As news of cyber attacks and viruses sent over networks becomes increasingly more common, the auto industry is starting to put more emphasis on security. Chipmakers are adding encryption technologies that will help prevent hackers from altering code.
Freescale Semiconductor recently unveiled its Qorivva 32-bit microcontroller, a multicore device which includes a small, specialized security core and two Power Architecture cores for conventional tasks. This cryptographic services engine supports the secure hardware extension specification published in 2009 by the Hersteller Initiative Software consortium of European car makers.
Cryptography is used to encode and decode data for various functions, such as blocking illegal manipulation of a vehicle’s mileage, activating immobilizers that prevent a car from being stolen without the key, and preventing individual electronic control units from being dismantled for reuse in other vehicles. It will also prevent outsiders from altering functions so they don’t work correctly.
“Security in cars is getting more focused; you need a high level of protection. There’s a safety aspect; somebody could tamper with a car so that functions like the lights or wipers wouldn’t work,” said Brad Loane, Automotive Marketing Manager for Freescale.
Other chipmakers note that alternatives to encryption haven’t worked. Some automakers tried using firewalls, but they often made it difficult for technicians and other authorized workers to get into systems.
“Firewalls haven’t worked in autos, so they’re going to cryptography borrowed from smart cards and electronic documents like passports,” said Kurt Sievers, General Manager of NXP Semiconductors’ High-Performance Mixed-Signal automotive business.
The growing use of wireless links is another factor that’s driving the industry to increase security. Telematics will let cellular communications enter the vehicle and ongoing government efforts to add vehicle-to-vehicle and vehicle-to-infrastructure communications will open another portal. There’s also some talk of using Wi-Fi to give technicians wireless access to vehicle networks.
Each opening adds at least a small potential for problems. Encrypting data can substantially reduce the likelihood that software will be altered. Freescale is targeting its new device at the next generation of central vehicle body control, high-end gateways, and smart junction boxes. Embedding security on-chip instead of relying only on software will add an extra layer of protection in these applications.
“In the past, security was handled by software keys,” said Allan McAuslin, Freescale’s Automotive Marketing Manager. “Now the keys are stored in hardware in a protected environment that can only be accessed through specific module.”
Though data encryption is new in many automotive applications like body control, it’s been used for years in remote access key fobs. This application is also expanding into new areas.
One application is for shared vehicles like Zip cars. Some companies are tying this function to cell phones. “Your phone leads you to the car using GPS,” NXP’s Sievers said. “Then you hold your phone up to a reader in the car and once it knows your certificate is OK, it will open the car and you can drive it for as long as you’ve paid for it.”