AURIX™ Security Hardware
- Software & Tools
Infineon’s AURIX 32-bit microcontroller family offers a wide portfolio of compatible devices, with embedded Hardware Security Module (HSM), which offer cost efficient solutions for all typical automotive security applications.
Hardware Security Module (HSM)
HSM provides a secure computing platform, consisting of a 32-bit CPU, special access-protected memory for storing the cryptographic key
and the unique subscriber identifiers, a hardware accelerator for the state-of-the-art AES-128 encryption that can be operated in different modes
and pecific hardware for generation of random numbers. A firewall separates HSM from the rest of AURIX microcontroller.
- Secure Platform
HSM provides a secure platform, separated from the rest of the microcontroller by a firewall, thereby creating a trusted execution environment.
- Security Standard Compliance
Aurix HSM fulfills SHE HIS and Evita Medium standards as well as provide some additional functionalities.
- Backward Compatibility
Aurix security solutions are backward compatible to security SHE HIS implementations in previous TriCore based microcontroller families.
- Security Differentiation
Customized secure OEM or Tier1 crypto apps can be processed within trusted HSM execution environment and therefore allow independent HSM specific SW code review in reference to the huge application host SW from multiple parties. This helps to harden the security level by reliably avoiding potential security backdoors.
- Convergence of security and safety
AURIX microcontrollers address both functional safety as well as IT-security requirements, making sure those are properly integrated and not conflicting with one another.
- Secure Process
Infineon can provide a secure personalization flow. 1st personalization step usually happens at the Tier1, where initial HSM SW and optional transportation key(s) are injected to the ECU. 2nd personalization step happens at the OEM, where a car specific Individual key(s) are injected. AURIX HSM offers device specific, individual random read-only key. Read-only key can be used for injected keys and make them invisible for the application SW layer.
- Secure Failure Analysis
For the purpose of preventing unpermitted debug access, AURIX HSM offers 256 bit password for debugger access protection. It is possible to create car specific debugger password, which can be stored in OEM/TIER1 data base or generated by secret algorithm. Destructive Debugger Entry functionality opens debugger access but initiates a persistent destructive action - device gets inoperable in native ECU car environment.
|2.9 MB||15 Mar 2016||03_05|
|6.6 MB||08 Mar 2017||01_00|
Find an answer to your question
Infineon welcomes your comments and questions.
If you have any questions concerning our products, please fill out the following form. Your inquiry will be sent to the appropriate specialist who will be in touch with you as soon as possible.
You will receive a confirmation E-mail to validate your address in our system. Any attached file to the reply which will help to support your inquiry is highly appreciated.