Tamper-proof electronic control units for cars
Infineon Technologies’ new 32-bit AUDO MAX SHE microcontrollers extend the tamper-proofing of electronic control units (ECU) and protect against tuning, for example. AUDO MAX SHE enables automotive manufacturers to ensure the integrity of their ECUs and to guard better against exposure to liability claims. Today three products of the AUDO MAX family come with SHE (Secure Hardware Extension) functionality.
By introducing AUDO MAX SHE, Infineon has a head start over other semiconductor manufacturers in meeting a wish for improved tamper-proofing and anti-theft protection of automotive control units expressed by the “HIS” (Manufacturers’ Software Initiative) Working Group on Security. Members of this working group are Audi, BMW, Daimler, Porsche and Volkswagen. Security solutions have so far been confined to software level or were coupled with additional external hardware, meaning they were easily circumvented. Infineon offers more than this basic software protection because AUDO MAX SHE monolithically integrates a secure keystore which cannot be read without access authorization. Infineon’s integrated solution has the advantage over the version using external security chips that the communication does not run via interceptable external bus systems.
In addition, SHE has a cryptographic module which encrypts access codes with up to 128 bits. SHE is complemented by an array of hardware functions which, for example, prevent the application code from being illegitimately read and altered, or identify ECUs in the system network. These are important functions for tamper-proofing control units and protecting them against theft. Even if such an ECU were to be fitted in another identical vehicle, its engine performance characteristics could not be changed: the cryptographic individual key of an ECU has to match all the cryptographic keys within the ECU network of a vehicle. And that key is safely stored in the SHE.
Infineon’s AUDO MAX SHE brings security from the software level to the hardware. Thus, for example, the keystore cannot be read by the diagnostic software and therefore the secret keys are protected particularly well from software attacks. Furthermore, AUDO MAX SHE guards very effectively against any tampering even during boot-up: the secure boot feature ensures that only the original software is loaded during the boot process.
The AUDO MAX microcontroller family incorporating SHE currently comprises three products, each with 4 MB flash memory but differing in terms of clock frequency and package: TC1798 (300MHz, BGA-516), TC1793 (270 MHz, BGA-416) and TC1791 (240 MHz, BGA-292). All are available in sample quantities. Volume production has begun for the TC1793 and is set to begin for the TC1798 and TC1791 from Q1/2012. Infineon’s future 65 nm eFlash microcontrollers will offer and significantly extend the SHE functionality with a Hardware Security Module (HSM).