Microchip Live FAQ｜ADAS Platform Root of Trust

EEWORLD社区

Microchip Live FAQ｜ADAS Platform Root of Trust [Copy link]

Live Topic: Microchip Live | ADAS Platform Root of Trust

Content Introduction: Computers and other software-driven products have become integrated into almost every aspect of modern life. Even the cars we drive have become data centers on wheels. Autonomous driving is an exciting technology that is rapidly gaining popularity in the automotive market. Of course, you may wonder how to ensure data security and physical security from external threats outside of these applications. This webinar will discuss how Microchip protects ADAS systems and ensures that the code used is protected from remote attacks.

Live lecturer: Sean Yuan｜Microchip Senior Application Engineer

FAQ Details

1. How many volts does CEC1712 use for power supply?
A: 1.8 to 3.3V can run
2. What is the maximum size of flash firmware that can be verified?
A: 4 byte mode, 2^32 byte = 4GB
3. What encryption algorithms does 1712 support?
A: AES Hardware Support 128-256 bit SHA Hashing Support SHA-1 to SHA-512 Public Key Cryptography Support RSA: 4K bit ECC: 571 bit
4. What kind of package does CEC1712 have?
A: BGA84 package
5. Can you explain in detail the relationship between secureboot and 1712? The specific working steps of 1712.
A: CEC1712 is responsible for secure boot. After power-on, it first verifies the user's firmware. Only after the verification is passed can the user's firmware be allowed to run
6. What is CEC1712 mainly used for?
A: CEC1712 can be used for trusted and identity authentication applications that require FW
7. Is CEC1712 just a hardware reset chip? What other functions are there?
A: CEC1712 has built-in secure encryption algorithms, such as AES, ECC, RSA, SHA, etc., and can store keys securely.
8. What security can CEC1712 ensure for assisted driving?
A: CEC1712 ensures the integrity and reliability of the FW of the ADAS system, which has nothing to do with the function of assisted driving. The theme of this seminar is also the security of the ADAS system.
9. Can it be remotely controlled?
A: CEC1712 is detected when the system is powered on. At this time, the system has not yet run and cannot be connected to the Internet, so it cannot be remotely controlled.
10. Is there a risk of cracking the internal encryption of the microcontroller used for autonomous driving?
A: CEC1712 has added many anti-cracking measures during its design.
11. How many expansion interfaces does the Microchip solution reserve
? A: CEC1712 supports SPI interface to connect to flash
12. What are the unsafe factors in the use of ADAS?
A: CIA
13. What kernel is CEC1712 based on?
A: CORTEX M4
14. Will Microchip's ordinary microcontroller PIC16/18 be discontinued?
A: EOL is related to the specific model. Please contact MICROCHIP's local sales and technical support personnel
15. Does your technical support come from an agent or the original manufacturer?
A: Microchip's FAE can provide technical support directly
16. What are the characteristics of Microchip's MCU and other companies' MCU?
A: Microchip has many MCU product lines, and will focus on security considerations in design. CEC1712 is a high-security MCU with multiple algorithm engines and hardware trusted roots, which can implement high-security ADAS firmware solutions
17. Are there any reference test routines for application processors?
A: Microchip will provide relevant test tool kits and software libraries for CEC1712. You can contact the local sales team to sign an NDA and obtain them through the corresponding process.
18. What technical support does Microchip provide for ADAS system security?
A: MICROCHIP can provide software and hardware design, security configuration services and other support
19. MICROCHIP provides a complete security solution. Is this solution system-level? Is there a maintenance fee ?
A: MICROCHIP provides a complete security solution, there is no maintenance fee, customers can use the purchased security chip.
20. Is the provided software library charged?
A: Microchip provides a variety of software libraries, for different applications, some are free, some are charged, depending on the specific solution library. The software library of CEC1712 is free, but you need to sign an NDA to obtain it.
21. Do you provide software while providing the chip for CEC1712?
A: MICROCHIP also provides software libraries
. 22. What specific MCU models are used in advanced driver assistance systems?
A: Microchip has different MCU8/MCU16/MCU32/MPU and even FPGA SOC from low-end to high-end for different functional modules of ADAS, which have been used by different ADAS developers in their respective solutions.
