Authenticated software update on embedded devices

OData support
Dr. Buttyán Levente
Department of Networked Systems and Services

One type of the several embedded controllers used in the automotive industry is the engine control units (ECU). Similarly to other electronic devices in use nowadays the need might arise to update the software running on the controller in the product‘s life cycle. Because of the size of the infrastructure required for the update it cannot be ensured that the hardware stay exclusively under the manufacturer’s control, or if they are available on the market, that they are used for the transfer of programs preapproved by the manufacturer. Therefore the software running on the ECU should be capable to carry out this control function. Based on industry recommendation, public-key signature verification system provides adequate protection to this safety-critical element. In my thesis I present the various types of electronic controllers currently used in the automotive industry, especially the ECUs. Subsequently I review the life cycle of the software running on the controllers from the development phase until its launch on the hardware. I devote a chapter to the cryptographic methods that support the source control exercise during a software update. Then I fabricate a system prototype which is suitable for checking the source of a software. Finally I provide an overview of the possible sources and size of the keys used in the cryptographic system.


Please sign in to download the files of this thesis.