What is Uptane?
Uptane, a Linux Foundation Joint Development Foundation project, is an open source, compromise-resilient software update system for vehicles. It uses layered defense mechanisms so would-be attackers need to overcome a hierarchy of access levels in order to do serious harm. By building these multiple levels into the security system, damage from any incursions—such as attackers compromising servers, bribing operators, or gaining access to vehicular networks—will be limited in how much damage they can cause. The Uptane framework is flexible and can be incorporated into the types of software update strategies already in use in the auto industry. Among other adoptions, Uptane is incorporated into the security programs of Automotive Grade Linux through the aktualizr C++ client implementation.
Initially developed under a grant from the U.S. Department of Homeland Security, Uptane was created by a team of researchers from the New York University Tandon School of Engineering in Brooklyn, NY, the University of Michigan Transportation Research Institute in Ann Arbor, MI, and the Southwest Research Institute in Austin, TX. It was formally standardized under a non-profit consortium called the Uptane Alliance on July 31, 2019, under the auspices of the IEEE/ISTO Federation.
Uptane website: https://uptane.org/
GitHub repository/code base: https://github.com/uptane/
Mailing list: uptane@googlegroups.com
Discord server: https://discord.gg/uWyT6gDCqx (join the #gsoc-2024 channel)
Mentors: Jon Oster (jon dot oster at toradex dot com), others
Contributors: 1-2
Project size: Large (350 hours)
Level of difficulty: Difficult
Aktualizr is an Uptane client written in C++, targeting embedded Linux systems. Uptane’s core functionality is securing and validating software updates in very security-sensitive and safety-critical systems. Aktualizr combines two important areas of functionality: implementing Uptane to actually validate software updates, and then installing those software updates. However, the mechanics of installing software updates on embedded linux systems are usually quite complex, so aktualizr hands software artifacts off to other installers/libraries after they have passed all Uptane security checks. To do this with maximal efficiency, it's usually important to integrate quite deeply with the system responsible for actually managing the system updates.
Currently, aktualizr only supports OSTree as a method of installing Linux OS updates (including kernel, initramfs, device tree, rootfs). There are other embedded Linux OS updaters, such as SWUpdate and RAUC, that are based on an A/B partition update scheme, a popular choice for embedded devices and automobiles. However, these projects do not yet support Uptane verification of their software updates.
This GSoC project would contribute to aktualizr to implement support for an A/B partition-based update method—preferably integrating with SWUpdate or RAUC. If you are interested in this project, study aktualizr's package manager interface, and the OSTree package manager implementation, and propose how you would implement a package manager that integrates with RAUC or SWUpdate.
Reach out to us in the GSoC channel on our Discord server for questions and details.
Key skills required: Systems-level programming in C++
Potential mentors: Jon Oster, Patti Vacek, Phil Wise, Rogerio Borin, Phil Lapczynski, Person-to-be-named-later from SWUpdate or RAUC project.
Contributors: 1
Project size: Large (350 hours) or Medium (175 hours)
Level of difficulty: Intermediate to difficult
The Uptane project has open-source implementations of the core back-end services required to operate an Uptane system at scale, with Scala implementations of a device registry, director server, and TUF image repo server. These services are used in real-world implementations, but generally require some expertise both to set up and to use. A simplified, docker-based method of deploying the services is available with OTA Community Edition, so a developer with sufficient experience can get a working base system. However, this system doesn’t have a UI, a key element for allowing ordinary users to interact with the system.
This GSoC project would develop a new, simplified UI from scratch and integrate it into OTA Community Edition, allowing users evaluating Uptane to use the entire system. It should also include a robust test suite for all areas of functionality, to ensure that any upstream changes in the core services don’t break the UI.
It can be difficult to spin up a full instance of the back-end services, so for the purposes of this project proposal you may assume that there is a working public instance available to develop against; Uptane project maintainers will assist you in ensuring it remains available. However, be aware that there very limited API documentation available for OTA Community Edition, so you will need to be comfortable reading some existing source code in order to learn the API. You can do this either by reading the source code of the actual services (in Scala), or by looking at an existing front-end implementation that targets a very similar–but not necessarily identical–back-end API.
For this project, your proposal should indicate how you plan to learn the API. Your mentor will be able to assist in understanding the API, but you shouldn't expect that they will document the API for you.
Feel free to submit a medium or large proposal, depending on how extensive you expect your UI design to be. For only basic functionality (i.e. upload a package, create a software update, view vehicle manifest details, etc.) we think this could be a medium project; for a UI that is more extensive, it is likely Large.
Key skills required: Front-end/UI development, automated testing, CI/CD
Potential mentors: Jon Oster, Temi Adeyeri, ???