23. In the electronic controller of the autonomous driving chassis, does Microchip have a dual-core MCU? ASIL D level, thank you
A: MICROCHIP has a dual-core MCU. However, the certification level of MCU is generally only ASIL B
24. What research has Microchip done in terms of security?
A: Microchip has multiple different security product series in the field of security, targeting different fields, and is a leader in security in related fields. In particular, it implements the highest hardware-level physical attack protection solution. For example, security components are used in IOT, CEC1712 provides SOC firmware protection in different fields such as ADAS, etc.
25. What specific technologies does your company's ADAS security solution provide for autonomous driving and early warning protection?
A: Root of Trust, that is, the running code will be verified before turning on the machine~~ If it can be ensured that the code is safe, then
26. Is firmware vulnerability protection pure hardware or a combination of software and hardware?
A: Soteria G2
27. What is the transmission rate?
A: The clock rate of SPI can reach 48M
28. In the scenario of the Internet of Vehicles, in which links is the information encrypted and decrypted more securely?
A: Security is not just a matter of encryption and decryption. Encryption is only part of security. Security also includes data integrity, identity authentication, etc.
29. Can a master chip be burned and then re-burned?
A: The production of security products is different from that of ordinary products.
30. Where is the root of trust generally deployed?
A: In the security device CEC1712.
31. Are there some security configurations that car buyers can complete?
A: Security design is for car manufacturers and has nothing to do with consumers.
32. What standards and certifications are required for ADAS system security?
A: Security includes functional safety and security in the sense of traditional cryptographic algorithms. These two parts have corresponding requirements in different security standards, such as the code security of NIST 800-193 that we are talking about today.
33. What are the new features?
A: Ensure the security and reliability of the processor FW in the ADAS system.
34. Once the configuration is completed, if you want to upgrade, how to complete it? Is it done automatically?
A: It does not change the customer's original upgrade channel. Instead, it uses the trusted root to verify the firmware and its attached endorsement signature during the upgrade process. If it is safe, the corresponding firmware can be updated. Firmware that has not passed the verification is not allowed to upgrade and replace the original firmware.
35. Does CEC1712 support security level management?
A: It does not support
. 36. The encryption is completed by the car manufacturer. If someone from the car manufacturer wants to maliciously damage it, how to prevent it?
A: The car manufacturer's firmware needs to be issued with the private key of the ROOT CA. There must be a very strict control process. As long as the ROOT CA is protected, there is no risk of fake firmware damage, because the fake firmware will be detected by CEC1712 and restored to the correct firmware.
37. Can the trusted root make pure electric vehicles safer?
A: OTA upgrades for pure electric vehicles require the use of CEC1712 to achieve secure startup and secure upgrades.
38. Are there any security measures to prevent cracking inside CEC1712
? A: Yes, there are. When designing CEC1712, many anti-cracking measures were added to ensure its own security.
39. What are the other difficulties?
A: Configure the security device CEC1712 and complete the design of the trust chain.
40. CEC1712 has more encryption functions than ordinary processors. Can it be understood in this way?
A: More security functions, not just encryption. It can store keys, support various encryption algorithms, and achieve data integrity, identity authentication, and encryption functions.
41. What is the full Chinese name of ADAS?
A: Advanced Driver Assistance System
42. What industries or fields are Microchip security solutions suitable for?
A: All industries have security needs, including industrial, automotive, and consumer fields. It can be used in situations where there is integrity, identity authentication, and data confidentiality.
43. Do different ADAS require you to complete the configuration? Can the factory complete it by itself?
A: The factory can configure CEC1712 by itself, or let MICROCHIP help complete this work.
44. What is the widest operating temperature range of CEC1712?
A: Industrial grade, -40 to 85 degrees
45. Does 1712 need additional heat dissipation?
A: Industrial grade, -40 to 85 degrees. No need to add heat dissipation
46. How to apply for relevant development boards?
A: For development boards and technical support, you can contact MICROCHIP local sales and technical support personnel
47. Does root of trust focus on the root? Is it the startup point?
A: It focuses on the startup point, the legitimacy of the startup code
48. What specific technologies does your company's ADAS safety solution provide for autonomous driving and early warning protection?
A: Will it allow the system to
49. Is CEC1712 in mass production? Can it be supplied stably?
A: This chip has been mass-produced
50. Does Microchip have an ADAS platform solution? You are making microcontrollers.
A: Today we launched a trust root solution based on the ADAS system
51. Are there any official evaluation kits for sale?
A: You can contact us for details, or purchase it directly on microchipdirect. 52.
