AUTOSAR Security Modules
|
|
- Easter McLaughlin
- 7 years ago
- Views:
Transcription
1 AUTOSAR Security Modules Current Status V
2 Agenda 1. AUTOSAR 2. CAL & CSM 3. SecOC 2/40
3 AUTOSAR Introduction Automotive Open System Architecture Software for electronic control units (ECU) Software architecture SWC/Application RTE SYS COM LIB MCAL CDD Microcontroller 3/40
4 AUTOSAR Introduction Software component (SWC) / Application Implementation of functionality of ECU Runs on microcontroller Sends & receives data to and from other ECUs (in network) SWC/Application Microcontroller 4/40
5 AUTOSAR Introduction Run time environment (RTE) Provides interface to basic software (BSW) SWC/Application RTE Microcontroller 5/40
6 AUTOSAR Introduction System services (SYS) and libraries (LIB) Cryptographic modules Operating system (OS) Complex device drivers (CDD) SWC/Application RTE SYS LIB CDD Microcontroller 6/40
7 AUTOSAR Introduction Communication modules (COM) send & receive data on automotive bus systems > Controller Area Network (CAN) > Local Interconnect Network (LIN) > FlexRay > Ethernet >... SWC/Application RTE SYS COM LIB CDD Microcontroller 7/40
8 AUTOSAR Introduction Microcontroller abstraction layer (MCAL) BSW & SWC independent of microcontroller SWC/Application RTE SYS COM LIB MCAL CDD Microcontroller 8/40
9 AUTOSAR Motivation for security modules in AUTOSAR New security challenges Automotive software plays central role in car innovations Car connectivity will provide an essential part for value-added features Car security strict and secure access control to the car and its parts (ECU) sensitive car data (odometer, motor characteristic) passenger s data (GPS) intellectual property of the OEM 9/40
10 AUTOSAR AUTOSAR security modules CAL & CSM Basic cryptographic primitives for BSW and application SecOC Authenticated communication seamlessly integrated into the AUTOSAR communication stack 10/40
11 Agenda 1. AUTOSAR 2. CAL & CSM 3. SecOC 11/40
12 CAL & CSM Introduction Crypto Abstraction Library CAL BSW, CDD or SWC use CAL by inclusion Memory allocated by caller Enables re-entrance Crypto Primitive Library CPL SW implementation of cryptographic primitives Crypto Service Manager CSM CAL CPL SWC/Application RTE CSM SYS CRY CRY COM SWC use CSM through RTE LIB MCAL SHEDRV CDD BSW/CDD use CSM by inclusion Microcontroller SHE Asynchronous operation possible Callback indicates application Crypto library module CRY Implementation of cryptographic primitives Usage of SW or crypto HW possible 12/40
13 CAL & CSM Supported Cryptographic Services Abstract definition of cryptographic services No definition for a concrete cryptographic algorithm Basic Cryptography Hash Message authentication code () Generation Verification Random number generation Encryption/ Decryption Symmetric Asymmetric Signatures Key Management Key derivation function (KDF) Key generation, update*, export, import Key exchange protocols *Csm only Miscellaneous Compression/ Decompression Checksum 13/40
14 CAL & CSM Cryptographic Service Configuration AsymEncryptService AsymEncrypt_1 RSA2048 AsymEncrypt_2 RSA4096 SymEncryptService SymEncrypt_1 AES SymEncrypt_2 TwoFish HashService Individual configuration of each required service Set of distinct configurations Specific implementation for each service configuration 14/40
15 CAL & CSM Cryptographic Service Configuration AsymEncryptService AsymEncrypt_1 RSA2048 AsymEncrypt_2 RSA4096 SymEncryptService SymEncrypt_1 AES SymEncrypt_2 Serpent HashService Individual configuration of each required service Set of distinct configurations Specific implementation for each service configuration Implementations may change in future 15/40
16 CAL & CSM Cryptographic Service Configuration AsymEncryptService AsymEncrypt_1 RSA2048 ECC256 AsymEncrypt_2 RSA4096 ECC512 SymEncryptService SymEncrypt_1 AES SymEncrypt_2 Serpent HashService Individual configuration of each required service Set of distinct configurations Specific implementation for each service configuration Implementations may change in future API compatibility not ensured 16/40
17 CAL & CSM General Usage Streaming services Start Update Indefinite long data stream... Update Update... Update Finish Result Initialization with Start function (e.g. Csm_SymEncryptStart) Update function (e.g. Csm_SymEncryptUpdate) Finish function (e.g. Csm_SymEncryptFinish) Non-streaming services Example: Csm_GenerateRandom 17/40
