Secure OTA Software Update

Question 1

Advantages of OTA

Answer 1

Cost saving

Time saving (issues spotted to fixed, frequency of updates)

Higher customer satisfaction

Increase values (devices and manufacturer revenue)

Question 2

General Update Process

Answer 2

Packing: Develop → Pack → Sign
Delivery: Send/receive (encrypted or not)
Authentication: Check signature
Attestation: Send signed info

Question 3

OTA Update Security Concerns

Answer 3

Software/firmware update packages: tampering, replay, IP
disclosure.
Installed software: tampering, blocking.
Hardware: Tampering
Users: Privacy, Safety.
Cloud server (Backend): Availability.

Question 4

OTA Update Challenges

Answer 4

Hardware limitation

Connectivity and Reachability

Complex software distribution

Question 5

Attacker model

Answer 5

Possible actions that attackers can do:

Intercept communication either between the devices and the update servers.

Modify the content of messages on these communication channels.

Inject malicious software into devices/components.

Obtain/Modify cryptographic keys stored on devices or update servers.

Question 6

OTA update approaches

Answer 6

Symmetric encryption
Hash function
Asymmetric key
Hardware security module
Secure update framework

Question 7

Symmetric encryption: Pros and Cons

Answer 7

Pros:
Efficient and fast execution
Secure link

Cons
High bandwidth
Limited scalability

Question 8

Hash Function: Pros and Cons

Answer 8

Pros:
Efficient and fast execution
Scalable

Cons
High memory
DoS attack

Question 9

Hardware Security Module: Pros and Cons

Answer 9

Pros:
Physical security
Secure execution

Cons
High cost