Security

More documents

Recommendations

Info

Step 1: Application asks CSE module to verify MAC of stored mileage (using key #x) Step 2: CSE module reads mileage and MAC. CSE module uses key #x to calculates MAC. CSE module compares both MACs. If identical: CSE module sets bit in host interface. Step 3: Application checks bit and asks other ECUs for mileage (via secure communication). If bit is set and other ECUs reports same mileage: stored mileage is ok. Step 4: ECU gets new mileage. Application asks CSE module to generate MAC of new mileage (using key #x). Step 5: CSE module reads new mileage. CSE module uses key #x to calculates MAC. CSE module writes MAC to system RAM. Step 6: Host writes new mileage and its MAC into flash. Host sends new mileage to other nodes (secure communication) • MAC protects mileage against modification. • Distributing mileage on other ECUs protects against replay-attacks (i.e., overwriting mileage and MAC with read old mileage and its MAC). TM 2d MAC Random number generator Bus master Flash Stored mileage + MAC 14 2c 2a MPC5646C CSE module Unique ID AES-128 3b 2a 5a 5c 5a 3a mileage Keys Key #x Host Interface 5c System RAM Calculated MAC Bit for valid New mileage MAC MPC5646C Other CSE module ECUs Flash Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, ColdFire+, C-Ware, the Energy Efficient Solutions logo, Kinetis, mobileGT, PowerQUICC, Processor Expert, QorIQ, Qorivva, StarCore, Symphony and VortiQa are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. Airfast, BeeKit, BeeStack, CoreNet, Flexis, MagniV, MXC, Platform in a Package, QorIQ Qonverge, QUICC Engine, Ready Play, SafeAssure, the SafeAssure logo, SMARTMOS, TurboLink, Vybrid and Xtrinsic are trademarks of Freescale Semiconductor, Inc. All other product or service names are the property of their respective owners. © 2012 Freescale Semiconductor, Inc. 2b 2e
Master ECU with MPC5646C Random number generators Flash Step 1: Master ECU obtains random number and sends it to ECU . CSE module Unique ID AES-128 • Replacement or modification of ECU will change its unique ID and/or keys. Both will be detected with this proposal for component protection. TM RND ID Decrypted(RND;ID) Keys Random Unique ID Keys Key #x E.g. CAN number generators AES-128 Key #x Step 2: ECU appends its unique ID to received RND, encrypts this message with key #x, and sends encrypted message to master ECU 15 ECU with MPC5646C Encrypted(RND;ID) Step 3: Master ECU decrypts received message with key #x. CSE module Step 4: Master ECU checks decrypted RND and ID with sent RND and with stored ID . If match: ECU is ok. Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, ColdFire+, C-Ware, the Energy Efficient Solutions logo, Kinetis, mobileGT, PowerQUICC, Processor Expert, QorIQ, Qorivva, StarCore, Symphony and VortiQa are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. Airfast, BeeKit, BeeStack, CoreNet, Flexis, MagniV, MXC, Platform in a Package, QorIQ Qonverge, QUICC Engine, Ready Play, SafeAssure, the SafeAssure logo, SMARTMOS, TurboLink, Vybrid and Xtrinsic are trademarks of Freescale Semiconductor, Inc. All other product or service names are the property of their respective owners. © 2012 Freescale Semiconductor, Inc.
Page 1 and 2: June 2012 TM Freescale, the Freesca
Page 3 and 4: TM Freescale, the Freescale logo, A
Page 5 and 6: Comfort Features ►Door Module ►
Page 9 and 10: • 16-bit Devices: S12XE as exampl
Page 11 and 12: Step 1: After power on: CSE module
Page 13: Central ECU with MPC5646C Random nu
Page 17 and 18: • Crypto Service Manager (CSM)
Page 21 and 22: • CSE module implements the offic
Page 23 and 24: US IntelliDrive VII CAR 2 CAR CC
Page 25 and 26: • Tier1 specification of security
Page 27 and 28: • BMW and Audi commissioned escry
Page 29 and 30: • Security tutorial − Flash fil

Security

Create successful ePaper yourself

Delete template?

Save as template?