• Software over-the-air (SOTA) 
• Firmware-over-the-air (FOTA) 
• Over-the-air service provisioning (OTASP) 
• Over-the-air provisioning (OTAP) 
• Over-the-air parameter administration (OTAPA) 

Here are some other subtopics we will cover in this article:

• • How do OTA updates work? 
  • How do connected cars get updates?
  • Why would my car need a software OTA update?
  • How to address over-the-air automotive security challenges?
  • What company makes the security technology for OTA updates?
  • Additional resources around OTA updates

How do OTA updates work? 

A device management system operated by the manufacturer issues a new software or firmware update. The update is uploaded to the cloud where it is queued, downloaded, and verified by the target device over a cellular or mobile connection. Once verified, the device typically triggers an alert that prompts the owner to approve or decline the update. After confirming approval—whether manually or automatically—the system installs the update and sends back diagnostic information to the manufacturer.

Software over-the-air updates are now quite common in the automotive market, with major vehicle manufacturers routinely rolling out SOTA upgrades for infotainment and navigation systems. SOTA can also update software controlling a vehicle’s physical components or electronic signal processing systems. In contrast to SOTA, firmware-over-the-air upgrades have only been implemented at scale by a small number of automotive manufacturers, including Tesla and NIO. This is because FOTA updates typically demand more computing power, faster mobile connections, and higher levels of security. 

Most automakers are already designing vehicle hardware to support software updates. This enables manufacturers to shift to a revenue model that is based on services—rather than a one-time sale of a car or truck. According to Gartner analysts, half of the top 10 global automakers will offer unlocks and capability upgrades via software updates by 2023. It should be noted that Tesla began monetizing OTA upgrades in 2019 when it offered Model 3 owners an acceleration boost—from 4.6s to 4.1s—for $3,000. 

How do connected cars get updates? 

Most cars with infotainment systems can receive software updates. Some automotive operating systems, such as BMW’s OS 7/8, Mercedes MBUX, and Tesla, continuously scan for OTA updates in the cloud. Once identified, the update is downloaded, verified, and run by the telematics control unit (TCU) of a connected vehicle. 

TCUs wirelessly connect cars and trucks to cloud services and other vehicles with V2X standards over a cellular network (4G/5G). The TCU also collects essential vehicle telemetry data, including geographical position, speed, vector, engine information, and connectivity strength. 

Why would my car need a software OTA update? 

OTA updates—which improve the driving experience and create safer roads—are delivered remotely and do not require a trip to a dealership or mechanic. These updates can be grouped into two primary categories: infotainment and drive control.

Infotainment updates refresh map information, upgrade audio capabilities, and optimize user interfaces, streaming services, and apps. Although infotainment updates significantly improve the in-car experience, they are not mission-critical. 

In contrast, drive control OTA updates directly affect the ability of a vehicle to operate safely and efficiently. These updates typically include system enhancements or fixes for powertrain systems, chassis systems, brakes, and advanced driver assistance systems (ADAS). Drive control OTA updates—which may also improve range and charging for electric vehicles (EVs)—are generally considered critical or required. 

Most automakers have already updated new vehicle hardware to support software updates. For example, Tesla pre-designs hardware and software to accommodate future function expansion requirements. New functions, along with full lifecycle updates, are introduced at a steady cadence via software upgrades. 

How to address over-the-air automotive security challenges? 

Unsecured automotive over-the-air updates are susceptible to multiple threats and attacks such as spoofing, tampering, repudiation, escalation of privileges, and information leakage. These threats can be mitigated by encrypting software updates; using a signed certificate containing the public key of the entity requesting the update; digitally signing updates after encryption; securing all network transactions with TLS public key authentication (signed by a trusted Certificate Authority); and (clients) performing hostname verification to ensure they are connecting a verified server. 

Additional mitigation techniques include only delivering updates to authorized devices; the tamper-proof logging of all important events; the initialization of SOTA/FOTA updates with a secure boot mechanism; software update systems that are designed to “fail gracefully” in the case of a denial-of-service (DoS) attack; the utilization of anti-malware protection such as whitelists and in-memory protection; and ensuring that compliant SOTA/FOTA software update systems clear all shared resources of sensitive data and keys that were temporarily stored during software updates. 