How long does it take for the internal algorithm of 1712 to execute?
A: The specific execution time depends on the size of FLASH. The verification of 256KB firmware takes about 100ms.
53. How long does it take for data verification?
A: The specific execution time depends on the size of FLASH. The verification of 256KB firmware takes about 100ms
. 54. ADAS has added a root of trust. Can it ensure the safety of those driving assistances?
A: The root of trust only runs when the processor starts to ensure the reliability of FW.
55. Regardless of which ADAS is from which manufacturer, can you provide a root of trust?
A: The security design of the root of trust is not based on MICROCHIP's MCU. It is also possible to use MCUs from other manufacturers.
56. What is the meaning of the root of trust?
A: The root of trust is root of trust, which provides functions such as identity authentication for the system to ensure the security and reliability of the system.
57. Are the roots of trust the same for ADAS from different manufacturers?
A: The root of trust is a security design solution that can be used by all manufacturers and customers.
58. Once the startup is completed, does the root of trust no longer provide security protection?
A: The trusted root is mainly used to ensure that the FW is secure and reliable.
59. Signal delay is a problem. A: Trusted verification is only performed when the system is reset and started to ensure the security and trustworthiness of the FW of the ADAS system processor . 60. Does CEC1712 need to be powered off when it is in standby mode? A: It is not necessary to power it off. CEC1712 can enter low-power mode. 61. Can you provide practical cases? Thank you. A: You can contact the local sales team of Microchip to obtain relevant solution information. 62. Are there any compatibility issues? A: It can be applied to ADAS solutions of all manufacturers, and it is not necessary to use the MCU platform of MICROCHIP. 63. Where can I buy PICKIT4? A: You can buy it through an agent or in Microchipdirect. 64. Does CEC1712 use an external crystal or an internal one? A: You can use an internal clock or an external crystal oscillator. 65. How many application processors can the CEC1712 microcontroller support at most? A: It can support 2 APs . 66. How many types of keys can be supported ? A: It can support AES, RSA, ECC and other algorithms. 67. What are the technical support channels? A: You can contact Microchip's FAE directly . 68. Do I need to do a lot of testing after applying your security firmware? A: The customer's function code still needs to be tested. We mainly do the trusted root part. 69. In theory, it is inevitable to be attacked? A: Attacks from outside are unavoidable, so security design needs to be added to resist attacks.





















70. How to verify?
A: Use the trusted root public key to verify the firmware HASH result and its signature endorsed by the original manufacturer. You can visit https://mu.microchip.com/cryptography-primer-sec1-sc to understand the basic principle.
71. Under what circumstances is LIN communication used instead of CAN? Thank you
A: The application scenarios and communication mechanisms of the two are different. LIN is used in simple occasions.
72. Is there a security encryption chip that meets the safety level ASIL D?
A: Not at present
73. Has CEC1712 passed the functional safety level certification?
A: Not at present, because its main function is to serve as the trusted root of code
74. Is the ICD currently used for burning and simulation up to ICD4 or a higher level?
A: PICKIT4 is currently recommended, and a new ICD version will be released later
75. Does Microchip's security solution support national encryption algorithms?
A: Currently, SM2/3/4 is not supported, but AES, ECC, RSA and other algorithms can be supported now
76. What is the maximum signal transmission speed of Ethernet in the Internet of Vehicles?
A: Currently, the mainstream ones are 10Mhz and 100Mhz.
77. What are the differences between CEC1712 and 1702?
A: The built-in RAM size is different.
78. Does CEC1712 have built-in encryption function?
A: It has built-in security algorithm and key storage function
. 79. Will your protection configuration be modified by 4S stores?
A: The key and other data configured in CEC1712 cannot be changed or read. Even MICROCHIP cannot crack it.
80. Is the trusted root of the ADAS platform related to mathematics?
A: The trusted root of the platform is generally a public key based on an asymmetric algorithm, which is related to mathematics. What customers need to know is how to use it. If you are interested, you can visit the MICROCHIP MU course
. 81. What are the characteristics and difficulties of the trusted and ordinary CPU (MCU) startup of the ADAS platform? How to withdraw cash from CEC1712?
A: When the ordinary MCU is started, it will directly run the code inside after reset. After adding the trusted root design, the identity of the FW will be verified to prevent the FW from being tampered with and attacked.
