Microchip FAQ | TA100-VAO secure boot and message authentication for CAN FD in ADAS and IVI systems
[Copy link]
Live Topic: Microchip Live | Secure Boot and Message Authentication for CAN FD in ADAS and IVI Systems Using TA100-VAO
Content Introduction: Microchip experts delved into the needs and requirements for secure boot and message authentication functions of the CAN FD bus in advanced driver assistance systems (ADAS) and in-vehicle infotainment (IVI), and also explained how the TA100-VAO brings security to secure boot and message authentication of vehicle electronic control units (ECUs).
Live lecturer: Hurry Zuo|Application Engineer Manager at Microchip
FAQ details1
. Does the cost of CANFD and the original CAN increase the external driver? What about the compatibility with each car's protocol?
A: CAN FD provides a higher rate and single-frame data volume than ordinary CAN. Therefore, the CAN controller needs to support CAN FD, and the CAN transceiver also needs to support CAN FD.
2. How much will the cost increase if the CAN FD of the IVI system adopts Microchip security solution?
A: Regarding the cost of security chips, please consult the local office staff or agents of MICROCHIP3.
Can 232 and 485 also be supported?
A: Theoretically, they can4
. How many V is the pin store of 2-wire I2C?
A: I2C is an open-drain output, so the normal pin pull-up resistor voltage does not exceed the chip power supply voltage5
. The AES key is transmitted to the microcontroller through SPI for use. Do we not need to consider the security of SPI communication?
A: The communication of key commands can choose an encrypted communication method6
. Is there any difference between the data baud rate of CAN FD and CAN?
A: There is a change. The data segment can have a higher baud rate7
. Is there any relationship between the reliability and trustworthiness of CAN FD's secure boot and encryption?
A: The main point of secure boot is to ensure the confidentiality of the private key.
8. The data frames of CAN FD and CAN have become longer. Does the data transmission time also increase several times?
A: The payload has also increased. The transmission time will not increase several times. It depends on the baud rate.
9. Compared with CAN FD and CAN, does the boot time change for the same boot content?
A: CAN FD can mainly provide more payload data than CAN2.0.
10. In addition to being able to load MAC for security authentication, are there any other functional improvements compared to CAN FD?
A: The data payload and baud rate have both increased.
11. What is the difference between CAN FD and CAN protocols?
A: CAN 2.0 can only provide 8 bytes of payload, while CAN FD is 64 bytes. The maximum rate of CAN is 1MBPS, and that of CAN FD is 8MBPS. For more information, please refer to the CAN FD specification.
12. Does CAN FD currently have any application cases in elevator control systems?
A: Yes, but the mainstream is still CAN, mainly because traditional CAN can basically meet the requirements.
13. Is CAN FD authentication mainly used in cars?
A: Currently, CAN FD is the same as CAN, mainly used in automotive applications. Of course, CAN FD can also be used in industry or other occasions that require CAN bus.
14. Is CAN FD an upgraded version of CAN bus?
A: The previous CAN was the standard of CAN 2.0A and CAN 2.0B. The CAN FD standard was proposed after the CAN2.0 standard and can be simply considered as an upgraded version
. 15. CAN FD is mainly used to ensure the security authentication of CAN. Are there any other functions?
A: Compared with CAN, CAN FD mainly provides higher payload data, from 8 bytes to 64 bytes. With this function, we can do security authentication and other functions.
16. Do you have any recommended ECU models?
A: All modules of the car are fine, such as BCM, ADAS, EPS, etc.
17. The transmission speed of I2C is not enough. How to ensure data security?
A: The transmission speed of I2C does not affect data security. It can be paired one by one before leaving the factory, and encrypted communication is required.
18. Where does the security challenge of CAN FD in IVI system come from?
A: We need to add the security features we discussed today to avoid being attacked.
19. What are the consequences of the security problems of the CAN FD of the IVI system?
A: The system is attacked. It will cause safety driving problems or data security risks to the car owner.
