Project description
Safe and secure software updates for mixed-criticality cyber-physical systems
Mixed-criticality cyber-physical systems (MCCPS) can be found in computer systems used in cars and railways. They need constant updates and repairs with the wireless delivery of new software or data for their everyday functionalities. Over the air software updates (OTASU) come with both functionality improvements and solving of bugs and threats but the updating processes cause problems in safety, security of user’s data or inconveniences. The EU-funded UP2DATE project aims to elaborate a new paradigm for safety and security (SASE) software updates of the MCCPS systems. Two cases of such novelty architecture will be tested by the consortium of knowledge generators (IKL, BSC, OFFIS), technology integrators (IAV, TTA), as well as end users of automotive and railway (MM, CAF) sectors.
Objective
Mixed-Criticality Cyber-Physical Systems (MCCPS) deployed in critical domains like automotive and railway are starting to use Over The Air Software Updates (OTASU) for functionality improvement, bug fixing, and solving security vulnerabilities (among others). But, OTASU entails several difficulties: 1) Safety including non-functional properties like real-time, functional safety, and energy-efficiency. 2) Security. OTASU creates entry points for hackers 3) Availability. During updates the system is not available. While this is just inconvenient for mainstream devices, this is not acceptable for critical MCCPS that must remain active during operation.
Additionally, computing performance needs are bigger and therefore complex hardware platforms based on multicore processors and accelerators are used in MCCPS. Such complex hardware platforms, software applications are subject to intricate dependences in their functional and non-functional behaviour.
For facing these two trends in MCCPS: OTASU and complex hardware platforms, that entails relevant research challenges, the UP2DATE project propose: a new software paradigm for SAfety and SEcurity (SASE) software updates for intelligent and resource intensive MCCPS, promoting a safety and security concept that builds around composability and modularity as main properties to enable a dynamic (post-deployment) validation of SASE properties.
A high quality and complementary consortium comprising knowledge generators (IKL, BSC and OFFIS) plus technology integrators (IAV and TTA) and two end uses from the automotive and railway sector (MM and CAF), will be able to test in two uses cases a new software architecture that will enable the runtime deployment of new (mixed-criticality) applications remotely (patching existing functions or extending the functionality) in heterogeneous computing platforms.
The total budget foreseen for this research project is around €3.8M.
Keywords
Programme(s)
Topic(s)
Funding Scheme
RIA - Research and Innovation actionCoordinator
20500 Mondragon
Spain