82. What will happen if the autonomous driving is disconnected from the Internet?
A: In fact, there is a risk only when the Internet is connected.
83. Can the temperature from -40 to 125° not be lower?
A: The automotive-grade temperature range is generally -40~125.
84. Does the development environment also use MPLAB X IDE?
A: If you don't need to modify the code, you don't need XIDE. You only need to use the configuration tool.
85. Can CEC1712 provide information about unsafe items for the driver to see?
A: If it detects unsafe, CEC1712 will automatically restore the firmware. If it cannot be restored, the main control cannot be started and the system cannot run at all.
86. What is the best defense against remote attacks?
A: Through hardware feasible root solutions such as CEC1712, the firmware verification and recovery functions required by NIST800-193 can be realized.
87. Are the current DSP and FPGA solutions sufficient for ADAS application requirements?
A: In the current ADAS solutions, a variety of processors and FPGA solutions are applied, but most of them are based on software to implement simple security level solutions. It is impossible to achieve true hardware root of trust protection, and it is impossible to prevent attacks and risks of malicious code being injected during firmware upgrades. CEC1712 solidifies the root of trust through ROM and OTP, verifies the firmware, and can achieve firmware protection for high-security ADAS SOC.
88. What support does Microchip's ADAS platform provide?
A: As we talked about the root of trust today, in addition, we also have PCIe Switch, FPGA, clock, and various analog and interface devices. For details, please contact Microchip below
89. Is the core still hardware encryption processing and security toolkit correct?
A: Yes, in addition, the secure storage and secure writing of keys by the security chip are also important
90. What are the main applications?
A: Applicable to all SOC solutions that use external SPI FLASH to store firmware, including a variety of applications such as ADAS, industrial automation, telecommunications, data centers, etc.
91. Does the algorithm software of ECE1712 need secondary development? Can it be used right away?
A: The algorithms are all ready-made, and the firmware does not need secondary development. You only need to use the provided GUI tool to configure and burn the OTP inside CEC1712. The customer's firmware also has ready-made tools to sign and synthesize the image for burning into SPI Flash.
92. How do you understand the platform trusted root?
A: All subsequent work starts with a trusted, untampered trusted root. Before the subsequent work begins, this root will check the code to be executed. This check mainly checks where the code comes from and whether it has been replaced.
93. Northwestern Polytechnical University was hacked by the US government some time ago. Can your system avoid hacker attacks?
A: Through the CEC1712 hardware feasible root solution, the firmware can be authenticated to prevent the firmware from being tampered with, prevent the implantation of malicious code, and effectively improve the security of embedded systems
. 94. What certifications has CEC1712 passed?
A: It has passed multiple CAVP related certifications.
95. How to quickly integrate it into the product? Is there such a usage guide document?
A: We have a complete user guide, but we need NDA to provide it.
96. Does your company have mature business cases with BYD, Weilai and other automakers in the field of ADAS?
A: We have certain cooperation with many domestic car manufacturers, including ADAS and some of its subsystems, or some other systems.
97. Assisted driving requires a large number of sensors. If the sensors fail, is ADAS still useful?
A: No.
98. How is the advanced algorithm different from the commonly used methods?
A: Advanced security algorithms are very important. They will increase the threshold for system cracking and help customers increase system security. It is also recommended to store and verify public keys with secure hardware trusted roots to prevent the trusted roots from being tampered with.
99. Is encryption an external expansion of a chip?
A: Now generally external security devices are used, so that existing products and solutions can be upgraded directly. Of course, MICROCHIP also has a SIP solution with built-in security performance. Using this solution will make relatively large changes to the application layer.
100. In addition to ADAS, what other scenarios can CEC1712 be used for?
A: It can be used in any occasion where FW needs to be authenticated and secure boot is performed.
101. Does Microchip's security software library provide source code?
A: Source code will be provided if NDA and SLA are signed.
102. Does the security encryption chip need to be burned with a key?
A: The OTP inside CEC1712 needs to be configured and burned through the provided GUI tool, and the user's public key is also burned into the OTP area.
103. Does CEC1712 need to write configuration code into it?
A: The OTP inside CEC1712 needs to be configured and burned through the provided GUI tool, and the user's public key is also burned into the OTP area.
104. What specific software and hardware support options does the CEC1712 microcontroller kit provide?
A: You need to use the provided GUI tool to configure and burn the OTP inside CEC1712. There are also ready-made tools for signing and synthesizing the image for burning into SPI Flash.
