Infineon and Escrypt work to secure on-board communication
The solution is based on the second generation of Infineon’s multicore AURIX (TC3xx) family of microcontrollers and Escrypt’s CycurHSM security software. The coordinated combination of hardware and software makes it difficult to manipulate Electronic Control Units (ECUs), of which an average of around 60 currently communicate with each other in one car. The product improves IT security for applications such as software update over-the-air (SOTA) and automated driving.
Compared to a purely software-based solution, the combination of hardware and software – AURIX and CycurHSM – offers significantly better performance parameters. Today, the TC3xx microcontroller integrates a hardware security module (HSM) in which the security functions are physically encapsulated. In this way, the host controller of the ECU can devote itself fully to its tasks.
ECU manufacturers also benefit in another way: the hardware software solution is easy to implement. It is AUTOSAR-compliant. There is no need to develop further safety functions. It is enough to configure the CycurHSM software. With this “turnkey” solution, the development effort for IT security in vehicle communication can be reduced by up to 90 percent. Thus, the developers of the system suppliers can concentrate on their actual task: the high-level software for new applications.
The microcontrollers of the AURIX family are key components for embedded security solutions in vehicles. They control the communication processes, perform monitoring and security tasks and support security protocols. The keys are generated and stored in the HSM. This allows secure booting, flashing and debugging. With its symmetrical and asymmetrical encryption mechanisms (AES-128, ECC 256, SHA2), the HSM improves tamper protection, for example in vehicle software or internal and external data transmission. An HSM also helps prevent malware from being loaded and unauthorized software updates from being performed.
As the world’s first software system house for embedded security, ESCRYPT offers a software stack that has been specially designed for AURIX and HSM. CycurHSM enables hardware-based security features such as data encryption and authentication, the use of True Random Number Generator (TRNG) and secure flash memory. Added to this are additional innovative security functions such as runtime manipulation detection, which monitors the authenticity of the application software during runtime.