Scribd Logo
Upload

Welcome to Scribd!

  • 165 views

    Cycurhsm: Design Workshop: Automotive Hsms

    Uploaded by

    vedhh
    This document provides an overview of a two-day workshop hosted by ESCRYPT to help chip manufacturers understand Bosch's specification for automotive hardware security modules (HSMs). The workshop will cover the requirements and challenges of implementing HSMs, integrating them into vehicle systems, and complying with safety and security standards. Attendees will learn about the Bosch HSM architecture and security functions, how to integrate HSMs with automotive software stacks, and how to support security protocols and cryptographic algorithms. The goal is to educate manufacturers on effectively and securely implementing HSM technology in automotive electronic control units.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    Cycurhsm: Design Workshop: Automotive Hsms

    Uploaded by

    vedhh
    165 views2 pages
    This document provides an overview of a two-day workshop hosted by ESCRYPT to help chip manufacturers understand Bosch's specification for automotive hardware security modules (HSMs). The workshop will cover the requirements and challenges of implementing HSMs, integrating them into vehicle systems, and complying with safety and security standards. Attendees will learn about the Bosch HSM architecture and security functions, how to integrate HSMs with automotive software stacks, and how to support security protocols and cryptographic algorithms. The goal is to educate manufacturers on effectively and securely implementing HSM technology in automotive electronic control units.

    Original Description:

    schulung_cycurhsm

    Original Title

    150216_schulung_cycurhsm

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    This document provides an overview of a two-day workshop hosted by ESCRYPT to help chip manufacturers understand Bosch's specification for automotive hardware security modules (HSMs). The workshop will cover the requirements and challenges of implementing HSMs, integrating them into vehicle systems, and complying with safety and security standards. Attendees will learn about the Bosch HSM architecture and security functions, how to integrate HSMs with automotive software stacks, and how to support security protocols and cryptographic algorithms. The goal is to educate manufacturers on effectively and securely implementing HSM technology in automotive electronic control units.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    165 views2 pages

    Cycurhsm: Design Workshop: Automotive Hsms

    Uploaded by

    vedhh
    This document provides an overview of a two-day workshop hosted by ESCRYPT to help chip manufacturers understand Bosch's specification for automotive hardware security modules (HSMs). The workshop will cover the requirements and challenges of implementing HSMs, integrating them into vehicle systems, and complying with safety and security standards. Attendees will learn about the Bosch HSM architecture and security functions, how to integrate HSMs with automotive software stacks, and how to support security protocols and cryptographic algorithms. The goal is to educate manufacturers on effectively and securely implementing HSM technology in automotive electronic control units.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 2

    CycurHSM

    Design Workshop: Automotive HSMs


    A comprehensive tutorial about the specification
    of the „Bosch HSM“ for chip manufacturers

    Automotive Security Bosch HSM Specification Workshop

    Due to the increased networking of automotive Electronic However, classical secure elements (Smartcards, TPM,
    Control Units (ECU) - each involving increasingly complex security IC) do not satisfy specific automotive require-
    software - and the fact that ECUs carry out more and more ments, e.g. availability of debug/test interfaces, auto-
    sensitive tasks, the attack surface and the resulting finan- motive qualification requirements and resilience against
    cial loss caused by a successful attack on an ECU will grow attacks on communication interfaces. This motivated
    significantly in the near future. Bosch to specify a dedicated automotive-qualified HSM.
    In order to harden ECUs against attacks, security mecha-
    nisms preventing unauthorized access to sensitive data or ESCRYPT has extensive experience in implementing HSMs
    successful manipulation of the ECU software must be used. and supporting HSM specification through a long history
    of industrial and research projects.
    Automotive Hardware Security Modules Thus, our highly-experienced technical HSM experts will
    enable any chip manufacturer during an effective two-day
    For security at ECU level, pure security solutions in soft- workshop to
    ware cannot sufficiently protect the integrity of an embed-
    ded automotive system. Therefore, a Hardware Security ▪▪ Understand the main implementation requirements
    Module (HSM) is a necessary prerequisite to harden em- and challenges
    bedded systems. HSMs are optional on-chip extensions to ▪▪ Estimate the cost-benefit relationship of the imple-
    ESCRYPT 2015/02

