August 13, 2020
Over-the-air updates (OTA) are a reliable, convenient and secure way to update vehicle software. Having administered updates to more than 35 million vehicles on the road today, HARMAN leads this space, allowing OEMs and Tier-1 suppliers to adapt to an evolving market landscape by securely managing all in-vehicle software components anywhere and at any time–whether on the production line, at dealer lots or in car owners’ driveways. Hadas Topor Cohen, Senior Director, Head of Products & Business Development, OTA & Cybersecurity at HARMAN, leads a team of experts focused on ensuring the most relevant in-vehicle software functionality for customers. Here Hadas answers questions she’s commonly asked about OTA updates.
What is automotive OTA and why is it needed? How does HARMAN OTA compare to other industry solutions?
Hadas: According to the GSMA (an industry organization that represents the interests of mobile network operators worldwide), all new cars will be connected by 2025 and will have a growing number of in-vehicle systems that are dependent on software. On average, there are more than 100 ECUs in a vehicle and more than 100 million lines of code. Additionally, there is an inherent complexity in the automotive supply chain, with lack of visibility to third-party source code, software bugs, and vulnerabilities. HARMAN OTA is the industry-leading solution for managing full-vehicle software and keeping it up-to-date despite all of this complexity.
How long does it usually take to update a vehicle over-the-air?
Hadas: The OTA update time varies and is dependent on several factors, some of which include:
In your opinion, how do you optimize the OTA update process?
Hadas: To improve the update time and provide a good user experience, OEMs can use advanced OTA capabilities, such as:
If new faults/errors occur after a vehicle OTA update, it can lead to customer dissatisfaction. Why do faults occur at this stage? How does HARMAN deal with it?
Hadas: When new faults are introduced after a successful OTA update, it might disappoint and confuse the customer. HARMAN OTA allows the OEM to execute a validity check after every update to verify that it was applied correctly in the vehicle and ran as expected. In case this fails, HARMAN OTA will initiate rollback to the relevant software to its previous version. This post-update check helps the OEM maintain the vehicle in a safe and functioning state after each update. The customer will be notified about next steps immediately when this occurs.
When implementing an OTA rollback, how is the HARMAN solution optimized towards energy consumption and/or update duration for both, BEVs (battery electric vehicles) and ICEs (internal combustion engine vehicles)?
Hadas: HARMAN optimizes the update to prevent excessive energy consumption by:
What is the maximum software volume (embedded ECUs & double bank ECUs) that can be handled by HARMAN OTA?
Hadas: Limitations are usually raised by the platform (such as storage limitations, OS limitations) and not by the OTA process itself. Therefore, it all depends on the vehicle(s) that are being updated. Currently we have OEMs that updating up to 50 ECUs in the same vehicle.
One of the biggest concerns today is cybersecurity or protecting your personal and vehicle information. How can you guarantee information security when doing remote vehicle updates by OTA? What is HARMAN’s solution strategy?
Hadas: Security is one of the fundamental requirements to safe and secure OTA. OEMs must verify their OTA updates are secure. HARMAN secures its OTA process starting from the design phase and coding standards and static and dynamic code analysis all based on SSDLC. In addition, we execute threat analysis on OTA processes and develop a mechanism to secure the process end-to-end, from uploading the new software version to the server until it is downloaded and re-flashed on the ECU and reports back the status of the update to the vehicle. To verify all mechanisms developed as designed, we run penetration tests by external experts to verify that the solution is as secure as we expect it to be. OTA updates are critical to the OEM and act as security remediation tool and therefore must be secured.
Why should companies choose to work with HARMAN for OTA updates?
Hadas: There are many reasons to use HARMAN for OTA updates. I will mention the top reasons. HARMAN OTA is a trusted solution and is being used by more than 40 global vehicle manufacturers and it is already deployed on 38 million vehicles worldwide. Additionally, HARMAN is contracted to update 350 million vehicles worldwide in the years to come. HARMAN OTA is Automotive Grade A-Spice Level 3 certified and we belong to many standards bodies that focus on OTA in the automotive industry such as:
Additionally, HARMAN (formerly Red Bend) has been delivering OTA solutions since 1999 meaning we are the longest standing provider of OTA services in the automotive industry. We have gained the trust of our customers by providing a reliable solution through the years.
The recent report written by IHS Markit is also a valuable resource: Automotive OTA Deployment Strategies: The Build, Buy or Partner Equation
Hadas Topor Cohen
Senior Director, Head of Products & Business Development - OTA & Cybersecurity, HARMAN
Connect with the Author: LinkedIn