Research on the regulatory framework and full-chain security protection scheme for OTA updates of intelligent connected vehicles

Research on the regulatory framework and full-chain security protection scheme for OTA updates of intelligent connected vehicles

연구 분야: Cryptography

학회: CSAIDE '25: Proceedings of the 2025 4th International Conference on Cyber Security, Artificial Intelligence and the Digital Economy

With the acceleration of the intelligentization process of new energy vehicles, software updates based on OTA technology have emerged as a crucial paradigm in the full lifecycle management of vehicles. This study conducts a systematic analysis from two dimensions: regulatory compliance and cybersecurity. Firstly, by dissecting domestic and international standards such as UNECE R156 and GB "General Technical Requirements for Software Update of Vehicles" it proposes a compliance framework encompassing enterprise-level process control and vehicle-level technical implementation, with a focus on establishing two core mechanisms: software update development management processes and vehicle model development implementation. Secondly, the study analyzes the security risks associated with OTA updates across the "cloud-communication-vehicle" chain and proposes constructing a full-link security protection system through technologies such as cloud-based dynamic key management, full-chain encryption of communication channels, and a trusted root on the vehicle-side hardware. The research findings provide actionable technical pathways for compliant operations and security practices in OTA updates for intelligent connected vehicles.