Automotive Cybersecurity

Infineon and Elektrobit offer a coordinated hardware-software solution to tackle cybersecurity

Infineon Technologies and Elektrobit Automotive are working on of cybersecurity for vehicles. The companies are offering a coordinated hardware-software solution based on the second generation of the multicore microcontroller family AURIX (TC3xx) from Infineon and, tailored to it, Elektrobit’s zentur HSM solution.

The companies claim that the solution boosts the performance of on-board communication and satisfies current and future security requirements.

The microcontrollers from the AURIX family control communication processes, carry out monitoring and security tasks and support security protocols in the vehicle.

Every TC3xx microcontroller now has an integrated hardware security module (HSM), where the keys are generated and stored securely. The HSM uses hardware-based symmetric and asymmetric encryption algorithms as well as hash functions (AES-128, ECC 256, SHA2).

As a result, the HSM not only enhances protection against manipulation, but also ensures a significant increase in speed. Thanks to hardware support, hash calculation (SHA256) is around 150 times faster than with a pure software solution.

That has a direct impact on RSA signature verification – an advantage when there are large volumes of data, as in applications such as SOTA and autonomous driving.

The hardware-software combination – AURIX and EB’s zentur HSM – also enables more than 100 signature verifications per second (with ECDSA secp256r1, for example). In a current software implementation of RSA signatures, verification can take several seconds – depending on the key length and size of the data.

The hardware-software solution is AUTOSAR-compliant with regard to the latest 4.3 stack and prior versions such as 4.2 and 4.0. That means it is easy to implement and integrate EB’s zentur HSM software in existing projects.

Secure Boot is the basis for all subsequent security functions. It is a time-critical function that demands a great deal of computing power, since the individual control units must log on to the network in a very short space of time. When the systems are booted, the memory contents are checked for any manipulation. Thanks to the hardware-software solution, CMAC values of 62 MB/s are achieved. Elektrobit’s software stack, which has been tuned specially to AURIX and the HSM, thus allows 1 MB of data to be checked in 16.2 ms.


Related Articles