Security
Security
Security
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
TM<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, t<br />
he Energy Efficient Solutions logo, mobileGT, PowerQUICC, QorIQ, StarCore and Symphony<br />
are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack,<br />
ColdFire+, CoreNet, Flexis, Kinetis, MXC, Platform in a Package, Processor Expert, QorIQ<br />
Qonverge, Qorivva, QUICC Engine, SMARTMOS, TurboLink, VortiQa and Xtrinsic are trademarks<br />
of Freescale Semiconductor, Inc. All other product or service names are the property<br />
of their respective owners. © 2011 Freescale Semiconductor, Inc.
• Automotive Body applications: Safety, and <strong>Security</strong> related<br />
• <strong>Security</strong> Use Cases and Freescale MCUs<br />
• <strong>Security</strong> Module CSE<br />
• <strong>Security</strong> Standards and Consortia<br />
• More resources<br />
• Q&A<br />
TM<br />
2<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, the Energy Efficient Solutions logo, mobileGT, PowerQUICC, QorIQ, StarCore<br />
and Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack, ColdFire+, CoreNet, Flexis, Kinetis, MXC, Platform in a<br />
Package, Processor Expert, QorIQ Qonverge, Qorivva, QUICC Engine, SMARTMOS, TurboLink, VortiQa and Xtrinsic are trademarks of Freescale Semiconductor, Inc.<br />
All other product or service names are the property of their respective owners. © 2011 Freescale Semiconductor, Inc.
TM<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, t<br />
he Energy Efficient Solutions logo, mobileGT, PowerQUICC, QorIQ, StarCore and Symphony<br />
are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack,<br />
ColdFire+, CoreNet, Flexis, Kinetis, MXC, Platform in a Package, Processor Expert, QorIQ<br />
Qonverge, Qorivva, QUICC Engine, SMARTMOS, TurboLink, VortiQa and Xtrinsic are trademarks<br />
of Freescale Semiconductor, Inc. All other product or service names are the property<br />
of their respective owners. © 2011 Freescale Semiconductor, Inc.
Safety &<br />
Powertrain Body DIS<br />
Chassis<br />
TM<br />
32 Bit Qorivva i.MX<br />
8-16 Bit S08/S12/LL18UHV (Mixed-Signal/High-Voltage)<br />
Driving innovation and technology in all segments<br />
4<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, the Energy Efficient Solutions logo, mobileGT, PowerQUICC, QorIQ, StarCore<br />
and Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack, ColdFire+, CoreNet, Flexis, Kinetis, MXC, Platform in a<br />
Package, Processor Expert, QorIQ Qonverge, Qorivva, QUICC Engine, SMARTMOS, TurboLink, VortiQa and Xtrinsic are trademarks of Freescale Semiconductor, Inc.<br />
All other product or service names are the property of their respective owners. © 2011 Freescale Semiconductor, Inc.
Comfort Features<br />
►Door Module<br />
►Window Lift<br />
►Seat Module<br />
►HVAC<br />
►Electric sunroof/shade<br />
►Interior lighting<br />
TM<br />
Integrated BCM<br />
Gateways<br />
5<br />
►Steering column lock<br />
►Steering column<br />
adjustment<br />
►Seat positioning<br />
►Wipers and rain sensors<br />
►Lighting and light sensors<br />
►Convertible top<br />
►Anti-pitch power windows<br />
• Variety of applications inside the cabin, with wide raning performance<br />
requirements<br />
• Low end, small 8-bit up to high performance 32-bit.<br />
• Difference between Safety and <strong>Security</strong><br />
• <strong>Security</strong> for Safety<br />
AFS<br />
Front<br />
Light<br />
Front<br />
Light<br />
AFS<br />
CAN<br />
LIN<br />
Light /<br />
LED ctrl<br />
Door<br />
SLP<br />
ripple cnt<br />
W/D &<br />
Safety<br />
Light / RF<br />
LED ctrl Rx<br />
MCU<br />
Door<br />
SLP<br />
ripple cnt<br />
Light /<br />
LED ctrl<br />
MCU<br />
Input<br />
Gateway 32bit<br />
176 pin<br />
Monitor<br />
SBC (208/256) BCM<br />
Output<br />
Driver<br />
Light /<br />
LED ctrl<br />
Rear<br />
Light<br />
Input<br />
• Switches<br />
• etc.<br />
Output<br />
• Interior lighting<br />
• etc.<br />
Rear<br />
Light<br />
Vehicle Networking<br />
►Central Body Control<br />
Module<br />
►Central Gateways: CAN,<br />
LIN, Flexray, Ethernet,<br />
MOST<br />
Safety Related<br />
<strong>Security</strong><br />
►Immobilizer<br />
►Keyless Entry<br />
►Preventing hacking and<br />
counterfeit modules<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, the Energy Efficient Solutions logo, mobileGT, PowerQUICC, QorIQ, StarCore<br />
and Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack, ColdFire+, CoreNet, Flexis, Kinetis, MXC, Platform in a<br />
Package, Processor Expert, QorIQ Qonverge, Qorivva, QUICC Engine, SMARTMOS, TurboLink, VortiQa and Xtrinsic are trademarks of Freescale Semiconductor, Inc.<br />
All other product or service names are the property of their respective owners. © 2011 Freescale Semiconductor, Inc.
