Excelfore and Red Hat standardize automotive OTA updates


Most automakers measure success by their ability to manufacture great cars and trucks. However, today’s connected vehicles provide a game-changing possibility: adding new features or augmenting existing functionality after the cars and trucks roll off the factory floor. The key to this perpetual product improvement is over-the-air (OTA) updates. These software updates allow original equipment manufacturers (OEMs) and suppliers to continuously increase the quality of vehicles by upgrading high-level software as well as low-level code on the electronic control units (ECUs) and other onboard modules.

Automakers can achieve a competitive advantage with OTA

This capability for ongoing innovation in the automotive product life cycle has disrupted the industry. OTA updates—which are released from some of the leading makers of electric and connected vehicles once a month or more—can make cars safer, improve their performance and handling, and add differentiating capabilities. Plus, it all happens while the vehicles are on the road. Car manufacturers who fail to take advantage of connected technology and the capabilities for continuous vehicle improvement that it provides risk falling behind those that do.

While many updates deliver enhancements to features such as navigation systems, others address software issues in critical systems like anti-lock brakes. These OTA updates can happen either transparently or as downloads initiated by the vehicle owner. However, this process is currently executed in various forms and without any common industry standard. The many protocols have led to a fragmented market. 

eSync Alliance: Leading an OTA standard

One of the organizations championing a common OTA industry standard is the eSync Alliance. As its primary goal, the alliance is working to build a standardized bidirectional data pipeline between the cloud and all in-vehicle ECUs and sensors. Its core technology working group (TWG) has a number of functions, which include:

The goal of eSync Alliance is to allow all companies in the automotive value chain to participate in OTA, including companies that have yet to partner with an OTA vendor or have not already created an in-house solution. Ultimately, the eSync Alliance wants to create one standard that spans cloud-to-car-to-device connectivity, vehicle gateways, data management, and middleware with end-to-end cybersecurity. Standardization will allow players in the automotive industry to reach any eSync-compliant module—such as telematic control units (TCUs), ECUs, in-vehicle infotainment systems, and advanced drivers assistance systems—across boundaries of the various in-vehicle networks.

image container Figure 1. The eSync Alliance is leading an initiative to standardize OTA and specify compliance across the automotive electronics ecosystem

Open source boosts standardization

According to the 2020 Open Source Security and Risk Analysis Report, 99% of all commercial code bases audited contained one or more open source components. This widespread adoption is due in part to how open source allows developers to focus on innovation rather than having to reinvent common functionality. In fact, common functionality makes up a total of 70% of audited open source code bases. Open source software and standardization is also inherently more secure, compared to its proprietary counterparts, because when everyone can access the code, threats can be discovered and patched more quickly.

For the automotive industry, cloud-native application development with open specifications and application programming interfaces (APIs) has allowed companies to develop and release applications much faster. Accelerated development means quicker time-to-market, which helps automakers differentiate themselves from their competition through new applications and services.

Red Hat is working with the eSync Alliance to use containers and the hybrid cloud for OTA updates through the eSync OTA platform. The collaboration will accelerate automotive industry innovations, such as shifting to zonal controllers, introducing Linux® in the car, increasing open source standardization, and developing container-based approaches. 

A hybrid cloud approach: Develop and deploy anywhere

A hybrid cloud strategy delivers interoperability, workload portability, and flexibility in your choice of infrastructure. It allows companies to simplify the application development efforts and portability challenges of using one or more public clouds in combination with a private cloud or on-premise resources. It also allows cloud-native applications and traditional software to be developed and delivered regardless of the underlying infrastructure.

In this way, a hybrid cloud approach can provide a strong foundation for the open eSync OTA platform, enabling a more secure, bidirectional server-client-agent architecture. This platform makes it possible not only to push software updates more securely to the vehicle but also to pull data from the vehicle into the cloud.

image container Figure 2. Open source innovation vs. vertical integration: The eSync platform replaces a patchwork of point solutions with interoperability and standardization

The eSync server communicates with in-vehicle clients via a content delivery network (CDN), which allows for efficient scaling across a large number of vehicles as well as their geolocation. The client aggregates all information provided by the agents within the vehicle. It also verifies updates received from the server and directs them toward the appropriate agents.

Containerization and a hybrid cloud approach support standardization

Linux-based containers and Kubernetes orchestration enable abstraction of an application from the underlying compute resources. They achieve this by packaging only the application and required libraries, making them small in size and quick to start. They can be deployed to any environment with a compatible container runtime. These characteristics make Linux-based containers extremely flexible and transportable.

The eSync server has been implemented both as a containerized and a non-containerized application. It can be deployed in any cloud, whether public or private, using a container orchestration platform such as Red Hat OpenShift®. And because Red Hat OpenShift is cloud agnostic, the eSync platform can benefit from a hybrid cloud approach.