In addition to the above guidelines, the National Highway Traffic Safety Administration (NHTSA) has published official OTA update recommendations in its “Cybersecurity Best Practices for the Safety of Modern Vehicles” report. According to the NHTSA, vehicle manufacturers should: 

• Maintain the integrity of OTA updates, update servers, the transmission mechanisms, and the updating process in general. 
• Take into account, when designing security measures, the risks associated with compromised servers, insider threats, men-in-the-middle attacks, and protocol vulnerabilities. 

What company makes the security technology for OTA updates? 

Rambus automotive embedded hardware security modules (HSMs) can help manufacturers adhere to the NHTSA’s recommendations. In addition to securing SOTA/FOTA upgrades, these HSMs provide secure boot, secure debug capabilities, and work with other security functions such as MACsec, IPsec, and TLS embedded protocol engines to protect network traffic in cars. To operate properly, components such as electronic control units (ECUs) and other systems must run the manufacturer intended firmware—without tampering. A root of trust ensures firmware is valid and can be securely updated when needed. 

Rambus offers embedded HSM (root of trust) variants for both ASIL-B (RT-640) and ASIL-D (RT-645) that are specifically designed for the functional safety requirements of ISO 26262, an international automotive electronics system standard. The Rambus RT-640 Embedded HSM recently received Automotive Safety Integrity Level B (ASIL-B) ISO 26262 certification. Certified ASIL-B compliance is a critical requirement for automotive manufacturers and their suppliers to ensure vehicle systems meet necessary safety levels. Integrated into an automotive SoC, the ASIL-B certified RT-640 silicon IP design provides powerful cryptographic functions, state-of-the-art safety mechanisms, and anti-tamper technologies to protect critical automotive electronics and data. 

From a holistic perspective, Rambus end-to-end security solutions comprise a tightly integrated ecosystem that enables simple, rapid, and secure integration into automotive supply chains. Chips and devices can be securely provisioned at the time of manufacture with CryptoManager Provisioning and securely managed through cloud-based services over the entire lifetime of a vehicle. The cloud-based Rambus CryptoManager Device Key Management platform also enables automakers and partners to deliver Feature-as-a-Service (FaaS) by leveraging provisioned cryptographic keys and identities. 

Additional Resources:

– Other blogs around Over-The-Air updates (OTA):
1. Securing connected vehicles with Rambus CryptoManager
2. Securing intelligent transportation systems
3. How not to get pwned @ automotive cyber-security
4. Securing chips for the IoT
5. Mitigating DDoS attacks with secure IoT endpoints
6. The challenge of securing smart homes
7. Hack the planet: Security concerns about the IoT

– White Paper: Navigating the Intersection of Safety and Security 

– Market page: Automotive Solutions 

– Products for Automotive Applications: 

• RT-640 Embedded HSM ISO 26262 ASIL-B 
• RT-645 Embedded HSM ISO 26262 ASIL-D 
• MACsec Protocol Engines 
• IPsec Protocol Engines 
• MIPI CSI-2 Controller 
• MIPI DSI-2 Controller 

“In an invited paper, Rambus presented an overview of lensless smart sensors that rely on phase-modulated diffraction gratings above a conventional imaging array. Compared to a lens, this More-than-Moore diffraction grating, seen in Figure 6, can be designed for wide wavelength bands and has a lower profile for thinner sensors,” the publication stated.

“Results were presented in the context of point range finding, eye tracking and occupancy detection applications. While the raw images appear incomprehensible to the human eye, image reconstruction is possible, but the end application information can also be derived directly from the raw data itself, using the known point-spread function.”

As we’ve previously discussed on Rambus Press, lensless smart sensors enable a new approach to optical sensing that delivers on package, power and price by replacing traditional lenses with tiny diffractive optics. In addition, LSS operates in visible and thermal wavelengths, offering significant size and cost advantages versus standard thermal imaging modules. With the addition of these new capabilities, LSS can replace traditional thermal lenses with optical gratings that are significantly less expensive, enabling adoption of LSS thermal and visible sensing into a broad range of IoT applications including automotive, virtual and augmented reality and smart home use cases.

In terms of the latter category, smart buildings and homes are steadily moving beyond traditional structures and evolving into complex, connected systems designed to optimize efficiency, productivity, comfort and safety for their occupants. With its tiny form factor, low power, low cost and wide field of view, LSS is an ideal sensing solution for building automation systems and can be easily integrated into smart LED bulbs, commercial light fixtures, or an unobtrusive discrete sensor pack to feed.

