilege escalation.
  • Performance Optimization: Tests confirmed low latency during operations, demonstrating the feasibility of integrating this solution into real-world automotive systems without compromising efficiency.

This publication represents an contribution to advancing the security of connected vehicles, a critical aspect as the automotive industry continues to embrace digital transformation. By combining DIDs and DLT, the proposed solution offers a robust framework for ensuring the authenticity and integrity of OTA firmware updates, ultimately reducing risks and enhancing user trust in automotive systems.

For more details, you can access the full publication here: https://zenodo.org/records/14261730.

Submit a Comment

Your email address will not be published. Required fields are marked *