Understanding OTA in Three Minutes

Technology

Popular Science

Understanding OTA in Three Minutes

Introduction

With the increasing importance of electronics and software, as well as the rising complexity of vehicles, the lines of software code within automobiles are experiencing exponential growth, with software infiltrating even the most detailed sensor cores. Consequently, automotive companies have placed vehicle software quality, information security, and remote OTA technology on the table, re-evaluating the entire software and electrical architecture. As a result, software at different levels has become one of the fastest iterating parts within the vehicle, necessitating systematic management. When serious software faults or vulnerabilities are detected, timely updates to vehicle software become crucial. The traditional offline repair recall model is becoming increasingly difficult to manage. OTA (Over-the-Air) download technology, which reduces recall costs, responds quickly, and enhances user experience, has become an inevitable choice for the future of intelligent vehicles.

1

The History of OTA

From mobile phones to cars, everyone has a general understanding. Let’s explain a few terms:

OTA, Over The Air, refers to remote wireless methods, specifically remote management of SIM card data and applications via mobile communication (GSM or CDMA) through an air interface. OTA technology can be understood as a type of remote wireless upgrade technology.

FOTA, Firmware Over The Air, refers to cloud-based upgrade technology that provides firmware upgrade services for connected devices such as mobile phones, tablets, portable media players, and mobile internet devices; those who have flashed their phones should have a deep impression of “firmware version,” where firmware upgrades in phones can be referred to as FOTA.

SOTA, Software Over The Air, leans towards application software upgrades.

In fact, the boundary between FOTA and SOTA is quite blurred; remote upgrades of Windows operating systems, mobile phone upgrades, embedded systems, and microcontroller control programs can all generally be referred to as FOTA. In automotive electronics, for ease of discussion, we will refer to app updates in the HU as SOTA, while updates of other ECUs and all updates can be referred to as OTA.

2

Pioneers of Automotive OTA

Let’s take a look at a set of data from Tesla: since the launch of the first Model S until March 2017, Tesla has pushed a total of 25 OTA upgrades (excluding minor versions) over five years, involving various functional domains and at least 22 controllers (based on conventional architecture). Among these: the central control screen has been updated 21 out of 25 times, encompassing bug fixes, display, alerts, interaction, control settings, etc.; 11 out of 25 related to the power and battery system, including energy management, thermal management, performance optimization, and on-board charging; and 10 out of 25 related to the cockpit system, including wipers, seats, PE, door handles, and gullwing doors.

Furthermore, if we categorize “battery main positive relay and main negative disconnection in sequence, rather than simultaneously” as “defect repair,” categorize “location-based intelligent air suspension” as “new feature push,” and categorize “map display mode adjustment” as “interaction interface optimization,” out of a total of 128 items, there are 11 “defect repairs,” 56 “new feature pushes,” and 61 “interaction interface optimizations.”

3

The Core Value of Automotive OTA

At this point, you should have a preliminary understanding of the main purposes of automotive OTA, which roughly include the three points mentioned in the previous section: defect repair, new feature push, and interaction interface optimization. In this section, we will delve deeper into automotive OTA from the perspective of the development trend of automotive electronic and electrical architecture.

First, let’s look at the trend: Software Defined Vehicles (SDV) will become a common development trend in the automotive industry. The core idea of SDV is that the future of automobiles will be determined by software technology centered around artificial intelligence, rather than the horsepower, leather seats, or mechanical performance of the vehicle; high-end automotive controller nodes range from 80 to 100, and the total lines of code in vehicles have already surpassed 100 million lines. Additionally, 80% to 90% of innovations in the automotive industry are based on electronics and depend on software support, and this is still evolving. The level of innovation in automotive electronics will ultimately align with that of IT and traditional consumer electronics.

Next, let’s look at the core value of automotive OTA:

Potential Problem Improvement

The continuously rising amount of code, even when controlled according to the highest software standards of CMMI (Capability Maturity Model Integration) Level 5, still results in a defect rate of 0.32‰, making the scale of potential problems non-negligible; OTA can effectively resolve software faults, reduce software risk issues arising from shortened development cycles through emergency responses, and address information security vulnerabilities.

Introduction of New Functions

Through FOTA functionality, new features can be introduced, giving customers a feeling of continuous freshness and enhancing the user-friendliness of vehicle usage.

Interface Optimization Updates to Enhance Human-Machine Interaction Experience

Connecting vehicles to the internet has changed the traditional model where sales occur after the R&D process ends, making sales the beginning of interaction between manufacturers and customers, which can lead to higher complaint rates. However, updates to interfaces and content can reduce complaint rates to some extent.

