Securing Software Updates for Automobiles

Uptane is an open and secure software update system design which protects software delivered over-the-air to the computerized units of automobiles. The framework can thwart attacks from malicious actors who can compromise servers and networks used to sign and deliver updates. Hence, it is designed to be resilient even to the best efforts of nation state attackers. There are multiple different free open source and closed source implementations available. Uptane is integrated into Automotive Grade Linux, an open source system currently used by many large OEMs, and has also been adopted by a number of U.S. and international manufacturers. Within the next few years, about one-third of new cars on U.S. roads will include Uptane.

Currently considered the de facto secure standard for software updates on automobiles, in July 2018 the IEEE/ISTO Federation began formally standardizing Uptane under a non-profit consortium called the Uptane Alliance. This step will encourage adoption and ensure clear guidance for future users. The initial version of the Uptane Standard document, which presents procedures for the secure design and implementation of the framework, is now available and can be accessed free of charge. Recommended deployment strategies are also currently being prepared and will be posted on this web site upon completion. All Uptane materials, including technical papers, security audits, and a public reference implementation are also freely available for all to use without fee.