18 CAL & CSM Hardware-based Security SWC/Application RTE CSM SYS CRY CRY LIB MCAL SHEDRV CDD Microcontroller SHE CSM services use cryptographic hardware or software implementation 18/40
19 CAL & CSM Hardware-based Security Controller Secure Zone SHE Secure Hardware Extension CPU Control Logic AES RAM + Flash + ROM Peripherals (CAN, UART,...) Secure Hardware Extension (SHE) On-chip extension to microcontroller Memory for secure storage of (cryptographic) data Hardware extension for cryptographic primitives Specified by Hersteller Initiative Software (HIS) 19/40
20 CAL & CSM SHE - Performance AES ECB Encryption: SHE vs. Software library Block 3 Blocks 6 Blocks µs SHE 64 Mhz SW 64 Mhz SHE 120 Mhz SW 120 Mhz Measured on a Freescale MPC5646C (w/ CSE), MICROSAR Stack with CSM and SHE driver with the Vector AUTOSAR Measurement and Debugging (AMD) Runtime Measurement (Rtm) Tool. 1 Block = 16 bytes 20/40
21 Agenda 1. AUTOSAR 2. CAL & CSM 3. SecOC 21/40
22 SecOC Introduction SecOC is parallel to PDUR PDUR routes PDUs PDU is a message on a bus SWC/Application RTE SecOC PDUR SYS COM LIB MCAL CDD Microcontroller 22/40
23 SecOC Introduction SecOC is parallel to PDUR PDUs are routed through SecOC PDU & authentication sent & received through IF or TP modules COM module combines data into PDUs SWC/Application RTE IF modules send & receive atomic messages TP modules manage messages longer than atomic messages SYS SecOC COM PDUR COM IF/TP LIB MCAL CDD Microcontroller 23/40
24 SecOC Introduction SecOC is parallel to PDUR PDUs are routed through SecOC PDU & authentication sent & received through IF or TP modules SecOC uses Cal or Csm RTE-interface Authentication: or signature CAL CSM SWC/Application RTE SecOC PDUR COM SYS COM IF/TP LIB MCAL CDD Microcontroller 24/40
25 SecOC Functionality ECU 1 ECU 3 Secured PDU BUS 25/40 SecOC sends & receives secured PDUs Secured PDUs are protected against Manipulation Random errors Replays
26 SecOC Sending a secured PDU ECU 1 DataID 1 Secured PDU DataID assigned to secured PDU Authentic PDU 26/40
27 SecOC Sending a secured PDU ECU 1 DataID 1 Fresh. Value Secured PDU Freshness value Monotonic counter to prevent replay attacks Implementation Timestamp Counter 27/40
28 SecOC Sending a secured PDU ECU 1 DataID 1 Fresh. Value Generator Secured PDU DataID, PDU, freshness value form input to generator Symmetric key required for generation SecOC may use C to benefit from SHE 28/40
29 SecOC Sending a secured PDU ECU 1 DataID 1 LSBs Fresh. Value Generator Fresh. Value Secured PDU MSBs PDU, truncated freshness value, truncated form secured PDU 29/40
30 SecOC Sending a secured PDU ECU 1 DataID 1 Fresh. Value Generator Fresh. Value Secured PDU MSBs NIST Special Publication B (C) Truncated length 64 bits Truncated length must be thoroughly chosen dependent on network attributes and security requirements 30/40
31 SecOC Reception of a secured PDU DataID 1 ECU 1 Fresh. Value Generator replace LSBs Fresh. Value Secured PDU ECU 3 DataID 1 Ver. Fresh. Authentic PDU is parsed DataID must be identical for sender and receiver Truncated freshness value is synchronized to form verification freshness value 31/40
32 SecOC Reception of a secured PDU Ver. Fresh = Ver. Fresh. Fresh. Value Secured PDU ECU 3 DataID 1 Ver. Fresh. Verification freshness value stored freshness value (replay attacks) If not: Increment MSBs of verification freshness value Synchronization between sender and receiver 32/40
33 SecOC Reception of a secured PDU DataID 1 ECU 1 Fresh. Value Generator Fresh. Value Secured PDU compare DataID 1 ECU 3 Fresh. Value Generator DataID, PDU, verification freshness form input to generator Symmetric key must be identical for sender and receiver MSBs of calculated are compared to truncated If successful, PDU is forwarded If not, PDU is dropped 33/40
34 SecOC System Configuration ECU 1 ECU 2 ECU 3 PDU 2 PDU 2 PDU 3 PDU 3 BUS 34/40
35 SecOC System Configuration ECU 1 ECU 2 ECU 3 PDU 2 PDU 2 PDU 3 PDU 3 BUS 35/40
36 SecOC System Configuration ECU 1 ECU 2 ECU 3 DataID 1 DataID 1 DataID 1 DataID 2 DataID 2 PDU 2 PDU 2 PDU 3 PDU 3 BUS Assignment of DataIDs to the to-be-secured PDUs 36/40
37 SecOC System Configuration ECU 1 ECU 2 ECU 3 DataID 1 DataID 1 DataID 1 Fresh. Value Fresh. Value Fresh. Value DataID 2 DataID 2 PDU 2 Fresh. Value PDU 2 Fresh. Value PDU 3 PDU 3 BUS Specification of the layout of the secured PDU 37/40
