Skip to main content
Springer Nature Link
Log in

Secure Software Delivery and Installation in Embedded Systems

  • Conference paper
Information Security Practice and Experience (ISPEC 2005)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3439))

  • 1021 Accesses

Abstract

Increasingly, software (SW) in embedded systems can be updated due to the rising share of flashable electronic control units (ECUs). However, current SW installation procedures are insecure: an adversary can install SW in a given ECU without any sender authentication or compatibility assessment. In addition, SW is installed on an all-or-nothing base: with the installation, the user acquires full access rights to any functionality. Concepts for solving individual deficiencies of current procedures have been proposed, but no unified solution has been published so far.

In this paper we propose a method for secure SW delivery and installation in embedded systems. The automotive industry serves as a case example leading to complex trust relations and illustrates typically involved parties and their demands. Our solution combines several cryptographic techniques. For example, public key broadcast encryption enables secure SW distribution from any provider to all relevant embedded systems. Trusted computing allows to bind the distributed SW to a trustworthy configuration of the embedded system, which then fulfills a variety of security requirements. Finally, we outline the management of flexible access rights to individual functionalities of the installed SW, thus enabling new business models.

A full version of this paper containing further details is available at [1].

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Adelsbach, A., Huber, U., Sadeghi, A.R.: Secure software delivery and installation in embedded systems. Full version, http://www.prosec.rub.de/publications

  2. Heinisch, C., Simons, M.: Loading flashware from external interfaces such as CD-ROM or W-LAN and programming ECUs by an on-board SW-component (SAE Technical Paper Series 2004-01-0678). [20], http://www.sae.org/

  3. Heinrich, A., Müller, K., Fehrling, J., Paggel, A., Schneider, I.: Version management for transparency and process reliability in the ECU development. [19], pp. 219–230

    Google Scholar 

  4. Schmitt, M.: Software-update, configuration and programming of individual vehicles on the aftermarket with an intelligent data-configurator. [19], pp. 1021–1046

    Google Scholar 

  5. Alminger, H., Josefsson, O.: Software handling during the vehicle lifecycle. [19], pp. 1047–1055

    Google Scholar 

  6. Huber, M., Weber, T., Miehling, T.: Standard software for in-vehicle flash reprogramming. [19], pp. 1011–1020

    Google Scholar 

  7. Oeftiger, U.: Diagnose und Reparatur elektronisch unterstützter Fahrzeuge. [8]

    Google Scholar 

  8. Euroforum (ed.): Jahrestagung Elektronik-Systeme im Automobil, Fachtag Design – Test – Diagnose elektronischer Systeme, Munich (2004)

    Google Scholar 

  9. BMW Car IT: Das Potenzial von Software im Fahrzeug. Press report, BMW Group (2002), http://www.bmw-carit.de/pdf/plakate.pdf

  10. Stölzl, S.: Software products for vehicles. [19], pp. 1073–1088

    Google Scholar 

  11. Dodis, Y., Fazio, N.: Public key broadcast encryption for stateless receivers. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 61–80. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  12. Fiat, A., Naor, M.: Broadcast encryption. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 480–491. Springer, Heidelberg (1994), citeseer.ist.psu.edu/fiat94broadcast.html

    Google Scholar 

  13. Naor, D., Naor, M., Lotspiech, J.: Revocation and tracing schemes for stateless receivers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  14. Sadeghi, A.R., Stüble, C.: Property-based attestation for computing platforms: Caring about properties, not mechanisms (2004)

    Google Scholar 

  15. Daimler Chrysler AG: Functional specification of a flash driver version 1.3. Specification, Herstellerinitiative Software, http://www.automotive-his.de/download/HIS

  16. Dallmayr, C., Schlüter, O.: ECU software development with diagnostics and flash down-loading according to international standards (SAE Technical Paper Series 2004-01-0273). [20] , http://www.sae.org/

  17. Müller, M.: IT-Security in Fahrzeugnetzen. Elektronik Automotive, 54–59 (2004), ISSN: 1614-0125

    Google Scholar 

  18. An, J.H., Dodis, Y., Rabin, T.: On the security of joint signature and encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 83–107. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  19. VDI Society for Automotive and Traffic Systems Technology, ed.: Electronic Systems for Vehicles. In VDI Society for Automotive and Traffic Systems Technology, ed.: Electronic Systems for Vehicles, VDI Berichte 1789, Congress, Baden-Baden, Germany, VDI Verlag GmbH Düsseldorf (2003)

    Google Scholar 

  20. Society of Automotive Engineers (SAE), ed.: SAE World Congress. In: Society of Automotive Engineers (SAE), ed.: 2004 SAE World Congress, Detroit, Michigan, March 8–11, 2004, Detroit, Michigan (2004), http://www.sae.org/

Download references

Author information

Authors and Affiliations

  1. Horst Görtz Institute for IT Security, Ruhr-University Bochum, Germany

    André Adelsbach, Ulrich Huber & Ahmad-Reza Sadeghi

Authors
  1. André Adelsbach
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ulrich Huber
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ahmad-Reza Sadeghi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Information Systems, Singapore Management University, Singapore

    Robert H. Deng

  2. Institute for Infocomm Research, 119613, Singapore

    Feng Bao

  3. School of Information Systems, Singapore Management University,  

    HweeHwa Pang

  4. Cryptography and Security Department Institute for Infocomm Research, Singapore

    Jianying Zhou

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Adelsbach, A., Huber, U., Sadeghi, AR. (2005). Secure Software Delivery and Installation in Embedded Systems. In: Deng, R.H., Bao, F., Pang, H., Zhou, J. (eds) Information Security Practice and Experience. ISPEC 2005. Lecture Notes in Computer Science, vol 3439. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-31979-5_22

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-31979-5_22

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-25584-0

  • Online ISBN: 978-3-540-31979-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics