MADISON, Wis. — Since last summer, automakers in Detroit have been losing sleep over two vexing issues: Over-the-Air (OTA) software/firmware updates and cyber-security for connected cars.
First, OTA is a big unknown to carmakers who have traditionally depended on service visits to dealerships for software updates. Only a few automakers have OTA update capabilities, and only Tesla can remotely update all safety-critical systems on its entire fleet.
Second, the Jeep hack by Charlie Miller and Chris Valasek last summer resulted in a 1.4 million-car recall, costing Chrysler dearly. Cyber-security is no longer a what-if topic for the auto industry. It’s a real-world problem with major implication for the bottom line.
The two issues are intertwined, prompting the auto industry to ask: How do we deliver software/firmware updates with any measure of confidence that OTA updates won’t become a new attack surface for hackers?
Rambus (Sunnyvale, Calif.) is diving into the field of cyber-security for OTA vehicle updates — currently a red-hot issue in the automotive market — presumably at an opportune moment.
Rambus, a semiconductor and IP licensing company, has partnered with Movimento, a leader in automotive reflash services with innovations in OTA software. Combining Movimento’s OTA technology with Rambus’ own CryptoManager platform, the two companies have developed a system that offers “one-time, single-use keys that are unique to each vehicle, ensuring validity before installation,” according to Rambus.
Rambus has come to Detroit this week to pitch the new solution to automakers developing connected cars.
How it works
At the heart of the Movimento/Rambus solution is Rambus’ CryptoManager Platform. CryptoManager enables in-field provisioning of encrypted keys generated for each vehicle. It authenticates and encrypts code updates through secure communication between a vehicle and a server in the cloud, explained Asaf Ashkenazi, senior director, product management at Rambus Cryptography Research.
Ashkenazi in an interview with EE Times noted that the combined Rambus/Movimento technology is akin to “closing the front door” of a house.
Ashkenazi is careful not to say that this technology is a be-all end-all cyber-security solution. He stressed, “This isn’t a magic solution.” To secure the whole house, “layers of security are necessary. One company can’t fix it all,” he added.
Nonetheless, closing the front door — by using “simple, secure methods to download, authenticate and install vehicle updates”—is a much needed first step for car OEMs.
Different from ‘Secure Element’?
Vehicle updates provided by the combined Movimento and Rambus solution are unique, because they offer one-time, single-use keys that are specific to each vehicle, “minimizing vulnerabilities and maximizing security,” according to Rambus.
But wait. How is that different from the so-called “secure element” used in personal ID cards, bank cards or credit cards? Leading automotive chip suppliers like NXP Semiconductors often talk about how their secure element — a specific IC for handling and storing secured data — offers non-volatile memory, a security CPU and crypto coprocessor, and additional security measures. It is thus providing “the ultimate protection against tampering and attack,” according to NXP.