38 SecOC System configuration ECU 1 ECU 2 ECU 3 DataID 1 DataID 1 DataID 1 Fresh. Value Fresh. Value Fresh. Value DataID 2 DataID 2 PDU 2 Fresh. Value PDU 2 Fresh. Value PDU 3 PDU 3 BUS Assignment of keys to the secured PDUs Initial keying Re-keying 38/40
39 SecOC System configuration ECU 1 ECU 2 ECU 3 DataID 1 DataID 1 DataID 1 Fresh. Value Fresh. Value Fresh. Value DataID 2 DataID 2 PDU 2 Fresh. Value PDU 2 Fresh. Value PDU 3 PDU 3 ECU1_Extract ECU2_Extract ECU3_Extract 39/40
40 For more information about Vector and our products please visit Author: Philipp Werner, Armin Happel, Ralf Fritz, Steffen Keul Vector Informatik GmbH Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V
CycurHSM An Automotive-qualified Software Stack for Hardware Security Modules
CycurHSM An Automotive-qualified Software Stack for Hardware Security Modules Dr. Frederic Stumpf, ESCRYPT GmbH Embedded Security, Stuttgart, Germany 1 Introduction Electronic Control Units (ECU) are embedded
More informationFrom Signal Routing to complete AUTOSAR compliant CAN design with PREEvision (II)
From Signal Routing to complete AUTOSAR compliant CAN design with PREEvision (II) RELEASED V0.01 2014-12-02 Agenda PREEvision AUTOSAR Webinar Part I AUTOSAR System and Software Design with PREEvision The
More informationSafety and security related features in AUTOSAR
Safety and security related features in Dr. Stefan Bunzel Spokesperson (Continental) Co-Authors: S. Fürst, Dr. J. Wagenhuber (BMW), Dr. F. Stappert (Continental) Automotive - Safety & Security 2010 22
More informationSafety and Security Features in AUTOSAR
Safety and Security Features in AUTOSAR Nagarjuna Rao Kandimala, Michal Sojka Czech Technical University in Prague 166 27 Praha 6, Czech Republic Thursday 15 th November, 2012 Contents 1 Introduction 2
More informationAUTOSAR Configuration Process - How to handle 1000s of parameters
AUTOSAR Configuration Process - How to handle 1000s of parameters Webinar 2013-04-19 V2.0 2013-04-18 Agenda >Introduction AUTOSAR ECU Configuration Description ECU Configuration Workflow Multi-User Workflow
More informationEmbedding Trust into Cars Secure Software Delivery and Installation
Embedding Trust into Cars Secure Software Delivery and Installation André Adelsbach, Ulrich Huber, Ahmad-Reza Sadeghi, Christian Stüble Horst Görtz Institute for IT Security, Bochum, Germany Third Workshop
More informationSHE Secure Hardware Extension
SHE Secure Hardware Extension Data Security for Automotive Embedded Systems Workshop on Cryptography and Embedded Security Embedded World @ Nuremberg, February 2012 Content Data Security - What does it
More informationUM0586 User manual. STM32 Cryptographic Library. Introduction
User manual STM32 Cryptographic Library Introduction This manual describes the API of the STM32 cryptographic library (STM32-CRYP-LIB) that supports the following cryptographic algorithms: AES-128, AES-192,
More informationSecure Network Communications FIPS 140 2 Non Proprietary Security Policy
Secure Network Communications FIPS 140 2 Non Proprietary Security Policy 21 June 2010 Table of Contents Introduction Module Specification Ports and Interfaces Approved Algorithms Test Environment Roles
More informationCustomer Experience. Silicon. Support & Professional Eng. Services. Freescale Provided SW & Solutions
September 2013 Silicon Support & Professional Eng. Services Customer Experience Freescale Provided SW & Solutions Provide Valued Software, Support & Professional Engineering Services, Competitively 2 Customer
More informationStandardized software components will help in mastering the. software should be developed for FlexRay were presented at
Embedded Software for FlexRay Systems Special aspects and benefits of implementing modularized software Standardized software components will help in mastering the growing complexity of the interplay of
More informationEmbedded OS. Product Information
Product Information Table of Contents 1 Operating Systems for ECUs... 3 2 MICROSAR.OS The Real-Time Operating System for the AUTOSAR Standard... 3 2.1 Overview of Advantages... 3 2.2 Properties... 4 2.3
More informationSkyRecon Cryptographic Module (SCM)
SkyRecon Cryptographic Module (SCM) FIPS 140-2 Documentation: Security Policy Abstract This document specifies the security policy for the SkyRecon Cryptographic Module (SCM) as described in FIPS PUB 140-2.
