Creating better data security for vehicle communications
The more connectivity and automated driving functions are built into cars, the more important embedded IT security becomes for vehicle communication. Infineon Technologies and ESCRYPT work closely together in the field of automobile cyber security. Both companies are now offering a solution that encrypts on-board communication and makes it more secure while considering future security requirements.
It is based on the second generation of the AURIX (TC3xx) multicore microcontroller family from Infineon and on the specifically adapted CycurHSM security software from ESCRYPT.
The harmonised hardware-software solution makes it harder to manipulate Electronic Control Units (ECUs). In modern vehicles, there are around 60 of these ECUs communicating with each other. Thus, the solution improves IT security for applications such as software updates over the air (SOTA) and automated driving.
Compared to purely software-based approaches, the solution built from hardware and software - AURIX and CycurHSM - delivers a higher performance. Every TC3xx microcontroller has an integrated Hardware Security Module (HSM). Because the security functions are physically encapsulated in the HSM, the ECU’s host controller can concentrate fully on its own tasks.
ECU manufacturers also benefit in other ways: The hardware-software solution is easy to implement. It is AUTOSAR-compliant and dispenses with the need to develop further security functions - it is sufficient to configure the CycurHSM software. This turnkey solution is able to reduce development costs for IT security in vehicle communication by up to 90%. This allows the developers working for system suppliers to focus on their actual job of creating high level software for new applications.
The microcontrollers of the AURIX family are key components for embedded security solutions in vehicles. They control communication processes, perform monitoring and security tasks, and support security protocols. The keys are generated and stored in the HSM, which permits secure booting, flashing, and debugging. With its symmetric and asymmetric encryption mechanisms (AES-128, ECC 256, SHA2), the HSM improves tamper protection, for example in vehicle software or internal and external data transmission. An HSM also helps to prevent loading of malware and unauthorised software updates.
As the world’s first software system provider for embedded security, ESCRYPT offers a software stack that has been specifically tailored to AURIX and HSM. CycurHSM enables hardware-based security functions such as data encryption and authentication, the use of true random number generators (TRNGs), and secured flash memory. Additionally, the solution features security functions such as runtime manipulation detection, which monitors the authenticity of the application software during the runtime.
“AURIX microcontrollers are key components in vehicles, today and in the future, because they complicate manipulation,” said Thomas Boehm, Senior Director, Chassis & ADAS Microcontrollers at Infineon. “The combination of AURIX and a harmonised software stack like CycurHSM will ensure further improved in-vehicle IT security and make the corresponding development work of systems suppliers much easier.”
“By combining a high end hardware platform like AURIX with state-of-the-art HSM software, we are offering today’s automotive sector a cutting-edge model for the future,” explained Frederic Stumpf, Head of Product Management at ESCRYPT, who sees optimum IT security as a prerequisite for autonomous and connected driving. “Our cooperation with Infineon shows that automotive security delivers best results when it is conceived and thought through in partnership.”