• <strong>Security</strong> for safety: No safety without security !<br />
− Recent publications highlight how vehicle networks could be hacked from<br />
inside the cabin. With the connected car, the attacker could be anywhere.<br />
− Software is ubiquitous and also used in safety critical systems (e.g. brakes,<br />
steering, etc)<br />
• <strong>Security</strong> for reliability<br />
− Counterfeit parts and ECUs can impact vehicle reliability (and safety)<br />
− Singular modification poses risk of malfunction or breakdown of complete<br />
system<br />
• Protection of (financial) assets<br />
− Car OEM: Ensure ECUs and spare parts are genuine<br />
− Car OEM: High $$ value feature options enabled through software switch<br />
− Car owner: Vehicle maintains high value - it is safe and reliable<br />
− Car owner: Mileage manipulation considered impossible<br />
• Privacy/Confidentiality<br />
− Car data, driver location, commute schemes, personal preferences, etc. must<br />
remain invisible and untraceable<br />
TM<br />
6<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, the Energy Efficient Solutions logo, mobileGT, PowerQUICC, QorIQ, StarCore<br />
and Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack, ColdFire+, CoreNet, Flexis, Kinetis, MXC, Platform in a<br />
Package, Processor Expert, QorIQ Qonverge, Qorivva, QUICC Engine, SMARTMOS, TurboLink, VortiQa and Xtrinsic are trademarks of Freescale Semiconductor, Inc.<br />
All other product or service names are the property of their respective owners. © 2011 Freescale Semiconductor, Inc.
TM<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, t<br />
he Energy Efficient Solutions logo, mobileGT, PowerQUICC, QorIQ, StarCore and Symphony<br />
are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack,<br />
ColdFire+, CoreNet, Flexis, Kinetis, MXC, Platform in a Package, Processor Expert, QorIQ<br />
Qonverge, Qorivva, QUICC Engine, SMARTMOS, TurboLink, VortiQa and Xtrinsic are trademarks<br />
of Freescale Semiconductor, Inc. All other product or service names are the property<br />
of their respective owners. © 2011 Freescale Semiconductor, Inc.
► Immobilizers<br />
► Component protection<br />
► Protecting data sets (mileage) /<br />
Prevent “Chip tuning“<br />
► Protecting personal information<br />
(destinations, phone book etc.)<br />
► Feature management (navigation map)<br />
and Digital-Rights-Management<br />
► Secure communication<br />
► Secure Boot<br />
TM<br />
8<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, the Energy Efficient Solutions logo, mobileGT, PowerQUICC, QorIQ, StarCore<br />
and Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack, ColdFire+, CoreNet, Flexis, Kinetis, MXC, Platform in a<br />
Package, Processor Expert, QorIQ Qonverge, Qorivva, QUICC Engine, SMARTMOS, TurboLink, VortiQa and Xtrinsic are trademarks of Freescale Semiconductor, Inc.<br />
All other product or service names are the property of their respective owners. © 2011 Freescale Semiconductor, Inc.
• 16-bit Devices: S12XE as example<br />
� NVM content protection, disable debugging features for CPU and XGATE and<br />
access to internal memory via debugger interface, etc<br />
• 32-bit Devices: MPC56xx as example<br />
� Censorship mode to protect the flash contents<br />
� CSE- Crypto Service Engine(Application Note available)<br />
• 32-bit Devices: i.MX51x as example<br />
� ARM TrustZone, Secure JTAG controller, Secure real-time clock, Secure boot<br />
functions<br />
� Cryptographic accelerator with true random number generator (TRNG)<br />
� <strong>Security</strong> controller with AES engine, secure/non-secure RAM<br />
TM<br />
Freescale Automotive <strong>Security</strong> Solutions<br />
Type Device Family Platform <strong>Security</strong> Module<br />
In-Vehicle<br />
<strong>Security</strong><br />
Connected<br />
Vehicle<br />
<strong>Security</strong><br />
MCU<br />
(internal<br />
Flash)<br />
MPU<br />
(no Flash)<br />
MPC564xB/C (90nm Body)<br />
CSE<br />
MPC5746M (55nm Powertrain)<br />
32bit Qorivva<br />
Power Architecture<br />
HSM<br />
MPC574xC (55nm Body) HSM<br />
Vybrid R-Series ARM Cortex-A5 Trust Zone<br />
i.Mx Application Processors<br />
9<br />
ARM9/11<br />
Cortex-A8/A9/A15<br />
Sahara<br />
CAAM<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, the Energy Efficient Solutions logo, mobileGT, PowerQUICC, QorIQ, StarCore<br />
and Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack, ColdFire+, CoreNet, Flexis, Kinetis, MXC, Platform in a<br />
Package, Processor Expert, QorIQ Qonverge, Qorivva, QUICC Engine, SMARTMOS, TurboLink, VortiQa and Xtrinsic are trademarks of Freescale Semiconductor, Inc.<br />
All other product or service names are the property of their respective owners. © 2011 Freescale Semiconductor, Inc.