More informationUser-friendly Configuration of AUTOSAR ECUs with Specialized Software Tools
User-friendly Configuration of AUTOSAR ECUs with Specialized Software Tools The simple CAN ECU is a thing of the past. Now, a typical ECU utilizes many functions of the AUTOSAR basic software to perform
More informationChapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography
Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:
More informationProduct Information Services for Embedded Software
Product Information Services for Embedded Software Table of Contents 1 Technical Consulting/Engineering Services... 3 1.1 Overview of Advantages... 3 1.2 Application Areas... 3 2 Product- Services - Proficient
More informationECU State Manager Module Development and Design for Automotive Platform Software Based on AUTOSAR 4.0
ECU State Manager Module Development and Design for Automotive Platform Software Based on AUTOSAR 4.0 Dhanamjayan P.R. 1, Kuruvilla Jose 2, Manjusree S. 3 1 PG Scholar, Embedded Systems, 2 Specialist,
More informationDo AUTOSAR and functional safety rule each other out?
Software development Do AUTOSAR and functional safety rule each other out? While simplicity is a factor in safety-critical applications, AUTOSAR has over 6,000 configuration parameters and well over 100,000
More informationAccellion Secure File Transfer Cryptographic Module Security Policy Document Version 1.0. Accellion, Inc.
Accellion Secure File Transfer Cryptographic Module Security Policy Document Version 1.0 Accellion, Inc. December 24, 2009 Copyright Accellion, Inc. 2009. May be reproduced only in its original entirety
More informationSPC5-CRYP-LIB. SPC5 Software Cryptography Library. Description. Features. SHA-512 Random engine based on DRBG-AES-128
SPC5 Software Cryptography Library Data brief SHA-512 Random engine based on DRBG-AES-128 RSA signature functions with PKCS#1v1.5 ECC (Elliptic Curve Cryptography): Key generation Scalar multiplication
More informationSecure web transactions system
Secure web transactions system TRUSTED WEB SECURITY MODEL Recently, as the generally accepted model in Internet application development, three-tier or multi-tier applications are used. Moreover, new trends
More informationAUTOSAR Safety Solutions for Multicore ECUs and ADAS Systems. Robert Leibinger 5 th June 2015
AUTOSAR Safety Solutions for Multicore ECUs and ADAS Systems Robert Leibinger 5 th June 2015 Agenda Architecture requirements for ADAS ECU Overview of different architecture approaches Compare and contrast
More informationAUTOSAR Software Architecture
AUTOSAR Software Architecture Robert Warschofsky Hasso-Plattner-Institute für Softwaresystemtechnik Abstract. AUTOSAR supports the re-use of software and hardware components of automotive electronic systems.
More informationFIPS 140-2 Non- Proprietary Security Policy. McAfee SIEM Cryptographic Module, Version 1.0
FIPS 40-2 Non- Proprietary Security Policy McAfee SIEM Cryptographic Module, Version.0 Document Version.4 December 2, 203 Document Version.4 McAfee Page of 6 Prepared For: Prepared By: McAfee, Inc. 282
More informationSSL A discussion of the Secure Socket Layer
www.harmonysecurity.com info@harmonysecurity.com SSL A discussion of the Secure Socket Layer By Stephen Fewer Contents 1 Introduction 2 2 Encryption Techniques 3 3 Protocol Overview 3 3.1 The SSL Record
More informationWireless Microcontrollers for Environment Management, Asset Tracking and Consumer. October 2009
Wireless Microcontrollers for Environment Management, Asset Tracking and Consumer October 2009 Jennic highlights Jennic is a fabless semiconductor company providing Wireless Microcontrollers to high-growth
More informationCut Network Security Cost in Half Using the Intel EP80579 Integrated Processor for entry-to mid-level VPN
Cut Network Security Cost in Half Using the Intel EP80579 Integrated Processor for entry-to mid-level VPN By Paul Stevens, Advantech Network security has become a concern not only for large businesses,
More informationSECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES
SECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES Contents Introduction... 3 DRM Threat Model... 3 DRM Flow... 4 DRM Assets... 5 Threat Model... 5 Protection of
More informationNorthrop Grumman M5 Network Security SCS Linux Kernel Cryptographic Services. FIPS Security Policy Version 2.42. www.northropgrumman.