Moreover, LSS is capable of detecting and interpreting activity within a space at a size and performance previously unattainable with existing building sensing technologies, all without compromising privacy. The data about the general activity and number of occupants in the area can be used to intelligently trigger environmental systems, monitor traffic flows and optimize area usage, reducing the environmental impact, along with operating and maintenance costs.

Interested in learning more about lensless smart sensors? You can check out our LSS product page here and our article archive on the subject here.

“The same way that touchscreens eclipsed the PC mouse, gesture and eye tracking sensors will transform the way people interact with machines, systems and their environment,” said the analyst. “[For example], healthcare professionals are relying on these sensors to move away from subjective patient observations and toward more quantifiable and measurable prognoses, revolutionizing patient care.”

As Orr points out, eye tracking sensors can help detect concussions and head trauma, identify autism in children even before they are speaking and enable vision therapy programs for early childhood learning challenges to retrain the learned aspects of vision. Similarly, gesture sensors are already translating sign language into speech, providing doctors a means to manipulate imaging hands-free during surgical procedures, while offering a natural way of navigating through virtual experiences.

“Healthcare is only one industry poised to benefit from reinventing the user interface,” adds Orr. “The larger competitive ecosystem for perceptual sensors is forging opportunities in consumer appliances, autonomous driving, musical instruments, gaming, retail and even hazardous locations.”

Commenting on the above, Patrick Gill, a Principal Research Scientist at Rambus, told us that human eyes have historically been perceived as “windows” into the soul.

“This is how the old saying goes, although it actually turns out that quantitative assessment of eye movements in patients can reveal a lot about their mental state. Indeed, the ABI Research report discusses how eye tracking might be used to monitor a patient’s mental state,” said Gill. “This type of monitoring would probably be best implemented with hardware that has light, unobtrusive optics; is operable with a small, light battery; and complies with US healthcare regulations stipulating that no focusing cameras may be used in a way where they could conceivably violate patient privacy in a hospital setting.”

Gill adds that he was particularly interested to learn about medical applications of eye tracking, especially since Rambus lensless smart sensors (LSS) can optically measure the axis of an eyeball without ever producing a focusing image.

Interested in learning more about Rambus lensless smart sensor technology? You can check out our LSS product page here.

A number of prominent individuals were invited to speak at the event, including Rambus CMO Jerome Nadel.

Nadel, who has an extensive background in both design and marketing, told forum attendees the two are intertwined and should not be thought of as disparate entities.

“Traditional marketers are primarily concerned with formulating strategy, generating content, increasing traffic, tracking lead generation, quantifying analytics and closely following reporting,” Nadel explained. “Meanwhile, designers are typically focused on emphasizing, defining, ideating, prototyping and testing.”

Rambus’ approach, says Nadel, blends strategy and design, a combination that is particularly important in the evolving semiconductor space where differentiation is a must. As an example, Nadel highlighted Rambus’ lensless smart sensor (LSS) technology, which was developed to help enable the next-generation of low-power sensing for consumers. At one millimeter thin, these thermal and visible light sensors are small enough to integrate directly into existing devices and applications, including digital eyewear, smart homes, VR and AR, as well as automotive.

To develop and explore potential use cases for LSS, Rambus collaborated with design firms IXDS and frog in the context of a Partners-in-Open-Development (POD) program.

“We asked them to prototype a number of minimum viable products around LSS in specific, clearly defined verticals. They helped us open up to a new and different way of thinking, allowing us to achieve a viable strategy critical for a very competitive IoT marketplace,” he continued.

“This successful collaboration illustrates the value of adopting a holistic approach to marketing – one that tactfully blends logic and a long-term marketing strategy with passion and a design-centric, forward-facing consumer mentality.”

At Rambus, says Nadel, this way of thinking has helped accelerate and optimize the branding process for LSS as well as other products in the company’s diverse portfolio.

“Understanding how our customers and partners will use a product plays a direct role in influencing its development,” he concluded.

“It is therefore essential for semiconductor marketing teams to think like designers upstream at the beginning of the creative process, rather than simply focusing on more traditional marketing methods downstream when a product is taped out or finalized. If you are promoting what you helped create, you naturally have a better understanding of the product itself.”

