While software-over-the-air (SOTA) updates are becoming increasingly common due to their swift and cost-effective delivery method, they also expose embedded electronic control units (ECUs), crucial for automotive operations, to new attack surfaces.
Uptane Compliance Testing
Recognizing the growing importance of secure updating strategies, Uptane offers a dependable security framework tailored for vehicle software updates. Uptane is an innovative, open-source solution designed to protect software updates even in the presence of an attacker. Through robust verification processes, trust separation mechanisms, and hierarchical key management strategies, Uptane effectively mitigates the risk of modifications on update packages by potential attackers within the vehicular ecosystem.
Having conducted a comprehensive audit of Uptane in 2018, SwRI played a pivotal role in refining the Uptane standard. Now that an Uptane standard has been released, Southwest Research Institute is pleased to introduce our compliance testing services for the latest iteration of the Uptane standard.
Uptane Framework Services
Our compliance testing structure is provided at three levels depending on your needs:
- Essential – Tune-Up, Level 1
- Advanced – Maintenance Inspection, Level 2
- Premium – Major Service, Level 3
Service will be tailored to client specific needs and any proprietary limitations. However, depending on the selected options, access to pertinent information (e.g., access to servers, network keys, source code) will be required to ensure a comprehensive evaluation.
Essential Level 1
Elevate your security with our Tune-Up service. We verify your Uptane implementation meets essential requirements and execute attack scenarios across the majority of defense categories.
Advanced Level 2
Upgrade your security with our Maintenance Inspection service, an advanced version of our Tune-Up. This phase includes in-vehicle evaluation and penetration testing for comprehensive protection.
Premium Level 3
Experience comprehensive security with our Major Service, which goes beyond the Maintenance Inspection. In addition to verifying primary and secondary ECUs, this phase offers tailored penetration testing to address your unique needs and concerns.
Personalized Compliance Testing Deliverables:
Designed to meet your unique requirements, you'll receive tailored outputs, including:
- Detailed Compliance Report
- Comprehensive Code Analysis Report
- Thorough Threat Analysis and Risk Assessment (TARA)
- In-depth Penetration Test Report
Our goal is to provide you with actionable insights and assurance at every step of the compliance process.
Comprehensive OTA Testing Prerequisites
For compliance testing, vehicles and associated electronic control units (ECUs) must adhere to the assumptions outlined on the Uptane website. Here's a brief overview:
- Vehicles must establish regular connectivity to backend services via cellular, Wi-Fi, or hard-wired connections.
- ECUs are programmable devices capable of receiving updates, modifications, and downloads.
- ECUs can perform cryptographic algorithms involving public keys and evaluate hashes of images and metadata files.
- Secure servers for the Director and Image repositories are readily accessible.