Northrop Grumman M5 Network Security SCS Linux Kernel Cryptographic Services FIPS Security Policy Version 2.42 www.northropgrumman.com/m5/ SCS Linux Kernel Cryptographic Services Security Policy Version
More informationSecurity Technical. Overview. BlackBerry Enterprise Service 10. BlackBerry Device Service Solution Version: 10.2
BlackBerry Enterprise Service 10 BlackBerry Device Service Solution Version: 10.2 Security Technical Overview Published: 2014-09-10 SWD-20140908123239883 Contents 1 About BlackBerry Device Service solution
More informationIoT Security Concerns and Renesas Synergy Solutions
IoT Security Concerns and Renesas Synergy Solutions Simon Moore CTO - Secure Thingz Ltd Agenda Introduction to Secure.Thingz. The Relentless Attack on the Internet of Things Building protection with Renesas
More informationIT Networks & Security CERT Luncheon Series: Cryptography
IT Networks & Security CERT Luncheon Series: Cryptography Presented by Addam Schroll, IT Security & Privacy Analyst 1 Outline History Terms & Definitions Symmetric and Asymmetric Algorithms Hashing PKI
More informationAn Introduction to Cryptography as Applied to the Smart Grid
An Introduction to Cryptography as Applied to the Smart Grid Jacques Benoit, Cooper Power Systems Western Power Delivery Automation Conference Spokane, Washington March 2011 Agenda > Introduction > Symmetric
More informationPulse Secure, LLC. January 9, 2015
Pulse Secure Network Connect Cryptographic Module Version 2.0 Non-Proprietary Security Policy Document Version 1.1 Pulse Secure, LLC. January 9, 2015 2015 by Pulse Secure, LLC. All rights reserved. May
More informationM-Shield mobile security technology
Technology for Innovators TM M-Shield mobile security technology making wireless secure Overview As 3G networks are successfully deployed worldwide, opportunities are arising to deliver to end-users a
More informationBMW Car IT GmbH. AUTOSAR - First Experiences and the Migration Strategy of the BMW Group
BMW Car IT GmbH. - First Experiences and the Migration Strategy of the BMW Group Dr. Christian, BMW Car IT Page 2 - First Experiences. Overview. 1. Focus of this talk: Model based development under the
More informationEVITA-Project.org: E-Safety Vehicle Intrusion Protected Applications
EVITA-Project.org: E-Safety Vehicle Intrusion Protected Applications 7 th escar Embedded Security in Cars Conference November 24 25, 2009, Düsseldorf Dr.-Ing. Olaf Henniger, Fraunhofer SIT Darmstadt Hervé
More informationIntroducing etoken. What is etoken?
Introducing etoken Nirit Bear September 2002 What is etoken? Small & portable reader-less Smartcard Standard USB connectivity Logical and physical protection Tamper evident (vs. tamper proof) Water resistant
More informationTrustworthy Computing
Stefan Thom Senior Software Development Engineer and Security Architect for IEB, Microsoft Rob Spiger, Senior Security Strategist Trustworthy Computing Agenda Windows 8 TPM Scenarios Hardware Choices with
More informationVehicular Security Hardware The Security for Vehicular Security Mechanisms
escrypt GmbH Embedded Security Systemhaus für eingebettete Sicherheit Vehicular Security Hardware The Security for Vehicular Security Mechanisms Marko Wolf, escrypt GmbH Embedded Security Embedded Security
More informationPlug and Play Solution for AUTOSAR Software Components
Plug and Play Solution for AUTOSAR Software Components The interfaces defined in the AUTOSAR standard enable an easier assembly of the ECU application out of components from different suppliers. However,
More informationIn networking ECUs in heavy-duty vehicles, it is the J1939 protocol that. plays a key role. J1939 networks are based on the CAN bus (high-speed
Networking Heavy-Duty Vehicles Based on SAE J1939 From Parameter Group to plug-and-play Application In networking ECUs in heavy-duty vehicles, it is the J1939 protocol that plays a key role. J1939 networks
More informationModeling and verification of security protocols
Modeling and verification of security protocols Part I: Basics of cryptography and introduction to security protocols Dresden University of Technology Martin Pitt martin@piware.de Paper and slides available
More informationSecureDoc Disk Encryption Cryptographic Engine
SecureDoc Disk Encryption Cryptographic Engine FIPS 140-2 Non-Proprietary Security Policy Abstract: This document specifies Security Policy enforced by SecureDoc Cryptographic Engine compliant with the
More informationNXP & Security Innovation Encryption for ARM MCUs
NXP & Security Innovation Encryption for ARM MCUs Presenters Gene Carter- International Product Manager, NXP Semiconductors Gene is responsible for marketing of the ARM7 and Cortex-M3 microcontrollers.