“We need to ask ourselves: how do large companies think as opposed to small startups? For example, veteran corporations tend to focus on platform or system plays within a three to five year strategy cycle,” he explained. “In contrast, startups are far more passionate about niche point solutions that often deal with specific consumer-facing scenarios.”

Rambus’ strategy, says Nadel, straddles a fine line between the two, with the company focused on bringing the true value of semiconductors closer to the consumer in a strategic manner.

“We have three primary divisions: Memory, Security and Emerging Solutions (Rambus Labs), the latter of which serves as an active incubator for the next generation of semiconductor technology,” he continued. “One of the Internet of Things (IoT) projects Labs is currently working on involves lensless smart sensors (LSS), which will help enable the next-generation of low-power sensing for consumers. At one millimeter thin, these thermal and visible light sensors are small enough to integrate directly into existing devices and applications, including digital eyewear, smart homes, VR and AR, as well as automotive.”

To develop and explore potential use cases for LSS, says Nadel, Rambus collaborated with design firms IXDS and frog in the context of the company’s Partners-in-Open-Development (POD) program.

“We asked them to prototype a number of minimum viable products around LSS in specific, clearly defined verticals. Tapping into a design-based, contrarian start-up mindset helped us open up and achieve a viable ‘Blue Ocean Strategy’ critical for a very competitive IoT marketplace,” he explained. “This illustrates the value of adopting a hybrid approach to marketing, one that tactfully blends logic and long-term strategy with passion and an immediate, forward-facing consumer mentality.”

In a broader sense, says Nadel, Rambus’ successful collaboration with IXDS and frog shows that technology design and marketing are irrevocably intertwined.

“At Rambus, we take a hands-on approach to product design. Understanding how our customers will use a product plays a direct role in influencing its development,” he added. “It is therefore essential for semiconductor marketing teams to think like designers upstream at the beginning of the creative process, rather than simply focusing on more traditional marketing methods downstream when a product is taped out or finalized. If you are promoting what you helped create, you naturally have a better understanding of the product itself.”

Although overall spending is expected to be moderate, at least initially, Gartner analysts say IoT security market spending will increase at a faster rate after 2020, as improved skills, organizational change and more scalable service options improve execution.

“The market for IoT security products is currently small, but it is growing as both consumers and businesses start using connected devices in ever greater numbers,” explained Ruggero Contu, a research director at Gartner. “[We] forecast that 6.4 billion connected things will be in use worldwide in 2016, up 30 percent from 2015, and will reach 11.4 billion by 2018. However, considerable variation exists among different industry sectors as a result of different levels of prioritization and security awareness.”

In addition, says Contu, more than 25 percent of identified attacks in enterprises will involve the IoT by 2020; even as the IoT is expected to account for less than 10 percent of IT security budgets. As such, security vendors will be challenged to provide usable IoT security features, despite limited budgets and a decentralized approach to early IoT implementations. Interestingly, vendors are also expected to “focus too much” on identifying vulnerabilities and exploits, rather than exploring segmentation and other long-term methods of better protecting the IoT.

As we’ve previously discussed on Rambus Press, the burgeoning IoT is expected to be the next big market for cyber security. Indeed, according to analysts at ABI Research, the IoT security ecosystem is expanding – with vendors finding their way into three primary groups. These include hardware (chipset/SoC/microcontroller), firmware/software (embedded OS/RTOS/hypervisor), and applications (platform/cloud/service/analytics) across a wide range of verticals, including automotive, smart home, healthcare, and energy.

According to Michela Menting, Research Director at ABI Research, there is increasing interest – and requirements – for improved levels of security to be designed into products, devices, and networks to protect data, combat fraud, and prevent criminal hacking.

“Promising opportunities, and undeniably challenges, will center on securing assets, protecting data, and ensuring privacy,” she explained.

As Menting points out, standardization and guideline developments are still at a relatively nascent stage. Indeed, numerous groups, including the Cloud Security Alliance, the Trusted Computing Group, the OWASP IoT Project, the IEE, GSMA, NFC Forum, ISO, GlobalPlatform, and IoT Security Foundation, among others, are working on different aspects of security standards, from hardware design to network connectivity.

“When mapping out these new standards, it is important to keep in mind numerous considerations, such as small footprints, lightweight agents, low energy consumption, mobile assets, and permeable networks,” Menting concluded.