• Many automotive security applications are based on cryptographic<br />
algorithms that utilize security keys.<br />
• Today these security keys are typically encoded and in public Flash on<br />
chip. By being publically accessible, the keys are at risk to SW attack.<br />
• The CSE stores the keys in a secure Flash array that is only accessible<br />
by the CSE module.<br />
• The CSE additionally provides cryptographic algorithms (AES-128) and<br />
a secure boot up feature that allows for the public Flash to be<br />
authenticated.<br />
• The CSE module is based on the Secure Hardware Extention (SHE)<br />
spec.<br />
• FSL is the first to have silicon publically available that supports the SHE<br />
spec.<br />
TM<br />
10<br />
Crypto Service Engine (CSE)<br />
RNG<br />
Key<br />
NVM<br />
AES-128<br />
RAM<br />
CODE & KEY<br />
ROM<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, the Energy Efficient Solutions logo, mobileGT, PowerQUICC, QorIQ, StarCore<br />
and Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack, ColdFire+, CoreNet, Flexis, Kinetis, MXC, Platform in a<br />
Package, Processor Expert, QorIQ Qonverge, Qorivva, QUICC Engine, SMARTMOS, TurboLink, VortiQa and Xtrinsic are trademarks of Freescale Semiconductor, Inc.<br />
All other product or service names are the property of their respective owners. © 2011 Freescale Semiconductor, Inc.
Step 1: After power on: CSE module reads<br />
bootloader via its bus master interface.<br />
Step 2: CSE module uses the boot key to<br />
calculates the MAC value of the bootloader.<br />
Step 3: CSE module compares calculated<br />
MAC with stored boot MAC. If identical:<br />
successful secure boot � set respective bit<br />
in host interface and unlock keys<br />
Step 4: MCU always starts bootloader.<br />
4<br />
Bootloader:<br />
Part of flash memory<br />
Start bootloader<br />
• MAC(message authentication code) protects against modification of bootloader<br />
and depends on the (secret) boot key � integrity and authenticity of bootloader.<br />
• Only if calculated MAC value matches stored boot MAC value: successful secure<br />
boot � set respective bit in host interface and unlock keys for further usage (see<br />
next demos)<br />
TM<br />
Random<br />
number<br />
generator<br />
1<br />
Bus master<br />
11<br />
Flash<br />
MPC5646C<br />
CSE module<br />
Unique ID<br />
AES-128<br />
2a<br />
3b<br />
MAC value<br />
Keys<br />
Boot key<br />
Host Interface<br />
Bit for successful<br />
3c<br />
secure boot<br />
Keys unlocked<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, ColdFire+, C-Ware, the Energy Efficient Solutions logo, Kinetis,<br />
mobileGT, PowerQUICC, Processor Expert, QorIQ, Qorivva, StarCore, Symphony and VortiQa are trademarks of Freescale Semiconductor, Inc.,<br />
Reg. U.S. Pat. & Tm. Off. Airfast, BeeKit, BeeStack, CoreNet, Flexis, MagniV, MXC, Platform in a Package, QorIQ Qonverge, QUICC Engine,<br />
Ready Play, SafeAssure, the SafeAssure logo, SMARTMOS, TurboLink, Vybrid and Xtrinsic are trademarks of Freescale Semiconductor, Inc. All<br />
other product or service names are the property of their respective owners. © 2012 Freescale Semiconductor, Inc.<br />
2c<br />
2b<br />
Boot MAC<br />
juergen.frank@freescale.com<br />
3a
Step 1: Successful secure boot to verify<br />
bootloader and to unlock keys. Then the<br />
bootloader configures the MCU for full speed,<br />
best memory timing, etc.<br />
Step 2: Bootloader asks CSE module to verify<br />
MAC for part #1 of flash memory using key #x<br />
Step 3: CSE module reads part of flash, uses<br />
key #x to calculate MAC, and compares<br />
calculated MAC with MAC for part #1 as stored<br />
in bootloader. If identical, CSE module sets<br />
corresponding bit in host interface.<br />
Step 4: Bootloader checks bit.<br />
If set: Part #1 of flash ok � execute part #1.<br />
Step 5 etc: Similar to bootloader vs. part #1 of<br />
flash: Part #n of flash verifies part #n+1 �<br />
chain of trust.<br />
• MACs stored in bootloader provide integrity and authenticity of the related parts in flash memory.<br />
• Bootloader protected by secure boot (see previous demo).<br />
• Part-by-part checking of flash to execute critical parts of flash (e.g., MCU configuration/IRQ table) as<br />
soon as possible.<br />
TM<br />
3d<br />
MAC<br />
Random<br />
number<br />
generator<br />
Bus master<br />
3a<br />
Part<br />
#1<br />
Flash<br />
Stored MAC for part #2<br />
Stored MAC for part #1<br />
Bootloader<br />
12<br />
#2<br />
3c<br />
...<br />
MPC5646C<br />
CSE module<br />
Unique ID<br />
AES-128<br />
3a<br />
1<br />
3e<br />
Keys<br />
Key #x<br />
Host Interface<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, ColdFire+, C-Ware, the Energy Efficient Solutions logo, Kinetis,<br />
mobileGT, PowerQUICC, Processor Expert, QorIQ, Qorivva, StarCore, Symphony and VortiQa are trademarks of Freescale Semiconductor, Inc.,<br />
Reg. U.S. Pat. & Tm. Off. Airfast, BeeKit, BeeStack, CoreNet, Flexis, MagniV, MXC, Platform in a Package, QorIQ Qonverge, QUICC Engine,<br />
Ready Play, SafeAssure, the SafeAssure logo, SMARTMOS, TurboLink, Vybrid and Xtrinsic are trademarks of Freescale Semiconductor, Inc. All<br />
other product or service names are the property of their respective owners. © 2012 Freescale Semiconductor, Inc.<br />
3b<br />
Bit for valid MAC<br />
juergen.frank@freescale.com
Central ECU with MPC5646C<br />
Random<br />
number<br />
generators<br />
Step 1: Central ECU obtains<br />
random number and sends<br />