105. What kind of logic is microchip's secure boot based on? Do you need to add additional hardware circuits?
A: You need to add a CEC1712 outside the main control to be responsible for secure boot, and then let the main control load the firmware to run after detecting the firmware security.
106. Is firmware vulnerability protection pure hardware or software and hardware cooperation?
A: It needs to be combined
. 107. How to verify the key?
A: Generally, an asymmetric signature and verification algorithm is used, such as ECC VERIFY.
108. Can one 1712 complete all auxiliary systems in the car?
A: One CEC1712 can support secure boot of up to 2 APs and up to 4 SPI/QSPI Flashes.
109. Does microchip have an office in Shenzhen?
A: Yes, near Futian Shopping Park. If you need it, you can contact us directly
. 110. Is this solution automotive grade?
A:
Yes111. Does Microchip have a user query window for the data of the solution?
A:
Yes112. Does the official have evaluation kits for sale?
A: There are development boards113
. What are the common ways of remote attack?
A: There are many ways of remote attack, but one of the most commonly used methods is to borrow the customer's regular upgrade channel, through OTA or on-site burning, to replace the original firmware with a firmware upgrade injected with malicious code.
114. Does the protection provided by Microchip interact with the code area? When does the interaction occur?
A: At startup, the code will be verified115
. Does the automatic navigation of the car belong to advanced driving?
A: This is a question of the conceptual division of autonomous driving116
. Will encryption affect the system's event processing speed?
A: This is only performed when the system is started, and the integrity and identity of the processor's FW are verified117
. How does Microchip provide protection for the ADAS system? What measures does it have?
A: This is the theme of today's seminar, which can protect the trustworthiness of FW118
. What communication method is used to control CEC1712?
A: Supports I2C and SPI119
. What are the types of CEC1712 packages? What encryption algorithms are supported?
A: Only one 84 pin WFBGA(2)), 7mm x 7mm body, 0.65mm pitch. AES Hardware Support 128-256 bit SHA Hashing Support SHA-1 to SHA-512 Public Key Cryptography Support RSA: 4K bit ECC: 571 bit
120. In addition to the 1712 product, are there other products to choose from? Are there any targeted scenarios for the 1712 product?
A: It is mainly used to achieve secure boot with CPU. It can be used with all main control systems. It is used in ADAS, servers, AI accelerator cards, industrial computers, etc.
121. 4GB is the size supported by cortex-M4, not the size for security verification of SoC firmware. Is there a size limit for trusted verification of SoC firmware?
A: It is mainly limited by time and interface. The larger the firmware, the longer it takes to check the startup. But usually this is done in steps. CEC1712 only checks the Boot code of SoC, and the Boot code of SoC will check its firmware.
122. Reading SPI flash, size limit of SoC firmware?
A: It is mainly limited by time and interface. The larger the firmware, the longer it takes to read, and the startup time will be longer.
123. What are the actual application cases of Microchip security solutions?
A: It is mainly used in ADAS, servers, AI accelerator cards, industrial computers, etc.
124. Is automatic navigation of cars considered advanced driving?
A: The term automatic navigation is a bit unclear. If it is autonomous driving, then it certainly belongs to
125. What are the attacks that ADAS firmware security is vulnerable to?
A: FW may be counterfeited and tampered with. Therefore, it is necessary to add security design to prevent FW from being attacked remotely.
126. What are the purchasing channels?
A: You can purchase through MICROCHIP's regular business channels, such as official agents or microchipdirect e-commerce mall.
127. What encryption algorithms are supported ?
A: AES, RSA, ECC, SHA
128. What are the advantages and characteristics of Microchip's security solutions?
A: MICROCHIP provides a complete security solution, including security device hardware, security software library, and security configuration services. At the same time, MICROCHIP has strong technical support personnel to provide services.
129. What protection can be provided for the ADAS system?
A: Secure boot & Message authentication & secure recovery
130. How to upgrade the security firmware?
A: Update the CEC1712 software and the corresponding signature to Flash through OTA
131. How to ensure that the code used by the ADAS system is protected from remote attacks?
A: What we are doing today is mainly to check the security of the executed code. For remote attacks, this is to be considered at the system level.
132. Are there any domestic car manufacturers that use the MCHP root of trust?
A: We are mainly working with SoC manufacturers to implant the root of trust on their platforms.