Writing for Semiconductor Engineering, Ann Steffora Mutschler observes that a shift is currently underway in the automotive industry as more connected vehicles hit the road each year.
“[Connectivity adds] many of the features that consumers now expect in mobile devices as well as some new ones that ultimately will lead to autonomous vehicles,” she explained.
“But along with those changes are some nagging questions about just how safe [this] technology will be for consumers and others around them, and whether the whole system can be secured.”
As Mutschler acknowledges, such questions have been asked ever since the introduction of infotainment systems in cars.
“[However], the volume is increasing as more critical systems are connected to in-car networks and as more wireless features are added into vehicles,” she noted. “In effect, every new car is now an IoT device, and like every connected device, there are benefits and risks. But in the case of a two-ton object moving at high speed down a crowded highway, the risks are much more serious.”
According to Simon Blake-Wilson, VP of products and marketing for Rambus’ Cryptography Research Division, the industry is currently struggling with the concept of designing secure vehicles.
“We struggle in the sense that if you think about the security you apply to a mobile phone, it’s not like there is a magic bullet solution for mobile phone security. Similarly, everything about this from an [automotive] perspective must take into account many different security aspects,” Blake-Wilson told Semiconductor Engineering. “[Moreover], we struggle with the idea of whole-vehicle security just in the sense that people often come away expecting a magic bullet that’s going to solve the problem. We see cars being like other Internet connected objects, except much worse.”
As Mutschler points out, silicon foundries are now placing encryption algorithms into silicon with various technologies, including Rambus CryptoManager. Essentially, the CryptoManager platform acts as a foundational component capable of powering multiple security solutions. According to Blake-Wilson, a root of trust is the goal with any hardware-based security technology.
“For example, when you provision over-the-air updates, typically you sign those updates using a cryptographic mechanism called a digital signature scheme, with a private key and a public key. You sign the update with the private key, and the person that checks the signature has to have the right public key to verify it,” he continued. “A hardware root of trust manages the keys that you need to have, securing then in the right place to power the different security solutions. Once the key is in the right place, you go to the next step and use the key to check the signature. In the same way, you could use a hardware root of trust to provision keys and secure communications across the vehicle CAN [controller area network] bus as well.”
Including a root of trust in automotive semiconductors, says Blake-Wilson, will mark a critical security milestone for the industry.
“There will be a number of different applications or services that [require] security [measures]. Putting the right foundational capabilities into the chips that can be used by a variety of different applications will be key,” he concluded.
Interested in learning more about the Rambus CryptoManager platform? You can check out the CryptoManager product page here.