The CryptoAutomotive development kit provides OEMs and Tier 1 suppliers with tools to secure existing automotive networks
By Murray Slovick, Contributing Editor
With more and more consumer conveniences like Bluetooth, 4G, LTE, etc., being added to infotainment and ADAS systems in vehicles each year, the question for original equipment manufacturers (OEMs) and Tier 1 suppliers is no longer if vehicle networks need security. Rather, it’s how to implement this security practically and without a costly complete design overhaul.
Microchip Technology’s new CryptoAutomotive In-Vehicle Network TrustAnchor/Border Security Device (TA/BSD) development kit (see figure) is designed to enable OEMs and Tier 1 suppliers to introduce security to networked vehicle systems, starting in areas of priority, with a high level of protection and without disruption elsewhere.
The development kit emulates a secure node in an automotive network and provides system designers with a way for developers to begin architecting their security into existing systems. The emulated secure companion solution initially targets secure boot and CAN message authentication use cases. Upcoming kit software releases for key agreement, TLS, content protection schemes, and more will be available in the future, according to Microchip.
The kit can be paired with Microchip automotive host microcontroller development kits which include example projects for secure boots. The tool accommodates each OEM’s implementation by allowing manufacturers to configure the node to conform to various specifications and industry standards.
The CryptoAutomotive kit demonstrates secure key storage, electronic-control-unit (ECU) authentication, hardware-based crypto accelerators, and other cryptographic elements. When used with a host microcontroller, it enables designers to implement functions such as secure boot and controller-area-network (CAN) message authentication, including conversion of CAN 2.0 messages to CAN Flexible Data rate (CAN-FD) with appended Message Authentication Codes (MAC) when appropriate.
Microchip says the tool can be used with any ECU, architecture, configuration or bus, providing the flexibility to implement security in existing systems without large-scale redesigns. The companion chip solution requires minimal microcontroller (MCU) code updates, resulting in minimal to no impact to existing host MCU functional safety ratings. This approach also removes the requirement for in-house security expertise. The tool provides an online graphical user interface (GUI) program with pre-configured options to simplify and facilitate implementation.
With this methodology, the TA/BSD emulation kit enables OEMs to continue using their existing MCUs and, more importantly, existing MCU firmware certified to required safety standards by later adding the companion chip emulated by the kit. These companion chips will come preprogrammed and include built-in security measures to provide true hardware-based key protection.
Such an add-on approach can deliver significant cost and time-to-market advantages, compared to the alternative of redesigning the system with a high-end secure MCU. This can entail significant re-architecture of the MCU firmware to implement secure zones with hardware and software domains.
Package contents include:
- CryptoAutomotive TA/BSD development board
- USB cable
- Information card
- Connector board for use with the ATSAMV71-XULT, anAtmel SAM V71 Xplained Ultra evaluation kit hardware platform used to evaluate the Atmel ATSAMV71Q21.
- Connector Pack for connecting the TA/BSD development board to the ATSAMV71-XULT.
Microchip recommended accessories (not part of the kit) include:
- 12-V, 1.25-A power supply with 2.1-mm center-pin jack (needs to be ordered separately), USA Power Supply – Power Adapter Plug Set
- ATSAMV71-XULT development board to act as a host system
- CAN analyzer hardware and software tools: K2L MOCCA-FD and K2L Optolyzer; optional: Optolyzer Studio Professional
- A second DM320112 CrytpoAutomotive development kit to support multiple-node CAN-MAC if you don’t have a security-capable CAN tool
The CryptoAutomotive Security IC TA/BSD development kit (DM320112) is available today for $250. (Note: The kit and all software and firmware is released only under NDA.)