Have you heard? Over-the-Air (OTA) Update systems for automotive software are now being regulated. The United Nations Economic Commission for Europe’s (UNECE) World Forum for Harmonization of Vehicle Regulations has adopted new regulations to manage cyber risks and provide safe and secure software updates for the more than 300 million lines of automotive software code expected to be in passenger cars, vans, trucks and buses by 2030.
Read on for a quick overview of the main points in the UNECE document WP.29 and how Aurora Labs’ in-vehicle software solutions enable car manufacturers to comply with the new OTA regulations and their effect on vehicle type approval.
The adopted regulation outlines the requirements and processes needed to assure that the software update management system (SUMS) guarantees safe, secure and reliable OTA updates. The regulation covers Safety, Security and Documentation. Given the widespread use of UN regulations in the automotive sector around the world, the broad adoption of these regulations is expected in January, 2021, among and beyond the 54 Contracting Parties/countries.
The UNECE press release announcing the adoption of the regulations notes that certain regions and countries have already committed to applying the regulations. Japan has indicated that it plans to apply these regulations upon entry into force starting January 2021 and in the European Union the new regulations will be mandatory for all vehicles produced starting July, 2024.
In terms of safety, specific document details include verification of the vehicle resources prior to commencing the update, and the ability to restore software to a previous version in case an over-the-air update failed or was interrupted. In addition, there are recommendations for how to handle software interdependencies, compatibility of software updates, and type approvals.
To comply with the security recommendations, an auto manufacturer needs to prove that software manipulation and compromise can be prevented, and software functionality, authenticity, integrity can be verified and validated.
WP.29 also lists required documentation covering:
- Device and software configuration
- Software versions
- Target vehicles
- Purpose of an OTA update, what systems the update affects, type approval details and confirmation that the software update is conducted safely and securely
The regulation discusses the effect an OTA update may have on type approved functionality in the vehicle. Specifically, sections 22.214.171.124 and 8.1 refer to the situation when an update has an effect on a previous type approved vehicle function.
The change to the component or system resulting from the update needs to be documented and evidence needs to be given on the direct effect of the change on the type approved function and any connected/dependant type approved systems. The changes may then be deemed by the testing authority to require one of the following three outcomes to the type approval certificate of conformity (CoC):
- Revision – the modifications do not affect the performance of the type approved function
- Extension – the changes are substantial enough to require an extension to the type approval document (often a costly process)
- Amendment – the changes have a direct effect on the performance of type approved functionality and will require additional testing (and documentation) for an amended type approval
Aurora Labs’ Self-Healing Software solutions, specifically Auto Update and Auto Validate, are key for automotive manufacturers to effectively comply with the new requirements defined by the UNECE to keep the Software Update Management System safe and secure.
Auto Update is the industry’s only OTA solution that updates all ECUs from bumper to bumper regardless of component resources, it uses standard protocols, updates with zero downtime, and does this all without requiring dual memory or a software client to be integrated into every ECU in the vehicle.
Only Aurora Labs’ Auto Validate provides standardized and documented evidence of the changes made within a software function and the effects the change has on the dependent software functions, greatly reducing the time and cost involved to maintain Whole Vehicle Type Approval (WVTA) throughout the vehicle’s lifecycle.
As more and more software enters the vehicle, from several different sources including the OEM itself, Tier 1 and Tier 2 suppliers and the open source community, the need to truly understand software behavior is paramount to the delivery of vehicles to be deemed certified and road worthy. Aurora Labs is at the heart of this fascinating time in the automotive industry and well positioned to help software-driven automotive manufacturers succeed.