Exploring software security controls
Now that we have previewed some of the commonly used security controls in automotive ECUs, we can switch focus to software security controls. As we will see, many of these controls are built on top of hardware security primitives and aim to provide more sophisticated security mechanisms that hardware alone cannot offer.
Software debug and configuration management
Building on hardware debug access protection, it is equally important to eliminate and/or restrict access to software debug tools. It is common for developers to use a wide range of such tools to aid in troubleshooting and testing the ECU prior to production. A common mistake is to leave these tools in the ECU even after the product is shipped. In MCU-based ECUs, these tools range from proprietary diagnostic protocols that are used in factory mode to trace tools that log extensive error codes to pinpoint the file and line of code where an error occurred, to standard calibration protocols...
