Sandia National Laboratories’s S-FOTA uses an active authentication Digitally Unclonable Function (DUF) to consolidate, simplify and enhance the integrity and authenticity of firmware updates. It reduces the cost of deploying, managing, securing the firmware by eliminating the complexity of existing services.

DUF technology is used to authenticate the firmware sender’s identity that is unique to the designated hardware containing a randomly generated static pattern (Random DUF Pattern – RDP), unknown and unknowable by anyone. A DUF engine/processor acts as a “black-box engine” that scrambles/modifies the input data with the unique RDP and then applies a one-way hash function to the data to prevent any chance of reverse engineering. This hashed value of scramble/modified data (DUF Signature) is sent to the authenticating vehicle, along with the original input data in clear text. The vehicle will reprocess the clear-text input data through its own identical DUF engine/processor. If the DUF Signature from the sending device matches the DUF Signature generated by the receiving vehicle, the authenticity and integrity of firmware is verified and checked.