Research On OTA-oriented Information Security Protection Protocol

With the development of intelligent networked vehicles,Over-the-Air(OTA)technology has become an important field in the automotive industry.The OTA technology of the car has brought us great benefits,but also brought great security challenges.This paper proposes an OTA-oriented information security protection protocol based on the security requirements of the vehicle CAN bus and the technical characteristics of the vehicle OTA.Ensure the security of data transmission between on-board electronic control units(Electronic Control Unit,ECU)during OTA.This paper first briefly introduces the characteristics of vehicle CAN bus,the background and significance of automotive OTA technology,and analyzes the security problems of OTA technology,proving the necessity of proposing an OTA-oriented information security protection protocol.The OTA-oriented information security protection protocol proposed in this paper is divided into three modules: key distribution module,data transmission module and dynamic update module.The key distribution module is mainly used in the preparation stage before the OTA of the vehicle.First,the gateway ECU detects the legitimacy of the downlink ECU through the public key infrastructure,and then encrypts the key of the AES algorithm used in the OTA of subsequent vehicles through the ECC encryption algorithm,and transmits it to each downlink ECU.The main function of the data transmission module is to ensure the security of data transmission during the OTA upgrade of the vehicle.At this stage,the upgrade data of the vehicle is transmitted from the gateway ECU to the downlink ECU,and the upgrade data is encrypted using a symmetric encryption algorithm before transmission.If during the communication process,the communication parties always use the same symmetric encryption key to encrypt data,as time goes by,malicious nodes will eventually crack the symmetric encryption key.In order to avoid this,this paper introduces the dynamic update module of the key in the process of data transmission.Each time the communication parties transmit a certain number of times,they will update the key at the same time to ensure the freshness of the key.This paper introduces the commonly used encryption algorithm,compares their advantages and disadvantages,and finally chooses the ECC encryption algorithm as the asymmetric encryption algorithm used in this paper,and the AES encryption algorithm as the symmetric encryption algorithm used in this paper.This paper builds an experimental platform based on the STM32F407 development board.Through experiments,it is verified that the proposed protocol can effectively resist message stealing attacks,replay attacks,message forgery attacks and message interception attacks,and has high reliability.And by calculating the running time,it is proven that the proposed protocol can meet the real-time requirements of the vehicle CAN bus.In summary,the OTA-oriented information security protection protocol proposed in this paper has high security,real-time and scalability,and can provide a strong guarantee for the development of automotive OTA technology.