Securing Software Updates for Automobiles


Uptane is an open and secure software update framework design which protects software delivered over-the-air to automobile electronic control units (ECUs). The framework protects against malicious actors who can compromise servers and networks used to sign and deliver updates. Hence, it is designed to be resilient even to the best efforts of nation state attackers. There are multiple different free open source and closed source implementations available. Uptane is integrated into Automotive Grade Linux, an open source system currently used by many large OEMs, and has also been adopted by a number of U.S. and international manufacturers.

Uptane was first created in 2016 in a collaboration between NYU, UMTRI, SwRI, and automotive industry experts. It was developed as an open source framework under a grant from the U.S. Department of Homeland Security. It expands on The Update Framework, used in many production software update systems. In July 2018, formal standardization of Uptane began under a non-profit consortium called the Uptane Alliance. Uptane Standard for Design and Implementation version 1.0, which presents procedures for secure design and implementation of the framework, was released on July 31, 2019, under the auspices of the IEEE/ISTO Federation. The initiative now continues as a Linux Foundation Joint Development Foundation project, with versions 1.1.0 and 1.2.0 released in 2021. The most recent version, 2.0.0 was released in March 2022. Recommended deployment strategies are under active development, and are published and regularly updated on this site. All Uptane materials, including technical papers, and security audits are also freely available for all to use without a fee.