it to sensors ECU (e.g., after<br />
power-on of car)<br />
CSE module<br />
Unique ID<br />
AES-128<br />
Decrypted<br />
(sensor value;RND)<br />
• Random number: protects against replay attacks.<br />
• Encryption: protects against eavesdropping.<br />
• Random number and encryption: ensures data integrity and authenticity.<br />
TM<br />
Keys<br />
Key #x<br />
RND<br />
Step 2: Sensor ECU reads<br />
sensor value and asks CSE<br />
module to encrypt it and the<br />
received random number<br />
(using key #x)<br />
E.g.<br />
CAN<br />
Step 3: Sensor ECU sends<br />
encrypted message to<br />
central ECU.<br />
Step 4: Central ECU asks<br />
CSE module to decrypt<br />
received message (using<br />
key #x).<br />
13<br />
Random<br />
number<br />
generators<br />
Encrypted<br />
(sensor value;RND)<br />
Sensor ECU<br />
CSE module<br />
Unique ID<br />
AES-128<br />
Keys<br />
Key #x<br />
Sensor value<br />
Step 5: Central ECU checks<br />
sent random number vs.<br />
received/decrypted random<br />
number.<br />
juergen.frank@freescale.com<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, ColdFire+, C-Ware, the Energy Efficient Solutions logo, Kinetis,<br />
mobileGT, PowerQUICC, Processor Expert, QorIQ, Qorivva, StarCore, Symphony and VortiQa are trademarks of Freescale Semiconductor, Inc.,<br />
Reg. U.S. Pat. & Tm. Off. Airfast, BeeKit, BeeStack, CoreNet, Flexis, MagniV, MXC, Platform in a Package, QorIQ Qonverge, QUICC Engine,<br />
Ready Play, SafeAssure, the SafeAssure logo, SMARTMOS, TurboLink, Vybrid and Xtrinsic are trademarks of Freescale Semiconductor, Inc. All<br />
other product or service names are the property of their respective owners. © 2012 Freescale Semiconductor, Inc.
Step 1: Application asks CSE module to verify<br />
MAC of stored mileage (using key #x)<br />
Step 2: CSE module reads mileage and MAC.<br />
CSE module uses key #x to calculates MAC.<br />
CSE module compares both MACs. If identical:<br />
CSE module sets bit in host interface.<br />
Step 3: Application checks bit and asks other<br />
ECUs for mileage (via secure communication).<br />
If bit is set and other ECUs reports same<br />
mileage: stored mileage is ok.<br />
Step 4: ECU gets new mileage. Application<br />
asks CSE module to generate MAC of new<br />
mileage (using key #x).<br />
Step 5: CSE module reads new mileage. CSE<br />
module uses key #x to calculates MAC. CSE<br />
module writes MAC to system RAM.<br />
Step 6: Host writes new mileage and its MAC<br />
into flash. Host sends new mileage to other<br />
nodes (secure communication)<br />
• MAC protects mileage against modification.<br />
• Distributing mileage on other ECUs protects against replay-attacks (i.e., overwriting mileage and MAC with read old<br />
mileage and its MAC).<br />
TM<br />
2d<br />
MAC<br />
Random<br />
number<br />
generator<br />
Bus master<br />
Flash<br />
Stored mileage + MAC<br />
14<br />
2c<br />
2a<br />
MPC5646C<br />
CSE module<br />
Unique ID<br />
AES-128<br />
3b<br />
2a<br />
5a<br />
5c<br />
5a<br />
3a<br />
mileage<br />
Keys<br />
Key #x<br />
Host Interface<br />
5c<br />
System RAM<br />
Calculated MAC<br />
Bit for valid<br />
New mileage<br />
MAC<br />
MPC5646C<br />
Other<br />
CSE module ECUs<br />
Flash<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, ColdFire+, C-Ware, the Energy Efficient Solutions logo, Kinetis,<br />
mobileGT, PowerQUICC, Processor Expert, QorIQ, Qorivva, StarCore, Symphony and VortiQa are trademarks of Freescale Semiconductor, Inc.,<br />
Reg. U.S. Pat. & Tm. Off. Airfast, BeeKit, BeeStack, CoreNet, Flexis, MagniV, MXC, Platform in a Package, QorIQ Qonverge, QUICC Engine,<br />
Ready Play, SafeAssure, the SafeAssure logo, SMARTMOS, TurboLink, Vybrid and Xtrinsic are trademarks of Freescale Semiconductor, Inc. All<br />
other product or service names are the property of their respective owners. © 2012 Freescale Semiconductor, Inc.<br />
2b<br />
2e
Master ECU with MPC5646C<br />
Random<br />
number<br />
generators<br />
Flash<br />
Step 1: Master ECU<br />
obtains random number<br />
and sends it to ECU<br />
.<br />
CSE module<br />
Unique ID<br />
AES-128<br />
• Replacement or modification of ECU will change its unique ID and/or keys. Both will be<br />
detected with this proposal for component protection.<br />
TM<br />
RND<br />
ID Decrypted(RND;ID)<br />
Keys Random Unique ID Keys<br />
Key #x<br />
E.g.<br />
CAN<br />
number<br />
generators AES-128 Key #x<br />
Step 2: ECU <br />
appends its unique ID to<br />
received RND, encrypts<br />
this message with key<br />
#x, and sends encrypted<br />
message to master ECU<br />
15<br />
ECU with MPC5646C<br />
Encrypted(RND;ID)<br />
Step 3: Master ECU<br />
decrypts received<br />
message with key #x.<br />
CSE module<br />
Step 4: Master ECU<br />
checks decrypted RND<br />
and ID with sent RND<br />
and with stored ID .<br />
If match: ECU is ok.<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, ColdFire+, C-Ware, the Energy Efficient Solutions logo, Kinetis,<br />
mobileGT, PowerQUICC, Processor Expert, QorIQ, Qorivva, StarCore, Symphony and VortiQa are trademarks of Freescale Semiconductor, Inc.,<br />
Reg. U.S. Pat. & Tm. Off. Airfast, BeeKit, BeeStack, CoreNet, Flexis, MagniV, MXC, Platform in a Package, QorIQ Qonverge, QUICC Engine,<br />
Ready Play, SafeAssure, the SafeAssure logo, SMARTMOS, TurboLink, Vybrid and Xtrinsic are trademarks of Freescale Semiconductor, Inc. All<br />
other product or service names are the property of their respective owners. © 2012 Freescale Semiconductor, Inc.
