Security IP hardens CAN XL against cyber attacks
Up to 120 electronic control units (ECUs) are installed in luxury class vehicles. This leads to increasing complexity in the communication control of vehicle networks, which require deterministic, low latency and higher bandwidths. At the same time that the complexity of the electrical/electronic (E/E) architecture in vehicles is increasing, so is the potential for cyberattacks on vehicle networks. These can cause both financial, but more importantly, functional damage, which in the worst case can compromise the safety of vehicle occupants. Therefore, the automotive industry uses various network technologies to meet the different technical, but also economic requirements of a vehicle.
One of the most commonly used data transmission protocols is the CAN protocol (CAN bus), which was developed in the 1980s. It impresses with its high robustness, flexibility and the associated cost savings. Since then, several variants of the serial bus system have been developed to meet increasing requirements. The latest variant, CAN XL, allows higher data transmission rates and also a scalable user data length, which makes it possible to include additional safety information. The new standard (CiA613-1 and 2) is being developed by CAN in Automation (CiA) to extend the CAN XL protocol with security functions (CANsec). These protect against unauthorized access and ensure the integrity and authenticity of origin as well as the confidentiality of data in CAN-based networks.
Based on this, the Fraunhofer Institute for Photonic Microsystems IPMS has developed the CANsec Controller IP Core CAN-SEC. This can be used directly between the host processor and a CAN-XL IP core. Marcus Pietzsch, head of the IP Cores and ASIC Design group at Fraunhofer IPMS, explains, “The new IP Core CAN-SEC builds the CANsec structure in the buffers of the CAN-XL core directly before the frame is sent or directly after it is received. It can be used together with the CAN controller IP core of Fraunhofer IPMS as well as with IP cores of other manufacturers and, like all other IP cores of Fraunhofer IPMS, can be used platform-independently in all FPGAs and foundry technologies.”
The Fraunhofer IPMS IP core is already being evaluated by cooperation partner Renesas. At the Embedded World trade fair, Renesas will be showing a demonstration of the integrated CAN-SEC IP core for the first time. Fraunhofer IPMS is also represented at the trade show and is presenting its latest developments and various processor cores, including the CAN-SEC IP-Core.
Achieving ISO/SAE21434 cyber security using Secure Flash
Automotive security controller is designed for long life
Cryptographic device brings higher levels of automotive security
Collaboration improves security for software in connected cars
The “Swiss Cheese” Approach to Automotive Security
Renesas makes automotive SoCs hacker-proof
Automotive cybersecurity report reveals exposure points, hacker tools