More informationCerticom Security for Government Suppliers developing client-side products to meet the US Government FIPS 140-2 security requirement
certicom application notes Certicom Security for Government Suppliers developing client-side products to meet the US Government FIPS 140-2 security requirement THE PROBLEM How can vendors take advantage
More informationDeeply Embedded Real-Time Hypervisors for the Automotive Domain Dr. Gary Morgan, ETAS/ESC
Deeply Embedded Real-Time Hypervisors for the Automotive Domain Dr. Gary Morgan, ETAS/ESC 1 Public ETAS/ESC 2014-02-20 ETAS GmbH 2014. All rights reserved, also regarding any disposal, exploitation, reproduction,
More informationPerformance Investigations. Hannes Tschofenig, Manuel Pégourié-Gonnard 25 th March 2015
Performance Investigations Hannes Tschofenig, Manuel Pégourié-Gonnard 25 th March 2015 1 Motivation In we tried to provide guidance for the use of DTLS (TLS) when used in
More informationMeasurement and Analysis Introduction of ISO7816 (Smart Card)
Measurement and Analysis Introduction of ISO7816 (Smart Card) ISO 7816 is an international standard related to electronic identification cards with contacts, especially smart cards, managed jointly by
More informationIPsec Details 1 / 43. IPsec Details
Header (AH) AH Layout Other AH Fields Mutable Parts of the IP Header What is an SPI? What s an SA? Encapsulating Security Payload (ESP) ESP Layout Padding Using ESP IPsec and Firewalls IPsec and the DNS
More informationVASCO Data Security International, Inc. DIGIPASS GO-7. FIPS 140-2 Non-Proprietary Cryptographic Module Security Policy
VASCO Data Security International, Inc. DIGIPASS GO-7 FIPS 140-2 Non-Proprietary Cryptographic Module Security Policy Security Level: 2 Version: 1.7 Date: August 12, 2015 Copyright VASCO Data Security
More informationOverview of Cryptographic Tools for Data Security. Murat Kantarcioglu
UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the
More informationSecurity in Vehicle Networks
Security in Vehicle Networks Armin Happel, Christof Ebert Stuttgart, 17. March 2015 V1.1 2015-04-28 Introduction Vector Consulting Services supports clients worldwide in improving their product development
More informationCyber Security Practical considerations for implementing IEC 62351
1. Introduction Cyber Security Practical considerations for implementing IEC 62351 Frank Hohlbaum, Markus Braendle, Fernando Alvarez ABB frank.hohlbaum@ch.abb.com Switzerland Two trends are currently changing
More informationChapter 6 Electronic Mail Security
Cryptography and Network Security Chapter 6 Electronic Mail Security Lectured by Nguyễn Đức Thái Outline Pretty Good Privacy S/MIME 2 Electronic Mail Security In virtually all distributed environments,
More informationSymantec Corporation Symantec Enterprise Vault Cryptographic Module Software Version: 1.0.0.2
Symantec Corporation Symantec Enterprise Vault Cryptographic Module Software Version: 1.0.0.2 FIPS 140 2 Non Proprietary Security Policy FIPS Security Level: 1 Document Version: 1.1 Prepared for: Prepared
More informationAPPLICATION NOTE. Atmel AT02333: Safe and Secure Bootloader Implementation for SAM3/4. Atmel 32-bit Microcontroller. Features.
APPLICATION NOTE Atmel AT02333: Safe and Secure Bootloader Implementation for SAM3/4 Atmel 32-bit Microcontroller Features Getting familiar with the conception of in-field upgrading and bootloader Discussing
More informationHardware Security Modules for Protecting Embedded Systems
Hardware Security Modules for Protecting Embedded Systems Marko Wolf, ESCRYPT GmbH Embedded Security, Munich, Germany André Weimerskirch, ESCRYPT Inc. Embedded Security, Ann Arbor, USA 1 Introduction &
More informationThanks, But No Thanks
Thanks, But No Thanks Current Cryptographic Standards Are Sufficient for Software Dan Shumow MSR Security and Cryptography Group Microsoft Research Introduction Disclaimer: I am a Software Developer, so
More informationAn introduction to AUTOSAR
An introduction to AUTOSAR AUTOSAR Consortium AUTOSAR What is AUTOSAR? AUTOSAR AUTomotive Open Systems ARchitecture Middleware and system-level standard, jointly developed by automobile manufacturers,
More informationKey & Data Storage on Mobile Devices
Key & Data Storage on Mobile Devices Advanced Computer Networks 2015/2016 Johannes Feichtner johannes.feichtner@iaik.tugraz.at Outline Why is this topic so delicate? Keys & Key Management High-Level Cryptography
More informationDisk encryption... (not only) in Linux. Milan Brož mbroz@redhat.com
Disk encryption... (not only) in Linux Milan Brož mbroz@redhat.com FDE - Full Disk Encryption FDE (Full Disk Encryption) whole disk FVE (Full Volume Encryption) just some volumes (dis)advantages? + for
More informationSeminar Automotive Open Systems Architecture
Seminar Automotive Open Systems Architecture Modeling and Development of AUTOSAR Systems using SystemDesk Sebastian Wätzoldt Hasso-Plattner-Institut for IT Systems Engineering at the University of Potsdam
More informationCS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure Email
CS 393 Network Security Nasir Memon Polytechnic University Module 11 Secure Email Course Logistics HW 5 due Thursday Graded exams returned and discussed. Read Chapter 5 of text 4/2/02 Module 11 - Secure
More informationisolar Integrated Solution for AUTOSAR
Integrated Solution for AUTOSAR isolar Integrated Solution for AUTOSAR 1 Integrated Solution for AUTOSAR An integrated solution for configuration of AUTOSAR compliant embedded software Supports configuration
More informationDeliverable D2.2: Specification of security services incl. virtualization and firewall mechanisms
Project acronym: OVERSEE Project title: Open Vehicular Secure Platform Project ID: 248333 Call ID: FP7-ICT-2009-4 Programme: 7th Framework Programme for Research and Technological Development Objective:
More informationThreat Model for Software Reconfigurable Communications Systems
Threat Model for Software Reconfigurable Communications Systems Presented to the Management Group 6 March 007 Bernard Eydt Booz Allen Hamilton Chair, SDR Security Working Group Overview Overview of the
More informationAppliedMicro Trusted Management Module
AppliedMicro Trusted Management Module Majid Bemanian, Sr. Director of Marketing, Applied Micro Processor Business Unit July 12, 2011 Celebrating 20 th Anniversary of Power Architecture 1 AppliedMicro
More informationSecurity Architecture (ASA)
AppleÕs Security Architecture (ASA) Aram PŽrez Chief Security Architect aram@.com Apple Data Security Group Overview Apple Data Security Group Why provide a security architecture? Requirements Building
More informationVehicular On-board Security: EVITA Project
C2C-CC Security Workshop 5 November 2009 VW, MobileLifeCampus Wolfsburg Hervé Seudié Corporate Sector Research and Advance Engineering Robert Bosch GmbH Outline 1. Project Scope and Objectives 2. Security
More informationHow encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and
How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and non-repudiation. How to obtain a digital certificate. Installing
More informationRELEASE NOTES. Table of Contents. Scope of the Document. [Latest Official] ADYTON Release 2.12.9 - corrections. ADYTON Release 2.12.