20. What is the IVI system?
A: Infotainment system for smart cockpits
21. How much area does the chip and surrounding area of the Microchip security solution (TA00-VAO) occupy?
A: TA100 Package Options: – 8-lead SOIC – 14-lead SOIC
22. What are the objects of security verification of Microchip security solutions?
A: All objects that need to be connected or have communication can add security verification functions, including cloud servers.
23. What are the technical features of Microchip security solutions?
A: MICROCHIP provides a full range of service support from hardware products, code development, security chip PROVISION, etc.
24. Are the encryption algorithms of Microchip security solutions public?
A: The encryption algorithms have corresponding standards and corresponding descriptions in the specification book
25. What parts does the after-sales service and FAE of Microchip security solutions include?
A: We have a dedicated FAE support team for security applications.
26. How much impact does the Microchip security solution have on the boot time?
A: If a complete verification method is used, it will take about tens of milliseconds. If the summary has been stored, only the summary is compared, which will be very fast, and should be less than milliseconds.
27. Can the Microchip security solution be used for current EV personal cars, the kind that does not require license plates?
A: MICROCHIP's solution has nothing to do with specific car models for automotive applications .
28. Can the Microchip security solution be used directly without secondary development?
A: Customers need to do application layer and security key management, etc.
29. Is the Microchip security solution software encryption or hardware encryption?
A: External chips are all hardware encrypted.
30. What technical support does the Microchip security solution provide?
A: Development board, development case
31. What development toolkits does the Microchip security solution provide? Are there any simulation requirements and simulation tools?
A: Development Tools https://www.microchip.com/en-us/product/ta100#Development%20Environment https://www.microchip.com/en-us/products/security/trust-platform
32. How many communication methods can the TA00-VAO of the Microchip security solution series use?
A: I2C or SPI
33. Where can I find detailed information about Microchip security solutions? Thank you
A: Please check the following official website https://www.microchip.com/en-us/products/security
34. What hardware support does the Microchip security solution require?
A: Encryption chip and I2C or SPI interface
35. What are the total number of Microchip security solutions?
A: Please check the official website https://www.microchip.com/en-us/products/security for details
36. What are the advantages and characteristics of Microchip security solutions?
A: https://www.microchip.com/en-us/products/security The official website has detailed introductions to various solutions. Please check
37. What are the patented technologies of Microchip security solutions?
A: MICROCHIP has launched various solutions for different applications of various products
38. How does Microchip security solution deal with physical brute force cracking?
A: When designing MICROCHIP products, many security designs are added inside the chip, such as security shielding metal layer, no JTAG interface, and anti-bypass attack, anti-power analysis, anti-probe attack, etc. In addition, security products have been rated for security levels. The rating of MICROCHIP security products is JIL HIGH, which means that if cracked within a given time, MICROCHIP's security chip will not leak any data.
39. What hardware and software support does MICROCHIP security solution provide?
A: Development board and Trusted Platform Module https://www.microchip.com/en-us/products/security/trust-platform
40. In the implementation of TA100-VAO, does Microchip's security only perform security verification on startup?
A: What we are discussing today is the identity of the firmware, so it only needs to be verified when it is started or upgraded. Of course, the application can also verify the external TA100 at runtime. This function is IP protection or anti-cloning.
41. Does Microchip's encryption chip need to be burned in advance?
A: The encryption chip needs to be configured and burned, and this service can be provided.
42. What fields is Microchip's security bill mainly used for?
A: It can be used in various fields, IOT, automobiles, industrial power supplies, servers, etc.
43. What technical support can Microchip provide locally at present?
A: You can contact local technical support, domestic technical support hotline: 800-820-6247 (landline) 400-820-6247 (mobile) domestic technical support email: china.techhelp@microchip.com
44. What technical support can Microchip provide ?
A: Device specification. Device Demo board. Related application manual. Reference code, etc.