    any given microcontroller intended to support the protec- mentation


    tion of secret keys, to increase data throughput of cryp-
    tographic functionality and to reduce security-related CPU
    load on the main cores.
    CycurHSM
    General information & Benefits ▪▪ System Environment and main functions
    • Unique chip identifier
    • (Secure) system boot mechanism
    ▪▪ Effective two-day workshop at ESCRYPT location in
    Germany (Bochum, Stuttgart, Munich, Wolfsburg, Berlin) - Main core boot
    ▪▪ Comprehensive training material as hand out
    - HSM boot
    ▪▪ 6 hours Q&A time available for a 4-week period after
    ▪▪ Debug Interface Protection
    • Test Interface Protection
    the training
    ▪▪ Catering included
    ▪▪ Deep-dive: Cryptographic modules & protocols
    • Implementation pitfalls: What can go wrong with

    Training Schedule & Content “bad” cryptography?


    • Advanced Encryption Standard (AES)
    - General design principle
    Sessions Day 1 Day 2
    - Modes of operation (e.g. ECB, CBC, CTR, OFB,
    Session A
    Introduction to SHE / SHE+ CFB, GCM, XTS)
    Automotive HSMs integration and - Standardization
    (2 h)
    and the Bosch HSM compatibility
    • Random Number Generators
    Session B The Bosch HSM in System integration - TRNG vs. PRNG
    (2 h) detail (part I) aspects
    - Design principles
    Lunch
    - Standardization and output validation
    Safety aspects (e.g. statistical test suites)
    Session C The Bosch HSM in
    (2 h) detail (part II) Application SW • Challenge-response protocol for authorized debug/
    integration test access
    Recap
    Summary and Q&A Summary and Q&A
    (1 h) SHE/SHE+ integration
    ▪▪ Introduction SHE/SHE+
    Introduction to Automotive HSMs / Bosch HSM-OS ▪▪ Differences between SHE/SHE+ and the Bosch HSM
    ▪▪ Use cases for automotive HSMs, scenarios for secure ▪▪ SHE/SHE+ emulation on the Bosch HSM
    elements in automotive
    ▪▪ Journey through the „HSM world“: SHE, EVITA light/ System integration aspects
    medium/full, SHE+, Bosch HSM ▪▪Implementation requirements and challenges
    ▪▪ Example of future HSM-supported EEA ▪▪Example use cases: Specific aspects and challenges
    ▪▪ Trends and users of HSMs regarding
    ▪▪ Introduction to Bosch HSM • Secure Boot
    • Idea and history • Secure Storage
    • High-level architecture and main security functions • Host and HSM reprogramming
    • Exemplary use cases (e.g. Secure Boot, Secure
    Flash, Runtime Tuning Detection) Safety aspects
    ▪▪ Overview: General HW safety mechanisms
    Bosch HSM in detail – Part I & II (lockstep, ECC memory)
    ▪▪ Integration into the microcontroller ▪▪ Deployment of HSM in safety-critical environments
    • HSM enabling/disabling
    • Pitfalls and challenges
    • System bus connection
    • Side-effects
    ▪▪ Secure flash (code vs. data) ▪▪ Freedom from Interference
    ▪▪ Internal Structure
    • Main components
    Application SW integration
    - Secure core ▪▪ AUTOSAR integration (e.g. CSM, CRY)
    - Memory protection unit (MPU) ▪▪ Outlook: The CycurHSM software stack
    - System timer
    - Secure local RAM
    • Interfaces For further information please contact
    - Interrupt interface module [email protected]
    - Debug interface module
    • Cryptographic modules
    +49 (0) 89 208039 - 132
    - AES hardware module [email protected]
    - HSM device keys for AES
    +49 (0) 234 43870 - 249
    - True random number generator (TRNG)
    - Pseudo random number generator (PRNG)

    You might also like