Uptane

Last updated

Uptane is a Linux Foundation / Joint Development Foundation hosted software framework designed to ensure that valid, current software updates are installed in adversarial environments. [1] [2] It establishes a process of checks and balances on these electronic control units (ECUs) that can ensure the authenticity of incoming software updates. [3] Uptane is designed for "compromise-resilience," or to limit the impact of a compromised repository, an insider attack, a leaked signing key, or similar attacks. [4] [5] It can be incorporated into most existing software update technologies, but offers particular support for over-the-air programming or OTA programming strategies originating from The Update Framework. [6]

Contents

History

Uptane was developed by a team of engineers at New York University Tandon School of Engineering in Brooklyn, NY, the University of Michigan Transportation Research Institute in Ann Arbor, MI, and the Southwest Research Institute in San Antonio, TX. [7] [8] It was developed as open source software under a grant from the U.S. Department of Homeland Security. [9]

In 2018, the Uptane Alliance, a non-profit organization, was formed under the aegis of IEEE-ISTO [10] [11] to oversee the first formal release of a standard. The first standard volume, entitled IEEE-ISTO 6100.1.0.0 Uptane Standard for Design and Implementation, was released on July 31, 2019. [12] Uptane was recognized in 2017 by Popular Science as one of that year’s top security innovations. [13]

As of 2020, multiple implementations of Uptane are available, both through open source projects such as the Linux Foundation’s Automotive Grade Linux, [14] [15] and through third party commercial suppliers, such as Advanced Telematic Systems (ATS), now part of Here Technologies, [16] [17] and Airbiquity. [18] [19] There is also a reference implementation meant to aid adopters implementing Uptane. [20]

Related Research Articles

The Portable Operating System Interface is a family of standards specified by the IEEE Computer Society for maintaining compatibility between operating systems. POSIX defines both the system and user-level application programming interfaces (APIs), along with command line shells and utility interfaces, for software compatibility (portability) with variants of Unix and other operating systems. POSIX is also a trademark of the IEEE. POSIX is intended to be used by both application and system developers.

Trusted Computing (TC) is a technology developed and promoted by the Trusted Computing Group. The term is taken from the field of trusted systems and has a specialized meaning that is distinct from the field of confidential computing. With Trusted Computing, the computer will consistently behave in expected ways, and those behaviors will be enforced by computer hardware and software. Enforcing this behavior is achieved by loading the hardware with a unique encryption key that is inaccessible to the rest of the system and the owner.

L4 is a family of second-generation microkernels, used to implement a variety of types of operating systems (OS), though mostly for Unix-like, Portable Operating System Interface (POSIX) compliant types.

<span class="mw-page-title-main">Synopsys</span> American software company

Synopsys, Inc. is an American electronic design automation (EDA) company headquartered in Sunnyvale, California, that focuses on silicon design and verification, silicon intellectual property and software security and quality. Synopsys supplies tools and services to the semiconductor design and manufacturing industry. Products include tools for logic synthesis and physical design of integrated circuits, simulators for development, and debugging environments that assist in the design of the logic for chips and computer systems. As of 2023, the company is a component of both the Nasdaq-100 and S&P 500 indices.

An over-the-air update, also known as over-the-air programming, is an update to an embedded system that is delivered through a wireless network, such as Wi-Fi or a cellular network. These embedded systems include mobile phones, tablets, set-top boxes, cars and telecommunications equipment. OTA updates for cars and internet of things devices can also be called firmware over-the-air (FOTA). Various components may be updated OTA, including the device's operating system, applications, configuration settings, or parameters like encryption keys.

AUTOSAR is a global development partnership founded in 2003 by automotive manufacturers, suppliers and other companies from the electronics, semiconductor and software industries. Its purpose is to develop and establish an open and standardized software architecture for automotive electronic control units (ECUs).

<span class="mw-page-title-main">Trusted Platform Module</span> Standard for secure cryptoprocessors

Trusted Platform Module (TPM) is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. The term can also refer to a chip conforming to the standard ISO/IEC 11889. Common uses are to verify platform integrity, and to store disk encryption keys.

Package format is a type of archive containing computer programs and additional metadata needed by package managers; an instance of this type of archive is called a package. While the archive file format itself may be unchanged, package formats carry additional metadata, such as a manifest file or certain directory layouts. Packages may contain either source code or executable files.