Interested in learning more about securing the IoT? You can check out our article archive on the subject here.

“[Connectivity adds] many of the features that consumers now expect in mobile devices as well as some new ones that ultimately will lead to autonomous vehicles,” she explained.

“But along with those changes are some nagging questions about just how safe [this] technology will be for consumers and others around them, and whether the whole system can be secured.”

As Mutschler acknowledges, such questions have been asked ever since the introduction of infotainment systems in cars.

“[However], the volume is increasing as more critical systems are connected to in-car networks and as more wireless features are added into vehicles,” she noted. “In effect, every new car is now an IoT device, and like every connected device, there are benefits and risks. But in the case of a two-ton object moving at high speed down a crowded highway, the risks are much more serious.”

According to Simon Blake-Wilson, VP of products and marketing for Rambus’ Cryptography Research Division, the industry is currently struggling with the concept of designing secure vehicles.

“We struggle in the sense that if you think about the security you apply to a mobile phone, it’s not like there is a magic bullet solution for mobile phone security. Similarly, everything about this from an [automotive] perspective must take into account many different security aspects,” Blake-Wilson told Semiconductor Engineering. “[Moreover], we struggle with the idea of whole-vehicle security just in the sense that people often come away expecting a magic bullet that’s going to solve the problem. We see cars being like other Internet connected objects, except much worse.”

As Mutschler points out, silicon foundries are now placing encryption algorithms into silicon with various technologies, including Rambus CryptoManager. Essentially, the CryptoManager platform acts as a foundational component capable of powering multiple security solutions. According to Blake-Wilson, a root of trust is the goal with any hardware-based security technology.

“For example, when you provision over-the-air updates, typically you sign those updates using a cryptographic mechanism called a digital signature scheme, with a private key and a public key. You sign the update with the private key, and the person that checks the signature has to have the right public key to verify it,” he continued. “A hardware root of trust manages the keys that you need to have, securing then in the right place to power the different security solutions. Once the key is in the right place, you go to the next step and use the key to check the signature. In the same way, you could use a hardware root of trust to provision keys and secure communications across the vehicle CAN [controller area network] bus as well.”

Including a root of trust in automotive semiconductors, says Blake-Wilson, will mark a critical security milestone for the industry.

“There will be a number of different applications or services that [require] security [measures]. Putting the right foundational capabilities into the chips that can be used by a variety of different applications will be key,” he concluded.

Interested in learning more about the Rambus CryptoManager platform? You can check out the CryptoManager product page here.

“While it remains a fragmented market that has yet to consolidate, the ecosystem is expanding with vendors finding their way into three groups,” the researchers wrote in a recent blog post.

“[These include] hardware (chipset/SoC/microcontroller), firmware/software (embedded OS/RTOS/hypervisor), and applications (platform/cloud/service/analytics) across a wide range of verticals, including automotive, smart home, healthcare, and energy.”

According to Michela Menting, Research Director at ABI Research, there is increasing interest – and requirements – for improved levels of security to be designed into products, devices, and networks to protect data, combat fraud, and prevent criminal hacking.

“Promising opportunities, and undeniably challenges, will center on securing assets, protecting data, and ensuring privacy,” she explained.

As Menting points out, standardization and guideline developments are still at a relatively early stage. Indeed, numerous groups, including the Cloud Security Alliance, the Trusted Computing Group, the OWASP IoT Project, the IEE, GSMA, NFC Forum, ISO, GlobalPlatform, and IoT Security Foundation, among others, are working on different aspects of security standards, from hardware designs to network connectivity.

“When mapping out these new standards, it is important to keep in mind numerous considerations, such as small footprints, lightweight agents, low energy consumption, mobile assets, and permeable networks,” Menting concluded.

Despite the above-mentioned challenges, the rapidly evolving IoT security market is expected to increase from $6.89 billion in 2015 to $28.90 billion by 2020. To be sure, IoT security has understandably become a tangible concern for many.

“Prior to the emergence of IoT, the adverse effect of threats was limited to theft of money and intellectual properties,” Research and Markets analysts observed in a recent report. “Now, the effect can lead to loss of human life, hacking of critical infrastructures like electricity and nuclear power grids, organizational productivity, and even national intelligence.”