Random<br />
number<br />
generators<br />
Allow more<br />
horse power<br />
Step 1:<br />
Customer/Dealer<br />
request feature (e.g.,<br />
more horse power)<br />
for the car from<br />
OEM’s server.<br />
ECU with MPC5646C<br />
CSE module<br />
Unique ID<br />
AES-128<br />
• Only features with correct MAC/AES-128 key are accepted.<br />
• OEM server to create the MAC for feature.<br />
• MAC protects integrity and authenticity of feature.<br />
TM<br />
MAC<br />
Keys<br />
Key #x<br />
Feature;<br />
MAC<br />
Step 2: OEM server<br />
creates message: feature<br />
code and MAC using key<br />
#x of ECU in customer’s<br />
car. Message sent to<br />
customer<br />
16<br />
Customer/<br />
Dealer<br />
E.g. USB<br />
Stick<br />
Step 3: Customer<br />
applies message<br />
(feature;MAC) to car.<br />
ECU receives<br />
message.<br />
Feature;<br />
MAC<br />
OEM server<br />
Feature<br />
AES-128 Key #x<br />
MAC<br />
Step 4: CSE module<br />
calculates MAC for<br />
received feature using key<br />
#x. If calculated MAC is<br />
identical to received MAC:<br />
feature is accepted (e.g.,<br />
more horse power)<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, ColdFire+, C-Ware, the Energy Efficient Solutions logo, Kinetis,<br />
mobileGT, PowerQUICC, Processor Expert, QorIQ, Qorivva, StarCore, Symphony and VortiQa are trademarks of Freescale Semiconductor, Inc.,<br />
Reg. U.S. Pat. & Tm. Off. Airfast, BeeKit, BeeStack, CoreNet, Flexis, MagniV, MXC, Platform in a Package, QorIQ Qonverge, QUICC Engine,<br />
Ready Play, SafeAssure, the SafeAssure logo, SMARTMOS, TurboLink, Vybrid and Xtrinsic are trademarks of Freescale Semiconductor, Inc. All<br />
other product or service names are the property of their respective owners. © 2012 Freescale Semiconductor, Inc.
• Crypto Service Manager (CSM)<br />
− Access to cryptographic services for<br />
applications and system functions<br />
− Cryptographic services:<br />
� Hash computation<br />
� Asymmetrical signature verification<br />
� Symmetric encryption<br />
• Crypto library (CAL)<br />
− Provides cryptographic algorithms<br />
− SW or HW, e.g., CSE module of<br />
MPC564x<br />
• Freescale + Elektrobit<br />
− Include CSE module in AUTOSAR<br />
TM<br />
17<br />
Appl. 1<br />
Driver<br />
(HW)<br />
Application Layer<br />
AUTOSAR Runtime Environment (RTE)<br />
CSM<br />
Appl. 2<br />
Crypto Library<br />
(SW)<br />
Services<br />
Layer<br />
Crypto-HW Microcontroller<br />
ECU Abstraction<br />
Layer<br />
Microcontroller<br />
Abstraction Layer<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, the Energy Efficient Solutions logo, mobileGT, PowerQUICC, QorIQ, StarCore<br />
and Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack, ColdFire+, CoreNet, Flexis, Kinetis, MXC, Platform in a<br />
Package, Processor Expert, QorIQ Qonverge, Qorivva, QUICC Engine, SMARTMOS, TurboLink, VortiQa and Xtrinsic are trademarks of Freescale Semiconductor, Inc.<br />
All other product or service names are the property of their respective owners. © 2011 Freescale Semiconductor, Inc.
• Dual Core Architecture<br />
− e200z4d + e200z0h up to 120 MHz<br />
• Memory<br />
− 3 MB on-chip code & 64 KB on-chip data flash<br />
− Up to 256 KB on-chip SRAM<br />
• Crossbar switch architecture for concurrent access<br />
• Busses/Interfaces: CAN, LIN/SCI, DSPI, I²C, FlexRay,<br />
Ethernet<br />
• Others modules: RTC, Semaphores, MPU, ADCs, several<br />
Timers modules etc.<br />
• Cryptographic Service Engine (CSE)<br />
− Implementation of the HIS SHE-Specification<br />
− AES-128 engine for encryption, decryption and message<br />
authentication , support of ECB & CBC modes<br />
− Random number generator (Pseudo and True for seed)<br />
− Unique device ID (read-only)<br />
− Secure key storage accessible by CSE module only<br />
− Secure Boot support after reset<br />
− Debug Detection<br />
TM<br />
18<br />
Due to CSE module: MPC5646C won the “Embedded<br />
AWARD” at the “Embedded World” (International<br />
Conference and Exhibition) in Nurnberg 2011.<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, the Energy Efficient Solutions logo, mobileGT, PowerQUICC, QorIQ, StarCore<br />
and Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack, ColdFire+, CoreNet, Flexis, Kinetis, MXC, Platform in a<br />
Package, Processor Expert, QorIQ Qonverge, Qorivva, QUICC Engine, SMARTMOS, TurboLink, VortiQa and Xtrinsic are trademarks of Freescale Semiconductor, Inc.<br />
All other product or service names are the property of their respective owners. © 2011 Freescale Semiconductor, Inc.
