Junko Yoshida of the EE Times reports that Rambus is diving into the field of cyber-security for OTA vehicle updates, which she describes as a “red-hot” issue for the current automotive market.
“Rambus, a semiconductor and IP licensing company, has partnered with Movimento, a leader in automotive reflash services with innovations in OTA software,” Yoshida writes. “Combining Movimento’s OTA technology with Rambus’ own CryptoManager platform, the two companies have developed a system that offers one-time, single-use keys unique to each vehicle, ensuring validity before installation.”
According to Asaf Ashkenazi, senior director, product management at Rambus Cryptography Research, the combined Rambus-Movimento technology is akin to “closing the front door” of a house.
“This isn’t a magic solution,” Ashkenazi told the EE Times. “Layers of security are necessary. One company can’t fix it all. [However, the use of] simple, secure methods to download, authenticate and install vehicle updates [is a much needed first step].”
As Ashkenazi notes, most OTA solutions currently on the market offer limited functionality and lack personalization features.
“[For example], secure elements work fine for some purposes, but they aren’t enough for OTA vehicle updates. [Yes], they can get a key into a car, but without personalization, they end up using the same key in all vehicles,” he emphasized. “Alternatively, one can specify one key for each vehicle. But this requires automakers to implement the secure injection of keys at the manufacturing site. No personalization means that each vehicle has no unique key, which is critical in authenticating codes for software downloads.”
In contrast, says Ashkenazi, updates provided by Movimento and Rambus are delivered via one-time, single-use keys that are unique to each vehicle – effectively minimizing vulnerabilities and maximizing security.
So, how does Rambus’s versatile CryptoManager platform work in the context of automotive security?
“The platform first establishes a robust hardware root-of-trust, cryptographically authenticates code — unique to a car — before executing it, and encrypts the payload to protect the vehicle from attacks,” Yoshida explained. “To prevent physical attacks CryptoManager uses the same technologies used to protect bank or credit cards from side-channel attacks.”
Interested in learning more? The full text of “Can Rambus Hack Auto Cyber-Security?” is available on EE Times here.
Leave a Reply