Infineon and STMicroelectronics enable OTA updates for connected vehicles
LONDON — Both Infineon and STMicroelectronics have added capability to enable secure microcontrollers and secure over-the-air (OTA) updates for connected cars.
Infineon Technologies has developed a hardware-based security module that protects communications between connected cars and car manufacturers with its new OPTIGA TPM 2.0, a trusted platform module (TPM) in which manufacturers can incorporate sensitive security keys for assigning access rights, authentication, and data encryption in the car in a protected way.
Meanwhile, STMicroelectronics has launched a new flagship SPC58 H line of Chorus automotive MCUs, designed to protect connected-car functionalities and allow OTA updates to be applied safely with its hardware security module (HSM) capable of asymmetric cryptography and fully EVITA-compliant for attack prevention, detection, and containment techniques.
Infineon adds TPM security
With the new OPTIGA TPM 2.0 and its AURIX family of microcontrollers, Infineon provides a portfolio of application-specific security solutions for the automotive industry. The OPTIGA TPM 2.0 SLI 9670 from Infineon is a plug-and-play solution especially suited for use in a central gateway, the telematics unit, or the infotainment system of the vehicle. It can also be updated so that the level of security can be kept up to date throughout the vehicle’s service life. The company says that a number of car manufacturers have already designed in its security module.
Martin Brunner, expert for automotive security at Infineon, said that with the car becoming a computer on wheels, the connected car can benefit from the experience of the IT industry. “In the complex interplay between software, network, and cloud, security hardware creates the solid foundation for secured communication,” he said. The OPTIGA TPM can be easily integrated and substantially increase cybersecurity — from production to recycling of connected cars.
In connected cars, huge volumes of data are exchanged — with cars sending real-time traffic information to the cloud or receiving updates from the manufacturer “over the air,” for example, to update software quickly and in a cost-effective manner. Senders and recipients of that data, whether car makers or individual components in the car, require cryptographic security keys to authenticate themselves. These critical keys are particularly protected against logical and physical attacks in the OPTIGA TPM as if they were in a safe.
Incorporating the first or initial key into the vehicle is a particularly sensitive moment for car makers. With the TPM, this step can be carried out in a certified production environment. After that, the keys are protected against unauthorized access; there is no need for further special security precautions throughout the various stages of the — often globally distributed — value chain. The TPM likewise generates, stores, and administers further security keys for communication within the vehicle. It is also used to detect faulty or manipulated software and components in the vehicle and initiate troubleshooting by the manufacturer in such a case.
Whereas a vehicle has an average service life time of 12 to 15 years, security features and algorithms keep on being developed and enhanced on a continuous basis. The TPM’s firmware can be updated by remote access so that the security it offers can be kept up to date — including the cryptographic mechanisms (cryptoagility).
The SLI 9670 consists of an attack-resistant security chip and high-performance firmware developed in accordance with the latest security standard. The firmware enables immediate use of security features, such as encryption, decryption, signing, and verification. The TPM can be integrated quickly and easily in the system with the open-source software stack (TSS stack) for the host processor, which is also provided by Infineon. It has an SPI interface, an extended temperature range from –40°C to 105°C, and advanced encryption algorithms RSA-2048, ECC-256, and SHA-256.
The new TPM complies with the internationally acknowledged Trusted Computing Group TPM 2.0 standard, is certified for security according to Common Criteria, and is qualified in accordance with the automotive standard AEC-Q100. It is available now and manufactured in security-certified production facilities of Infineon Germany and the Philippines.
STMicro enables secure updates and high-speed in-vehicle networking
STMicroelectronics’ new high-performance, multi-core, multi-interface automotive microcontrollers, the SPC58 H Line, feature three high-performance processor cores, joining the Chorus series of automotive MCUs capable of running multiple applications concurrently to allow more flexible and cost-effective vehicle-electronics architectures. Two independent Ethernet ports provide high-speed connectivity between multiple Chorus chips throughout the vehicle and enable responsive in-vehicle diagnostics. Also featuring 16 CAN-FD and 24 LINFlex interfaces, Chorus can act as a gateway for multiple electronic control units (ECUs) and support smart-gateway functionality via two Ethernet interfaces also on-chip.
As critical vehicle powertrain, body, chassis, and infotainment features increasingly become defined by software, securely delivering updates such as fixes and option packs over the air enhances cost efficiency and customer convenience. Luca Rodeschini, automotive and discrete product group strategy and microcontroller business unit director, STMicroelectronics, said that its latest Chorus microcontroller, being OTA-ready and with dual Ethernet ports up to gigabit speeds, creates a platform for seamless, safe, and secure in-car connectivity and control.
Leading customers are already sampling the SPC58 Chorus H Line microcontrollers in next-generation smart gateways and central body modules and are also evaluating the devices for battery-management units and ADAS safety controllers.
The top-of-the-range Chorus microcontroller, SPC58NH92x, has 10-Mbyte on-chip Flash and features a triple-core architecture clocking at 200 MHz equipped with more than 1.2-Mbyte RAM, delivering up to 1763 CoreMark containing ST’s proven Power Architecture z4 core, which gives developers the flexibility to host multiple applications on one microcontroller, or to run multiple tasks concurrently, for optimum performance. The device also offers ASIL-D safety capabilities.
Working with the large 10-MByte Flash, the SPC58NH92x’s context-swap mechanism allows current application code to run continuously even while an update is downloaded and made ready to be applied later at a safe time. The older software can be retained, giving the option to roll back to the previous version in an emergency. Hyperbus and eMMC/SDIO high-speed interfaces to off-chip memory are also integrated, enabling further storage expansion if needed.
The Chorus HSM is based on the Power Architecture, which is widely understood and lets designers leverage existing investment in development tools. With configurable smart low-power modes, which enable the device to perform critical functions even when in standby, Chorus microcontrollers can also be used for energy-conscious applications including hybrid and electric vehicles.
The SPC58 Chorus H line is software-friendly and offers the SPC5 studio development environment as well as production-ready AUTOSAR MCAL drivers, security firmware, and safety libraries. The SPC58NH92x can be ordered in various configurations at prices starting from $17. Samples are available now to lead customers, with production expected to begin in mid-2020.