machdaddy

Member
Joined
Feb 8, 2020
Messages
13
Reaction score
3
Location
USA
Vehicles
2021 Ford Mustang Mach E Premium reserved
Country flag
I'm glad Ford finally provided an update with this important feature that I feel should be part of the new norm for vehicles. Going to a dealership to do a service advisory software upgrade for the infotainment system on my 2016 Honda Civic took 2 hours. That's archaic.
 

timbop

Well-Known Member
First Name
Tim
Joined
Jan 3, 2020
Messages
582
Reaction score
524
Location
New Jersey
First Name
Tim
Vehicles
2015 Mustang Convertible, 2016 Dodge Durango
Occupation
Software Engineer
Country flag
I'm glad Ford finally provided an update with this important feature that I feel should be part of the new norm for vehicles. Going to a dealership to do a service advisory software upgrade for the infotainment system on my 2016 Honda Civic took 2 hours. That's archaic.
Just to play devil's advocate, having OTA opens up a giant security hole that dealer installed or "thumbdrive" updates do not.
 

machdaddy

Member
Joined
Feb 8, 2020
Messages
13
Reaction score
3
Location
USA
Vehicles
2021 Ford Mustang Mach E Premium reserved
Country flag
Just to play devil's advocate, having OTA opens up a giant security hole that dealer installed or "thumbdrive" updates do not.
True but mitigate-able by way of md5/md6/sha cryptographic hashing validated through a ford update server comparing the official release hash check against the downloaded firmware residing in the car. This can be secondarily checked against an update table, or other validation techniques like flags baked into the firmware that Ford expects to see.
 

pbojanoski

Well-Known Member
First Name
Peter
Joined
Jan 4, 2020
Messages
381
Reaction score
416
Location
Pennsylvania
First Name
Peter
Vehicles
Mazda RX-8
Country flag
True but mitigate-able by way of md5/md6/sha cryptographic hashing validated through a ford update server comparing the official release hash check against the downloaded firmware residing in the car. This can be secondarily checked against an update table, or other validation techniques like flags baked into the firmware that Ford expects to see.
I'm sure Ford will keep it secure, just like I assume Tesla does. Obviously, there is never anything that can be deemed 100% secure. At that point, you have to ask yourself the likelihood of mass infiltration or why someone would go out of their way to single out you. I assume the chances of either of those happening is extremely small, but it's not zero, unfortunately.
 

Mach Dad

Active Member
First Name
Jeffrey
Joined
Jan 29, 2020
Messages
27
Reaction score
25
Location
Oxford, MI
First Name
Jeffrey
Vehicles
2010 Ford Fusion Hybrid, 2014 Ford Explorer
Occupation
Consultant
Country flag
Two things I take from this announcement.

The whole 2 min to download is just silly. Sure if the update is small it could take 2 mins. If its bigger it could take more time. I dont see anyone buying the car because of the 2 min claim.

The idea of OTA is great and I know Ford is really pushing this as a feature of the Mach E. In reality this could and should become standard for all their vehicles. Let's hope they embrace it product wide going forward. The only issue for ICE is you might need to have it running to have the appropriate systems available.
 

hybrid2bev

Well-Known Member
Joined
Dec 4, 2019
Messages
396
Reaction score
660
Location
USA
Vehicles
2017 C-Max Hybrid
Country flag
Two things I take from this announcement.

The whole 2 min to download is just silly. Sure if the update is small it could take 2 mins. If its bigger it could take more time. I dont see anyone buying the car because of the 2 min claim.
It’s two minutes to install the update not download.

“Updates can be activated in under two minutes”
 

timbop

Well-Known Member
First Name
Tim
Joined
Jan 3, 2020
Messages
582
Reaction score
524
Location
New Jersey
First Name
Tim
Vehicles
2015 Mustang Convertible, 2016 Dodge Durango
Occupation
Software Engineer
Country flag
True but mitigate-able by way of md5/md6/sha cryptographic hashing validated through a ford update server comparing the official release hash check against the downloaded firmware residing in the car. This can be secondarily checked against an update table, or other validation techniques like flags baked into the firmware that Ford expects to see.
All of which just make it harder to hack, and not impossible. Particularly if quantum computing continues to develop.
 

timbop

Well-Known Member
First Name
Tim
Joined
Jan 3, 2020
Messages
582
Reaction score
524
Location
New Jersey
First Name
Tim
Vehicles
2015 Mustang Convertible, 2016 Dodge Durango
Occupation
Software Engineer
Country flag
Two things I take from this announcement.

