Uptane is the first compromise-resilient software update security system for the automotive industry.
Unlike other software update security systems (e.g., OMA-DM, SSL / TLS, signing updates with a single offline GPG / RSA key, etc.), Uptane addresses a comprehensive threat model. It is designed to make it extremely difficult for attackers to be able to install malware on all vehicles maintained by a manufacturer, even if attackers have compromised some keys used to sign updates.
At the same time, Uptane has been designed to be extremely flexible, so as to accommodate a wide variety of deployment scenarios, and allows on-demand customization of updates installed on vehicles.
Uptane is already being adopted by automakers. It was designed using support from DHS and with feedback from major vehicle manufacturers and suppliers responsible for 78% of vehicles on U.S. roads, as well as government regulators. It was developed by the New York University Tandon School of Engineering (NYU), the University of Michigan Transportation Research Institute (UMTRI), and the Southwest Research Institute (SWRI).
Open call for security review
Uptane has been security audited by several different groups. We welcome further audits from the community. You can help to fix security issues before hackers use them to exploit millions of cars!
Please send your questions, comments, and findings to the mailing list. If necessary, sensitive communications can be sent encrypted to the maintainers listed here.
We are also interested in hearing about security problems in our Reference Implementation. While cars are unlikely to use the reference code directly, reporting any problems users identify in the code can help prevent their duplications in production implementations. Please report such issues using our GitHub issue tracker.
- January 25 2018: Airbiquity OTAmatic w/ Uptane: product of the year
- October 17 2017: Popular Science selects Uptane as one of the top security innovations of 2017
- June 13 2017: ATS is integrating the Uptane security framework for over-the-air software updates to connected vehicles
- Uptane: Securing Software Updates for Automobiles (PDF / Video / Slides). Published in the proceedings of the 14th escar europe (2016).
Technical documents and source code
- Design Overview
- Implementation Specification
- Deployment Considerations
- Reference Implementation and Demonstration Code
- Workshop #9 (2018 June) Slides
- Workshop #5: Design Overview
- Workshop #5: Implementation Specification
- Workshop #5: Deployment Considerations
Participation and Advisement
- Please send questions or requests to email@example.com
- Private discussion forum for OEMs and suppliers (invitation only)
- Pull Requests to the repository for the reference implementation and demo code are appreciated.
- Industry insiders have stepped up to serve as advisors for Uptane.
Acknowledgments and disclaimers
Uptane is supported by U.S. Department of Homeland Security grants D15PC00239 and D15PC00302. The views and conclusions contained herein are the authors’ and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of the U.S. Department of Homeland Security (DHS) or the U.S. government.