A Lightweight Zero-Trust Architecture for Secure Over-the-Air (OTA) Updates in Connected Vehicles
Author(s): Srinivasa Sandilya Jandhyala
Publication #: 2605013
Date of Publication: 11.04.2026
Country: United States
Pages: 1-5
Published In: Volume 12 Issue 2 April-2026
DOI: https://doi.org/10.62970/IJIRCT.v12.i2.2605013
Abstract
The rapid evolution of Software-Defined Vehicles (SDVs) has cemented Over-the-Air (OTA) updates as a critical mechanism for deploying feature enhancements and security patches. However, this hyper-connectivity introduces severe vulnerabilities, particularly when transmitting executable firmware across legacy, resource-constrained internal vehicle networks. Traditional enterprise Zero-Trust Architectures (ZTA) are computationally prohibitive for standard Electronic Control Units (ECUs). This paper proposes a novel, Gateway-Centric Lightweight Zero-Trust Architecture tailored for connected vehicles. By centralizing heavy cryptographic verification at the vehicle gateway and deploying ultra-lightweight hash chains for internal bus transmission, this framework secures the "last mile" of OTA delivery. The proposed model bridges the gap between the computational realities of edge ECUs and the stringent cybersecurity mandates of UNECE WP.29 (R156) and ISO/SAE 21434, ensuring firmware integrity without inducing latency that compromises vehicle safety systems.
Keywords:
Download/View Count: 22
Share this Article