The whole 2 min to download is just silly. Sure if the update is small it could take 2 mins. If its bigger it could take more time. I dont see anyone buying the car because of the 2 min claim.

The idea of OTA is great and I know Ford is really pushing this as a feature of the Mach E. In reality this could and should become standard for all their vehicles. Let's hope they embrace it product wide going forward. The only issue for ICE is you might need to have it running to have the appropriate systems available.
Right, but as Hybrid2bev said the download os saved "off to the side" while the car is running. It won't be until later when the car is turned on (or some other "safe" state) that the new software can be activated; until then you will continue to drive down the road on the old software. Current supposition is that it follows a partitioning scheme wherein the current software is in one partition and the next version is downloaded into another. To activate, a pointer is merely flipped at startup to the new partition and that is the software that boots. A failsafe mechanism is in place if the new software doesn't successfully load/start, then the pointer is flipped back automatically to prevent the car from "bricking".
 

machdaddy

Member
Joined
Feb 8, 2020
Messages
13
Reaction score
3
Location
USA
Vehicles
2021 Ford Mustang Mach E Premium reserved
Country flag
Right, but as Hybrid2bev said the download os saved "off to the side" while the car is running. It won't be until later when the car is turned on (or some other "safe" state) that the new software can be activated; until then you will continue to drive down the road on the old software. Current supposition is that it follows a partitioning scheme wherein the current software is in one partition and the next version is downloaded into another. To activate, a pointer is merely flipped at startup to the new partition and that is the software that boots. A failsafe mechanism is in place if the new software doesn't successfully load/start, then the pointer is flipped back automatically to prevent the car from "bricking".
This is precisely correct, at least how computer motherboards with dual BIOS image storage (like gaming motherboards) and network routers/switches work. I would say that there should be a factory default firmware image in the Programmable Read Only Memory (PROM) and then two partitions in the flash storage. The first for the current firmware image and the second for the upgrade image to be utilized on next boot. That way, the car can never be "bricked".

About your comment about quantum computing, I would be much more worried about quantum computing breaking the certificate authorities chain of trust (by fake certificate impersonation or MITM attack) that we rely on for secure banking, trade and communications far more than my car firmware. We have much bigger problems if we get to that point. 😵
 

ab13

Active Member
Joined
Feb 17, 2020
Messages
38
Reaction score
21
Location
California
Vehicles
Rav4 Hybrid
Country flag
I'm sure Ford will keep it secure, just like I assume Tesla does. Obviously, there is never anything that can be deemed 100% secure. At that point, you have to ask yourself the likelihood of mass infiltration or why someone would go out of their way to single out you. I assume the chances of either of those happening is extremely small, but it's not zero, unfortunately.

Tesla has been hacked more than once. Lucky for them it was not Blackhat hackers.

https://www.usatoday.com/story/tech/2017/07/28/chinese-group-hacks-tesla-second-year-row/518430001/
 

zhackwyatt

Well-Known Member
Joined
Dec 18, 2019
Messages
210
Reaction score
223
Location
Arizona
Vehicles
'13 C-Max
Country flag
True but mitigate-able by way of md5/md6/sha cryptographic hashing validated through a ford update server comparing the official release hash check against the downloaded firmware residing in the car. This can be secondarily checked against an update table, or other validation techniques like flags baked into the firmware that Ford expects to see.
Technically you wouldn't use a hash, you would use a digital signature (which makes use of a hash).

The updates, or ability to update, are not the security problem. It's the active network connection that is the problem. Even if they didn't offer the update ability, the connection will still be there for maps, charger status, telemetry, etc. You can't make anything 100% secure, but you can do due diligence and design the system in a secure manner/architecture.
 

EVer

Active Member
Joined
Apr 21, 2020
Messages
42
Reaction score
68
Location
California USA
Vehicles
Tesla Model 3 Performance, Ford F150, Chevy Volt <- looking to replace with MachE
Country flag
All the big hacking energy is going after JEDI, anyway.
 
Top