Ana Kovačević from Zentrix Lab Presents Research on Secure Automotive OTA Firmware Updates

Ana Kovačević, from Zentrix Lab, Presents Research on Secure Automotive OTA Firmware Updates

Ana Kovačević from Zentrix Lab, a partner in the CONFIDENTIAL6G project, was invited to speak at the Seminar on Computer Science and Applied Mathematics at the Mathematical Institute of the Serbian Academy of Sciences on February 18, 2025. She presented research on improving the security of over-the-air (OTA) firmware updates for automotive systems using decentralized identifiers (DIDs) and distributed ledger technology (DLT).

The work was published in MDPI Electronics under the title:
📄 “Enhancing Security of Automotive Over-the-Air Firmware Updates via Decentralized Identifiers and Distributed Ledger Technology”
👩‍💻 Authors: Ana Kovačević and Nenad Gligoric
🔗 Read the full publication

As modern vehicles rely on frequent software updates, ensuring the integrity and security of OTA updates is essential. Traditional OTA mechanisms often lack strong protections, making them vulnerable to cyber threats. The research proposes an approach that integrates DIDs for unique vehicle identification and verifiable credentials (VCs) and verifiable presentations (VPs) to securely exchange and verify update information. Additionally, the solution allows for revoking updates when necessary, improving overall system security.

The security analysis, conducted using the STRIDE methodology, identified key threats such as spoofing, tampering, and privilege escalation. Results showed that the proposed approach effectively mitigates these risks while maintaining low latency during operations.

This research was partially funded by the European Commission under the Horizon Europe CONFIDENTIAL6G project.