Secure updates for navigation systems and company

Oct 05, 2011

At the push of a button by the driver, control units download the car manufacturer's new software -- such as enhanced map material for the navigation system. To ensure that this data channel is protected from hacker attack, the system needs the right cryptographic key. To date, these keys have been stored in each one of a vehicle's electronic control units.

Thanks to a new form of trust anchor, this will be simpler and more economical in the future. Researchers will present this process at it-sa, the IT security trade fair held October 11-13 in Nuremberg.

Imagine you live in Germany and want to take a few days of vacation in the French Alps. You have booked a hotel. To find it without having to thumb through road maps in hard copy, the must be retrofitted with French maps. To accomplish this, you either have to take a trip to the garage before setting out on the long journey, or you must obtain a CD with the appropriate data. The navigation system of the future however will download updates by itself at the driver's instruction. If the driver launches the program, the system returns numerous security questions – this is the only way to protect data transfer from hackers. Up until now, manufacturers have stored cryptographic keys on every device that is to download such manufacturer updates or communicate with other control units. If a device requests an update, first it must use the right key to prove that it is entitled to receive one.

This is just one example of an application in which cryptography plays a decisive role in providing in-car protection. It is also the reason carmakers need to safely store numerous cryptographic keys in a vehicle's electronic control units. Researchers at the Fraunhofer Research Institution for Applied and Integrated Security AISEC in Garching near Munich have come up with a secure but economical method that accomplishes this. "We have developed a trust anchor – a device that securely stores cryptographic keys. Control units can use these keys, whether to request manufacturer updates or to communicate with one another," explains Alexander Kiening, a researcher at AISEC. But how does the process work? If a driver wants new material for his or her navigation system, for instance, the system retrieves the key it needs from the central trust anchor. To do so, first it has to authenticate itself by demonstrating that the request really is coming from the navigation system; then it must prove that it has not been manipulated. To accomplish this, the trust anchor checks whether the software in the device matches the valid version. If this query is successful, the navigation system receives the key it can then use to establish a secure virtual private network data channel (VPN for short) to the manufacturer. It then downloads the desired software through this channel. Once this is complete, the updated device informs the trust of a successful modification to the software.

The project is part of the group research project "Security in Embedded IP-based Systems (SEIS)" initiated by the German Federal Ministry of Education and Research (BMBF). Researchers have already developed a first demonstrator model in collaboration with Infineon, Continental and the Fraunhofer Research Institution for Communication Systems ESK.

Explore further: Lifting the brakes on fuel efficiency

add to favorites email to friend print save as pdf

Related Stories

Premium info for car drivers

Sep 01, 2009

( -- What will the weather be like over the next few hours on the A3 between Nuremberg and Würzburg in Germany? Could fog be a problem? A new system will enable automakers to offer their customers ...

Secure radio signal for central locking

Feb 01, 2010

( -- Remote central locking is among the most convenient aspects of modern motoring. Transmission of the radio signal that activates the system is not particularly secure, however. A new encryption ...

T-Mobile launching Garmin navigation phone

Apr 21, 2010

With some 45 million people expected to buy automotive navigation devices this year -- not to mention upgrading to a smartphone -- T-Mobile USA saw a new opportunity.

Java Mobile Phones Find the Way – New Mobile Navigation

Dec 06, 2005

Java-enabled mobile phones are becoming mobile pathfinders. VDO Dayton has become the first supplier to launch a navigation system for cell phones that feature the widely used programming language Java. Navigation ...

Recommended for you

Lifting the brakes on fuel efficiency

Apr 18, 2014

The work of a research leader at Michigan Technological University is attracting attention from Michigan's Governor as well as automotive companies around the world. Xiaodi "Scott" Huang of Michigan Tech's ...

Large streams of data warn cars, banks and oil drillers

Apr 16, 2014

Better warning systems that alert motorists to a collision, make banks aware of the risk of losses on bad customers, and tell oil companies about potential problems with new drilling. This is the aim of AMIDST, the EU project ...

User comments : 0

More news stories

Ex-Apple chief plans mobile phone for India

Former Apple chief executive John Sculley, whose marketing skills helped bring the personal computer to desktops worldwide, says he plans to launch a mobile phone in India to exploit its still largely untapped ...

Airbnb rental site raises $450 mn

Online lodging listings website Airbnb inked a $450 million funding deal with investors led by TPG, a source close to the matter said Friday.

Health care site flagged in Heartbleed review

People with accounts on the enrollment website for President Barack Obama's signature health care law are being told to change their passwords following an administration-wide review of the government's vulnerability to the ...

A homemade solar lamp for developing countries

( —The solar lamp developed by the start-up LEDsafari is a more effective, safer, and less expensive form of illumination than the traditional oil lamp currently used by more than one billion people ...

NASA's space station Robonaut finally getting legs

Robonaut, the first out-of-this-world humanoid, is finally getting its space legs. For three years, Robonaut has had to manage from the waist up. This new pair of legs means the experimental robot—now stuck ...

Filipino tests negative for Middle East virus

A Filipino nurse who tested positive for the Middle East virus has been found free of infection in a subsequent examination after he returned home, Philippine health officials said Saturday.

Egypt archaeologists find ancient writer's tomb

Egypt's minister of antiquities says a team of Spanish archaeologists has discovered two tombs in the southern part of the country, one of them belonging to a writer and containing a trove of artifacts including reed pens ...