Firmware Security Module: A Framework for Trusted Computing in Automotive Multiprocessors

Claudius Pott, Philipp Jungklass, David Jacek Csejka, Thomas Eisenbarth, Marco Siebert

Abstract

New services such as autonomous driving, the connectivity of the traffic infrastructure and the tight coupling of user operated smart devices with the vehicle have significantly increased the demand for cryptographic protection in the automobile. To provide a secure environment for the calculation and verification of cryptographic material, automotive microcontrollers now frequently integrate Hardware Security Modules (HSM), special well-protected co-processors, which are protected against manipulation and external access. HSMs use special hardware accelerators to provide the required cryptographic services. While these accelerators provide good performance, they limit flexibility and updatability. In addition, as more services require cryptographic protection, the amount of key material that needs to be managed by the HSM also increases, turning the limited protected memory of the HSM into a bottleneck. This paper presents a framework that uses the safety mechanisms of a microcontroller to achieve both HSM-equivalent security through software solutions, while providing an equivalent level of functionality. Furthermore, the proposed framework provides crypto-agility, as the security stack can be updated if desired. In order to verify the functionality, the presented framework is implemented and evaluated on an Infineon AURIX TC399 and compared with the integrated HSM.
OriginalspracheEnglisch
ZeitschriftJournal of Hardware and Systems Security
Jahrgang5
Ausgabenummer2
Seiten (von - bis)103-113
Seitenumfang11
ISSN2509-3428
DOIs
PublikationsstatusVeröffentlicht - 2021

Zitieren