Securely updating ECUs in the field is becoming more complex. Criminals are getting more sophisticated and we regularly see YouTube videos of cars getting stolen or reprogrammed (https://www.youtube.com/results?search_query=ecu+flash). To combat these bootloaders are becoming much more sophisticated. Embed is at the forefront of delivering sophisticated, cyber-secure multi-image bootloaders for automotive clients. Plus our bootloader aids reprogramming over the air to make your ECU a difficult moving target for hackers.
What is a Bootloader?
A bootloader is a piece of software used to reprogram an ECU over a network connection. In automotive applications, the network is usually CAN but may also be Ethernet, FlexRay, GSM or LIN. In other industries, we have seen UART, DBUS and WiFi.
Every OEM has a slightly different download process. Here at Embed we have dealt with many different processes and developed a generic bootloader that can be easily customised to accommodate you.
What is a Boot Manager?
A boot manager is a piece of software that checks the application before running it. It checks that the application is exactly as released and has not been hacked. In basic bootloaders, the verification method is a simple checksum calculated on the complete application. In highly secure bootloaders this is an RSA signature. A checksum is much faster to calculate but far easier to hack. RSA takes longer to calculate and therefore can slow the boot time of an ECU, but is far more secure. Newer microcontrollers have a built-in Hardware Security Module (HSM) designed to quickly perform cryptography algorithms like RSA. This specialist hardware speeds up the ECU boot-time.
Multiple Images for Over-the-Air Reprogramming
To reprogram an ECU over-the-air with a traditional bootloader means for a short while the ECU is out of action. This is because the bootloader erases the application to reprogram the ECU. Now the ECU has no application to run. If the ECU in question is important (and which ones aren’t?) then the car is dead.
To overcome this the Embed Bootloader has the option of double imaging the application. Where the ECU hosts two applications. During the reflash process the bootloader erases one-half of the application memory space to flash in the new application. After the new application has been security checked it is marked as the default application. It is then ready to run, so at all times the ECU is available and the car is never out of action.
To make matters more complex it is not uncommon to have multiple bootloaders. Where one bootloader can replace the other bootloader over-the-air with a new more secure solution. This makes sure your ECU is a constantly moving target for hackers.
Find out more about the Embed Bootloader
Get more information about the Embed bootloaders here:- UDS Bootloaders.
If you already have enough information and need a bootloader for your vehicle or ECU please call now, +44 2476 323 250, or contact us via the website:- Contact Us
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article