Decentralized blockchain-based solution for software lifecycle management and security

Silicon Valley, CA, August 1, 2022 – The eSync Alliance, a global network of co-operating suppliers established to build a high-confidence, multi-vendor path for end-to-end secure over-the-air (OTA) updates and data services, announces that Asvin, an expert in cybersecurity and software lifecycle management, has joined as a promoter member. Asvin is the first cybersecurity company in the eSync Alliance.

Today’s vehicles are highly complex software platforms, and managing their cybersecurity is a huge challenge. OTA updates are vital to protect in-car software, but this brings new issues in verifying updates for the software-defined vehicle (SDV) through its entire lifecycle.

To ensure software supply chain integrity, Asvin has developed a decentralized blockchain-based solution, using distributed ledger technology (DLT). This provides a robust architecture to maintain the security of OTA updates, and to document all software changes for verification and regulatory compliance.

Mirko Ross, CEO at Asvin, said, “OTA is the future of automotive software, and the eSync Alliance is leading its development. We look forward to becoming an active participant in the alliance and its work groups.”

Mike Gardner, Executive Director at the eSync Alliance, said, “Asvin has created the tools to secure the full lifecycle of software in cars, including OTA updates and installation, and we’re delighted to broaden the alliance’s membership with the addition of a true security expert.”

The eSync Alliance is a global network of co-operating suppliers established to build a high-confidence, multi-vendor path for end-to-end secure over-the-air (OTA) updates and data services for the connected car. Its growing membership includes major Tier-1, automaker and semiconductor companies. These businesses are working together to build a standard bi-directional data pipeline from the cloud to electronic devices in the automotive market.

The alliance is based around eSync, a platform of cloud and embedded software that provides a secure, bi-directional data pipeline between the cloud and electronic end devices in vehicles. eSync can deliver and update software and firmware over-the-air, and can collect real-time diagnostics and telematics data from end devices in the vehicle.

The eSync architecture consists of a server in the cloud, a client for the vehicle, and agents distributed throughout the vehicle for the different ECUs or sensors. This allows fast scaling of the in-car network without disturbing the server / client communication, and straightforward migration from one vehicle platform to another.

About the eSync™ Alliance

The eSync™ Alliance is a non-profit trade association driving a multi-company solution for over-the-air (OTA) updates and diagnostics data in the automotive electronics space, potentially saving billions of dollars per year for automakers. By working together in the Alliance, companies benefit from a simplified development environment made possible by a standardized yet customizable platform. The Alliance is based around the eSync platform of cloud and embedded components, providing a secure data pipeline to devices within a vehicle. Further information at

Press contacts:


Cynthia Hoye, embedded PR
Phone:  +1 (408) 858-2602


Konrad Buck, Public Relations, asvin GmbH

Phone: +49 151 4653 9192

About Asvin

Established in 2018, Asvin is developing unique innovative solutions for managing the cybersecurity and provenance of software supply chains and enhancing overall confidence in multiple domains such as automotive, aerospace, telecom, medical, energy, and industrial systems. Asvin enables vendors and operators to fulfill regulatory cybersecurity requirements and ensure the integrity, trust and transparency of their software related processes and dev ops pipelines. Asvin provides a distributed ledger-based solution and services to record software bills of materials, track and trace all software related processes, document regulatory compliant methods, and derive software supplier risks analytic insights. See