The planned platform comprises Renesas' RH850/P1x-C Series of automotive safety microcontrollers with Escrypt’s CycurHSM, a security software stack,
Semiconductor supplier Renesas has teamed up with Bochum, Germany-based embedded security system provider Escrypt GmbH to develop an integrated hardware and software platform that will feature high security for automotive electronic systems.
The planned platform comprises Renesas' RH850/P1x-C Series of automotive safety microcontrollers with Escrypt’s CycurHSM, a security software stack, to realise highly complex automotive security solutions. It reduces development time and integrates security functions in safety-critical automotive ECU applications. Additionally, the platform serves as a stepping stone to achieve autonomous driving by accelerating the integration of safety and security functions.
In the autonomous driving era, in-vehicle infotainment, vehicle-to-vehicle (V2V), and vehicle-to-infrastructure (V2I) networks are expected to become mainstream. The connectivity between these networks requires robust security measures to ensure the systems are protected from unauthorised external access.
Renesas’ RH850/P1x-C Series integrates a hardware security module with a co-processor supporting data encryption, authentication and random number generation to address these mission-critical security requirements in vehicle systems. CycurHSM is a security software stack that fits RH850/P1x-C MCUs and complements the security features in hardware with additional security services, such as secure boot, secure flashing and debugging.
Upcoming novel use cases such as software and firmware updates Over-the-Air (SOTA/FOTA) or advanced driver assistance systems (ADAS) and the resulting in-vehicle communications require higher ECU protection levels against unauthorised or malicious access and manipulation. Therefore, in addition to protection software, hardware security protection within the ECU has also become essential.
The platform is intended to accelerate safety and security functions required for vehicles of the autonomous era with highly optimised HSM technology. The ICU-M provides security services based on private and public key cryptography that allow advanced cyber-security use case implementations. The ICU-M includes dedicated secure code/data flash, enhanced debug control methods by dynamic authentication, fast AES engine with multiple execution contexts and complex ciphering modes, pseudo random number generation seeded by true random number generator compliant with AIS-31 and many other security features.
CycurHSM is a scalable tool, ranging from SHE (Note 4) and SHE+ up to full HSM functionality (such as secure flashing, secure onboard communication, advanced mechanisms for secure boot, secure debugging or feature activation). CycurHSM runs on the ICU-M and provides dedicated software interfaces to make use of the full power of HSM technology. Escrypt’s HSM security stack will be available for further Renesas MCUs in the near future.
ECU developers can rely on optimal-fit components from Renesas and Escrypt to simplify implementation of the desired security functions. For an existing Autosar application, since the combined hardware/software solution is fully Autosar-compliant, no further development of security functions is required and the remaining tasks boil down to a simple configuration of the software, thereby eliminating up to 90% of the development effort.
For new applications, Autosar-compliant or not, the clean interface offered by the combined hardware/software enables system developers to concentrate on high-level software development, without having to worry about low-level or hardware-specific issues. This leads to a significant reduction of the overall effort by at least 50% in case of new applications.
The security platform can be further enriched by additional security services such as risk analysis and efficient security concepts, as well as software products such as key management from Escrypt. It can also be integrated into a full Autosar stack, as e.g., provided by Escrypt’s parent company ETAS, itself a subsidiary of automotive supplier Bosch.
The globally available combination of Renesas and Escrypt products will enhance the security of connected, highly automated vehicles and provide added value to customers worldwide.