Volume 14 , Issue 1 , PP: 125-140, 2024 | Cite this article as | XML | Html | PDF | Full Length Article
Shashikant Patil 1 * , Senthil Kumar A. 2 , Saket Mishra 3 , N. Gobi 4 , Intekhab Alam 5 , Romil Jain 6
Doi: https://doi.org/10.54216/JCIM.140109
The emergence of connected vehicles has transformed the automotive sector by enhancing the vehicle’s functionality, efficiency, and safety. The performance and security of these vehicles significantly rely on the deployment of the over-the-air software update. However, the execution of OTA comes with many challenges, especially with regard to security vulnerabilities and risks. The current paper delves into the complexities of the secure OTA software update for connected vehicles addressing the most critical issues; authentication; encryption and integrity verification, and risk management. Through advanced cryptographic methodologies, stringent authentication processes, and secure communication channels, automotive manufacturers and other service providers can guarantee the integrity and confidentiality of the updates, and consumers’ data from malicious attack. Moreover, the paper explores the regulatory and other standards-related matters that control the use of OTA in the automotive sector. An understanding of the secure OTA update mechanisms aids the stakeholders in establishing a resilient connection in connected vehicles boosting consumer trust and the future of the automobiles industry.
Connected vehicles , Over-the-air updates , Security , Authentication , Encryption , Integrity verification , Risk mitigation , Regulatory compliance
[1] Fizza, K., Auluck, N., Azim, A., Maruf, M. A., & Singh, A. (2019, December). Faster ota updates in smart vehicles using fog computing. In Proceedings of the 12th IEEE/ACM International Conference on Utility and Cloud Computing Companion (pp. 59-64).
[2] Kim, G., & Jung, I. Y. (2019). Integrity assurance of OTA software update in smart vehicles. International Journal on Smart Sensing and Intelligent Systems, 12(1), 1-8.
[3] Halder, S., Ghosal, A., & Conti, M. (2020). Secure over-the-air software updates in connected vehicles: A survey. Computer Networks, 178, 107343.
[4] V. Roy. " An Effective FOG Computing Based Distributed Forecasting of Cyber-Attacks in Internet of Things" Journal of Cybersecurity and Information Management, Vol. 12, No. 2, 2023 ,PP. 8-17.
[5] Kim, B., & Park, S. (2018, December). ECU software updating scenario using OTA technology through mobile communication network. In 2018 IEEE 3rd International Conference on Communication and Information Systems (ICCIS) (pp. 67-72). IEEE.
[6] Malik, A. W., Rahman, A. U., Ahmad, A., & Santos, M. M. D. (2022). Over-the-air software-defined vehicle updates using federated fog environment. IEEE Transactions on Network and Service Management, 19(4), 5078-5089.
[7] Hardik Agarwal, Kanika Somani, Shivangi Sharma, Prerna Arora , Puneet Singh Lamba, Gopal Chaudhary*, Palmprint Recognition Using Fusion of Local Binary Pattern and Histogram of Oriented Gradients, Fusion: Practice and Applications, Vol. 1 , No. 1 , (2020) : 22-31 (Doi : https://doi.org/10.54216/FPA.010103)
[8] Aditya Sharma , Aditya Vats , Shiv Shankar Dash , Surinder Kaur, Artificial Intelligence enabled virtual sixth sense application for the disabled, Fusion: Practice and Applications, Vol. 1 , No. 1 , (2020) : 32-39 (Doi : https://doi.org/10.54216/FPA.010104)
[9] Plappert, C., & Fuchs, A. (2023, December). Secure and Lightweight Over-the-Air Software Update Distribution for Connected Vehicles. In Proceedings of the 39th Annual Computer Security Applications Conference (pp. 268-282).
[10] P. Kumar, A. Baliyan, K. R. Prasad, N. Sreekanth, P. Jawarkar, V. Roy, E. T. Amoatey, "Machine Learning Enabled Techniques for Protecting Wireless Sensor Networks by Estimating Attack Prevalence and Device Deployment Strategy for 5G Networks", Wireless Communications and Mobile Computing, vol. 2022, Article ID 5713092, 15 pages, 2022. https://doi.org/10.1155/2022/5713092
[11] V. Roy. " Breast cancer Classification with Multi-Fusion Technique and Correlation Analysis" Fusion: Practice & Applications, Vol. 9, No. 2, 2023 ,PP. 48-61.
[12] Wu, Z., Liu, T., Jia, X., & Sun, C. (2021, June). Security design of OTA upgrade for intelligent connected vehicle. In Proceedings of the 2021 1st International Conference on Control and Intelligent Robotics (pp. 736-739).
[13] Ghosal, A., Halder, S., & Conti, M. (2022). Secure over-the-air software update for connected vehicles. Computer Networks, 218, 109394.
[14] Khatun, M., Glaß, M., & Jung, R. (2021, February). An approach of scenario-based threat analysis and risk assessment over-the-air updates for an autonomous vehicle. In 2021 7th International Conference on Automation, Robotics and Applications (ICARA) (pp. 122-127). IEEE.
[15] Dakroub, H., & Cadena, R. (2014). Analysis of software update in connected vehicles. SAE International Journal of Passenger Cars-Electronic and Electrical Systems, 7(2014-01-0256), 411-417.