Table of Contents Scope of the Document... 1 [Latest Official] ADYTON Release 2.12.9... 1 ADYTON Release 2.12.4... 1 ADYTON Release 2.9.3... 3 ADYTON Release 2.7.7... 3 ADYTON Release 2.6.2... 4 ADYTON
More informationNetwork Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23
Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest
More information15 th TF-Mobility Meeting Sensor Networks. Torsten Braun Universität Bern braun@iam.unibe.ch www.iam.unibe.ch/~rvs
15 th TF-Mobility Meeting Sensor Networks Torsten Braun Universität Bern braun@iam.unibe.ch www.iam.unibe.ch/~rvs Overview 2 Ubiquitous Computing > Vision defined by Mark Weiser in 1991 Seamless integration
More informationIBM Crypto Server Management General Information Manual
CSM-1000-0 IBM Crypto Server Management General Information Manual Notices The functions described in this document are IBM property, and can only be used, if they are a part of an agreement with IBM.
More informationChapter 13. PIC Family Microcontroller
Chapter 13 PIC Family Microcontroller Lesson 01 PIC Characteristics and Examples PIC microcontroller characteristics Power-on reset Brown out reset Simplified instruction set High speed execution Up to
More informationIndex. BIOS rootkit, 119 Broad network access, 107
Index A Administrative components, 81, 83 Anti-malware, 125 ANY policy, 47 Asset tag, 114 Asymmetric encryption, 24 Attestation commercial market, 85 facts, 79 Intel TXT conceptual architecture, 85 models,
More informationCryptography and Key Management Basics
Cryptography and Key Management Basics Erik Zenner Technical University Denmark (DTU) Institute for Mathematics e.zenner@mat.dtu.dk DTU, Oct. 23, 2007 Erik Zenner (DTU-MAT) Cryptography and Key Management
More informationIT Networking and Security
elearning Course Outlines IT Networking and Security powered by Calibrate elearning Course Outline CompTIA A+ 801: Fundamentals of Computer Hardware/Software www.medallionlearning.com Fundamentals of Computer
More informationSecurity Policy for FIPS 140 2 Validation
BitLocker Windows OS Loader Security Policy for FIPS 140 2 Validation BitLocker Windows OS Loader (winload) in Microsoft Windows 8.1 Enterprise Windows Server 2012 R2 Windows Storage Server 2012 R2 Surface
More informationPikeOS: Multi-Core RTOS for IMA. Dr. Sergey Tverdyshev SYSGO AG 29.10.2012, Moscow
PikeOS: Multi-Core RTOS for IMA Dr. Sergey Tverdyshev SYSGO AG 29.10.2012, Moscow Contents Multi Core Overview Hardware Considerations Multi Core Software Design Certification Consideratins PikeOS Multi-Core
More informationReal-Time Communication Security: SSL/TLS. Guevara Noubir noubir@ccs.neu.edu CSU610
Real-Time Communication Security: SSL/TLS Guevara Noubir noubir@ccs.neu.edu CSU610 1 Some Issues with Real-time Communication Session key establishment Perfect Forward Secrecy Diffie-Hellman based PFS
More informationVerfahren zur Absicherung von Apps. Dr. Ullrich Martini IHK, 4-12-2014
Verfahren zur Absicherung von Apps Dr. Ullrich Martini IHK, 4-12-2014 Agenda Introducing G&D Problem Statement Available Security Technologies Smartcard Embedded Secure Element Virtualization Trusted Execution
More informationFIPS 140 2 Non Proprietary Security Policy: Kingston Technology DataTraveler DT4000 Series USB Flash Drive
FIPS 140 2 Non Proprietary Security Policy Kingston Technology Company, Inc. DataTraveler DT4000 G2 Series USB Flash Drive Document Version 1.8 December 3, 2014 Document Version 1.8 Kingston Technology
More informationAN3270 Application note
Application note Using the STM8L16x AES hardware accelerator Introduction The purpose of cryptography is to protect sensitive data to avoid it being read by unauthorized persons. There are many algorithms
More informationCryptography & Network Security. Introduction. Chester Rebeiro IIT Madras
Cryptography & Network Security Introduction Chester Rebeiro IIT Madras The Connected World 2 Information Storage 3 Increased Security Breaches 81% more in 2015 http://www.pwc.co.uk/assets/pdf/2015-isbs-executive-summary-02.pdf
