Cloud native EDA tools & pre-optimized hardware platforms
Dana Neustadter, Senior Product Marketing Manager for Security IP, Synopsys
The automotive industry is undergoing a significant transformation. Cars are becoming more sophisticated and valuable with increased connectivity and capabilities to provide a better user experience. They are also collecting and transmitting more and more sensitive data and thus are becoming very attractive targets for attacks. Cybercrime in the automotive industry is growing rapidly. How bad is it? According to the AV-TEST Institute, the number of malicious programs targeting automobiles has increased to roughly 1.1 billion at the end of 2020, from ~65 million in 2011. Upstream Security reported in a 2019 cyber hack security study that there was a 94% year-over-year growth in automotive hacks since 2016.
Cybersecurity is a critical and urgent need that OEMs must address, and it’s important that they do so starting early in the design cycle. While the automotive sector has not been as regulated as other industries, the environment is changing rapidly with more regulations, standards and guidelines, such as:
While automotive security is critical and must be addressed from the ground up starting with the system-on-chips (SoCs), it also needs to be approached together with safety in a holistic manner. In addition to the systematic and random faults addressed by the ISO 26262 functional safety standard, secure automotive systems must be able to handle malicious attacks that can occur unpredictability. Designing security into automotive SoCs from the hardware level with safe and secure Hardware Secure Module (HSM) IP with root of trust will help ensure that connected cars behave as expected, prevent random and systematic faults, and are able to fend off malicious attacks.
The foundation of security is an in-depth defensive strategy for securing a vehicle. At the heart of every software program is the hardware on which it runs. To ensure that an SoC has not been compromised, the hardware should be capable of assessing its own integrity as it comes out of reset. Then, when it is deemed secure, it can bring up the network that ultimately forms the intelligence inside the car that will eventually connect to the outside world. In addition to ensuring the SoC boots safely and is protected, the SoC needs to be able to prevent random and systematic faults and meet stringent safety requirements.
Synopsys’ ASIL B Compliant DesignWare® tRoot™ HSM IP for Automotive (Figure 1) augments its comprehensive root of trust security solution with a suite of automotive documentation (safety manual, DFMEA/FMEDA/DFA analysis reports, quality manual, development interface and safety case reports) and hardware safety mechanisms to protect the SoC against malicious security attacks while preventing random and systematic safety faults. It includes a broad range of safety mechanisms such as dual-core lockstep, memory ECC, register EDC, parity, watchdog, self-checking comparators, bus and MPU protection, and dual rail logic. The HSM IP also incorporates an ASIL D Compliant low-power ARC® Processor IP for running secure applications and cryptographic processing. The ISO 26262 standards-compliant HSM has already been deployed with lead customers and it offers many key features:
Figure 1: DesignWare tRoot HSM for Automotive
DesignWare tRoot HSM IP for Automotive provides a Trusted Execution Environment (TEE) to protect sensitive information and processing at the SoC level. The HSMs implement security-critical functions required throughout the device life cycle that can be further extended by customer and third-party application software:
Connected cars are evolving rapidly with more innovation and new applications for ADAS / autonomous driving, V2X, and infotainment. With the amount of hardware and software content enabling greater automation, cars have many potential points of security vulnerability and are targets to an increasing number of cyberattacks. To avoid weaknesses in security, OEMs are demanding both data protection and safety in the chip level. Automotive systems must address high-grade security and also must meet functional safety standards, which means implementing security functions to ensure that functional safety cannot be tampered with. Without security, there is no safety and vice versa. Secure systems must be able to handle unpredictable inputs that would create unacceptable behaviors. Designing the security into automotive SoCs from the hardware level will help ensure that connected cars behave as expected, are able to protect against malicious security attacks, and are capable of preventing random and systematic safety faults.
Synopsys is uniquely positioned in the market with standards-compliant safe and secure HSM IP for automotive that aligns with the latest technology demands and cybersecurity guidelines, and enable SoC designers to quickly implement the required security in their chips with low risk and fast time to market.
In addition to tRoot HSMs with Root of Trust, Synopsys provides a broad portfolio of highly integrated security IP solutions that use a common set of standards-based building blocks and security concepts to enable the most efficient silicon design and highest levels of security for a range of products in the cloud computing, automotive, digital home, IoT and mobile markets.
Synopsys’ highly configurable security IP solutions include PCIe and CXL Integrity and Data Encryption (IDE) Security Modules, content protection, cryptography, and security protocol accelerators for integration into SoCs.