Browsing by Author "Bowden, Zeb"

Now showing 1 - 2 of 2
  • Thumbnail Image
    Current Implementations of Over-the-Air Updates
    Bowden, Zeb; Chandler, Jacob (National Surface Transportation Safety Center for Excellence, 2024-07-22)
    Over-the-air (OTA) updates have become a significant aspect of the future development of connected vehicles. OEMs can address safety and security concerns, as well as provide a better customer experience, by delivering software improvements to vehicles faster and without requiring a visit to a service center. OTA updates will enable OEMs to address security, safety, and performance concerns much faster, at a lower cost, and allow delivery of updates in a manner more convenient to vehicle owners. From a cybersecurity perspective, this is important, as the number of security vulnerabilities in vehicles continues to grow (Sibros, 2022). Additionally, recalls are increasingly being addressed by software updates, potentially resolving recall issues faster. From March 2022–March 2023, 8.5 million vehicle units were recalled due to software-based or electrical components (Sibros, 2022; Vehicle Recalls, 2023). Advanced driver assistance systems and automated driving systems are continually being developed and improved. OTA updates are an enabling technology that allows improvements to these technologies to be realized on vehicles at a much more rapid pace than in the past. The objective of this report is to understand the capabilities, challenges, and characteristics of implementations of OTA updates in vehicles. This report summarizes and details key findings of OTA updates in current vehicles and focuses on the potential challenges in adopting this new advancement in technology.
  • Thumbnail Image
    WIP: The Feasibility of High-performance Message Authentication in Automotive Ethernet Networks
    Allen, Evan; Bowden, Zeb; Marchany, Randy; Ransbottom, J. Scot (2023-02-27)
    Modern vehicles are increasingly connected systems that expose a wide variety of security risks to their users. Message authentication prevents entire classes of these attacks, such as message spoofing and electronic control unit impersonation, but current in-vehicle networks do not include message authentication features. Latency and throughput requirements for vehicle traffic can be very stringent (<0.1 ms and >100 Mbps in cases), making it difficult to implement message authentication with cryptography due to the overheads required. This work investigates the feasibility of implementing cryptography-based message authentication in Automotive Ethernet networks that is fast enough to comply with these performance requirements. We find that it is infeasible to include Message Authentication Codes in all traffic without costly hardware accelerators and propose alternate approaches for future research.