Securing Software Updates for Automotives Using Uptane

نویسنده

  • Trishank Karthik Kuppusamy
چکیده

Does secrecy improve security or impede securing software updates? The automotive industry has traditionally relied upon proprietary strategies developed behind closed doors. However, experience in the software security community suggests that open development processes can find flaws before they can be exploited. We introduce Uptane, a secure system for updating software on automobiles that follows the open door strategy. It was jointly developed with the University of Michigan Transportation Research Institute (UMTRI), and the Southwest Research Institute (SWRI), with input from the automotive industry as well as government regulators. We are now looking for academics and security researchers to break our system before black-hat hackers do it in the real world—with possibly fatal consequences.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Uptane: Securing Software Updates for Automobiles∗

Software update systems for automobiles can deliver significant benefits, but, if not implemented carefully, they could potentially incur serious security vulnerabilities. Previous solutions for securing software updates consider standard attacks and deploy widely understood security mechanisms, such as digital signatures for the software updates, and hardware security modules (HSM) to sign sof...

متن کامل

Take Two Software Updates and See Me in the Morning: The Case for Software Security Evaluations of Medical Devices

Medical devices used for critical care are becoming increasingly reliant on software; however, little is understood about the security vulnerabilities facing medical devices and their software. To investigate this open question, we analyze the security of software that controls a modern Automated External Defibrillator (AED) used for treating cardiac arrhythmias. This report represents the firs...

متن کامل

Securing Binding Updates in Routing Optimizaton of Mobile IPv6

Mobile IPv6 (mipv6) is an internet protocol that allows mobile nodes to have continuous network connectivity to the internet without changing their ip addresses while moving to other networks. The packets sent from Correspondent Node (CN) to a Mobile Node (MN) go first through the mobile node’s Home Agent (HA). Then the HA tunnels them to the MN’s foreign network. This process of delivering the...

متن کامل

A Mathematical Approach to Load Balancing in Multi ECU Configuration

Electronic Control Units (ECUs) are nowadays employed in automotives for discharging various functionalities within the vehicle. It has become the fundamental building block of any automotive subsystem and is interfaced with electro mechanical counterparts. To meet the system wide requirements, these ECUs are interconnected using the communication infrastructure. Although the communication infr...

متن کامل

Ip Routing for Wireless/mobile Hosts (mobileip) Wg

The IESG returned the Mobile IPv6 (MIPv6) draft to the working group due to concerns about the security and scalability of binding updates (BUs) sent to correspondent nodes and the associated IPsec processing that is specified in the draft. Since that time discussions have continued to attempt to define what is really needed to make binding updates secure while taking into consideration the asp...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2017