Vehicle OTA will see the secure internal vehicle infrastructure opened up to the outside world. Although vehicle OTA will provide a means to patch faulty software or potential vulnerabilities, the OTA process will need to be provided in a secure manner. OTA updates provide OEMs with the ability to provide security patches to any potential hack in a swift manner. OTA in itself is not a protective measure but an impact mitigation technique to cybersecurity.
This domain covers two processes for secure software updates, the Uptane Standard for Design and Implementation and the UNECE Recommendation on Software Update Processes. Uptane aims to provide secure software updates for ground vehicles. The UNECE Recommendation proposes a secure and standardized manner for OTA updates to take place for connected vehicles.
Further, the x.509 standard for public key infrastructure certificates is also included in this chapter, as it is being leveraged by the automotive industry to secure OTA connections, recommended by both Uptane and the UNECE Recommendation.