45. What corresponding development tools does MICROCHIP provide?
A: Development board and development platform https://www.microchip.com/en-us/product/ta100
46. Where can I download the PPT?
A: You can contact local technical support, or go to the Chinese official website to review http://microchip.com.cn/newcommunity/index.php?m=Training&a=index&id=154
47. What chips can be supported by the TA100-VAO method?
A: The main MCU only needs to have an I2C or SPI interface
48. What are the main functions of TA100-VAO?
A: Secure storage of keys and execution of secure encryption algorithms
49. Is TA100-VAO technology used in hardware or software?
A: TA100 is an external independent security device that provides secure key storage and various encryption algorithms. It needs to be operated by sending operation commands through an external MCU.
50. What algorithms can TA100-VAO support?
A: There are many algorithms supported. For details, please refer to the TA100 document on the official website
51. How many packages does TA100-VAO have?
A: Package Options: – 8-lead SOIC – 14-lead SOIC
52. Are there any modules for TA100-VAO?
A: Currently, only chips are available.
53. Are there any technical documents on the website for TA100-VAO? I may not have time to read them in detail during the live broadcast.
A: You can contact technical support to obtain them, or you can watch them after the seminar at http://microchip.com.cn/newcommunity/index.php?m=Training&a=index&id=154
54. What is the minimum number of pins required to make TA100-VAO into a module?
A: TA100 has an I2C interface or SPI interface, and only needs to be connected to an external MCU through this interface.
55. What communication interface does TA100 use?
A: I2C or SPI
56. How to ensure the security of TA100's I2C or SPI transmission key?
A: The key command reply can be set to encrypt the communication content. Please refer to the voice Q&A for details.
57. Is there technical support on site for TA100 debugging?
A: Please contact the local MICROHCIP office FAE
58. What are the requirements for the TA100 microcontroller?
A: Supporting I2C or SPI communication is fine
59. What is the package of TA100? How much power is it powered?
A: Package Options: – 8-lead SOIC – 24-pad 4 x 4 mm VQFN Voltage Supply Range: 2.7V to 5.5V
60. Can I apply for samples of TA100?
A: Yes, please contact the local Microchip office or agent
61. Has TA100 been put into mass production?
A: Yes
. 62. Is TA100 debugged through the serial port?
A: I2C or SPI
. 63. Does TA100 have to use a MICSOCHIP microcontroller?
A: Any microcontroller that supports I2C or SPI
is fine. 64. TA100 uses I2C for communication, so it should not guarantee information security.
A: It can be paired and encrypted for communication.
65. Does TA100 communicate directly with the main control in plain text?
A: Yes.
66. Where are the security measures placed?
A: The solution we introduce today uses an external independent security device. The security key and encryption algorithm are stored and calculated in the external security chip.
67. What level of security is achieved ?
A: JIL High.
68. What are the requirements for the server for the security solution?
A: Only the external main MCU has requirements, which must have an I2C or SPI interface.
69. What is the process of security certification?
A: The process of security certification is mainly identity authentication. For details, please refer to the relevant courses of MU on the microchip official website.
70. What problems will the challenges of security bring?
A: 1. System reliability, 2. Development cycle, 3. Development complexity
71. Can these materials for secure boot be downloaded from the official website?
A: You can contact local technical support, or go to the Chinese official website to check http://microchip.com.cn/newcommunity/index.php?m=Training&a=index&id=154, https://www.microchip.com/en-us/product/ta100#Development%20Environment
72. Does secure boot support online OTA upgrade?
A: Yes
73. Are there reference routines for related applications in the reference materials?
A: You can contact the local FAE
74. How is the after-sales service of the product?
A: MICROCHIP provides corresponding technical support and services
75. In addition to automobiles, what other aspects can it be used in?
A: In addition to automotive applications, it can also be used in industrial and other occasions that require CAN bus. And products that need to communicate and upgrade through the CAN network.
