Everyone is familiar with updates to their smartphone software. It’s the same process for authorizing over-the-air firmware or software updates. The user selects a function on their smartphone or the car’s infotainment system. This request gets sent to the cloud, which, functioning much like an app store, starts the software download directly into the vehicle. The secure data transfer takes place in the background while the vehicle is in operation. Updates are then carried out only when the vehicle is in a safe state.
Bosch’s connectivity expertise comes to the forefront as it supports the entire process and the full range of applications. In particular, ESCRYPT – the leading security specialist for the automotive sector – delivers genuine advantages when it comes to security; after all, it’s imperative to protect the software during the transfer from external access. A delta algorithm ensures that only the delta package, generated from two software or firmware packages, is sent as an update. This minimizes the volume of data to be transferred. Carrying out the update in sequence is an additional security measure: if any problems arise, the update can be stopped to make adjustments.
ESCRYPT provides suitable solutions for holistic automotive security – from the security risk analysis during the development phase up to secure software updates over-the-air.
The rising connectivity of today’s vehicles is enhancing driving convenience and the driving experience enormously. At the same time, however, it increases vehicles’ vulnerability to malicious attacks. That’s why data security is at the core of Bosch’s innovative FOTA and SOTA technology.
The data transfer is shielded by a complex security architecture with end-to-end encryption. At external interfaces, secure protocols as well as filters that function like firewalls guard against every attempt to access the system. Digital signatures aid in testing the integrity of a package, and TLS encryption protects against unauthorized access.