<span class="mw-page-title-main">Intel Active Management Technology</span> Out-of-band management platform by Intel

Intel Active Management Technology (AMT) is hardware and firmware for remote out-of-band management of select business computers, running on the Intel Management Engine, a microprocessor subsystem not exposed to the user, intended for monitoring, maintenance, updating, and repairing systems. Out-of-band (OOB) or hardware-based management is different from software-based management and software management agents.

Lynx Software Technologies, Inc. is a San Jose, California software company founded in 1988. Lynx specializes in secure virtualization and open, reliable, certifiable real-time operating systems (RTOSes). Originally known as Lynx Real-Time Systems, the company changed its name to LynuxWorks in 2000 after acquiring, and merging with, ISDCorp, an embedded systems company with a strong Linux background. In May 2014, the company changed its name to Lynx Software Technologies.

Software-defined networking (SDN) is an approach to network management that enables dynamic and programmatically efficient network configuration to improve network performance and monitoring in a manner more akin to cloud computing than to traditional network management. SDN is meant to improve the static architecture of traditional networks and may be employed to centralize network intelligence in one network component by disassociating the forwarding process of network packets from the routing process. The control plane consists of one or more controllers, which are considered the brains of the SDN network, where the whole intelligence is incorporated. However, centralization has certain drawbacks related to security, scalability and elasticity.

<span class="mw-page-title-main">Smack (software)</span> Linux kernel security module

Smack is a Linux kernel security module that protects data and process interaction from malicious manipulation using a set of custom mandatory access control (MAC) rules, with simplicity as its main design goal. It has been officially merged since the Linux 2.6.25 release, it was the main access control mechanism for the MeeGo mobile Operating System. It is also used to sandbox HTML5 web applications in the Tizen architecture, in the commercial Wind River Linux solutions for embedded device development, in Philips Digital TV products., and in Intel's Ostro OS for IoT devices.

<span class="mw-page-title-main">OPS-SAT</span>

OPS-SAT was a CubeSat by the European Space Agency (ESA), intended to demonstrate the improvements in mission control capabilities that will arise when satellites can fly more powerful on-board computers. The mission had the objective to break the cycle of "has never flown, will never fly" in the area of satellite control. It was the first CubeSat operated directly by ESA.

<span class="mw-page-title-main">Librem</span> Computer line by Purism featuring free software

Librem is a line of computers manufactured by Purism, SPC featuring free (libre) software. The laptop line is designed to protect privacy and freedom by providing no non-free (proprietary) software in the operating system or kernel, avoiding the Intel Active Management Technology, and gradually freeing and securing firmware. Librem laptops feature hardware kill switches for the microphone, webcam, Bluetooth and Wi-Fi.

Justin Cappos is a computer scientist and cybersecurity expert whose data-security software has been adopted by a number of widely used open-source projects. His research centers on software update systems, security, and virtualization, with a focus on real-world security problems.

<span class="mw-page-title-main">Link Motion</span>

Link Motion is an automotive software and hardware company developing embedded automotive systems that have been used in the Lamborghini Huracán. Their main product is the Motion T carputer which can implement a connected vehicle gateway as a separate unit or as a part of the cockpit solution (eCockpit). The Motion T carputer runs on NXP's i.MX8 multi-OS platform, supports four in-car HD displays and hosts connectivity features on Microsoft’s connected vehicle platform, a set of services built on the Microsoft Azure cloud, such as over-the-air software and firmware updates, telemetry and diagnostics data and secure remote access.

The Update Framework (TUF) is a software framework designed to protect mechanisms that automatically identify and download updates to software. TUF uses a series of roles and keys to provide a means to retain security, even when some keys or servers are compromised. It does this with a stated goal of requiring minimal changes and effort from repository administrators, software developers, and end users. In this way, it protects software repositories, which are an increasingly desirable target for hackers.

William "Chuck" Easttom II is an American computer scientist specializing in cyber security, cryptography, quantum computing, and systems engineering.

Automotive security refers to the branch of computer security focused on the cyber risks related to the automotive context. The increasingly high number of ECUs in vehicles and, alongside, the implementation of multiple different means of communication from and towards the vehicle in a remote and wireless manner led to the necessity of a branch of cybersecurity dedicated to the threats associated with vehicles. Not to be confused with automotive safety.

