SLS37 V2X HSM
Plug & play solution for secured V2X communication
Infineon’s SLS37 V2X HSM safeguards automotive V2X (Vehicle to Everything) communication based on a tamper-resistant security controller tailored to the security needs in V2X applications within telematics control units, protecting critical assets such as the integrity and moreover authenticity of messages, as well as the privacy of the sender. This plug & play security solution offers a host of benefits to automotive OEMs, tier-1 suppliers, and software providers for the development of connected vehicles.
In a V2X application the SLS37 serves as an HSM (hardware security module) for storing private keys and handling V2X security operations attributed to the most critical assets. This includes ECC private key management (generation, derivation, deletion), ECDSA signature generation, ECIES encryption and decryption, and storage of generic data.
The hardware architecture is based on a 32-bit Arm® SecurCore® SC300 CPU with an additional high-performance cryptographic engine and a latest-generation hardware coprocessor for asymmetric cryptography. For communication to the host processor, the SLS37 uses an SPI interface with data protection.
The robust, automotive-qualified hardware comes with preprogrammed firmware, both security-certified, complemented by Infineon’s V2X host library software package for seamless integration in various host application processors. Secured firmware updates with end-to-end protection make this solution future-proof as fixes can be added in the field.
As a discrete HSM, the SLS37 is agnostic to existing or upcoming modem standards.
Summary of Features
- Cryptographic functions according to IEEE 1609.2 and ETSI TS 103 097
- Support for 802.11p and cellular V2X-based communication
- Common Criteria-certified hardware platform at EAL6+ (high) according to security IC platform protection profile
- Common Criteria-certified at EAL4+; compliance with CAR 2 CAR Communication Consortium Protection Profile V2X Hardware Security Module, version 1.4.1
- FIPS 140-2 level 3 certification (under review)
- Support for major vehicle credential management systems (SCMS, CCMS, ESPS)
- Personalization concept leveraging a set of chip-unique and customer-individual certificates and keys enabling vendor verification, pairing and transport protection
- Supported by major V2X security stack providers
- Signature generation performance of 20 signatures/sec
- Secured storage of private keys, V2X PKI certificates, and customer-specific sensitive data
- User memory: 2000 key slots, 20 file slots; data retention for 17 years
- High-speed SPI interface (10 MHz)
- Single supply from 1.6 to 3.6 V
- 5x5 mm 32-pin VQFN package
- Qualified according to AEC-Q100, up to 105°C Ta
- Regional compliance supporting North America and EU standards for global deployment
- Optimized security partitioning by separating verification (high performance) from signing and key storage (high security)
- Scalability for platform development; discrete security can be added if required by OEM/region
- Ease of use / reduced time-to-market due to:
- pre-programmed, pre-certified solution supported by Infineon’s host software
- optimized personalisation
- Future-proof with support for secured firmware updates with end-to-end protection in the field