TM<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, t<br />
he Energy Efficient Solutions logo, mobileGT, PowerQUICC, QorIQ, StarCore and Symphony<br />
are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack,<br />
ColdFire+, CoreNet, Flexis, Kinetis, MXC, Platform in a Package, Processor Expert, QorIQ<br />
Qonverge, Qorivva, QUICC Engine, SMARTMOS, TurboLink, VortiQa and Xtrinsic are trademarks<br />
of Freescale Semiconductor, Inc. All other product or service names are the property<br />
of their respective owners. © 2011 Freescale Semiconductor, Inc.
• Secure Core<br />
− 32bit Core<br />
− 120 MHz clock frequency<br />
• AES<br />
− Bus Master / DMA programming model<br />
− Supported crypto modes:<br />
� ECB<br />
� CBC<br />
� Minimal throughput 100 MBit/sec<br />
− Latency 2μs<br />
• Secure NVM<br />
− NVM emulation on secure flash blocks<br />
− Up to ten generic keys, additional special purpose keys<br />
• Secure FLASH<br />
− Protected by hard-coded connection with CSE, no access by other master<br />
possible<br />
• RNG<br />
− PRNG , TRNG for SEED generation<br />
− AIS20 (Class K3 high) / FIPS 140-2<br />
TM<br />
20<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, the Energy Efficient Solutions logo, mobileGT, PowerQUICC, QorIQ, StarCore<br />
and Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack, ColdFire+, CoreNet, Flexis, Kinetis, MXC, Platform in a<br />
Package, Processor Expert, QorIQ Qonverge, Qorivva, QUICC Engine, SMARTMOS, TurboLink, VortiQa and Xtrinsic are trademarks of Freescale Semiconductor, Inc.<br />
All other product or service names are the property of their respective owners. © 2011 Freescale Semiconductor, Inc.<br />
IV<br />
Pi-1<br />
ECB<br />
Pi<br />
Ek<br />
Ci<br />
Ek Ek Ek<br />
Ci-1<br />
CBC<br />
Pi<br />
Ci<br />
Pi+1<br />
Ci+1
• CSE module implements the official<br />
SHE-Specification (Version 1.1).<br />
• CSE module is open for further<br />
extensions (e.g. ECC, SHA-256<br />
etc.)<br />
• CSE module is core based and<br />
includes an AES cipher and a<br />
random-number generator<br />
• CSE module interfaces:<br />
− crossbar master interface<br />
(access to the whole system memory space)<br />
− configuration interface<br />
(host interface)<br />
• Fix system flash blocks assignment<br />
to the CSE module. Accesses from<br />
other masters are impossible.<br />
TM<br />
21<br />
CSE Block<br />
on/<br />
off<br />
P<br />
R<br />
N<br />
G<br />
128bit<br />
random<br />
value<br />
Seed<br />
T<br />
R<br />
N<br />
G<br />
CSE Interface<br />
Host Interface<br />
Debugger<br />
connected<br />
DEBUG<br />
JTAG<br />
NEXUS<br />
FLASH<br />
Sec. FLASH<br />
Test Interface Array<br />
Test Interface BIU<br />
Interrupt<br />
Config/Status<br />
Register<br />
IP SkyBlue-IF<br />
Peripheral<br />
Bridge<br />
INTC<br />
PB-IF<br />
MI BIU<br />
UTI<br />
Host Inter.<br />
INTC<br />
Secure „Firewall“<br />
CSE<br />
Core<br />
AES<br />
ROM<br />
XBAR-IF<br />
RAM<br />
Core eDMA FlexRay<br />
Slaves<br />
Masters<br />
XBAR<br />
MPU<br />
SRAM<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, the Energy Efficient Solutions logo, mobileGT, PowerQUICC, QorIQ, StarCore<br />
and Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack, ColdFire+, CoreNet, Flexis, Kinetis, MXC, Platform in a<br />
Package, Processor Expert, QorIQ Qonverge, Qorivva, QUICC Engine, SMARTMOS, TurboLink, VortiQa and Xtrinsic are trademarks of Freescale Semiconductor, Inc.<br />
All other product or service names are the property of their respective owners. © 2011 Freescale Semiconductor, Inc.
TM<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, t<br />
he Energy Efficient Solutions logo, mobileGT, PowerQUICC, QorIQ, StarCore and Symphony<br />
are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack,<br />
ColdFire+, CoreNet, Flexis, Kinetis, MXC, Platform in a Package, Processor Expert, QorIQ<br />
Qonverge, Qorivva, QUICC Engine, SMARTMOS, TurboLink, VortiQa and Xtrinsic are trademarks<br />
of Freescale Semiconductor, Inc. All other product or service names are the property<br />
of their respective owners. © 2011 Freescale Semiconductor, Inc.
