IEEE Access (Jan 2024)
A Novel Variability-Rich Scheme for Software Updates of Automotive Systems
Abstract
The automotive industry is experiencing a significant evolution from traditional hardware-defined to software-defined architecture, enabling higher levels of autonomy, connectivity, safety, and richer in-vehicle experiences. A service oriented architecture is essential for realizing Software-Defined Vehicles (SDVs) and fostering new business models for OEMs. However, this architecture evolution requires new development paradigms to address the increasing complexity of software, which is essential for seamless software development, integration, and deployment from cloud or backend repositories to the vehicle. Given the complexity of vehicular software updates, particularly when dealing with highly distributed embedded ECUs, a software-centric approach is more efficient and suitable to cover different architectures and configurations, ensuring consistency across all platforms. Therefore, we propose a variability-rich scheme for software updates based on a Merkle tree approach that can cope with the complexity of the new software architecture while addressing the safety and security requirements of real-time and resource-constrained embedded systems in the vehicle. The technical analysis and experiments conducted in this paper demonstrate how the proposed scheme, which combines a digital signature and a Merkle hash tree, achieves synergistic authentication and verification of multiple software variants. Our approach offers OEMs the ability to sign a software module once and verify it across multiple ECU variants, providing a more efficient alternative to the traditional method of creating a software update package for each variant. This approach not only adds flexibility to software updates and reduces the complexity of software variant management, but also maintains the security of the vehicle, ensuring that there is no compromise in the safety of the passengers.
Keywords
