The system administers the cryptographic keys and access rights centrally. Authorized software developers have to identify themselves with a smart card before they get the permission to release a new version of an ECU software module. The process of releasing the software version is secured through multiple cryptographic signatures, the company says.
Once deployed in an authorised workshop or garage, the ECU in question verifies if the software update is indeed generated by the correct provider by applying the signature to the software. By the same token, the ECU verifies that the software has not been altered in any way. This procedure rules out any manipulation of the software installed in the car, believes Escrypt general manager Thomas Wollinger. Since all keys and access rights are stored cenrally, the customer - typically an automotive OEM or tier one - can change or recall the developer's authorisation across the internet. An optional offline version enables using the system in cases when no internet access is available, enabling ad-hoc test drives.
The key management solution can be operated by the customer or, if desired, as a managed service, by Escrypt. While it has been developed for automotive customers in the first place - and is used in this industry by at least one major OEM - it can also be adapted to many other user environments. Escrypt believes that in particular applications in the 'Internet of Things' can benefit from the key management solution.