The company's products range from chips that offer basic security with secure hardware extension (SHE) as seen in Audo MAX, to the Aurix integrated with hardware security module (HSM).
While Audo MAX offers basic security by integrating functions such as secure boot and hardware acceleration, Aurix goes several steps further by embedding a hardware security module (HSM) in an automotive microcontroller. Inside the microcontroller, HSM offers a secure environment -- separated by a firewall and equipped with its own ARM-based CPU, to run secure applications. Those secure apps would not use the automotive microcontroller (usually embedded with Infineon's proprietary TriCore processing cores).
More specifically, Aurix's HSM comes with AES128 and true number generator implemented in hardware, customer-specific requirements like HASH or asymmetric encryption in software, in order to offer encryption and decryption.
Infineon offers hardware security module (HSM)
Infineon's Aurix HSM offers anchor of trust by separated logical protection domain
Instead of using those HSM-embedded automotive microcontrollers, OEMs can also opt to add a "Secure Element" to existing automotive microcontrollers used in ECUs. In Infineon's case, its Secure Element product is SLI 76 -- a SIM card chip hardened to endure the harsh automotive environment. While both Audo MAX and Aurix are designed to protect ECUs from logical attacks, Secure Element is used to protect keys, security, and secrets from physical attacks.
Both the chip industry and car OEMs are said to be keenly aware of the future risk of side-channel attacks -- with hackers using power analysis to extract secrets, or more significantly when the use of wireless communications from cars becomes rampant, through car-to-car and vehicle-to-infrastructure communications, E-call, and infotainment.
Full EVITA spec?
To protect a vehicle against attacks via various real-time communications with the external world, chip companies could be required to offer hardware security modules that are compliant with the full EVITA spec.
Indeed, the EVITA specs, born out of an EU project that ended late 2011, offers three levels of security: Light EVITA HSM focused on securing the interaction between secured ECUs and sensors and actuators; medium EVITA designed to secure the on-board communication; and full EVITA for protecting the in-vehicle domain against security vulnerabilities of V2X communications. It requires creating and verifying electronic signatures.
According to Infineon's microcontroller security roadmap, the German company is already offering Audo MAX chips at a 90nm process (already designed into commercially available cars) and Aurix chips based on medium EVITA HSM at 65nm process. The start of production of cars using Aurix chips is expected in 2014, according to Steurich. These chips are already in the hands of automotive OEMs.
Asked about Infineon's plan for chips based on the full EVITA spec, Steurich said, "We are closely monitoring the market." He did not mention when any products might be launched.
The medium and full EVITA specs are similar, except that the full version requires an asymmetric cryptographic building block in hardware and more CPU processing power. Meanwhile, the medium HSM has no asymmetric cryptographic building block, although as Infineon's Aurix chip can demonstrate, it can perform some non-time-critical asymmetric cryptographic operation in software.
In the end, carmakers' purchasing managers are likely to need more persuasion, or maybe a catastrophe, before they believe that the "threats are real."