AURIX™ Security Solutions - Get more Information
Infineon’s AURIX 32-bit microcontroller family offers a wide portfolio of compatible devices, with embedded Hardware Security Module (HSM), which offer cost efficient solutions for all typical automotive security applications.
Hardware Security Module (HSM)
HSM provides a secure computing platform, consisting of a 32-bit CPU, special access-protected memory for storing the cryptographic key
and the unique subscriber identifiers, a hardware accelerator for the state-of-the-art AES-128 encryption that can be operated in different modes
and pecific hardware for generation of random numbers. A firewall separates HSM from the rest of AURIX microcontroller.
- Secure Platform
HSM provides a secure platform, separated from the rest of the microcontroller by a firewall, thereby creating a trusted execution environment.
- Security Standard Compliance
Aurix HSM fulfills SHE HIS and Evita Medium standards as well as provide some additional functionalities.
- Backward Compatibility
Aurix security solutions are backward compatible to security SHE HIS implementations in previous TriCore based microcontroller families.
- Security Differentiation
Customized secure OEM or Tier1 crypto apps can be processed within trusted HSM execution environment and therefore allow independent HSM specific SW code review in reference to the huge application host SW from multiple parties. This helps to harden the security level by reliably avoiding potential security backdoors.
- Convergence of security and safety
AURIX microcontrollers address both functional safety as well as IT-security requirements, making sure those are properly integrated and not conflicting with one another.
- Secure Process
Infineon can provide a secure personalization flow. 1st personalization step usually happens at the Tier1, where initial HSM SW and optional transportation key(s) are injected to the ECU. 2nd personalization step happens at the OEM, where a car specific Individual key(s) are injected. AURIX HSM offers device specific, individual random read-only key. Read-only key can be used for injected keys and make them invisible for the application SW layer.
- Secure Failure Analysis
For the purpose of preventing unpermitted debug access, AURIX HSM offers 256 bit password for debugger access protection. It is possible to create car specific debugger password, which can be stored in OEM/TIER1 data base or generated by secret algorithm. Destructive Debugger Entry functionality opens debugger access but initiates a persistent destructive action - device gets inoperable in native ECU car environment.
Infineon’s AURIX 32-bit microcontroller family offers a wide portfolio of compatible devices, with embedded Hardware Security Module (HSM), which offers cost efficient solutions for all typical automotive security applications. The SHE+ driver controls the hardware security peripheral in the HSM domain and interacts to the TriCore host core. SHE+ offers the AUTOSAR CRY interface to integrate the HSM security features into an automotive application including interface to AUTOSAR, communication from TriCore to HSM and vice versa, key storage functionality and security peripheral drivers.
Infineon can provide basic trainings on automotive security as well as detailed insights into:
- specific security implementations for different automotive applications
- Hardware Security Module (HSM) functionalities and use cases
- HIS SHE and HSM SHE+ software functionalities and use cases
Through its network of technical experts, Infineon can support its customers throughout their development process.
First level of support is provided by local field application engineers, second level more complex topics addressed by
dedicated automotive security experts.
Dedicated on-site consulting can also be organized, to help customers reduce development time and costs.
Customer Specific Implementation
Infineon can also help with customer specific implementation of software security functionalities in automotive applications.
Through so called Premium Consulting Support, requirements are defined jointly between OEM, Tier1 and Infineon.
Thereafter Infineon takes over the implementation and qualification of agreed upon modules/functionalities.
Technical Assistance Center (TAC)