76. What is the transmission speed?
A: CAN FD can reach 8MBPS
77. Do traditional CAN and CAN FD use the same security solution?
A: The traditional CAN cannot realize security functions because it has only 8 bytes of payload space.
78. Will the stored security information be read out without permission?
A: Readable information and unreadable information can be configured. Unreadable security information cannot be read out.
79. How to connect (or implement) the support for 232 and 485?
A: Similar to the CMAC of CAN D, it is necessary to calculate CMAC and append it to the communication data of RS232/RS485.
80. Have you tested the compatibility of microcontrollers with I2C or SPI?
A: The security encryption library provided by MICROCHIP is based on MICROCHIP M0+ MCU. In our actual application, many customers also use MCUs from other suppliers.
81. Attackers can completely bypass the signature by attacking the boot.
A: First, verify the boot program. Only after the boot program signature verification passes can other steps be continued.
82. Is the supply normal? How long is the cycle?
A: Please consult the local Microchip office or agent for supply information.
83. Does the official provide relevant test routines?
A: You can contact the local MICROCHIP office staff, sign the NDA first, and then you can get the relevant information.
84. Does the official website provide TA100 design reference?
A: You can contact technical support to obtain the reference design .
85. What are your company's security solutions?
A: For details, please see the following link https://www.microchip.com/en-us/products/security
86. Is the original CAN FD connection in parallel or in series (crossover)?
A: The nodes on the CAN bus are all hung on the bus. If one node does not work, it will not affect other nodes.
87. How is the encryption security test generally performed?
A: There are professional security rating agencies.
88. What is the possibility of the encryption algorithm being decrypted?
A: The encryption algorithms AES, ECC, etc. are all public algorithms, and their encryption strength is strong enough. The main thing is to ensure that the key is not leaked.
89. Is the encryption algorithm open?
A: AES, ECC, SHA, RSA are all public algorithms. What users need to do is to ensure that the key is not leaked.
90. What are the encryption algorithms?
A: TA100 contains many algorithms. For details, please refer to the specification https://ww1.microchip.com/downloads/aemDocuments/documents/SCBU/ProductDocuments/DataSheets/CryptoAutomotive-TA100-B6-Summary-Data-Sheet-DS40002390A.pdf
91. After the encryption chip is used, does the software production and testing process of the finished product of the whole machine change?
A: There will be some changes.
92. What are the advantages of using CANFD for secure boot and message authentication? Can't ordinary CAN perform secure boot and message authentication?
A: The effective data payload of ordinary CAN data frames, that is, the data area, is only 8 bytes. There is no storage space for the MAC for message authentication. The length of the MAC for message authentication is 16 bytes. The payload of the CAN FD data frame can be up to 64 bytes, and the space for the payload is large enough. CANFD has a relatively high payload and rate, so the bus utilization rate of the CAN network is relatively high, but the CAN rate and payload are relatively low. If these functions are added, the speed will be greatly affected.
93. What safety certifications has TA100 passed?
A: Currently, it is JIL high safety level certification. In addition, the standards met by the corresponding algorithms can be referred to the detailed specifications.
94. Where can I find the test package?
A: Please contact the local MICROCHIP office staff first, sign the NDA first, and then you can get the relevant information.
95. Which industries must use it
? A: CAN FD is the same as CAN, mainly used for automotive products. Of course, it can also be used in industry or other occasions that require CAN bus.
96. Can it be used in real-time systems?
A: Yes.
97. How long does it take to determine the verification algorithm?
A: It takes about tens of milliseconds for TA100 to execute the ECDSA verification algorithm.
98. Is ordinary CAN FD safe?
A: Ordinary CAN FD has no security features. The MICROHCIP security solution introduced today is based on CAN FD.
99. Can the format of ordinary CAN data frames be securely encrypted?
A: Ordinary CAN frames with a maximum of 8 bytes of data cannot be securely encrypted.
