Sibros Closes $12 Mn Series A Funding for First Deep Connected Vehicle Platform
Read More
Deep ConnectED Platform

OTA Cybersecurity

Ensure highly secure OTA software updates and data collection with automotive grade cybersecurity for connected vehicles, powered by Sibros Armor.

Built for Automotive OTA

The automotive industry is undergoing substantial change as sophisticated technologies are being implemented to enable a wide range of new capabilities that improve safety, reliability, and convenience.

In-vehicle software and system architecture is becoming increasingly complex as connectivity interfaces to the outside digital and physical world. Sibros’ built-in security is layered across the entire platform to reduce vulnerabilities, minimize surface attack areas and thwart malicious attacks that can compromise vehicle functionality, safety and security.

Why Sibros Armor for OTA Security?

Built on the IEEE Uptane Standard
Compliant with other global standards  
Leverages additional storage to recover from endless data attacks
Broadcasts metadata to prevent mixed-bundles attacks
Utilizes vehicle version manifests to detect partial bundle installation attacks 
Use a time server to limit freeze attacks 

OTA Cybersecurity

Security: Sibros Armor

Sibros's end-to-end platform leverages the IEEE Uptane OTA security framework designed to be resilient against multiple forms of attacks by providing several layers of security to protect against any single point of failure in the system, including:

  • 2-way authentication to ensure secure communication between the vehicle and cloud
  • Signature checks on all pieces of firmware and metadata sent to the vehicle
  • Signatures and metadata provided to each ECU for secondary verification
  • Protection against malicious firmware signatures with stolen keys
  • Multiple unique pieces of metadata and signatures for different keys

Primary ECU Security: The primary ECU is responsible for download and verification of firmware, associated metadata and distributing the firmware and metadata to all secondary ECUs in the vehicle.

Secondary ECU Security: All secondary ECUs provide a second layer of security by performing an additional verification of the firmware and metadata targeted to that ECU.

Key Features

Multiple Cloud Providers
Easily integrates with other cloud and infrastructure systems like GCP, AWS & Azure
Works in All Geographies
Meets variable load and geographic coverage for automotive services
Manage Full Vehicle Lifecycle
Manage device provisioning as new devices come online in the factory and handle device end-of-life events
Data Privacy & Compliance
Full compliance with GDPR and CCPA
Deploy Whole Vehicle Packages, Not Single ECU Updates
Manage user access and allowed actions based on custom roles and secured access
Manage Software Versions
Build custom software packages, which may include updates for multiple ECUs, and manage all software versions in one place
Metadata Based Targeting
Create large scale deployments based on any available vehicle metadata such as location, model name and year, trim-level etc.
Apply Configuration and Calibration Updates
Support for Software Updates, ECU Calibrations and Vehicle Configurations across all geographies
Draft & Scheduled Rollouts
Create a draft rollout plan, save your progress and come back later to finish activating the rollout. Plan rollout to start at a future date and time
Live Rollout Status
See live rollout status which tracks the number of vehicles per stage of update, as well as updates that have completed successfully, failed, aborted or paused
Control How a Package is Downloaded - Wifi vs. Cellular
When Wifi is available, it can be used to reduce costs of data transfer. Cellular can be used to do critical updates
Deployment Analytics
Detailed deployment logs and statistics from every ECU in every vehicle. Logs can be streamed live or uploaded based on customer defined conditions
Audit Trail
View all updates, changes and history of each deployment and rollout
Secured Communication
Utilizes secure communication via HTTPS / TLS with the vehicles to ensure secured and reliable data exchange
Available by API
All features are available via API to integrate with third-party apps, CI/CD pipelines and ERP systems
Multi-step Authorization
Role Based Access Control and set approvers and reviewers for deployments
Full Vehicle Updates
Update all ECUs across all domains (such as powertrain, chassis, body, ADAS and infotainment) in your vehicle
Single & Dual Bank (A/B) Updates
Both Single Application Update and A/B (redundant) software and calibration updates are supported
Parallel Updates
Update multiple ECUs on the same or different CAN buses to accelerate distribution of updates which reduces risk of system downtime
Self Update
An update to the update system itself, so that it continues to improve along with the rest of your vehicle
Multiple images per ECU
ECU update can include multiple applications, calibration and configuration files that are part of different files in the package
Extensible and Future-Proof
Support for all types of vehicle architectures, networking hardware, operating systems, and communication protocols
Secure ECU Updates
Using IEEE Uptane Standard for securely deploying updates to a vehicle and ensure only images signed and authorized by the OEM are installed on a vehicle
Integrity Checks
Secured ECU updates with integrity checks to avoid malicious attack and corrupted packages update
Automatic Retries
Perform retries and ensure updates are correctly downloaded and installed
Automatic Recovery and Resumable Updates
Prevent vehicles from receiving incomplete software and having to constantly retry from the beginning in case of power loss, connection loss or other failures
Pre- and post-condition safety checks
Customizable condition checks to ensure all ECU updates start and end in safe state
Predictable & Repeatable Updates
Deterministic sequencing of updates leading to higher success rates of deployments in the field when applying updates to ECUs, even if they are  done in parallel.
Delta Vehicle Updates
Changes are only sent for ECUs that have changed without sending entire package
Small Memory Footprint
Package Manager stores the firmware images, and are then streamed out over CAN through the update manager. Vehicle gateway does not require excessive amount of RAM or Flash to store entirety of the images
HMI & Mobile App Integration
Show custom messages and prompts to the user via the in-vehicle display or on their cellphones
Offline Updates
Software Updates applied to the ECUs asynchronously from the cloud package download. Zero dependency on vehicle connectivity status.
Manufacturing & Factory Support
Update software in the factory, perform end-of-line tests, reduce vehicle build times by flashing software and performing tests while the vehicle is going through the assembly line and perform post-production software updates, calibration updates and configuration changes

Curious to Learn More?

Get in touch for a demo or to speak with a specialist.

Deep Connected Platform in 60 Seconds:

Complete Automotive Software & Data Management