Mender Blog

4 Challenges to Ensure Seamless OTA Updates Across Smart Vehicle Fleets | Mender

Written by Admin | Aug 29, 2023 4:00:00 AM

Where over-the-air (OTA) updates once only served to reduce recall costs, they now act as a game-changer for the automotive industry. Volvo, for example, upgraded its Apple CarPlay experience for over 650,000 vehicles through a new OTA update – a change that would have been arduous in years past.

Today, OTA updates offer a plethora of benefits, including better customer experience, new business models with software differentiation, faster innovation and heighted competitive potential, as well as the traditional recall cost reductions. The benefits of OTA updates will only expand as autonomous and software-defined vehicles become ubiquitous.

However, as automakers deploy OTA updates across a wide range of vehicle models, they face unique challenges in managing software complexity across all models. In the United States and Europe, it is estimated automotive OEMs lose $900 million a year due to inadequate OTA update infrastructure. That is, the lack of an adequate OTA update infrastructure from OEMs is requiring them (and their consumers) to still perform physical visits for software updates.

Diving into the four most common challenges for deploying OTA software updates to various vehicle models and considering key implications for OTA updates in advance – matched with leveraging best practices – can help OEMs ensure a seamless and high-quality update experience for customers.

1. Ensuring safety & cybersecurity

Vehicle and consumer safety is the top priority of any OEM – exacerbated by the addition of technology to create smart or autonomous vehicles. Partial or failed updates leaving the vehicle inoperable and inaccurate or unauthorized update deployment, among others, are safety issues and must be avoided at all costs. Ensuring the safe application and usage of OTA updates in vehicles is the first challenge OEMs must overcome.

In tandem, ensuring robust data and cybersecurity measures are paramount to protecting vehicles from potential cyber threats. The infamous Jeep hack – where ethical hackers took control of a Jeep remotely – exemplifies a worst-case scenario. Yet, there are numerous cases highlighting the need for robust cybersecurity, from adversaries stealing vehicles through the CAN IoT hack to EV charging station hacking. As vehicles become more technologically enables, even a single security breach can have far-reaching consequences, damaging consumer trust and brand reputation.

To address cybersecurity concerns, automakers must implement end-to-end encryption protocols to protect data during transmission. Role-based access control (RBAC) restricts unnecessary network access based on user roles within an organization. Regular security audits and continuous monitoring of OTA update processes can identify vulnerabilities and ensure that data remains secure throughout the update process. Establishing a clear security framework allows OEMs to enhance compliance, reduce costs, and decrease the risk of breaches and data leakage.

Arbitrary pre- and post-install actions and cryptographic integrity verification are two must-have features for OTA updates in the automotive industry:

  • Arbitrary pre- and post-install actions ensure safety-critical updates are only installed during appropriate times – when the vehicle is not moving – and under certain conditions to ensure success, such as the vehicle’s battery capacity to successfully complete the software update.
  • Cryptographic integrity verification ensures that only authorized, integral binaries are installed on the vehicle, creating an important layer of security – a feature that Tesla lacked in 2016, exposed through a cyber hack.

In addition to best practices in cybersecurity, data security, and regulatory compliance, these features help ensure vehicle and consumer safety while enabling robust OTA updates.

2. OTA updates across a heterogeneous environment

Automotive manufacturers typically produce a variety of vehicle models, each built on different hardware and software platforms – compounded exponentially by different versions across each. Heterogeneity creates a significant challenge in designing OTA updates compatible with a diverse fleet of vehicle models and years. Ensuring a software update can seamlessly deploy to various vehicle models without causing malfunctions or glitches requires meticulous planning, testing, and validation.

To overcome this challenge, automakers must invest in advanced and scalable OTA platforms that automatically adapt to different hardware configurations. Particularly important for smart and autonomous vehicles, any OTA update infrastructure should support enterprise use cases and security requirements. Software dependency management, unlimited scalability, on-premise support, and extensive logging, audits, and reporting are critical features for deploying OTA updates across vehicle fleets.

3. Complying with regulations and standards

Different regions and countries have distinct regulations and standards concerning vehicle software updates. Navigating these regulatory requirements while delivering seamless OTA updates across diverse markets poses a considerable challenge for automakers.

Automakers must prioritize compliance by keeping themselves updated on regional regulations and incorporating them into their OTA update strategies. Collaborating with regulatory authorities can establish standards and guidelines that promote consistency, safety, and security across various vehicle models. ISO/SAE 21434 and UNECE R155/R156 are standards designed to safeguard vehicles in a world that combines digital and physical elements.

For example, UNECE R156 includes parameters for vehicle software updates and the software update management systems. Under this regulation, OEMs should consider:

  • The compatibility and dependencies of software with the vehicle, such as having a sufficient battery level for a software update.
  • Inform and notify the user when an update is available and the outcome of an update.
  • Log before and after software update versions and ensure data integrity.
  • Establish a rollback or ‘safe state’ in case of an update failure.
  • Ensure it is not possible to update while the vehicle is in motion or other unsafe scenarios.

It is essential to follow these guidelines to create a secure foundation for OTA updates that are effective and resilient.

Learn more about complying with ISO/SAE 21434 and UNECE R155/R156 here.

4. Deploying updates over diverse bandwidth and network conditions

Another challenge to overcome is bandwidth limitations. OTA updates are transmitted wirelessly, and vehicles may have varying connectivity and bandwidth capabilities. Large OTA updates are problematic in regions with poor network coverage, slow internet speeds, or limited data plans. Large updates may take longer to download, increasing the risk of interrupted downloads.

Automakers should optimize the size of OTA updates to tackle bandwidth limitations without compromising on critical improvements. Delta updates are a more efficient way of updating software as they only download the changes made to the existing package rather than the entire package itself. Delta updates reduce the amount of data to be transferred, significantly optimizing network requirements and download times. Additionally, utilizing features such as "scheduled deployments" during off-peak hours can effectively help reduce network requirements. Delta updates make the update process faster and more convenient for users.

Paving the way for seamless updates in the automotive industry

Over-the-air updates has grown from being merely a cost-saving mechanism to a transformative opportunity for the automotive industry, enabling continuous improvement, enhanced safety, and a better consumer driving experience. Despite the various challenges that smart vehicles face, automakers can overcome these hurdles with advanced and scalable OTA platforms.

History has shown automakers trying to re-invent the OTA wheel have been affected by cybersecurity failures, spending an excessive amount of time on this infrastructure, rather than innovating, and lengthy product and feature delays.

By using professional OTA update solutions the automotive industry can can stay committed to innovation and unlock the full potential of OTA updates and drive the future of mobility toward a safer, smarter, and more connected experience for all.

Keep reading

Dive into more resources about OTA updates in the automotive industry: