In today's tech-driven world, security and safety are more critical than ever, especially in the automotive sector. As cars become smarter and more connected, the need for robust cryptographic mechanisms to safeguard data and ensure secure communications grows. For decades, the automotive industry has been implementing numerous strategies to maintain vehicle safety. But now the industry is starting to recognize that these efforts are futile if the vehicle's security is breached. A compromised vehicle can nullify almost any safety feature, creating substantial dangers for passengers and other road users. Consequently, ensuring both safety and security is critical in the design of today's vehicles, since there can be no safety without security.

One essential component in the security infrastructure that modern vehicles require is the True Random Number Generator (TRNG). TRNGs are expected to produce high quality random numbers, which are crucial for preventing security breaches and maintaining data integrity.

Why is TRNG Important for the Automotive Market?

Modern connected and autonomous vehicles are increasingly dependent on internal and external secure communication systems to perform a variety of critical functions. These include inside-vehicle interactions, but also vehicle-to-vehicle (V2V), where cars communicate with each other to share information about road conditions and traffic, vehicle-to-infrastructure (V2I), where vehicles exchange data with traffic signals, road sensors, and other infrastructure elements to optimize traffic flow and enhance safety, and vehicle-to-cloud (V2C) for over-the-air updates, remote diagnostics and control.

However, this significant increase in connectivity also brings a heightened level of risk. The more connected a vehicle is, the more potential entry points there are for cyber threats. Unauthorized access to a vehicle’s communication system could lead to a range of dangerous scenarios, from the compromise of personal data to the manipulation of critical vehicle functions, potentially endangering the lives of passengers and other road users.

In this context, a TRNG is a crucial component for safe and secure solutions for several reasons: 

  • Cryptographic keys for various security protocols: a TRNG ensures that the cryptographic keys used to secure communications are unpredictable and robust against attacks. This unpredictability is essential for maintaining the integrity and confidentiality of the data exchanged between vehicles and infrastructure. 
  • Authentication: TRNGs play a vital role in generating secure tokens and authentication codes that verify the identity of devices within the network, preventing unauthorized access. 
  • Nonce generation and initial counter values for various cryptographic functions: a nonce is a unique, random number used to ensure that communications are secure and not reused. Initial counter values are used in certain encryption modes to ensure that each block of data is processed uniquely. Both concepts are crucial for maintaining the security and integrity of cryptographic functions.
  • Entropy: by providing a high level of entropy, TRNGs support the development of secure and resilient communication protocols that can withstand sophisticated cyber-attacks. For example, they help maintain data integrity by generating random numbers for checksums and hash functions, preventing tampering.

Without a reliable TRNG, the security of vehicles will be at risk, leading to potentially severe consequences.

Subscribe to the Synopsys IP Technical Bulletin

Includes in-depth technical articles, white papers, videos, upcoming webinars, product announcements and more.

What Are the Important Standards for TRNG?

Several standards and certification associations drive specifications and validation methods for TRNGs to define the guidelines for design and certification of truly random solutions that are resilient against attacks. One representative example is the National Institute of Standards and Technology (NIST) that has released a set of standards widely adopted in the industry:

  • NIST SP 800-90A: a key standard that provides guidelines for the design and implementation of deterministic random bit generators (DRBGs), which are essential for producing high-quality random numbers in cryptographic applications.
  • NIST SP 800-90B: focuses on entropy sources used in random bit generation to ensure the randomness is robust and secure. This standard is critical for validating the quality of the entropy that seeds the DRBGs, ensuring the initial randomness is strong.
  • NIST SP 800-90c: provides recommendations on constructing non-deterministic random bit generators (NRBG) that combine DRBGs with entropy sources. This combination provides a fast, efficient, and predictable source of randomness, essential for maintaining the security and integrity of cryptographic operations.

NIST also manages the Federal Information Processing Standards (FIPS) 140-3 that outlines the security requirements for cryptographic modules like TRNGs to ensure compliance and certification. 

Other standards that are important when it comes to TRNGs include BSI AIS 20/31, a set of technical guidelines issued by the German Federal Office for Information Security (BSI) that define requirements and evaluation methodologies for deterministic and physical RNGs.

By adhering to all these standards, TRNGs can produce high-quality random numbers that are suitable for cryptographic use, providing a robust foundation for secure communications.

Standards for Automotive: ISO 26262 & ISO/SAE 21434

When designing TRNGs for the automotive market, two additional certification standards are essential. The first is ISO 26262, which focuses on the functional safety of electrical and electronic systems in road vehicles. This standard provides guidelines for the entire lifecycle of automotive systems, ensuring that safety is integrated into every stage of development. 

The second important standard is the more recently introduced ISO/SAE 21434, which addresses automotive cybersecurity. It outlines requirements for managing cybersecurity risks in the development and production of automotive systems, thereby protecting vehicles against cyber threats. Adhering to these standards ensures that TRNGs provide high-quality random numbers and meet the stringent safety and security requirements of the automotive industry.

What Synopsys Has to Offer

For many years already, Synopsys offers silicon proven digital TRNG solutions that combine conditioning circuits with noise sources to provide automatic seeding of the random number stream and ongoing sources of entropy. For Synopsys TRNG the noise source does not depend on process specific circuitry and is therefore highly portable across technologies and processes.

Additional to these market-leading TRNG solutions, Synopsys has now taken another significant step forward by launching the industry’s first certified standalone TRNG IP for the automotive market that is compliant with the ISO 26262 and ISO/SAE 21434 standards. This innovative product highlights Synopsys' leadership and commitment to delivering cutting-edge automotive security and safety solutions.

snps1562801284

Figure 1: High-Level Diagram of Synopsys Automotive NIST TRNG

The Synopsys TRNG for Automotive integrates seamlessly into automotive systems, generating high-quality random numbers essential for cryptographic applications. It is designed with a focus on reliability, security, and compliance with industry standards, making it a trusted choice for automotive manufacturers.

Safety and Security Functionality Included in TRNG for Automotive

Synopsys TRNG for Automotive is certified for ASIL B compliance and protects against random and systematic faults. This compliance is critical for automotive safety applications, where reliability and fault tolerance are paramount. The TRNG also meets the stringent safety process and documentation requirements of ISO 26262, achieving ASIL D compliance for systematic faults, the highest safety integrity level for automotive applications. 

Synopsys TRNG for Automotive incorporates several advanced safety mechanisms to ensure its reliability. These redundancy and fail-safe mechanisms maintain functionality and safety even in the event of certain failures. They include:

  • Parity bus protection for interfaces: adds parity bits to data transmission, allowing error detection and correction to maintain data integrity.
  • Dual rail alarms: monitors two separate data paths to detect discrepancies, triggering alarms for hardware faults or tampering.
  • Parity protection on input delta buffers and safety registers: uses parity bits to verify data accuracy in critical components, detecting and correcting errors to ensure the integrity of random number generation.

The comprehensive functional safety documentation provided by Synopsys includes the Quality Manual, Design Failure Mode and Effects Analysis (DFMEA), Failure Modes, Effects and Diagnostic Analysis (FMEDA), Safety Manual, Safety Case Report, Dependent Fault Analysis (DFA), and ISO 26262 Assessment Report.

Furthermore, Synopsys TRNG for Automotive also aligns with the ISO/SAE 21434 cybersecurity process requirements, ensuring it adheres to the latest standards in automotive cybersecurity. For security purposes, the TRNG includes functions like: 

  • Entropy source monitoring: continuous monitoring of the entropy source to ensure the randomness quality remains high and any potential degradation is detected promptly.
  • Health tests: built-in health tests that regularly check the TRNG's performance, ensuring it operates correctly and within the required parameters.
  • Self-checking logic: self-checking mechanisms that verify the integrity and correctness of the random numbers generated.

The cybersecurity deliverables include several documents such as the Threat Model and Security Risk Analysis Report, Cybersecurity Case Report and Cybersecurity Assessment Report. 

The compliance with ISO/SAE 21434 guarantees that the TRNG not only meets safety standards but also addresses the mandatory requirements for robust cybersecurity measures in modern vehicles.

Conclusions

The automotive industry is evolving rapidly, and the need for robust security and safety mechanisms is more critical than ever. Synopsys' standalone TRNG for Automotive represents a significant milestone. By providing a TRNG that meets the highest levels of certification, Synopsys is setting a new standard for automotive security and safety.

This IP not only ensures the generation of high-quality random numbers but also meets the stringent requirements of ISO 26262 and ISO/SAE 21434. With its robust security features, easy integration, and scalability, the Synopsys TRNG for Automotive is set to become an essential component in developing secure and safe connected autonomous vehicles.

In conclusion, Synopsys' new TRNG for Automotive highlights the company's market leadership and commitment to advancing automotive security and safety with a broad and ever-growing IP portfolio. As vehicles become more connected and autonomous, the importance of reliable and secure TRNGs cannot be overstated.

Synopsys IP Technical Bulletin

In-depth technical articles, white papers, videos, webinars, product announcements and more.

Continue Reading