100. How serious is the harm of the security problem of the ACN bus of the car? Where will it be manifested?
A: It may affect the driving safety of the car and the security of the owner's information data.
101. How to avoid code conflicts when adding external security modules to the original MCU?
A: Just add it to the existing I2C bus.102
. What chips does MICROCHIP have that support CAN FD, and how much is the price in US dollars?
A: There are many types of chips that support CAN FD. There are CAN FD with integrated CAN FD controllers. There are also chips that convert SPI to CAN FD controllers. We also have CAN FD transceiver chips. Please consult Microchip's local office for specific prices.103
. Is there a limit on the length of the summary?
A: The summary length is fixed, 32 bytes.104.
If the chip is damaged, do I need to replace the chip and re-authenticate it?
A: No, with the management of the trust chain, different chips and different suppliers can be interchanged.105
. If the chip is damaged, do I need to replace the chip and re-authenticate it?
A: Generally speaking, yes.106
. How to verify that the Microchip security solution has taken effect?
A: After the security solution is deployed in the security system, the entire system needs to be security verified when it is working. Data that has not passed the security verification will not be processed and responded to.107
. Are there any innovative and special applications?
A: TA100 can be used in any application scenario where customers need encryption and security.
108. Are there any bottlenecks?
A: Different application scenarios have different requirements. For vehicle-mounted ECUs, it is sufficient to achieve security design.
109. How to save private keys?
A: Once a space is defined to store private keys, the private key will be automatically set to unreadable, and it is unreadable under any circumstances, but the user can use it. The restrictions on use are defined by the customer.
110. How to ensure security during communication?
A: SPI or I2C can also communicate in ciphertext
. 111. How to ensure the security of relevant information of the same brand and the same model of car. And is there any price advantage?
A: The realization of the trust chain can realize the interconnection and interchange of the same brand and different suppliers, and ensure security.
112. How can I judge whether my verification code is wrong and where is the error?
A: We only judge whether the verification code is correct, and cannot check where it is wrong. The function of identity authentication is to only judge whether the identity is legal.
113. I am also very fuzzy here. I have changed several networks but it doesn't work. With echo
A: You can replay it later http://microchip.com.cn/newcommunity/index.php?m=Training&a=index&id=154
114. How to ensure information security during wireless upgrade?
A: First, when establishing a wireless connection, you can add a secure connection; second, the communication receiving software can add identity authentication and code integrity verification, and when necessary, you can add code encryption and decryption to prevent others from reading and analyzing the code; third,
115. System stability?
A: There is no problem with the stability of the security chip. We have designed stability and security, but the stability of the system needs to be considered from the system level.
116. Does MICROCHIP's products still support a production cycle of about 20 years like before?
A: Microchip will not easily stop producing chips in line with the principle of being responsible to customers.
117. What is the latest version of the official development environment IDE now?
A: The latest version of X IDE is available on the MICROCHIP official website
. 118. In terms of automotive safety, does MICROCHIP support products with multiple specifications of ROM on the same product package?
A: This depends on the MCU platform you use. For example, if you use dsPIC, this is determined by the customer. The customer can decide how big their ROM is. Of course, this requires enabling virtual OTP. For other MCUs, this ROM is fixed. For MPU, this is another. The ROM that comes with the MPU is fixed, but the system Boot customer can define it himself.
119. How much delay will be generated for consumer identity verification?
A: You should be talking about message identity verification, right? This requires the execution of ECDSA verification operations, which requires tens of milliseconds of computing time.
120. What methods are used
for message identification (verification)? A: We use MAC values to authenticate messages.
121. Is the chip supply stable?
A: Regarding supply issues, please contact MICROCHIP's local office or agent. MICROCHIP can provide NPV plans to support the development and launch of new products. And PSP plan to support stable mass production supply.
