MIPI Security framework protects image data
The MIPI Alliance has released a framework of four specifications to secure data in automotive camera systems on a frame by frame basis.
The MIPI Camera Security Framework provides a flexible approach to adding end-to-end security to designs using the Camera Serial Interface 2 (CSI-2) interface specification.
Image sensors have a safety critical role in advanced driver-assistance systems (ADAS) and autonomous driving systems (ADS), protecting image-sensor data against cybersecurity risks. These risks include the installation of illegitimate or substandard image sensor components, malicious manipulation of sensor data and privacy violations from unauthorized access to images and image-related metadata.
The Camera Security Framework enables authentication of system components, data integrity protection and data encryption. It provides implementers with a choice of security protocols, cipher suites, data integrity tag modes and security controls, which together provide a high degree of flexibility to balance required security levels against processing efficiency, implementation complexity, thermal regulation and power consumption.
It also provides security control that is configurable on a frame-by-frame basis.
While other embedded interface security methods protect only the link layer, the MIPI Camera Security Framework delivers application-level protection from “silicon to silicon” across all the link layer components. This provides end-to-end CSI-2 protection from the source of sensor data in sensor silicon to the ultimate sink of that data in system-on-chip (SoC) silicon.
The CSI-2 protection is guaranteed irrespective of the underlying communication network topology, providing complete flexibility for developers to leverage any combination of bridges, aggregators, forwarding elements and other underlying network components to achieve the most efficient solution for their particular application.
The Camera Security Framework also allows highly granular security control over the different segments of the CSI-2 image frame to enable a sliding scale of security levels on a frame-by-frame basis.
At the highest security level, full data integrity and encryption are applied to the whole image frame. At partial integrity levels, integrity protection is applied to a subset of data within an image frame. At the lowest security level, no data integrity is applied to the image data.
Although the framework has been designed for protection of automotive data streams, it can be applied to Internet of Things (IoT), industrial and other use cases that leverage CSI-2-based image sensors for machine-vision applications.
The Camera Security Framework currently consists of three new specifications, with a fourth to be added in the coming months:
MIPI Camera Service Extensions (MIPI CSE) v2.0, a companion specification to MIPI CSI-2, defines security services to enable data integrity protection and optional encryption of CSI-2 data (in addition to the functional safety services provided in CSE v1.0).
MIPI Camera Security v1.0, which defines system security management of MIPI CSE and the upcoming MIPI CCISE, leveraging the Distributed Management Task Force (DMTF) Security Protocol Data Model (SPDM) for authentication of system components.
MIPI Camera Security Profiles v1.0, which defines a set of common security profiles for the MIPI Camera Security Framework to enable interoperability, including profiling of SPDM authentication mechanisms.
MIPI Command and Control Interface Service Extensions (MIPI CCISE) v1.0, another companion specification to MIPI CSI-2, will define security services to enable data integrity protection and optional encryption of the MIPI Command and Control Interface (MIPI CCI) based on I2C. This specification is under development with completion expected by the end of 2024.
The security framework is a key component of the Automotive SerDes Solutions (MASS) full stack connectivity.
“With the widespread use of CSI-2-based image sensors within automotive, the introduction of the MIPI Camera Security Framework significantly strengthens and simplifies the protection of camera data streams,” said Sanjiv Desai, chair of MIPI Alliance. “In the past, integrators have had to rely on proprietary security solutions, but now there’s a standardized approach that delivers end-to-end protection, along with the ability to flex the level of protection to suit their particular requirements.”
The framework was the result of collaboration between the MIPI Security Working Group and a subgroup of the MIPI Camera Working Group. Companies participating in the effort include Intel, Introspect Technology, Mixel, Mobileye, Nvidia, Qualcomm, Renesas Electronics, Robert Bosch, Synopsys, test house Teledyne LeCroy and CSI chip supplier Valens Semiconductor as well as image sensor suppliers onsemi, Omnivision, Sony and STMicroelectronics.
Additional resources can be found on the MIPI Camera Security Framework page on the MIPI website, including a new white paper: A Guide to the MIPI Camera Security Framework for Automotive Applications