he next step in the evolution of IT based product lines like automotive head units will be the selection of performance features of runtime not compile time. Thereby a single unified firmware image will be created, delivered and installed on every device of a product line. Thus, a great saving potential result for all involved in the production as well as in customer processes and 1st level support.
However there is the risk of unauthorized changes of the models and that intellectual property as well as the business strategy are at risk for this product line. Furthermore, the mixing of firmware images of different model versions may cause unpredictable side effects on the device security, if there are differences in the hardware as well.
With the presented solution, it is possible to deliver the single features individually encrypted in one unified firmware image. The firmware and device authentication as well as the data decryption and product line configuration take place on the model number basis automatically every time the device gets started.
For the protection of the model number and the encryption key as well as for the authentication a Trusted Platform Module (TPM) is the fall back, which acts as a trust anchor in the end device. Therefor the level of protection for this functionality is particularly high and the risks of runtime product lines will be minimized.