Additionally, deploying the eSync server on top of Red Hat OpenShift makes it possible to develop and deploy all software on a single platform.

Containers come to cars

Currently, software that runs in the car is tied to the underlying hardware, which presents some pitfalls. For instance, since containers comprise self-contained entities, they can ship with the latest features and patches. Containers also allow development teams to develop applications without requiring access to the target hardware, which enables simultaneous engineering and reduces time to market. Containers further simplify testing because they are lightweight and can be deployed much faster. The eSync platform provides a pipeline through which containers can be brought into the car with the required security.

A more secure and extensible data pipe between the cloud and vehicles

The eSync platform provides a single conduit through which the server can push and pull data to and from the vehicle. It encrypts all traffic end-to-end and compresses it using the eSync Adaptive Delta Compression Engine, which allows for larger transmissions while also reducing transmission times and costs. The eSync server is also easily extensible because it is built around a representational state transfer (REST) API. The Excelfore eDatX data aggregation platform, for example, ingests and aggregates data from the vehicle and makes it consumable for other third-party providers.

As vehicle connectivity grows and demand for embedded solutions increases, the risk of cyber attacks against connected vehicles increases. The World Forum for the Harmonization of Vehicle Regulations, known as WP.29, defines automotive cybersecurity regulations. It proposed the use of universal identifiers for software components, such as update packages containing the actual firmware. It will also verify that the updated component was sent to the right device, identify any regulatory requirements and software dependencies, and verify calibration and configuration. WP.29 also requires an audit trail so that all stakeholders, e.g., government agencies, OEMs, auto dealers, software integrators, and Tier 1 partners, have some level of access to verify what happens when software updates are sent to an individual vehicle. 

The eSync platform will comply with the WP.29 regulations. For more information about WP.29 regulations, visit this publication from the United Nations Economic Commission for Europe (UNECE)

The container approach spans offboard and onboard

The architecture consists of embedded vehicle onboard and offboard back-end functionality.

The back end consists of an eSync platform that is made up of an OTA-server running on Red Hat OpenShift. Offboard, the eSync client runs on the gateway ECU, while agents in the vehicle run on ECUs or zonal or domain ECUs or sensors. The container approach in the offboard world can extend to onboard in the car. At a minimum, however, this requires a POSIX-compliant operating system for the gateway ECU to run and stop containers with a lightweight container runtime like Podman.

image container Figure 3. Logical components of vehicle onboard and offboard architecture and the respective eSync and Red Hat technologies


Excelfore and Red Hat bring the eSync standard to real-world OTA projects

Excelfore is working to increase the value of automotive data through innovative platforms for connected cars, electric vehicles, and autonomous vehicles. It is also using its real-world domain expertise to make the vision of an industry-wide OTA standard a reality. As one of the five founding companies in the eSync Alliance, Excelfore has pioneered a full implementation of the eSync bidirectional pipeline for OTA updates and data gathering. 

As a key technology contributor to this effort, Red Hat provides expertise in open APIs, which enables interoperability and faster time to market. Building on its experience with cloud-to-edge connectivity, Red Hat offers technologies for in-vehicle scaling and managing device dependencies. Red Hat OpenShift offers efficient cloud-native application development best practices, including a microservices architecture approach, with deployed applications built ready for production use in a hybrid cloud environment. 

With more than 25 years of advocating and supporting the open source approach and open standards, Red Hat makes an ideal partner for this commercialization. Red Hat is an active technical participant in many industry standards consortia and software foundations,1 allowing the company to create innovative solutions and champion best practices in open collaboration and co-creation across the ecosystem. Red Hat further complements Excelfore’s efforts to deploy the eSync standard because both companies consider a worldwide OTA standard to be an essential feature of cars of the future. A standardized data pipeline will allow the current fragmented market to focus on innovation.


Red Hat is working with Excelfore and the eSync Alliance to enhance the open OTA standard that will work across hybrid cloud environments. Red Hat provides an open source technology foundation that delivers a unified development experience, while the eSync platform bridges the gap from the cloud to the vehicle and across technology barriers to its electronic components.

Open source software and Red Hat’s expertise in areas such as APIs and the hybrid cloud will help the eSync Alliance as it develops a strategy for OTA standardization. This collaboration will facilitate commoditization of the core OTA technology and developer tooling and increase opportunities for innovation. Together, Red Hat and the eSync Alliance will work to increase standardization and options for running containers in the car to further speed time to market and reduce cost.

To learn more, talk to a Red Hatter today.

Red Hat Open Source Program Office. Accessed Mar. 2021.