Connectivity software platform meets security level EAL3+

Connectivity software platform meets security level EAL3+

New Products |
By Christoph Hammerschmidt

The platform guarantees information security by protecting data transfer through strict encapsulation and separation of all communication channels.  This partitioning is complemented by a secure boot process, an integrated intrusion detection system and a firewall.

The platform uses the hypervisor technology of Sysgo’s real-time operating system (RTOS) PikeOS, which enables critical and non-critical infrastructures to be operated simultaneously with one system.  By using the hypervisor functionality in PikeOS to run applications in strictly separated partitions, security-critical applications in particular can run undisturbed within a specified time frame.  The platform is pre-certified according to the Common Criteria EAL3+ security standard and the ISO 26262 security standard for the automotive industry.  This is an advantage because only a single hardware system is required when planning the software architecture, which reduces development and production costs and accelerates the time to market.  The platform offers a flexible software framework that supports customers in designing their software architecture to secure communication and updates.

At CES, Sysgo will present a prototype implementation of the SACoP platform, consisting of an STM Telemaco3P processor and an R-CAR H3 board from Renesas.  The latter realizes a digital cockpit display based on Automotive Grade Linux (AGL) and an infotainment system (IVI) in the vehicle.  The Telemaco 3P processor is the connection to the outside world and functions as a secure gateway.  It is also used to supply passengers’ trays and smartphones with Internet access.  The software is based on PikeOS together with ELinOS, the robust, long-term supported and automotive Linux distribution from Sysgo.

The demonstrator communicates with the outside world via a gateway that supports various protocols (3G/4G/5G) and enables a variety of applications, such as over-the-air updates of applications without visiting an authorized workshop, V2X communication, connectivity to the cloud backend or uploading maintenance data.  Internally, a WLAN hotspot set up for passengers is protected by the platform’s firewall.  The vehicle’s internal network (Ethernet, CAN) is separate and can only be accessed via secure and monitored channels.

Concept of the secure connectivity platform with Sysgo operating system

The platform uses Sysgo’s proven secure boot mechanism.  Communication takes place via the Transport Layer Security (TLS) encryption protocol.  The data is encrypted and digitally signed so that only the owner of the private keys created for this purpose can actually make changes.  The Intrusion Detection System (IDS) runs as an independent partition and monitors network traffic.

The new Secure Automotive Connectivity Platform will be on display at the Automotive Grade Linux Showcase in the Smart City exhibition (Westgate booth 1815) and in the Sysgo Hospitality Suite in the Westgate Hotel (floor 18, suite 1830).

More information:


If you enjoyed this article, you will like the following ones: don't miss them by subscribing to :    eeNews on Google News


Linked Articles