US<br />
IntelliDrive<br />
VII<br />
CAR 2 CAR<br />
CC<br />
• Partly initiated and funded by Governments<br />
• Members: Standardization bodies, universities, research<br />
institutes, car OEMs, silicon manufacturers<br />
TM<br />
eSafety<br />
e<strong>Security</strong><br />
WG<br />
WAVE<br />
Europe Germany Conferences<br />
Intelligent Car Initiative<br />
SeVeCom<br />
EVITA<br />
ARAMIS<br />
Standards<br />
FIPS 197<br />
NFC FIPS 140<br />
23<br />
eNOVA<br />
SEIS<br />
HIS<br />
SIM-TD<br />
Common<br />
Criteria<br />
escar<br />
ISSE<br />
Eurocrypt<br />
Asiacrypt<br />
Crypto<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, the Energy Efficient Solutions logo, mobileGT, PowerQUICC, QorIQ, StarCore<br />
and Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack, ColdFire+, CoreNet, Flexis, Kinetis, MXC, Platform in a<br />
Package, Processor Expert, QorIQ Qonverge, Qorivva, QUICC Engine, SMARTMOS, TurboLink, VortiQa and Xtrinsic are trademarks of Freescale Semiconductor, Inc.<br />
All other product or service names are the property of their respective owners. © 2011 Freescale Semiconductor, Inc.
• HIS-SHE specification<br />
− Version 1.1 published April 2010<br />
− Freescale implements the first SHE module (CSE) 2011<br />
− SHE specification now part of HIS (*)<br />
• Evita project<br />
− Funded by the EU, finished November 2011<br />
− Specification of 3 different module classes<br />
� Evita Full: V2X communication, H/W based asymmetric cryptography<br />
� Evita Medium (HSM): Multiple-purpose ECUs, H/W based symmetric<br />
cryptography<br />
� Evita Light: Sensors and actuators, cost optimized symmetric crypto H/W,<br />
secure NVM optional<br />
− Gaining global acceptance as “quasi standard”<br />
(*) Herstellerinitiative Software<br />
TM<br />
24<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, ColdFire+, C-Ware, the Energy Efficient Solutions logo, Kinetis,<br />
mobileGT, PowerQUICC, Processor Expert, QorIQ, Qorivva, StarCore, Symphony and VortiQa are trademarks of Freescale Semiconductor, Inc.,<br />
Reg. U.S. Pat. & Tm. Off. Airfast, BeeKit, BeeStack, CoreNet, Flexis, MagniV, MXC, Platform in a Package, QorIQ Qonverge, QUICC Engine,<br />
Ready Play, SafeAssure, the SafeAssure logo, SMARTMOS, TurboLink, Vybrid and Xtrinsic are trademarks of Freescale Semiconductor, Inc. All<br />
other product or service names are the property of their respective owners. © 2012 Freescale Semiconductor, Inc.
• Tier1 specification of security module HSM<br />
− First samples 2010/11<br />
• HIS is working on a specification of a medium-level security<br />
module<br />
− Re-use of Evita Medium and Tier1 results<br />
− Expect Evita Medium/HSM to become part of HIS spec in 2012<br />
• Evita follow-on project<br />
• PRESERVE<br />
(Preparing Secure Vehicle-to-x Communication Systems)<br />
− Mission: Design, integrate and test a secure and scalable V2X <strong>Security</strong><br />
Subsystem for FOTs and Pilot Deployments<br />
− Based on Evita Full module<br />
− Jan 2011 - Dec 2014<br />
TM<br />
25<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, ColdFire+, C-Ware, the Energy Efficient Solutions logo, Kinetis,<br />
mobileGT, PowerQUICC, Processor Expert, QorIQ, Qorivva, StarCore, Symphony and VortiQa are trademarks of Freescale Semiconductor, Inc.,<br />
Reg. U.S. Pat. & Tm. Off. Airfast, BeeKit, BeeStack, CoreNet, Flexis, MagniV, MXC, Platform in a Package, QorIQ Qonverge, QUICC Engine,<br />
Ready Play, SafeAssure, the SafeAssure logo, SMARTMOS, TurboLink, Vybrid and Xtrinsic are trademarks of Freescale Semiconductor, Inc. All<br />
other product or service names are the property of their respective owners. © 2012 Freescale Semiconductor, Inc.
• Project Goal<br />
The objective of EVITA is to design, verify, and prototype an architecture for<br />
automotive on-board networks where security-relevant components are<br />
protected against tampering and sensitive data are protected against<br />
compromise.<br />
• Three different variants of hardware security modules<br />
− Full (Car2X)<br />
− Medium (ECU level)<br />
− Light (Sensor/actuator level): SHE equivalent<br />
• Project schedule: July 2008 – December 2011<br />
• http://www.evita-project.org<br />
• FSL was not part of EVITA, but is member in ARAMIS as a kind of<br />
successor project of EVITA<br />
• Full (Car2XARAMIS is defining security for multicore and Virtualization<br />
TM<br />
26<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, the Energy Efficient Solutions logo, mobileGT, PowerQUICC, QorIQ, StarCore<br />
and Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack, ColdFire+, CoreNet, Flexis, Kinetis, MXC, Platform in a<br />
Package, Processor Expert, QorIQ Qonverge, Qorivva, QUICC Engine, SMARTMOS, TurboLink, VortiQa and Xtrinsic are trademarks of Freescale Semiconductor, Inc.<br />
All other product or service names are the property of their respective owners. © 2011 Freescale Semiconductor, Inc.
