SHE Secure Hardware Extension
|
|
- Jody Juliet Sherman
- 8 years ago
- Views:
Transcription
1 SHE Secure Hardware Extension Data Security for Automotive Embedded Systems Workshop on Cryptography and Embedded Security Embedded Nuremberg, February 2012
2 Content Data Security - What does it mean for Automotive? SHE - Secure Hardware Extension - A new Standard? SHE - Implementation Outlook 1
3 Data Security What does it mean for Automotive? Areas of Use Applications EVITA Security Categories 2
4 Areas with Demand for Security It s not only onboard electronics that have an impact 3
5 In-Vehicle Data Security Data Security on the road today On-chip Flash/ROM read-out protection against unauthorized access Solution by Fujitsu: Flash/ROM security Available on 16LX,16FX, FR, FCR4 Future, Enhanced Data Security Protect entire car system not limited to Flash/ROM read-out prevention Authentication, Secure Communication and Data Storage within vehicle between vehicles (C2C) between vehicle and infrastructure (C2X) En-/Decryption is key for future state-of-the-art MCUs Embedded and ASSP solutions will find their market segment Complexity of security implementations scales with use case 4
6 Target Applications Theft protection / Immobilizer Prevent unauthorized operation of vehicle Disable ignition and alike Component Protection Membership validation of all ECUs built in a particular vehicle Exchanging 1 ECU without authentication degrades functionality as unauthenticated functions will not work stops operation of all networked ECUs at next system start E.g. when engine control ECU is affected Feature Activation Enables certain functions in the delivered SW-package Gives OEM opportunity in after sales revenues 5
7 ECUs to be protected by Cryptography Gateway Body Computer Module 1 Body Computer Module 2 Climate Control Thermo Management Unit Active Engine Mount Instrument Cluster Night Vision Battery Management System Charger Safety Computer Adaptive Cruise Control Engine Control Gear Box Electronic Steering Column Lock Power Electronics Hybrid Central Computer Rear Seat Entertainment Sound DVDC TV-Tuner 21 ECU in total SOP
8 EVITA European research project June 2008 Dec 2011 E-safety vehicle intrusion protected applications Objective: Design, verify, and prototype an architecture for automotive on-board networks where security-relevant components are protected against tampering and sensitive data are protected against compromise when transferred inside a vehicle. More found at 7
9 Security Models - Categorization Full EVITA HSM Medium EVITA HSM Light EVITA HSM V2X communication On-board communication On-board communication Maximum level of functionality, security and performance Asymmetric cryptographic engine & Hash engine User-programmable functionality Maximum level of functionality and security Symmetric cryptographic engine User-programmable functionality Optimized for low cost HW-solution Symmetric cryptographic engine e.g. AES-128 Pre-defined functionality Secure 100 MHz Secure 25 MHz Secure Zone no CPU needed 64k 64k Optional NV Memory 512k 512k Optional NV RAM PRNG with TRNG seed PRNG with TRNG seed Optional T/PRNG Security LT > 20 years 8
10 SHE Secure Hardware Extension A New Standard? SHE - Security Objectives SHE - Building Blocks SHE - Performance Requirements 9
11 HIS - SHE HIS = Hersteller Initiative Software SHE = Secure Hardware Extension - meets Light EVITA HSM Specification by HIS Concept: Add a Secure Zone Prevent user access to security functions other than those given by logic Link to HIS & SHE: HIS portal on Security 10
12 SHE - Security Objectives Protect cryptographic keys from software attacks Provide an authentic software environment Let the security only depend on the strength of the underlying algorithm and the confidentiality of the keys Allow for distributed key ownerships Keep the flexibility high and the costs low 11
