Drivers have many opportunities to personalize their vehicles according to their preferences. For example, a user may download files off of the Internet or from a computer, and then save the files on a vehicle control module. Specifically, a user may download files such as, for example, music files or navigational files, and then save the files on the infotainment control module of his or her vehicle. However, sometimes these files may not always be downloaded from trustworthy sources, and may have issues with integrity and authenticity.
Another challenge that may occur in the area of vehicle electronics is the issue of multiple files that are each programmed by different suppliers or sources, and integrated into a single vehicle control module or multiple vehicle control modules. Specifically, the vehicle control modules may contain various files that are each created by a different source, where the files may be linked together as tightly coupled files that are part of a software package. For example, the tightly coupled files that are part of a software package may include a first file that contains an algorithm for the airbag control module, and a second file that includes calibration information that defines when an airbag associated with the airbag control module will deploy. In another example, a single monolithic image that corresponds to a vehicle control module may be too large, and therefore needs to be segmented into discrete separate files. However, each file included with the software package needs to be evaluated for authentication and integrity. It should also be noted that updates, new features, or other types of changes may be made to some of the files at a later time as well.
Several approaches currently exist for evaluating each of the files that are part of the software package. For example, a digital signature that is associated with a set of tightly coupled files may be used to authenticate the files. However, the files need to be re-signed again with another digital signature if the files are included in another application such as, for example, a different vehicle line, or for applications in different regions of the world. Accordingly, it is desirable to provide a system for authenticating multiple files using an approach that is re-useable and that may be integrated with multiple vehicle control modules.