Uptane: Security and Customizability of Software Updates for Vehicles

Trishank Karthik Kuppusamy; Lois Anne DeLong; Justin Cappos

doi:10.1109/MVT.2017.2778751

Uptane: Security and Customizability of Software Updates for Vehicles

Trishank Karthik Kuppusamy, Lois Anne DeLong, Justin Cappos

Research output: Contribution to journal › Article › peer-review

Abstract

A widely accepted premise is that complex software frequently contains bugs that can be remotely exploited by attackers. When this software is on an electronic control unit (ECU) in a vehicle, exploitation of these bugs can have life or death consequences. Since software for vehicles is likely to proliferate and grow more complex in time, the number of exploitable vulnerabilities will increase. As a result, manufacturers are keenly aware of the need to quickly and efficiently deploy updates so that software vulnerabilities can be remedied as soon as possible.

Original language	English (US)
Pages (from-to)	66-73
Number of pages	8
Journal	IEEE Vehicular Technology Magazine
Volume	13
Issue number	1
DOIs	https://doi.org/10.1109/MVT.2017.2778751
State	Published - Mar 2018

ASJC Scopus subject areas

Automotive Engineering

Access to Document

10.1109/MVT.2017.2778751

Cite this

@article{367f7d815c8549a0a9f885a702cdb519,

title = "Uptane: Security and Customizability of Software Updates for Vehicles",

abstract = "A widely accepted premise is that complex software frequently contains bugs that can be remotely exploited by attackers. When this software is on an electronic control unit (ECU) in a vehicle, exploitation of these bugs can have life or death consequences. Since software for vehicles is likely to proliferate and grow more complex in time, the number of exploitable vulnerabilities will increase. As a result, manufacturers are keenly aware of the need to quickly and efficiently deploy updates so that software vulnerabilities can be remedied as soon as possible.",

author = "Kuppusamy, {Trishank Karthik} and DeLong, {Lois Anne} and Justin Cappos",

note = "Funding Information: Uptane is supported by the U.S. Department of Homeland Security Grants D15PC00239 and D15PC00302. The views and conclusions contained herein are the authors{\textquoteright} and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of the U.S. Department of Homeland Security or the U.S. government. Uptane is the result of collaboration between multiple research organizations, led by Justin Cappos (NYU), Sam Lauzon (UMTRI), and Cameron Mott (SWRI). We are grateful for the efforts of Akan Brown (NYU), Sebastien Awwad (NYU), Damon McCoy (NYU), Russ Bielawski (UMTRI), Sam Weber (NYU), John Liming (SWRI), and Andr{\'e} Weimerskirch (UMTRI/Lear Corporation). We deeply thank contributors from various OEMs and suppliers who participated in our workshops and forums and who helped to iterate upon and improve Uptane.",

year = "2018",

month = mar,

doi = "10.1109/MVT.2017.2778751",

language = "English (US)",

volume = "13",

pages = "66--73",

journal = "IEEE Vehicular Technology Magazine",

issn = "1556-6072",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

number = "1",

}

TY - JOUR

T1 - Uptane

T2 - Security and Customizability of Software Updates for Vehicles

AU - Kuppusamy, Trishank Karthik

AU - DeLong, Lois Anne

AU - Cappos, Justin

N1 - Funding Information: Uptane is supported by the U.S. Department of Homeland Security Grants D15PC00239 and D15PC00302. The views and conclusions contained herein are the authors’ and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of the U.S. Department of Homeland Security or the U.S. government. Uptane is the result of collaboration between multiple research organizations, led by Justin Cappos (NYU), Sam Lauzon (UMTRI), and Cameron Mott (SWRI). We are grateful for the efforts of Akan Brown (NYU), Sebastien Awwad (NYU), Damon McCoy (NYU), Russ Bielawski (UMTRI), Sam Weber (NYU), John Liming (SWRI), and André Weimerskirch (UMTRI/Lear Corporation). We deeply thank contributors from various OEMs and suppliers who participated in our workshops and forums and who helped to iterate upon and improve Uptane.

PY - 2018/3

Y1 - 2018/3

N2 - A widely accepted premise is that complex software frequently contains bugs that can be remotely exploited by attackers. When this software is on an electronic control unit (ECU) in a vehicle, exploitation of these bugs can have life or death consequences. Since software for vehicles is likely to proliferate and grow more complex in time, the number of exploitable vulnerabilities will increase. As a result, manufacturers are keenly aware of the need to quickly and efficiently deploy updates so that software vulnerabilities can be remedied as soon as possible.

AB - A widely accepted premise is that complex software frequently contains bugs that can be remotely exploited by attackers. When this software is on an electronic control unit (ECU) in a vehicle, exploitation of these bugs can have life or death consequences. Since software for vehicles is likely to proliferate and grow more complex in time, the number of exploitable vulnerabilities will increase. As a result, manufacturers are keenly aware of the need to quickly and efficiently deploy updates so that software vulnerabilities can be remedied as soon as possible.

UR - http://www.scopus.com/inward/record.url?scp=85041379222&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85041379222&partnerID=8YFLogxK

U2 - 10.1109/MVT.2017.2778751

DO - 10.1109/MVT.2017.2778751

M3 - Article

AN - SCOPUS:85041379222

VL - 13

SP - 66

EP - 73

JO - IEEE Vehicular Technology Magazine

JF - IEEE Vehicular Technology Magazine

SN - 1556-6072

IS - 1

ER -

Uptane: Security and Customizability of Software Updates for Vehicles

Abstract

ASJC Scopus subject areas

Access to Document

Other files and links

Cite this