13 SHE Building Blocks (1) MCU with Secure Zone SHE data storage - volatile - non-volatile - for KEY & MAC Access only via defined command interface 12
14 SHE Perspective from Specification (2) SHE specifies Secure Zone components and algorithms Cryptography En-/decryption unit AES 128 algorithm ROM Secret key storage SECRET_KEY Unique key storage UID RAM RAM key storage PRNG key storage RAM ROM Cryptography NV-Memory NV-Memory Boot key & MAC storage Master key, general purpose key storage 13
15 SHE Perspective from Specification (3) Cryptography carries Encryption unit AES 128-based Applicable Standard Decryption unit AES 128-based RAM Cryptography NV-Memory CMAC Cipher-based Message Authentication Code generator ROM Miyaguchi-Preneel One-way compression function; compressed data cannot be recovered Input requests 128-bit wide chunks of data stream Outputs Hash-values to en-/decoding unit 14
16 SHE Perspective from Specification (3) Cryptography carries Encryption unit AES 128-based Applicable Standard Decryption unit AES 128-based CMAC Cipher-based Message Authentication Code generator RAM ROM NV-Memory Miyaguchi-Preneel One-way compression function; compressed data cannot be recovered Input requests 128-bit wide chunks of data stream Outputs Hash-values to en-/decoding unit 15
17 SHE Perspective from Specification (4) RAM carries RAM_KEY Temporary key used for arbitrary operations RAM Cryptography NV-Memory PRNG_KEY Key used by the Pseudo Random Number Generator ROM PRNG_STATE Keeps status of Pseudo Random Number Generator 16
18 SHE Perspective from Specification (4) RAM carries RAM_KEY Temporary key used for arbitrary operations Cryptography NV-Memory PRNG_KEY Key used by the Pseudo Random Number Generator ROM PRNG_STATE Keeps status of Pseudo Random Number Generator 17
19 SHE Perspective from Specification (5) ROM carries SECRET_KEY Unique key Used for im-/export of all other keys Has to be created with true random number generator (off-chip TRNG ) at production RAM ROM Cryptography NV-Memory UID Unique identifier Authenticates MCU Both SECRET_KEY and UID have to be fixed at production time 16 byte for SECRET_KEY and 15 byte for UID 18
20 SHE Perspective from Specification (5) ROM carries SECRET_KEY Unique key Used for im-/export of all other keys Has to be created with true random number generator (off-chip TRNG ) at production RAM Cryptography NV-Memory UID Unique identifier Authenticates MCU Both SECRET_KEY and UID have to be fixed at production time 16 byte for SECRET_KEY and 15 byte for UID 19
21 SHE Perspective from Specification (6) NV-Memory carries MASTER_ECU_KEY Set up by OEM (owner) Enables change of other keys BOOT_MAC_KEY Enables particular boot request and thus establishing secure boot BOOT_MAC Authentication of boot code KEY_<n> Dedicated key storage for arbitrary functions 3 10 keys PRNG_SEED Starting value for pseudo random number generator RAM ROM Cryptography NV-Memory Irreversible Write Protection of keys in NV-memory Any key in NV-memory area shall not be changeable throughout life time of the device once write-protection was applied by user 20
22 SHE Perspective from Specification (6) NV-Memory carries MASTER_ECU_KEY Set up by OEM (owner) Enables change of other keys BOOT_MAC_KEY Enables particular boot request and thus establishing secure boot BOOT_MAC Authentication of boot code KEY_<n> Dedicated key storage for arbitrary functions 3 10 keys PRNG_SEED Starting value for pseudo random number generator RAM ROM Cryptography Irreversible Write Protection of keys in NV-memory Any key in NV-memory area shall not be changeable throughout life time of the device once write-protection was applied by user 21
