Under the general trend of SDV, the level of intelligence of auto parts continues to increase, and more and more software is installed inside the vehicle. There is no doubt that the increase in the complexity of vehicles will inevitably bring about difficulties in maintenance. How can car companies deal with software and firmware systems that update and iterate faster and faster? OTA (over the air) technology plays a central role in software-defined cars, helping car companies remotely implement vehicle function upgrades, performance optimization, and defect repairs, bringing better services and experiences to users. Car companies can also establish better and more profound connections with users.
OTA security risks
As an important way for car companies to repair software firmware vulnerabilities and iteratively improve software functions, the rapid popularity of OTA has made it a key research object for hackers. In general, common OTA security risks include the following:
impersonation
The attacker masquerades the identity of the sender or receiver in the OTA communication.
eavesdropping attack
Attackers steal data packets during OTA transmission to obtain sensitive information in the upgrade package.
data tampering
Attackers may tamper with the OTA upgrade package and attack the vehicle by implanting malware and viruses.
OTA Security Practices
In order to prevent the above security risks, OTA communication needs to take a series of security measures, such as encrypted transmission, digital signature verification, data integrity detection, etc., to ensure the safety and reliability of OTA communication.
Of course, all encryption comes at a price, so the use of encryption needs to be determined based on our security requirements, hardware and business conditions. Fanyi Shangxing adopts digital envelope technology based on symmetric encryption and asymmetric combination of PKI technology as the encryption and signature scheme in OTA security. Let's share our security process in the OTA process.
The first is our upgrade package production process:
- 1. The OTA platform is activated, and the public and private keys are obtained through PKI.
- 2. Sign the original package with a signature algorithm.
- 3. Use a symmetric algorithm to encrypt the original upgrade package.
- 4. Distribute the encrypted upgrade package to the CDN network.
Next is the upgrade process of the car:
1. The vehicle-mounted terminal is activated through a preset process to obtain a terminal certificate from PKI, including the terminal public and private keys.
2. The OTA platform verifies the legitimacy of the vehicle terminal based on PKI and uses the terminal's public key to encrypt the symmetric key.
3. The vehicle terminal uses the private key to decrypt the encrypted symmetric key.
4. The vehicle terminal downloads the encrypted upgrade package from the CDN network.
5. The vehicle terminal uses the symmetric key to decrypt the encrypted upgrade package.
6. The vehicle-mounted terminal performs signature verification based on the capabilities of the PKI platform.
The above process uses a series of hashing, data compression, symmetric encryption and asymmetric encryption algorithms in the specific implementation process, which can be summarized as follows:
1. In terms of identity authentication and integrity check, digital signatures are used to ensure that the information received by the receiver must come from the stated sender of the information.
2. In terms of message encryption, both symmetric encryption and asymmetric encryption are used to encrypt the plaintext of the message.
The above process uses PKI for device access, key distribution and device authentication to complete the construction of the trust system. Combining PKI technology and the idea of digital envelopes, we form a basic outline of OTA in the vehicle-cloud communication scenario. While ensuring the security of the OTA upgrade package, the use of symmetric encryption has the characteristics of small amount of calculation, fast encryption speed, and high encryption efficiency, which reduces the consumption of terminal resources and avoids asymmetric encryption due to the high strength of the algorithm itself. As a result, the speed of encryption and decryption is not ideal compared with that of symmetric encryption. The public key algorithm is used to encrypt the symmetric session key to improve the security and the efficiency of encryption and decryption.
postscript
The above process can conceptually describe the PKI-based OTA process. OTA security work is a systematic project. In addition to ensuring OTA transmission security (pipe-side security) through PKI, cloud and vehicle-side security also need to be paid attention to. For example, in the cloud, the security products that need to be adopted include cloud host security reinforcement, application protection, WAF, DDOS attack protection, etc.; in the car, it is necessary to combine TEE, security chip and other means to ensure the safe storage and safe use of keys.
Friends are welcome to leave a message in the background and discuss OTA security topics with us.
Fanyi Shangxing is an innovation platform established by SAIC Motor for digital transformation. It takes "melting industry boundaries and releasing data value" as its mission, focusing on security cloud, autonomous driving cloud, intelligent manufacturing and industrial Internet technology fields, and empowering digital transformation of the industry , accelerate the process of industrial digitalization and digital industrialization, and actively promote the development of social digital economy. As a technology company that deeply cultivates cloud computing in the automotive industry and develops diversified businesses at the same time, Fanyishang provides enterprises, developers and government agencies with safe and reliable data computing and processing capabilities, as well as exclusive cloud products and services.
Fanyi Shangxing has a complete Internet of Vehicles security service capability and supports users to build an Internet of Vehicles architecture system in an all-round way. In order to serve car companies, provide the following capabilities: 1. PKI-based secure communication and identity authentication and access control, 2. Cloud-based and terminal-based data security and desensitization solutions, 3. Mature and available OTA capabilities, 4. Vehicle security The detection and threat early warning VSOC system helps solve security and compliance issues through the above solutions and products.
Fanyi OTA products have been commercialized in different car models of multiple car companies, providing car companies with OTA management capabilities in all aspects of parts, vehicles, strategies, tasks, etc., supporting car companies to upgrade and write parts or parts groups, and by introducing The PKI system ensures the security of the whole process of OTA. OTA products effectively improve the software repair and delivery capabilities of car companies, help car companies focus on business, and accelerate digital transformation.
Finally, I would like to thank everyone who has read my article carefully. Reciprocity is always necessary. Although it is not a very valuable thing, you can take it away if you need it:
These materials should be the most comprehensive and complete preparation warehouse for [software testing] friends. This warehouse has also accompanied tens of thousands of test engineers through the most difficult journey, and I hope it can help you! Partners can click the small card below to receive