Network-connected devices often contain software that occasionally needs to be updated. For example, in vehicles, an Electronic Control Unit (ECU) controls a system or subsystem of the vehicle, and may occasionally need firmware or software updates.
However, to provide updates, security measures need to be implemented. In particular, it is undesirable for a network-connected device to receive updates from unverified sources. Such updates may contain malicious code that may be harmful to the network-connected device.
Further, security ensures that the update is only provided to intended network-connected devices. In particular, a device that is not a valid device should not receive the updates, as they may contain proprietary information.
Further, tampering of traffic between devices and the service may result in either party believing that the message was from the other one in reality an attacker crafted them. In this case, security should prevent such tampering of traffic between the devices and services.
Such security is typically provided based on certificates and keys used by the parties to the transaction to create secure messaging. One issue, however, is that network-connected devices may be deployed into the field without having credentials that would allow for the security described above.