Security Updates
Among the vehicle’s diagnostic security functions, ‘security updates’ plays an important role in updating the vehicle’s controller software (SW) and firmware. This feature allows only authorized software updates, ensuring the vehicle’s core systems are protected from external threats. Security updates are generally performed through the OBD (On-Board Diagnostics) port, and security control and controller access control for the CGW are also required.
Now, I will explain the sequence for security updates. Security updates are divided into production procedures and firmware update procedures.
During ECU production
When producing a controller, you must install the initial firmware on the controller and inject the public key of the software issued by the OEM certification server for future updates.
- The ECU supplier contacts the OEM certification server online and requests the generation of an electronic signature for the new firmware.
- The OEM authentication server generates a key pair (Public Key_SW/Private Key_SW) for electronic signature.
- Next, the OEM authentication server creates a digital signature of the new firmware with the generated Private Key_SW.
- The generated digital signature and Public Key_SW are delivered from the OEM authentication server to the ECU supplier.
- ECU supplier injects new firmware, digital signature, and Public Key_SW into the ECU in production.
When updating ECU firmware
When updating ECU firmware, a digital signature for the new firmware is obtained from the OEM certification server and injected into the ECU. The ECU verifies the digital signature it receives to ensure that the firmware is authentic.
- The ECU supplier connects to the OEM certification server online and requests the creation of an electronic signature for the firmware to be updated.
- The OEM authentication server creates a digital signature of the firmware to be updated with Private Key_SW.
- The generated digital signature is passed from the authentication server to the ECU supplier.
- The ECU supplier uses diagnostic equipment to inject the ECU with the firmware to be updated and a digital signature.
- The ECU verifies the digital signature using the Public Key_SW injected during the production stage.
- If verification is completed without problems, the ECU will perform a firmware update.
If you are interested in other articles about Cyber Security Series, please refer to the links below!
[Cyber Security] 1. ISO/SAE 21434 Basic
[Cyber Security] 3. cyber security cryptography technology
[Cyber Security] 4. External, internal communication security and GATEWAY security
[Cyber Security] 5. Security Controls : Diagnostic Security Features
[Cyber Security] 6. Access Control : Diagnostic Security Features
[Cyber Security] 8. Secure Boot, Secure Debug, Secure Storage