Secure decommissioning
There are several events in which a single ECU or the whole vehicle needs to be decommissioned.
Such events include replacing a defective ECU, disposing of a vehicle involved in a major accident or simply when it reaches end-of-life. Besides decommissioning scenarios, having the ability to securely erase user private data arises in events such as the transfer of vehicle ownership and returning a rented car.
To ensure that user private data and intellectual property of the OEM or supplier is not exposed during these events, the vehicle needs to support routines for the deletion or destruction of such confidential data. A common technique to support secure decommissioning is to ensure that all such data is encrypted. Then, by destroying the encryption key, the data becomes practically unusable. Another technique involves securely deleting all private data by identifying and then erasing all copies of the data inside an ECU. This option is harder to achieve...
