In automotive environments, software integrity is critical. Vehicles rely on software to control safety-related functions, making update reliability essential. Differential updates must therefore provide the same security and verification guarantees as full-image installations.
Excelfore addresses this requirement through a cryptographic verification framework based on the Secure Hash Algorithm (SHA).
The integrity model used in Excelfore’s OTA framework ensures that the final installed software exactly matches the trusted software version defined by the campaign.
The process begins with baseline hash generation. When a software component is created, a SHA value is generated from the full software image. This becomes part of the component metadata and serves as the trusted reference for subsequent verification.
During the OTA process, the server generates an appropriate delta. The vehicle reconstructs the target software by combining the prior version binary with the newly received delta file. After reconstruction is complete, the system generates a SHA value from the newly reconstructed binary.
This newly generated hash is then verified against the root-of-trust hash. Only if the two hashes match does the installation proceed.
After installation, the system performs an additional verification step by calculating a SHA value from the software now resident on the device. This final verification confirms that the installation process itself completed correctly.
This layered validation process provides several key protections:
- Cryptographic assurance of a bit-for-bit match to the full binary image from the root-of-trust
- Detection of corruption during transmission, encryption/decryption, or delta compression/reconstruction
- Detection of tampering in OTA payloads
Validation of payload integrity in eSync OTA extends beyond verifying that the payload was received, extending all the way to verifying payload installation in the end device. By verifying the software against a root-of-trust hash, the system confirms that full image or differential (delta) updates produce an identical binary to the version originally approved for deployment.
Conclusion
Security and reliability are fundamental requirements for OTA software updates in modern vehicles. Excelfore’s SHA-based verification framework guarantees that differential updates maintain the same integrity and trustworthiness as full-image installations. This approach ensures safe deployment across fleets while supporting compliance with modern automotive software standards. Using delta compression with SHA for end-to-end verification of integrity, enables secure, efficient, and bandwidth-optimized OTA deployments.
Leave a Comment