23 SHE - Performance Requirements Start-up / Secure Boot is Critical Path All SHE-equipped nodes have to perform secure boot process Availability to be established before 1 sec elapses MAC latency according SHE < 2 µsec for a 128-bit block MAC = Message Authentication Code Authentication of Flash contents at power up << 100 msec for 1 MByte required Exact requirement depends on Oscillator start-up times Network start-up, NM communication, MCU initializations 22
24 SHE Implementation SHE System SHE Integration SHE Implementation 23
25 SHE System Diagram Host System SHE EEFLASH SHECO SHE Firmware Public Secured NV_MEM IF Data IF Host Interface Command IF SHE Host Driver 24
26 SHE - System Integration (ATLAS-L/TITAN) MPU Sec. 32-bit AHB slave bus 64-bit AHB slave bus Sec. 32-bit AHB master bus 32-bit AHB slave bus Debug / Trace Cortex R4 CPU Boot ROM Cache Interrupt Controller Timing Protection EEFlash MPU MPU Ethernet MediaLB CRC I2S DMA TCFlash SRAM SHE MPU USB MPU System Controller Watchdog RTC External Interrupt Retention RAM Timers Timers Timers Timers GPIO 64-bit Multilayer AXI bus System RAM Quad-SPI Peripheral bus 3 Peripheral Protection Peripheral bus 1 Peripheral bus 0 Peripherals Peripherals Peripherals Peripherals Peripheral Peripheral Bus Peripheral Bridge Bus Bridge Bus Bridge Peripherals Peripherals Peripherals Peripherals MPU PPU Subsystem Content is protected Contains security config Bus master Bus slave 25
27 SHE Implementation 64-bit AHB bus Flash security 32-bit AHB bus 32-bit D bus SHE TRNG I bus SHECO HW barrier NV_MEM_MASTER AES-128 FR60 CPU ROM EEFLASH En-/decode CMAC Miyaguchi-Preneel AHB D RAM Cycle counter Public Sectors (6 x 8 K) Secured Sectors (2 x 8 K) PRNG Tx/Rx FIFOs Register I/F AXI Master PPU protection Data I/F Command/Data I/F Host Interface Bus master Bus slave MPU Host AXI bus Host AHB bus 26
28 SHE - Secured Key Storage (1) EEFLASH SECRET_KEY UID MASTER_ECU_KEY EMPTY EMPTY EMPTY FLAGS FLAGS FLAGS COUNTER BOOT_MAC_KEY EMPTY FLAGS COUNTER BOOT_MAC EMPTY FLAGS COUNTER KEY_<n> EMPTY FLAGS COUNTER RAM PRNG_KEY PRNG_STATE FLAGS FLAGS Common features 32 byte large key slots Access only by SHECO CPU NV memory Empty flag to distinguish between erased keys and keys written to 0xFF Flags and 28bit counters are stored in the same slot as the key SECRET_KEY and UID slots are write protected before device delivery No PRNG_SEED storage needed since on-chip TRNG is implemented RAM PRNG_KEY is calculated from SECRET_KEY during CMD_INIT_RNG command and stored in RAM slot RAM_KEY FLAGS 27
29 SHE - Secured Key Storage (2) Empty Write-protection Secure boot failure Debugger activation Wildcard UID Key usage Plain key Flags to be used for keys SECRET_KEY F 1 T UID F 1 T 2 MASTER_ECU_KEY 4 BOOT_MAC_KEY 4 BOOT_MAC 4 KEY_<n> 4 PRNG_KEY 5 PRNG_STATE 5 RAM_KEY 5 used F used, always false T used, always true 1 Empty flags for SECRET_KEY and UID are set after the keys have been written (by Fujitsu) 2 Write-protection flags for SECRET_KEY and UID are set after the keys have been written (by Fujitsu) 3 SECRET_KEY inherits its protection flags from MASTER_ECU_KEY 4 The initial value after production will be TRUE 5 The initial value after power-up/hw-reset will be TRUE 28
30 SHE Software (Firmware) SHE firmware Implements SHE control logic + EEPROM emulation for key storage Is ROM based (no modification possible!) No debugging possible Entirely developed by Fujitsu Secure Boot Extension of FCR4 Boot-ROM for Secure Boot Validation of boot loader with support of SHE and DMA Block length configured by of SHE_BL_SIZE (SHE parameter) SHE evaluates the status via valid BOOT_MAC_KEY 29