• BMW and Audi commissioned escrypt to developed the SHE<br />
specification.<br />
• The SHE specification will be an official HIS (Herstellerinitiative<br />
Software = OEM initiative software) specification.<br />
• SHE is developed as free and open standard.<br />
• Early cooperation (2008) with Freescale.<br />
• The SHE specification only describes the technical parts.<br />
Implementation, process or backend are not subject of the<br />
specification.<br />
• SHE Specification:<br />
http://portal.automotive-his.de/index.php?option=com_content&task=view&id=31&Itemid=41<br />
TM<br />
27<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, the Energy Efficient Solutions logo, mobileGT, PowerQUICC, QorIQ, StarCore<br />
and Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack, ColdFire+, CoreNet, Flexis, Kinetis, MXC, Platform in a<br />
Package, Processor Expert, QorIQ Qonverge, Qorivva, QUICC Engine, SMARTMOS, TurboLink, VortiQa and Xtrinsic are trademarks of Freescale Semiconductor, Inc.<br />
All other product or service names are the property of their respective owners. © 2011 Freescale Semiconductor, Inc.
<strong>Security</strong><br />
Standards<br />
Main<br />
features<br />
CSE<br />
Module<br />
HSM<br />
Module<br />
TM<br />
EVITA Low HIS-SHE<br />
UID<br />
crypto engine<br />
NVM is<br />
mandatory<br />
fix function set<br />
supported by<br />
MPC564xB/C<br />
supported by<br />
McKinley , Calypso<br />
28<br />
EVITA-<br />
Medium<br />
HIS-<br />
Medium<br />
programmable<br />
by customer<br />
EVITA-<br />
High<br />
PublicKey<br />
HASH<br />
Low Complexity High<br />
juergen.frank@freescale.com<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, the Energy Efficient Solutions logo, mobileGT, PowerQUICC, QorIQ, StarCore<br />
and Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack, ColdFire+, CoreNet, Flexis, Kinetis, MXC, Platform in a<br />
Package, Processor Expert, QorIQ Qonverge, Qorivva, QUICC Engine, SMARTMOS, TurboLink, VortiQa and Xtrinsic are trademarks of Freescale Semiconductor, Inc.<br />
All other product or service names are the property of their respective owners. © 2011 Freescale Semiconductor, Inc.
• <strong>Security</strong> tutorial<br />
− Flash file to explain the security features and how to apply them. Login<br />
from product webpage listed below<br />
• Application note<br />
− AN4235 : Using CSE to protect your Application Code via a Chain of<br />
Trust<br />
− AN4234 : Using the Cryptographic Service Engine (CSE)<br />
• <strong>Security</strong> Demo and Video Introduction(In Chinese)<br />
− http://2011ftf.ccidnet.com/jishuzhanshiqu.html<br />
• Other resources including documents from MPC564xB/C Product<br />
Webpage<br />
http://www.freescale.com/webapp/sps/site/prod_summary.jsp?code<br />
=MPC564xB-<br />
C&webpageId=121120349534072559427E&nodeId=01624606C14<br />
27E&fromPage=tax<br />
TM<br />
29<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, the Energy Efficient Solutions logo, mobileGT, PowerQUICC, QorIQ, StarCore<br />
and Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack, ColdFire+, CoreNet, Flexis, Kinetis, MXC, Platform in a<br />
Package, Processor Expert, QorIQ Qonverge, Qorivva, QUICC Engine, SMARTMOS, TurboLink, VortiQa and Xtrinsic are trademarks of Freescale Semiconductor, Inc.<br />
All other product or service names are the property of their respective owners. © 2011 Freescale Semiconductor, Inc.
• Automotive <strong>Security</strong>: Protection and Enablement<br />
− Necessity and feature<br />
− Challenge and opportunity for new driver experiences<br />
• Automotive <strong>Security</strong>: A global concern, a requirement and a<br />
new trend<br />
− Automotive industry in search for standardization<br />
• Two types: In-vehicle <strong>Security</strong> and Connected Vehicle <strong>Security</strong><br />
• Freescale offers a variety of solutions today<br />
TM<br />
Freescale Automotive <strong>Security</strong> Solutions<br />
Type Device Family Platform <strong>Security</strong> Module<br />
In-Vehicle<br />
<strong>Security</strong><br />
Connected<br />
Vehicle<br />
<strong>Security</strong><br />
MCU<br />
(internal<br />
Flash)<br />
MPU<br />
(no Flash)<br />
MPC564xB/C (90nm Body)<br />
CSE<br />
MPC5746M (55nm Powertrain)<br />
32bit Qorivva<br />
Power Architecture<br />
HSM<br />
MPC574xC (55nm Body) HSM<br />
Vybrid R-Series ARM Cortex-A5 Trust Zone<br />
i.Mx Application Processors<br />
30<br />
ARM9/11<br />
Cortex-A8/A9/A15<br />
Sahara<br />
CAAM<br />
Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, the Energy Efficient Solutions logo, mobileGT, PowerQUICC, QorIQ, StarCore<br />
and Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack, ColdFire+, CoreNet, Flexis, Kinetis, MXC, Platform in a<br />
Package, Processor Expert, QorIQ Qonverge, Qorivva, QUICC Engine, SMARTMOS, TurboLink, VortiQa and Xtrinsic are trademarks of Freescale Semiconductor, Inc.<br />
All other product or service names are the property of their respective owners. © 2011 Freescale Semiconductor, Inc.