TPM for automotive

  • Products
  • Highlights
  • Documents
  • Boards
  • Simulation
  • Videos
  • Forums
  • Support
  • Software & Tools
  • Sales Insight

Infineon´s OPTIGA™ TPM - the trust anchor for external communication in automotive

Icon_CarSecurity_2-01 An increasing amount of functionalities within automotive environments bases on external interfaces to provide additional safety and services. For example, traffic information is received in real time via GPS to avoid congestions and infotainment systems are used to receive and apply web-based contents. But these external interfaces could also be used as a surface for attacks or remote hacks of the system.


Increasingly, OEMs have started building communication control units (CCU), which integrate external communication links into vehicles. CCU do not only provide the transmission links, but also act as a central authentication service provider and perform funtions to firewall external from internal communication. Integrity of the CCU and the ability to store credentials for external communication is therefore essential to secure the external communication of the car. The Infineon OPTIGA™ Trusted Platform Module (TPM) can be used in these units as a hardware trust anchor. SLB_9670_VQFN-32-13.tif 





Car Security @ Infineon


Car Security Glossary


Download info-graphic


Key benefits for OEMs


  • Proven security based on established technology
  • Increased security based on certified security processes and products
  • Reduced implementation costs due to implementation of TCG-standards
  • Minimized risks for system integration based on application of reviewed TCG-standards
  • Improved security in manufacturing by secure personalization process


Application examples






Secure communication and privacy protection



Secure software update



With Infineon´s OPTIGA™ TPM, integrity of the CCUs can be protected by two dedicated measures: verified process and remote attestation.



Communication between car and web-based services involves confidential data. Infineon´s OPTIGA™ TPM offers measures to establish secured communication.



As modern cars´software needs to be securely updated. Infineon´s OPTIGA™ TPM ensures that only verified updates get installed.



  • Verified boot process: integrity measurements securely stored in the TPM to identify any deviation from previous and known good values
  • Remote attestation: reporting results of integrity checks and unique chip identity (e.g. to OEM-operated attestation server)


  • Support of commonly deployed protocols for secured communication such as TLS 1.2
  • Comprehensive cryptographic algorithm support including ECC, RSA, SHA1 and AES of different key lengths
  • Strong Hardware-based protection of certificates and related secret keys
  • Provision of regulary changing certificates by a Certificate Authority to protect customers privacy


  • Secure communication protocols like TLS 1.2 to protect update transfer
  • Validation of firmware´s signature to ensure its integrity
  • Protection of internal update transmission by establishing a secured connection to the receiving ECU


Both mechanisms combined are a strong foundation for secured life-cycle management, which can help to protect customer safety and comfort





With these measures, Infineon´s OPTIGA™ TPM supports privacy and confidentiality and hence builds trust in car´s external communication



By enabling secured remote firmware updates. Infineon´s OPTIGA™ TPM saves costs for manual updates and hence directly improves customer satisfaction



Better security and reduced implementation costs by security standards


TPM is a security technology that has been standardized for more that ten years and successfully and increasingly be used in PC and servers dedicated to security critical applications. Here the reuse of security proven standards greatly minimizes implementation risks and also reduces implementation efforts.



Increased security as a result of security processes


Security also depends on the quality of security processes including development and manufacturing. The development process of Infineon´s TPM is Common Criteria certified. Additionally Infineon´s TPMs are manufactured and personalized using audited and certified manufacturing processes. The independent and stringent review and control of Infineon´s security processes is a fundament for   the excellent security quality of Infineon´s TPMs.



TPM´s personalization improves security in manufacturing


Every TPM contains a chip individual certificate and related private secret key. This initial key can be used for encrypting sensitive data and subsequent key hierarchies. During production of a CCU, security sensitive data (keys, data) must be transferred into the CCU. Using the initial key of the TPM to encrypt these data, the manufacturer of the CCU can avoid further and expensive security measures to protect unencrypted data and saving cost and increasing security in his manufacturing.



Application Brochure

Title Size Date Version
1.5 MB 18 Feb 2016 02_16
625 KB 01 Feb 2016 01_16

Product Selection Guide

Title Size Date Version
2.1 MB 03 Nov 2015 11_15

Product Brief

Title Size Date Version
277 KB 06 Oct 2015 10_15

Additional Product Information

Title Size Date Version
265 KB 20 Jul 2016 07_16

Self Service

Infineon welcomes your comments and questions.

If you have any questions concerning our products, please fill out the following form. Your inquiry will be sent to the appropriate specialist who will be in touch with you as soon as possible.

You will receive a confirmation E-mail to validate your address in our system. Any attached file to the reply which will help to support your inquiry is highly appreciated.

I agree that my personal data mentioned above (including my e-mail address and phone number) can be gathered, processed and used for sales promotion and market research by Infineon Technologies AG and its licensed distribution partners.

For more information about our privacy policy please click on Privacy Policy

Where to buy

Please use our location finder to get in contact with your nearest Infineon distributor or sales office

Find a location

Ask Infineon