31 SHE Software (AUTOSAR Driver) AUTOSAR driver V4.xx Implements SHE user accessible functions Handles hardware Interaction E.g I/F error handling Host driver for SHE will become a Fujitsu product 30
32 Outlook Cryptography becomes general trend for embedded systems Majority of ECU/MCU will have to support en-/decryption Data security will become mandatory feature for automotive applications Scaled between low-cost solutions like SHE for many ECUs and High protection requirements for a subset of ECUs SHE will be on the road in
33 Thank you for your attention 32
34 33
CycurHSM An Automotive-qualified Software Stack for Hardware Security Modules
CycurHSM An Automotive-qualified Software Stack for Hardware Security Modules Dr. Frederic Stumpf, ESCRYPT GmbH Embedded Security, Stuttgart, Germany 1 Introduction Electronic Control Units (ECU) are embedded
More informationSecurity in Automotive Applications
Security in Automotive Applications Renesas Electronics America Inc. Renesas Technology & Solution Portfolio 2 Microcontroller and Microprocessor Line-up 2010 2013 32-bit 8/16-bit 1200 DMIPS, Superscalar
More informationVehicular On-board Security: EVITA Project
C2C-CC Security Workshop 5 November 2009 VW, MobileLifeCampus Wolfsburg Hervé Seudié Corporate Sector Research and Advance Engineering Robert Bosch GmbH Outline 1. Project Scope and Objectives 2. Security
More informationEVITA-Project.org: E-Safety Vehicle Intrusion Protected Applications
EVITA-Project.org: E-Safety Vehicle Intrusion Protected Applications 7 th escar Embedded Security in Cars Conference November 24 25, 2009, Düsseldorf Dr.-Ing. Olaf Henniger, Fraunhofer SIT Darmstadt Hervé
More informationVehicular Security Hardware The Security for Vehicular Security Mechanisms
escrypt GmbH Embedded Security Systemhaus für eingebettete Sicherheit Vehicular Security Hardware The Security for Vehicular Security Mechanisms Marko Wolf, escrypt GmbH Embedded Security Embedded Security
More informationHello and welcome to this presentation of the STM32L4 Firewall. It covers the main features of this system IP used to secure sensitive code and data.
Hello and welcome to this presentation of the STM32L4 Firewall. It covers the main features of this system IP used to secure sensitive code and data. 1 Here is an overview of the Firewall s implementation
More informationBootloader with AES Encryption
...the world's most energy friendly microcontrollers Bootloader with AES Encryption AN0060 - Application Note Introduction This application note describes the implementation of a bootloader capable of
More informationSTM32 F-2 series High-performance Cortex-M3 MCUs
STM32 F-2 series High-performance Cortex-M3 MCUs STMicroelectronics 32-bit microcontrollers, 120 MHz/150 DMIPS with ART Accelerator TM and advanced peripherals www.st.com/mcu STM32 F-2 series The STM32
More informationSecure Key Management A Key Feature for Modern Vehicle Electronics
13AE-0069 Secure Key Management A Key Feature for Modern Vehicle Electronics Christian Schleiffer, Marko Wolf, André Weimerskirch, and Lars Wolleschensky ESCRYPT Copyright 2012 SAE International ABSTRACT
More informationAppliedMicro Trusted Management Module
AppliedMicro Trusted Management Module Majid Bemanian, Sr. Director of Marketing, Applied Micro Processor Business Unit July 12, 2011 Celebrating 20 th Anniversary of Power Architecture 1 AppliedMicro
More informationSecureDoc Disk Encryption Cryptographic Engine
SecureDoc Disk Encryption Cryptographic Engine FIPS 140-2 Non-Proprietary Security Policy Abstract: This document specifies Security Policy enforced by SecureDoc Cryptographic Engine compliant with the
More informationHardware Security Modules for Protecting Embedded Systems
Hardware Security Modules for Protecting Embedded Systems Marko Wolf, ESCRYPT GmbH Embedded Security, Munich, Germany André Weimerskirch, ESCRYPT Inc. Embedded Security, Ann Arbor, USA 1 Introduction &