4

Typical Structure of Automotive OTA

Understanding OTA in Three Minutes

The above image illustrates the main components involved in the process of updating programs from the manufacturer’s server to the designated ECU in the vehicle. The OTA vehicle-side main control node (OTA Manager) can be deployed in the Telematics Unit or Gateway. First, a secure connection is established between the vehicle and the server via the cellular network to ensure that the new firmware to be updated is securely transmitted to the vehicle’s Telematics Unit, and then to the OTA Manager. The OTA Manager manages the update process of all ECUs in the vehicle. It controls the distribution of firmware updates to the ECUs and informs the ECUs when to perform updates, which is particularly important when multiple ECUs need to be updated simultaneously, such as pushing a new feature that involves multiple ECUs. Once the update process is complete, the OTA Manager sends a confirmation to the server.

The OTA Manager may need external NAND flash for storing firmware packages, which can also be used to store backups of other vehicle ECUs, to be invoked in case of ECU upgrade failures. These backups should be protected through encryption and authentication to prevent external attacks.

The OTA Manager contains a table with relevant information about each vehicle ECU, such as SN numbers and current firmware versions. This facilitates the OTA Manager in verifying the received firmware upgrade package and ensuring it is authorized. If the ECU being updated lacks encryption capability, the OTA Manager is also responsible for decoding and verifying the signature during the update process.

From the above, it is clear the importance of the OTA Manager; based on this and in conjunction with the security, isolation, and inherent multi-connection properties of the gateway, some manufacturers have initiated self-developed gateways (integrating the OTA Manager role).

5

Challenges of Automotive OTA

Despite the maturity of Telematics and communication technologies used in automotive OTA, it has not become as widespread as expected. There are primarily two major challenges:

The first is security considerations: opening the interface for reprogramming the vehicle’s embedded systems makes it more susceptible to hacking.

Understanding OTA in Three Minutes

In the movie “Fast and Furious 8,” all cars in New York City were remotely controlled by hackers, turning them into terrifying weapons and causing massive destruction.

New cars can technically be remotely controlled, just like in the movies. Electric vehicles with so-called “autonomous driving” or “assisted driving” features can actively accelerate, brake, and steer. Thus, these vehicles have the physical basis for being remotely controlled. Moreover, their OTA upgrade capabilities can control and rewrite the vehicle’s underlying control systems, allowing them to be remotely controlled without the owner’s consent.

Regarding the security of automotive OTA, a brief analysis can be made from two aspects: information security—primarily communication encryption, software package signature verification, update isolation, and security chips; functional safety—mainly including the startup condition judgments of the OTA Manager (vehicle status, etc.), pre-programming condition judgments for ECU upgrades, vehicle mode coordination, and upgrade scheme considerations (A/B method, etc.).

The second challenge is that the large number of variants and configurations in the automotive product line makes it difficult to provide safe and consistent updates for all existing combinations within a typical EEA (Electronic and Electrical Architecture).In addition to compatibility issues across different regions and versions, there are also factors such as rollback mechanisms and push/upgrade strategies. Initial design is one aspect, but the “know-how” accumulated during actual operations is critical.

6

Conclusion

From the overall technological development perspective, OTA services are a significant function of intelligent automotive technology, needed from user psychology to the after-sales maintenance of entire vehicle companies. This hot technology will drive the future integration of vehicles into the overall connected architecture, which is a trend of historical development. This technology will also become increasingly important as vehicle manufacturers gradually grasp software capabilities, network capabilities, and the full lifecycle of customer needs.

Authors: GAC Research Institute, Lü Weihua, Yin Wenjie

Editor: Chen Yehan

Understanding OTA in Three Minutes

Scan QR Code | Follow Us

Email | [email protected]

Website | www.sae-gd.org

Related posts

  1. Understanding IoT Gateways: A Comprehensive Guide
  2. Closed-Loop Control Scheme for LLC Resonant Converter Based on DSP
  3. Getting Started with Arduino WiFi Communication
  4. Understanding IoT Device Security Challenges and Solutions
  5. Download Links for RK3588 022A Android 13 Firmware
  6. Practical Knowledge of JSON Data in Embedded Systems
  7. Video Explanation: UART, I2C, and SPI Serial Communication Protocols
  8. Vehicle Ethernet Testing Solutions
  9. Techniques for Wiring and Fault Diagnosis of Elevator Bus-Type Intercom
  10. Automatic Switching Circuit Between External USB Power and Built-in Lithium Battery
  11. The Soul of Smart Cars
  12. Creating a Soulmate for Your LCD Touch Screen: A DIY Guide
  13. Understanding the Architecture of IoT Gateways
  14. Understanding IoT Gateways in 3 Minutes
  15. Top 10 Raspberry Pi Projects of 2019
  16. Reduce Docker Image Size by 99% with These Two Tricks
  17. Understanding IoT Platforms: A Comprehensive Guide
  18. Understanding IoT Application Protocols – CoAP Explained (Part 1)
  19. Is iPhone 11’s Resolution Really Poor?

Leave a Comment