[16] Chawan, A., Sun, W., Javaid, A., & Gurav, U. (2018). Security enhancement of over-the-air update for connected vehicles. In Wireless Algorithms, Systems, and Applications: 13th International Conference, WASA 2018, Tianjin, China, June 20-22, 2018, Proceedings 13 (pp. 853-864). Springer International Publishing.
[17] Plappert, C., & Fuchs, A. (2023, December). Secure and Lightweight ECU Attestations for Resilient Over-the-Air Updates in Connected Vehicles. In Proceedings of the 39th Annual Computer Security Applications Conference (pp. 283-297).
[18] Yeasmin, S., & Haque, A. (2021, September). A multi-factor authenticated blockchain-based ota update framework for connected autonomous vehicles. In 2021 IEEE 94th Vehicular Technology Conference (VTC2021-Fall) (pp. 1-6). IEEE.
[19] A. Sariga , J. Uthayakumar, Type 2 Fuzzy Logic based Unequal Clustering algorithm for multi-hop wireless sensor networks, International Journal of Wireless and Ad Hoc Communication, Vol. 1 , No. 1 , (2020) : 33-46 (Doi : https://doi.org/10.54216/IJWAC.010102)
[20] Irina V. Pustokhina, Blockchain technology in the international supply chains, International Journal of Wireless and Ad Hoc Communication, Vol. 1 , No. 1 , (2020) : 16-25 (Doi : https://doi.org/10.54216/IJWAC.010103)
[21] Shavit, M., Gryc, A., & Miucic, R. (2007). Firmware update over the air (FOTA) for automotive industry (No. 2007-01-3523). SAE Technical Paper.
[22] Chowdhury, T., Lesiuta, E., Rikley, K., Lin, C. W., Kang, E., Kim, B., & Wassyng, A. (2018). Safe and secure automotive over-the-air updates. In Computer Safety, Reliability, and Security: 37th International Conference, SAFECOMP 2018, Västerås, Sweden, September 19-21, 2018, Proceedings 37 (pp. 172-187). Springer International Publishing.
[23] Mahmoud A. Salam , M.M.El-Gayar, A Novel Hybrid Bio-Inspiration Technique for Service Composition, Journal of Cybersecurity and Information Management, Vol. 0 , No. 1 , (2019) : 05-14 (Doi : https://doi.org/10.54216/JCIM.000101)
[24] Hisham Elhoseny , Hazem EL-Bakry, Utilizing Service Oriented Architecture (SOA) in IoT Smart Applications, Journal of Cybersecurity and Information Management, Vol. 0 , No. 1 , (2019) : 15-31 (Doi : https://doi.org/10.54216/JCIM.000102)
[25] Kexun, H., Changyuan, W., Yanyan, H., & Xiyu, F. (2020, June). Research on cyber security Technology and Test Method of OTA for Intelligent Connected Vehicle. In 2020 International Conference on Big Data, Artificial Intelligence and Internet of Things Engineering (ICBAIE) (pp. 194-198). IEEE.
[26] Mahmood, S., Fouillade, A., Nguyen, H. N., & Shaikh, S. A. (2020, October). A model-based security testing approach for automotive over-the-air updates. In 2020 IEEE International Conference on Software Testing, Verification and Validation Workshops (ICSTW) (pp. 6-13). IEEE.
[27] Qureshi, A., Marvi, M., Shamsi, J. A., & Aijaz, A. (2022). eUF: A framework for detecting over-the-air malicious updates in autonomous vehicles. Journal of King Saud University-Computer and Information Sciences, 34(8), 5456-5467.
[28] Guissouma, H., Diewald, A., & Sax, E. (2019). A generic system for automotive software over the air (sota) updates allowing efficient variant and release management. In Information Systems Architecture and Technology: Proceedings of 39th International Conference on Information Systems Architecture and Technology–ISAT 2018: Part I (pp. 78-89). Springer International Publishing.
[29] Abdullah Ali Salamai, An Approach Based on Decision-Making Algorithms for Qos-Aware Iot Services Composition, Journal of Intelligent Systems and Internet of Things, Vol. 8 , No. 1 , (2023) : 08-16 (Doi : https://doi.org/10.54216/JISIoT.080101)
[30] Abedallah Zaid Abualkishik, Rasha Almajed, William Thompson, Intelligent Model for Customer Churn Prediction using Deep Learning Optimization Algorithms, Journal of Intelligent Systems and Internet of Things, Vol. 8 , No. 1 , (2023) : 43-54 (Doi : https://doi.org/10.54216/JISIoT.080104)
[31] Kornaros, G., Tomoutzoglou, O., Mbakoyiannis, D., Karadimitriou, N., Coppola, M., Montanari, E., ... & Gherardi, G. (2020). Towards holistic secure networking in connected vehicles through securing CAN-bus communication and firmware-over-the-air updating. Journal of Systems Architecture, 109, 101761.
[32] La Manna, M., Treccozzi, L., Perazzo, P., Saponara, S., & Dini, G. (2021). Performance evaluation of attribute-based encryption in automotive embedded platform for secure software over-the-air update. Sensors, 21(2), 515.
[33] V. Roy. "An Improved Image Encryption Consuming Fusion Transmutation and Edge Operator." Journal of Cybersecurity and Information Management, Vol. 8, No. 1, 2021 ,PP. 42-52.