More informationSystem-on-a-Chip with Security Modules for Network Home Electric Appliances
System-on-a-Chip with Security Modules for Network Home Electric Appliances V Hiroyuki Fujiyama (Manuscript received November 29, 2005) Home electric appliances connected to the Internet and other networks
More informationSafety and security related features in AUTOSAR
Safety and security related features in Dr. Stefan Bunzel Spokesperson (Continental) Co-Authors: S. Fürst, Dr. J. Wagenhuber (BMW), Dr. F. Stappert (Continental) Automotive - Safety & Security 2010 22
More informationWireless Microcontrollers for Environment Management, Asset Tracking and Consumer. October 2009
Wireless Microcontrollers for Environment Management, Asset Tracking and Consumer October 2009 Jennic highlights Jennic is a fabless semiconductor company providing Wireless Microcontrollers to high-growth
More informationM2M For industrial and automotive
M2M For industrial and automotive Content ST at a glance... 4 Where to find us... 5 The value chain... 5 Secure MCU... 6 Focus on ST33 secure microcontrollers... 6 M2M fields of application... 7 What is
More informationDigitale Signalverarbeitung mit FPGA (DSF) Soft Core Prozessor NIOS II Stand Mai 2007. Jens Onno Krah
(DSF) Soft Core Prozessor NIOS II Stand Mai 2007 Jens Onno Krah Cologne University of Applied Sciences www.fh-koeln.de jens_onno.krah@fh-koeln.de NIOS II 1 1 What is Nios II? Altera s Second Generation
More informationEmbedding Trust into Cars Secure Software Delivery and Installation
Embedding Trust into Cars Secure Software Delivery and Installation André Adelsbach, Ulrich Huber, Ahmad-Reza Sadeghi, Christian Stüble Horst Görtz Institute for IT Security, Bochum, Germany Third Workshop
More informationSecure Network Communications FIPS 140 2 Non Proprietary Security Policy
Secure Network Communications FIPS 140 2 Non Proprietary Security Policy 21 June 2010 Table of Contents Introduction Module Specification Ports and Interfaces Approved Algorithms Test Environment Roles
More informationNXP & Security Innovation Encryption for ARM MCUs
NXP & Security Innovation Encryption for ARM MCUs Presenters Gene Carter- International Product Manager, NXP Semiconductors Gene is responsible for marketing of the ARM7 and Cortex-M3 microcontrollers.
More informationSECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES
SECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES Contents Introduction... 3 DRM Threat Model... 3 DRM Flow... 4 DRM Assets... 5 Threat Model... 5 Protection of
More informationIoT Security Concerns and Renesas Synergy Solutions
IoT Security Concerns and Renesas Synergy Solutions Simon Moore CTO - Secure Thingz Ltd Agenda Introduction to Secure.Thingz. The Relentless Attack on the Internet of Things Building protection with Renesas
More informationVASCO Data Security International, Inc. DIGIPASS GO-7. FIPS 140-2 Non-Proprietary Cryptographic Module Security Policy
VASCO Data Security International, Inc. DIGIPASS GO-7 FIPS 140-2 Non-Proprietary Cryptographic Module Security Policy Security Level: 2 Version: 1.7 Date: August 12, 2015 Copyright VASCO Data Security
More informationKeyStone Architecture Security Accelerator (SA) User Guide
KeyStone Architecture Security Accelerator (SA) User Guide Literature Number: SPRUGY6B January 2013 Release History www.ti.com Release Date Description/Comments SPRUGY6B January 2013 Added addition engine
More informationCut Network Security Cost in Half Using the Intel EP80579 Integrated Processor for entry-to mid-level VPN
Cut Network Security Cost in Half Using the Intel EP80579 Integrated Processor for entry-to mid-level VPN By Paul Stevens, Advantech Network security has become a concern not only for large businesses,
