Cryptographic companion chip upgrades automotive security - Embedded.com

Cryptographic companion chip upgrades automotive security

With vehicles becoming increasing vulnerable to cyberattacks as a result of in-vehicle network connections like Bluetooth and LTE/5G, Microchip Technology has introduced a cryptographic companion chip to add automotive security to existing systems without having to rearchitect software.

The company’s CryptoAutomotive security IC, the TrustAnchor100 (TA100), allows original equipment manufacturers (OEMs) and their module suppliers to upgrade existing designs to meet cybersecurity regulations and specifications for the automotive market. The cryptographic companion device supports in-vehicle network security solutions such as secure boot, firmware update and message authentication, including controller area network (CAN) MAC at bus speed.

In order to comply with new security specifications, automotive designers have to rearchitect the vehicle’s electronic control units (ECUs) with secure hardware. Existing solutions in the market include single chip dual core hardware security module (HSM) devices, which require OEMs and their module suppliers to rearchitect their application software to integrate security. In addition to the effort required for this integration, the risk of security holes introduced in disparate implementations pose significant barriers through this path. Third party security software can help overcome this barrier in part with increasing development costs.

The TA100 provides an alternative in-vehicle network architecture implementation for secure boot and message authentication — and has already been approved by multiple OEMs around the world as a solution for EVITA Medium and EVITA Full HSM requirements. Its feature set was designed based on careful review of several prominent OEM cybersecurity specifications to help facilitate a tier 1’s pursuit of OEM part production approval (PPAP).

Additionally, Microchip said it offers security specification and request for quote (RFQ) review services to assist tier 1s in developing educated responses, improving their project award success rate. The TA100 removes the challenges associated with secure code development and provisioning by offering pre-programmed cryptographic internal application code provisioned with unique asymmetric key-pairs and associated x.509 certificates — reducing risk, cost and time to market.

The device is confirmed with high resistance to attack through intensive third-party vulnerability assessments. It is AEC-Q100 Automotive Grade-1 qualified, FIPS 140-2 CMVP Security Level 2 rated and Physical Key Protection Level 3 certified, and it has achieved the highest possible vulnerability assessment rating of Joint Interpretation Library (JIL) High. In addition, the TA100 provides software components like AUTOSAR drivers, MCALs and Microchip’s CryptoAuthentication library that allow seamless integration into the industry standard operating system, AUTOSAR, or customized software stacks for crypto functions.

“The TrustAnchor100 provides relief for automotive Tier 1s and OEMs when upgrading thousands of ECUs with security,” said Nuri Dagdeviren, vice president of Microchip’s secure products group. “Combining the TA100 and an integrated software stack provides production ready software for our customers, enabling them to easily add security to any automotive module.”

The TA100 offers AUTOSAR compliant MCAL drivers that can be integrated into an AUTOSAR software stack. A full AUTOSAR reference stack is available, enabling automotive vendors to deploy the latest crypto standards into their automotive systems within standard automotive production environments. MikroBUS compatible socket boards are also available.

The TA100 is available in an 8- and 14-pin SOIC packages starting at $1.50 in 10,000-unit quantities.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.