Internet of vehicles (IoV) is a network of vehicles equipped with sensors, software, and the technologies that mediate between these with the aim of connecting & exchanging data over the Internet according to agreed standards. IoV evolved from Vehicular Ad Hoc Networks, and is expected to ultimately evolve into an "Internet of autonomous vehicles". It is expected that IoV will be one of the enablers for an autonomous, connected, electric, and shared (ACES) Future Mobility.

References

  1. Detsch, Jack (18 January 2017). "Are Software Updates Key to Stopping Criminal Car Hacks?". Christian Science Monitor. Retrieved 1 May 2020.
  2. Matthews, Lee (19 January 2017). "Uptane will Protect Your Connected Car from Hackers". Forbes. Retrieved 1 May 2020.
  3. Kuppusamy, Trishank Karthik; Brown, Akan; Awwad, Sebastien; McCoy, Damon; Bielawski, Russ; Mott, Cameron; Lauzon, Sam; Weimerskirch, Andre; Cappos, Justin (November 2016). "Uptane: Securing Software Updates for Automobiles" (PDF). escar2016.{{cite journal}}: Cite journal requires |journal= (help)
  4. Kerner, Sean Michael (24 April 2017). "How The Update Framework Improves Security of Software Updates". eWeek. Retrieved 1 May 2020.
  5. Kuppusamy, Trishank Karthik; Torres-Arias, Santiago; Diaz, Vladimir; Cappos, Justin (March 2016). "Diplomat: Using Delegations to Protect Community Repositories" (PDF). NSDI 2016.{{cite journal}}: Cite journal requires |journal= (help)
  6. "Uptane Design". uptane.github.io. April 1, 2022. Retrieved 2023-08-18.
  7. Woods, Tyler (19 January 2017). "NYU Tandon Prof Unveils Homeland Security-funded Framework for Software Security in Cars". Technical.ly. Retrieved 4 January 2019.
  8. Flahive, Paul (26 January 2017). "A Future Car May Be Protected From Hacking By Software Developed In San Antonio". All Things Considered-Texas Public Radio. Retrieved 4 January 2019.
  9. "Cyber Security Division Technology Guide 2018" (PDF). US Department of Homeland Security: 9. Retrieved 4 January 2019.{{cite journal}}: Cite journal requires |journal= (help)
  10. "Uptane Alliance". IEEE/ISTO. 31 July 2018. Retrieved 8 January 2020.
  11. Frost, Adam (29 May 2019). "Here Technologies joins the Uptane Alliance for highly-secure software updates". TrafficTechnologyToday.com. Retrieved 8 January 2020.
  12. "IEEE-ISTO 6100.1.0.0 Uptane Standard for Design and Implementation" (PDF). IEEE/ISTO. 31 July 2019. Retrieved 8 January 2020.
  13. Atherton, Kelsey D.; Feltman, Rachel (17 October 2017). "The year's most important innovations in security". Popular Science. Retrieved 1 May 2020.{{cite journal}}: Cite journal requires |journal= (help)
  14. "About Automotive Grade Linux". AGL. Retrieved 8 January 2020.
  15. "Linux Foundation's Open Source Automotive Software Project Takes Off". Xconomy.com. 7 May 2019. Retrieved 8 January 2020.
  16. "ATS integrates Uptane security framework for OTA updates". IHS Markit/Autotechinsight. 19 June 2017. Retrieved 1 May 2020.
  17. Rajan, Piyush (15 June 2017). "ATS integrates the Uptane security framework for OTA updates". Telematics Wire. Retrieved 1 May 2020.
  18. D’Mello, Anasia (14 December 2018). "Airbiquity reinforces the security and data analysis features of OTAmatic". IoT Now. Retrieved 1 May 2019.
  19. "Airbiquity to showcase latest version of OTAmatic™ over-the-air software and data management offering at CES 2019". Automotive World. 18 December 2018. Retrieved 1 May 2020.
  20. "Uptane: Secure Framework for Automotive Software Updates—Reference Implementation and Demonstration code". GitHub . 23 September 2019. Retrieved 29 April 2020.

Further reading