Similar to ABI’s Menting, the Research and Markets analysts cited mandatory government regulations as a significant factor contributing to an increased interest in IoT security.

“This has acted as a major driving force for the IoT security market,” the analysts concluded.

Interested in learning more about securing the IoT? You can check out our article archive on the subject here.

Jill Ingrassia, the Managing Director of Government Relations and Traffic Safety Advocacy at AAA, told conference attendees the auto industry has managed to significantly reduce the amount of vehicle crashes in recent years. However, more progress must be made, as thousands of people a year still lose their lives in traffic accidents.

According to Ingrassia, connected vehicle technology can help reduce accidents. As the AAA exec noted, multiple intelligent transportations systems – already deployed in the field – have continued to evolve over the years. The next stage of ITS is expected to include advanced systems, such as lane departure and forward collision warnings, braking and parking assistance systems, as well as adaptive headlights. All will be designed to help counteract human error and tendencies.

Perhaps not surprisingly, Ingrassia acknowledged that the industry faces a myriad of challenges in designing and deploying fully autonomous vehicles. Indeed, automakers have entered a transitional stage between semi-autonomous and fully autonomous capabilities. This evolution, says Ingrassia, presents its own set of concerns.

According to Joe Gullo, the senior director for Rambus Ecosystem strategy and development, security is one primary concern the industry must immediately address for intelligent transportation systems. To be sure, modern vehicles are essentially a network of networks – packed with a range of embedded communication methods and capabilities.

“Of course there is broad consensus that vehicle cyber security ranks as a top priority for the automotive industry,” Gullo told Rambus Press during an interview on the sidelines of CES 2016. “Unfortunately, there are still no clearly defined vehicle security specifications. This is not a problem that will be going away soon. In fact, it will only get worse as more and more connected vehicle systems are manufactured and installed in the next generation of semi-autonomous cars and trucks.”

Potential vulnerabilities include altering over the air (OTA) firmware updates, unsecure vehicle-to-vehicle communication, the unauthorized collection of driver or passenger information, seizing control of critical systems such as brakes or accelerators, intercepting vehicle data and tampering with third-party dongles.

As Gullo emphasizes, adopting a hardware-first approach to security and implementing the necessary functionality on the SoC level is a key element of protecting intelligent transportation systems – both now and in a fully autonomous future.

“To avoid potentially dangerous scenarios, vehicles should be equipped with robust DPA countermeasures to protect against side-channel attacks,” Gullo added. “In addition, the automotive industry needs to shield vehicle peripherals and components against tampering, as well as provide secure OTA updates for various systems.”

“Modern vehicles are essentially a network of networks – equipped with a range of embedded communication methods and capabilities,” said Joe Gullo, the senior director for Rambus Ecosystem strategy and development. “As such, there is broad consensus that vehicle cyber security should rank as a top priority for the automotive industry.”

Gullo, who recently attended ESCAR (Europe) and the Connected Car Expo, told Rambus Press the biggest hurdle to achieving comprehensive vehicular security is the lack of clearly defined industry standards.

“Frankly, security in the automotive market today reminds me of how the nascent debit/credit card space was before the financial industry reached consensus on implementing a secure payment system,” he said. “Currently, there is no defined vehicle security specification that has been adopted industry-wide. This is unfortunate, as the problem is only going to get worse.”

According to Gullo, adopting a hardware-first approach to security and implementing the necessary functionality on the SoC level is a key element of securing embedded automotive technology.

“During multiple discussions with industry peers at both ESCAR and the Connected Car Expo, I emphasized that a software-centric security approach for vehicles will inevitably require frequent patches due to unforeseen vulnerabilities,” he explained. “In addition, I asked what happens 8 or 10 years from now when an automotive company chooses to discontinue critical software updates?”

To avoid potentially dangerous scenarios, says Gullo, vehicles should be equipped with robust DPA countermeasures to protect against side-channel attacks. In addition, the automotive industry needs to shield vehicle peripherals and components against tampering, as well as provide secure OTA updates for various systems.

As we’ve previously discussed on Rambus Press, adopting a hardware-first approach to security and implementing the necessary functionality on the SoC level is a key element of securing embedded automotive technology. To be sure, vehicle manufacturers should collaborate on formulating strong hardware-based security standards and isolation mechanisms that offer multiple layers of protection against various forms of attack.