Hardware-based vehicle safety solutions in the era of Internet of Vehicles

In the future, vehicle-to-infrastructure (V2I) and vehicle-to-vehicle (V2V) communications will be combined with vehicle-to-everything (V2X) communications, a billion-dollar market that is attracting more and more consumer attention. One goal of V2X communications is to reduce the number of traffic accidents by exchanging information. Based on an analysis of U.S. road accidents from 2004 to 2008, the U.S. Department of Transportation (USDOT) found that the use of V2X systems could prevent 4.5 million accidents, accounting for 81% of all accidents.

threaten

So far, V2X has not proven popular. One reason is that there are many negative perceptions about the security of V2X communications, and the biggest threat may be cyberattacks. If the vehicle's computer system or mobile phone system is hacked, it may cause property damage. If the car is in motion at the time, it may even endanger people's lives. In 2015, two security researchers exploited a weakness in the Linux-based infotainment system and successfully hacked into the CAN bus of a Jeep Cherokee remotely, allowing them to control the vehicle. A year later, the two researchers successfully controlled the Jeep Cherokee again by connecting a laptop to the vehicle's OBD port.

When CAN technology was developed decades ago, encryption security was not given enough attention. Therefore, CAN did not guarantee the confidentiality of data and transmitted signals in broadcast mode. Modern cars exchange information via the CAN bus, such as opening the door and starting the engine. Information is exchanged between the ECU and the electronic key in the vehicle. If this system is hacked, it is easy for thieves to steal the car.

In addition, wireless communication standards such as Bluetooth, GPRS or UMTS for mobile Internet functions such as email, SMS, video streaming, video calls, etc. provide hackers with a larger "target area". This allows hackers to not only control the vehicle but also install malware to steal vehicle data such as vehicle location, regular driving routes, and remote call completion. Since the so-called telematics control unit (T-BOX) is now responsible for handling all the above communication functions, security is a top priority.

solution

What features must the hardware architecture have to ensure that ECUs meet the highest security requirements and are protected against illegal tampering, unauthorized installation, upload of malware, Trojans and counterfeit updates? Data encryption is an effective way to ensure the integrity, availability and confidentiality of data within the internal communication bus of the vehicle network. This encryption method can thus prevent cyber attacks.

EVITA Architecture (Image credit: EVITA Project)

In recent years, the industry has established various working groups to provide corresponding system design and verification guidelines to resist hacker attacks and manipulation.

A prime example of this is the EU-funded EVITA research project, which includes several companies such as BMW, Continental, Fujitsu, Infineon, and Bosch. The EVITA project proposes a number of guidelines that describe in detail the design, validation, and prototyping of security architectures for various automotive ECUs. In addition, EVITA stipulates that all critical ECUs need to be equipped with a chip that includes not only a dedicated hardware security module (HSM) but also a CPU; three configurations with different requirements are defined for the HSM: full, medium, and small. These modules encrypt and decrypt all information exchanged between ECUs.

 Full-size EVITA hardware security module

 Medium EVITA safety module

Small EVITA safety module

Based on the EVITA standard, more and more semiconductor suppliers are implementing so-called “secure enclaves” (also called “trust anchors”) in their microcontrollers/microprocessors. For example, STMicroelectronics has integrated HSMs both into its SPC5 microcontroller family ( MCU ) based on the Power Architecture and into ARM core processors such as the STA1385 TCU (Telematics Control Unit).

These ICs with HSM provide comprehensive protection against cyber threats. The HSM is an independent subsystem with its own secure processor core, RAM, and flash memory (for storing code and data). In addition, the HSM has hardware accelerators for cryptography. One such device from STMicroelectronics is the C3 crypto accelerator, which also includes a true random number generator (TRNG). Data and interrupt requests are exchanged between the HSM and the application processor via a hardware interface.

The HSM not only assumes access control, but also generates actual random numbers for encryption keys and performs all other cryptographic functions through the integrated TRNG. As mentioned earlier, the CAN bus does not provide a high level of security and therefore cannot guarantee the confidentiality and integrity of the transmitted data. However, if it can be used with encrypted data, the CAN bus can also be used for secure data transmission. Asymmetric and symmetric encryption algorithms with HASH functions, message authentication codes (MAC) or CMAC can achieve data confidentiality, integrity and availability, digital signatures and data authentication. All encoding and decoding functions are implemented in hardware to ensure that the host CPU is not overloaded.

typical application

Secure Boot

The secure boot function verifies the integrity of the boot loader. To do this, the MCU's HSM first loads the boot loader from Flash memory via the bus master. Using the agreed-upon key, the HSM can calculate a MAC (message authentication code) of the received message; if the calculated MAC matches the stored boot MAC, the integrity of the data is protected and the MCU can use this boot loader.

Secure Communication

HSMs also enable secure communication. The following example shows how this works: A central ECU communicates with a sensor ECU. As mentioned before, each HSM has a TRNG and a hardware cryptographic engine. The central ECU generates a random number and sends it to the sensor ECU. The sensor receives the random number, measures its data and activates its HSM in parallel to encrypt the measured data using the ECU random number. The sensor ECU sends the encrypted data back to the central ECU. The central ECU decrypts the data using its own random number and then compares the transmitted random number with the received random number to verify the integrity and authenticity of the data. TRNGs prevent replay attacks and encryption "eavesdropping".

Flash protection

Since firmware and security configuration data such as passwords and keys are stored in the controller's flash memory, protection of the flash memory is also important. ST SPC5 MCU is equipped with two modules dedicated to protecting memory: TDM forces the software to write a data set in a specific flash memory area before deleting one or more blocks in the TDR (tamper detection area). On the other hand, the PASS module performs a password comparison operation before writing or deleting the flash memory.

System security configuration

To ensure that system boot can be performed safely after a reset, the integrity of all stored device configuration formats (DCFs) is checked before restarting to prevent unauthorized intervention and changes. In addition, multiple security features can be checked. This ensures that attacks that use multiple attack methods to change the content of specific locations or load malicious firmware at boot time are blocked.

in conclusion

IT security measures in vehicles are crucial, and using advanced semiconductor solutions with integrated HSMs can help improve security and implementation efficiency.