Introduction to Security and Safety in Automotive
The automotive industry is undergoing major technological revolution as car relies on more and more electronic devices. Indeed, the electrification of vehicles as well as advanced driver assistance systems, not to mention the growing challenges induced by autonomous driving, are leading to an increasing need for embedded electronics.
For example, a modern car can incorporate up to 80 Electronic Control Units (ECUs, which control an entire electronic subsystem and drive many electronic devices). This number will continue to expand with vehicle connectivity (V2X), replacement of functions with electronic counterparts (X-by-wire) and complex driving automation.
Among the subsystems that are driven by ECUs, some perform critical functions and de facto require a high level of safety and/or security. While infotainment systems will mainly require content protection (which already relies on strong cryptographic and authentication capabilities), X-by-wire or autonomous control capabilities will need even more advanced safety and security features.
Successful recent attacks on car computer systems from different manufacturers are important reminders of the existing and increasing threats to vehicle safety.
Safety and Security Needs in a Vehicle
With innovation embedded in next-generation cars (connection to external networks, increased automation and development of autonomous driving), safety and security have become the most critical issues and major concerns in today’s automotive engineering.
On the one hand, safety (or functional safety) is what guarantees the physical integrity of the driver, passengers and other road users. Safety systems in vehicles are classified as active or passive. Active safety will include for example, brake assist, anti-lock braking system (ABS), electronic stability control, collision warning, while passive safety will comprise seat belts, air bags or fuel tank position.
On the other hand, security refers to the level of protection from external threats. It includes all the measures taken to protect the systems and the data from being attacked. Security systems comprise alarms, remote key less entry, centralized locking system, immobilizer and others.
Safety and security cannot go one without the other. A secure device that is not safe will not be secure and vice versa. Thus, to protect from any undesirable events such as failures or theft, high levels of both security and safety are required.
Standards in the automotive sector list the legal requirements that guarantee product reliability and compliance with the required safety and security levels. ISO 26262 for safety and Evita, ISO 21434 or Common Criteria with V2X Protection Profile for security will guide the designers as they cover secure hardware/software development life cycle. Higher level services such as TLS and IPSEC are also more and more used for communications between different ECUs and with the outside.
While security and safety aware development may ensure the best practices, certification remains the only reliable mean of assessing an achieved level of security.
How does Secure-IC handle cybersecurity threats and security & safety issues in automotive?
Secure-IC is very active in Automotive security. On top of multiple projects worldwide, Secure-IC is a contributor to automotive cybersecurity standards worldwide (such as ISO21434) and locally (such as TR68 in Singapore or in France).
To reach the security and safety targeted levels, Secure-IC provides SecuryzrTM integrated Secure Element (iSE).
This security subsystem, sometimes referred to as an HSM (Hardware Security Module), will be adapted and integrated inside SoCs (System-On-Chip) within various ECU.
It includes security functions (Cryptography, Authentication, Random Number Generation, Physically Unclonable Function) in a secure enclave, with a single secure interface to the rest of the chip.
This approach is unique and offers huge advantages: the attack surface is widely reduced compared to the classical approach to provide side-by-side IP blocks thanks to hardware isolation, and the unified interface simplifies the usage of integrated services through a unique API. In terms of design, this fully integrated solution reduces integration time and simplifies certification since the critical functions are independent from the rest of the design.
The secure elements can also embed safety features to be ASIL compliant.
SecuryzrTM solutions are developed following rigorous specification, design rationales and rules, using proofed EDA tools, and undergoes extensive security and safety evaluations all along the design cycle.
It provides valuable and strong assets to prevent hardware failures and security risks:
SecuryzrTM and all embedded functionalities can be protected against potential physical attacks: Fault Injection Attacks (FIA) and Side Channel Attacks (SCA)
The resistance to physical attacks and faults of all the IPs is thoroughly tested all along the development process to ensure safe and secure result.
All IPs provided by Secure-IC embed self-tests to ensure at boot time and/or on a regular basis that it functions properly, and that there is no on-going attack
Environmental changes and adverse conditions are detected through the use of internal digital sensors
SecuryzrTM may embed several safety measures (lockstep CPU, Error Correction for memories, watchdogs, …) to ensure compliance up to ASIL-D level on the safety side.
Relying on its flexibility, integration and high level of safety and security, SecuryzrTM guarantees the automotive device an optimal level of security and includes all the prerequisites to comply with the targeted certification.
Do you have questions on this topic and on our protection solutions? We are here to help.
Contact us