More informationSecurity in Vehicle Networks
Security in Vehicle Networks Armin Happel, Christof Ebert Stuttgart, 17. March 2015 V1.1 2015-04-28 Introduction Vector Consulting Services supports clients worldwide in improving their product development
More informationNEXT GENERATION OF AUTOMOTIVE SECURITY: SECURE HARDWARE AND SECURE OPEN PLATFORMS
NEXT GENERATION OF AUTOMOTIVE SECURITY: SECURE HARDWARE AND SECURE OPEN PLATFORMS André Groll, Jan Holle University of Siegen, Institute for Data Communications Systems {andre.groll,jan.holle}@uni-siegen.de
More informationSECURE USB FLASH DRIVE. Non-Proprietary Security Policy
SECURE USB FLASH DRIVE Non-Proprietary Security Policy FIPS 140-2 SECURITY POLICY VERSION 9 Page 1 of 10 Definitions and Acronyms AES Advanced Encryption Standard CBC Cipher Block Chaining CRC Cyclic Redundancy
More informationFIPS 140-2 Security Policy 3Com Embedded Firewall PCI Cards
FIPS 140-2 Security Policy 3Com Embedded Firewall PCI Cards 3Com Corporation 5403 Betsy Ross Drive Santa Clara, CA 95054 USA February 24, 2006 Revision Version 0.4 Page 1 of 15 1. Introduction The following
More informationHigh-Performance, Highly Secure Networking for Industrial and IoT Applications
High-Performance, Highly Secure Networking for Industrial and IoT Applications Table of Contents 2 Introduction 2 Communication Accelerators 3 Enterprise Network Lineage Features 5 Example applications
More informationSecurity Policy: Key Management Facility Crypto Card (KMF CC)
Security Policy: Key Management Facility Crypto Card (KMF CC) Version 2.12.2 2/7/11 1.0 Introduction 3 1.1 Scope 3 1.2 Overview 3 1.3 KMF CC Implementation 4 1.4 KMF CC HW/SW version numbers 4 1.5 KMF
More informationPUF Physical Unclonable Functions
Physical Unclonable Functions Protecting next-generation Smart Card ICs with SRAM-based s The use of Smart Card ICs has become more widespread, having expanded from historical banking and telecommunication
More informationNorthrop Grumman M5 Network Security SCS Linux Kernel Cryptographic Services. FIPS Security Policy Version 2.42. www.northropgrumman.
Northrop Grumman M5 Network Security SCS Linux Kernel Cryptographic Services FIPS Security Policy Version 2.42 www.northropgrumman.com/m5/ SCS Linux Kernel Cryptographic Services Security Policy Version
More informationW ith an estimated 14 billion devices connected to
Renesas Synergy Security Portfolio Delivers Comprehensive Protection from Industrial and IoT Threats Advanced capabilities give developers tools to counter attacks W ith an estimated 14 billion devices
More informationDesignWare IP for IoT SoC Designs
DesignWare IP for IoT SoC Designs The Internet of Things (IoT) is connecting billions of intelligent things at our fingertips. The ability to sense countless amounts of information that communicates to
More informationChapter 13. PIC Family Microcontroller
Chapter 13 PIC Family Microcontroller Lesson 01 PIC Characteristics and Examples PIC microcontroller characteristics Power-on reset Brown out reset Simplified instruction set High speed execution Up to
More informationES_LPC4357/53/37/33. Errata sheet LPC4357/53/37/33. Document information
Rev. 1.1 8 August 2012 Errata sheet Document information Info Keywords Abstract Content LPC4357FET256; LPC4357FET180; LPC4357FBD208; LPC4353FET256; LPC4353FET180; LPC4353FBD208; LPC4337FET256; LPC4337FET180;
More informationM-Shield mobile security technology
Technology for Innovators TM M-Shield mobile security technology making wireless secure Overview As 3G networks are successfully deployed worldwide, opportunities are arising to deliver to end-users a