122. Is the chip supply normal?
A: Microchip provides NPV PSP and other plans for chip supply. You can consult Microchip's local office or agent for consultation.
123. How many chips are needed to complete the security function?
A: An external independent security chip is enough.
124. What security certifications need to be passed?
A: For a single chip, EAL or JIL certification is generally required, but for the system, it is much more complicated.
125. What is the minimum communication pin required?
A: 2-wire I2C communication
126. How to protect the boot part?
A: The pre-boot is stored in TA100 and cannot be changed. The pre-boot must be issued before executing the secure boot command.
127. Is there an EVK board for TA100? How to obtain it?
A: Yes, you can contact microchip branches in various places
. 128. Is there a solution for loading applications online via CAN FD?
A: There is a routine for using CAN FD as a bootloader. You can contact microchip branches in various places for details.
129. When the car is in normal operation, will it be received and deciphered by another person using a receiver?
A: With the Internet of Vehicles, it is because of this risk that security functions need to be implemented.
130. Is the online firmware upgrade wireless or wired?
A: Both online and wired are supported.
131. What are the interfaces for online upgrade?
A: As long as it is a communication interface, it can be UART, I2C, SPI, CAN, USB, ETHERNET, etc.
132. Are there any security measures when upgrading the firmware online?
A: TA100 uses kPUB to verify the signature of the updated application digest (ECDSA VERIFY). Physical protection, of course, must ensure that the system can work stably during the online upgrade process, such as not allowing sudden power outages; data security considerations, that is, to ensure the legitimacy and integrity of the upgraded code, which is what we need to consider for secure software upgrades.
133. How do you know if it is a secure link?
A: Identity authentication is required when establishing a connection.
134. What hardware environment does this solution require?
A: In terms of hardware, you only need to add a TA100 to your original solution
. 135. How does this message identity authentication work?
A: It is through the message verification code method, adding the message sequence to the new CANFD message, and the verification code of the message information calculated using the same network shared key.
136. What are the main application areas?
A: MICROCHIP uses the JIL rating, which is HIGH, which is the highest rating level of JIL. This rating is higher than the EAL 4 rating.
137. Which major customers have already cooperated with Microchip's encryption chips in the application of Qi1.3 standard products?
A: Microchip is one of the few SSS and CA Service suppliers authorized by WPC. Microchip has been deeply involved since the definition of Qi1.3 specification. At present, it cooperates with many international manufacturers including automobile OEMs on this type of project, but we cannot disclose information without authorization.
138. How effective is the solution in anti-ransomware virus?
A: MICROCHIP security solution is used to prevent vehicle-mounted modules from being attacked.
139. Is the symmetric encryption of the can mac layer data encryption? The ecu will also need to do decryption later. Does this require computing power for the mcu?
A: This MAC is relatively simple and does not require very high computing power. Ordinary MCU can also complete it.
140. How to burn the private key and public key into the chip when TA100 is mass-produced? Are there special tools? There are several ways to burn public and private keys. Which solution is recommended?
A: Microchip can provide secure burning services
. 141. How much resources will the size of some driver codes for TA100 occupy in the ecu main control chip?
A: It depends on the application. The complete library will take about 20+K.
142. For HSM upgrades, can TA100 provide complete upgrade driver code?
A: We have code on our own MCU platform for reference.
143. What are the encryption algorithms of TA100-VAO?
A: There are many algorithms, and mainstream algorithms are supported. For details, please refer to the specification book on the official website.
144. What does DLC mean
? A: The length of the payload data of the CAN data frame
. 145. What are the challenges of the integration of IVI and ADAS?
A: Judging from the current trend, security will be a relatively big challenge, including the realization of security under the premise of meeting the real-time requirements of the application.
146. What is a discrete security element?
A: It refers to an independent security chip. Because it is separate from the MCU and is not integrated inside the MCU, it becomes a discrete security element.
|
提升卡
变色卡
千斤顶
京公网安备 11010802033920号