More informationBeschleunigen Sie die Entwicklung Ihrer Embedded Software mit Dienstleistungen von Vector
Beschleunigen Sie die Entwicklung Ihrer Embedded Software mit Dienstleistungen von Vector Vector Embedded Software 2013 V1.3.0 2013-04-04 Your Presenters Today Michael Buck Manager Product Services / Technical
More informationSecure Hardware PV018 Masaryk University Faculty of Informatics
Secure Hardware PV018 Masaryk University Faculty of Informatics Jan Krhovják Vašek Matyáš Roadmap Introduction The need of secure HW Basic terminology Architecture Cryptographic coprocessors/accelerators
More informationArchitectures and Platforms
Hardware/Software Codesign Arch&Platf. - 1 Architectures and Platforms 1. Architecture Selection: The Basic Trade-Offs 2. General Purpose vs. Application-Specific Processors 3. Processor Specialisation
More informationEnergyAxis System: Security for the Smart Grid
Security for the Smart Grid 2010 by Elster All rights reserved. No part of this document may be reproduced, transmitted, processed or recorded by any means or form, electronic, mechanical, photographic
More informationSoftware Development for Multiple OEMs Using Tool Configured Middleware for CAN Communication
01PC-422 Software Development for Multiple OEMs Using Tool Configured Middleware for CAN Communication Pascal Jost IAS, University of Stuttgart, Germany Stephan Hoffmann Vector CANtech Inc., USA Copyright
More informationKeyStone Architecture Security Accelerator (SA) User Guide
KeyStone Architecture Security Accelerator (SA) User Guide Literature Number: SPRUGY6B January 2013 Release History www.ti.com Release Date Description/Comments SPRUGY6B January 2013 Added addition engine
More informationBlackBerry Enterprise Solution
BlackBerry Enterprise Solution Security Technical Overview for BlackBerry Enterprise Server Version 4.1 Service Pack 5 and BlackBerry Device Software Version 4.5 2008 Research In Motion Limited. All rights
More informationCryptographic Algorithms and Key Size Issues. Çetin Kaya Koç Oregon State University, Professor http://islab.oregonstate.edu/koc koc@ece.orst.
Cryptographic Algorithms and Key Size Issues Çetin Kaya Koç Oregon State University, Professor http://islab.oregonstate.edu/koc koc@ece.orst.edu Overview Cryptanalysis Challenge Encryption: DES AES Message
More informationKaseya US Sales, LLC Virtual System Administrator Cryptographic Module Software Version: 1.0
Kaseya US Sales, LLC Virtual System Administrator Cryptographic Module Software Version: 1.0 FIPS 140-2 Non-Proprietary Security Policy FIPS Security Level: 1 Document Version: 1.0 Prepared for: Prepared
More informationTable of Contents. Bibliografische Informationen http://d-nb.info/996514864. digitalisiert durch
1 Introduction to Cryptography and Data Security 1 1.1 Overview of Cryptology (and This Book) 2 1.2 Symmetric Cryptography 4 1.2.1 Basics 4 1.2.2 Simple Symmetric Encryption: The Substitution Cipher...
More informationBroadSAFE Enhanced IP Phone Networks
White Paper BroadSAFE Enhanced IP Phone Networks Secure VoIP Using the Broadcom BCM11xx IP Phone Technology September 2005 Executive Summary Voice over Internet Protocol (VoIP) enables telephone calls
More informationConfiguration management in AUTOSAR
Configuration management in AUTOSAR The need for efficient process tools for Automotive System Engineering V0.01 2008-11-02 Introduction AUTOSAR will influence the ECU SW Architecture and also the way
More informationFrom Diagnostic Requirements to Communication
From Diagnostic Requirements to Communication Standardization is the Trend in the Development of Automotive Electronics A key aim of open architectures, configurable components and harmonized exchange
More informationFreescale Variable Key Security Protocol Transmitter User s Guide by: Ioseph Martínez and Christian Michel Applications Engineering - RTAC Americas
Freescale Semiconductor User s Guide VKSPTXUG Rev. 0, 06/2008 Freescale Variable Key Security Protocol Transmitter User s Guide by: Ioseph Martínez and Christian Michel Applications Engineering - RTAC
More information