Evaluation of Protected Boot Mechanism in Automotive Domain

In the recent years the electronics and software in the car has been increased with the request of new features. Todays vehicles are vulnerable to cyber-attacks due to their connectivity with internet and infrastructure. Due to this security in the automotive domain has gained importance. Earlier the software updates were done at the service station and probability of tampering the software was less. As the vehicles are connected through internet, the car manufacturers are shifting towards over the air updates (OTA). It should be ensured that only authentic software is executed on the micro controller.

Protected boot is a security control used to ensure authentic software is executed on the microcontroller. Protected boot is a mechanism in which authenticity and integrity of the software is checked during the booting phase by using the chain of Trust mechanism. Protected boot can be achieved by using authenticated boot or secure boot mechanism. Integrity of the software is ensured by using symmetric and asymmetric crypto algorithms. Protected boot is executed using sequential or parallel execution mode. Trade off in choosing the correct execution mode is the boot time of the software. This paper provides introduction to protected boot security control. A comparison of different execution modes for protected boot mechanism is also provided so that the users can select suitable protected boot execution mode based on their use case.