Tesla is able to do this because its cars receive software updates much like an iPhone does, via the Internet in an update process called “over-the-air” or OTA updates. Tesla is one of the only car companies that can do this with their cars, sending updates to fix a security flaw or update autonomous driving capabilities.
Contrast this with the approach taken by Chrysler who sent out USB sticks with an update to 1.4 million vehicles after hackers showed they could remotely take control of a Jeep. With the USB updates, there was really no way of knowing whether the updates had been applied properly or even got to the right person.
Your car is a collection of computers on wheels
Most people would not realise how much of a car’s function is controlled by computer processors, communicating via a network in the car. The average car can have between 25 and 50 different processors, with cars from BMW and Mercedes having around 100 processors each. These processors control everything from advanced engine features to braking, automatic parking, collision detection, entertainment, navigation and security. As cars become more intelligent, they are coming to rely on increasingly sophisticated software.
All of these processors have software that at the moment can only be updated by taking the car into to an authorised dealer. Car recalls have become a multi-billion dollar expense for the car industry and a major inconvenience to owners.
Over-the-air updates however will be coming to most cars in the near future. General Motors recently announced that it would be starting to deliver updates to its cars using GM’s OnStar network. Bosch, one of the leading companies delivering electronics and processing to car manufacturers is gearing up to deliver secure over-the-air capabilities to cars through a subsidiary escrypt. It is estimated that 180 million cars will be built with this capability in the next 5 years.
Despite the recent interest, car manufacturers have been wary of updating vehicles in this way. There was a concern that too many things could go wrong during the update leaving the car un-drivable. Security has also been a concern. Hackers could potentially intervene and substitute malware for example with potentially lethal consequences.
How do over-the-air updates work?
The process of updating a car however turns out to be not that dissimilar from updating an iPhone. In fact, the acceptance of over-the-air updates of a car starts with the fact that people are more familiar and comfortable with updating a phone. They understand that the process can’t be interrupted and the phone must have enough power for example.
From the technological perspective, the update is encrypted is accompanied with appropriate signatures that get checked and accepted by special security hardware on the car called a hardware security module. The updates are transmitted over secure connections and special software on the car is able to receive the update and apply it. If something goes wrong during the update, the system needs to be able to roll the update back and leave the original version of software intact and operating.
The advent of more autonomous driving capabilities in cars will make updates essential as with the case of Tesla. Whilst these updates could be done at an annual service, the demands of autonomous driving will require more frequent updates of software. At the same time, consumers are becoming sophisticated enough to be able to manage these updates themselves.
There will still be some turbulence to overcome
The challenges to companies wanting to move to over-the-air updates however may not just be car manufacturers moving slowly. Traditional car dealers may see this as a way of cutting them them out of the loop and so may resist any regulations allowing these types of updates outside of a normal service.
Other potential barriers may come from regulators. The United Nations Economic Commission for Europe (UNECE) has a task force looking at cybersecurity and over-the-air updating in motor vehicles. One area of concern for this group is that if a vehicle has been certified by a country’s motor vehicle safety standards, what happens if it receives an over-the-air update that changes how it performs? Does this render its certification invalid? This might especially be the case if the vehicles emissions change as a result of the software update.
Another challenge that may give car manufacturers pause is that if a car can be updated with new features using a simple software update, will customers hang onto the cars for longer and so not upgrade their cars so often?
Authors: David Glance, Director of UWA Centre for Software Practice, University of Western Australia