More informationFreescale Variable Key Security Protocol Transmitter User s Guide by: Ioseph Martínez and Christian Michel Applications Engineering - RTAC Americas
Freescale Semiconductor User s Guide VKSPTXUG Rev. 0, 06/2008 Freescale Variable Key Security Protocol Transmitter User s Guide by: Ioseph Martínez and Christian Michel Applications Engineering - RTAC
More informationSecuring Host Operations with a Dedicated Cryptographic IC - CryptoCompanion
Securing Host Operations with a Dedicated Cryptographic IC - CryptoCompanion By Kerry Maletsky, Business Unit Director Crypto Products Summary There is a growing need for strong hardware security devices
More information7a. System-on-chip design and prototyping platforms
7a. System-on-chip design and prototyping platforms Labros Bisdounis, Ph.D. Department of Computer and Communication Engineering 1 What is System-on-Chip (SoC)? System-on-chip is an integrated circuit
More informationVon der Hardware zur Software in FPGAs mit Embedded Prozessoren. Alexander Hahn Senior Field Application Engineer Lattice Semiconductor
Von der Hardware zur Software in FPGAs mit Embedded Prozessoren Alexander Hahn Senior Field Application Engineer Lattice Semiconductor AGENDA Overview Mico32 Embedded Processor Development Tool Chain HW/SW
More informationMeeting the Demands of Robotic Space Applications with CompactPCI
1 of 6 1/10/2006 3:26 PM Meeting the Demands of Robotic Space Applications with CompactPCI The robotic tasks in manned and unmanned space applications need increasing sophistication, intelligence and autonomy,
More informationSecure My-d TM and Mifare TM RFID reader system by using a security access module Erich Englbrecht (info@eonline.de) V0.1draft
Application Report Secure My-d TM and Mifare TM RFID reader system by using a security access module Erich Englbrecht (info@eonline.de) V0.1draft Embedded RF ABSTRACT This application report describes
More informationPulse Secure, LLC. January 9, 2015
Pulse Secure Network Connect Cryptographic Module Version 2.0 Non-Proprietary Security Policy Document Version 1.1 Pulse Secure, LLC. January 9, 2015 2015 by Pulse Secure, LLC. All rights reserved. May
More informationUnderstand Electronic-Meter Design to Better Craft Intelligent and Secure Systems
Understand Electronic-Meter Design to Better Craft Intelligent and Secure Systems driving trust Author, INSIDE Secure As more utility companies install smart electric and other types of utility meters
More informationBus Data Acquisition and Remote Monitoring System Using Gsm & Can
IOSR Journal of Electrical and Electronics Engineering (IOSR-JEEE) e-issn: 2278-1676,p-ISSN: 2320-3331, Volume 8, Issue 3 (Nov. - Dec. 2013), PP 88-92 Bus Data Acquisition and Remote Monitoring System
More informationUSB Portable Storage Device: Security Problem Definition Summary
USB Portable Storage Device: Security Problem Definition Summary Introduction The USB Portable Storage Device (hereafter referred to as the device or the TOE ) is a portable storage device that provides
More informationStandardized software components will help in mastering the. software should be developed for FlexRay were presented at
Embedded Software for FlexRay Systems Special aspects and benefits of implementing modularized software Standardized software components will help in mastering the growing complexity of the interplay of
More informationontroller LSI with Built-in High- Performance Graphic Functions for Automotive Applications
C ontroller LSI with Built-in High- Performance Graphic Functions for Automotive Applications 1-chip solution for color display, video input and meter control with built-in highperformance CPU core FR81S
More informationTrusted Platforms for Homeland Security
Trusted Platforms for Homeland Security By Kevin Schutz, Product Manager Secure Products Summary Ongoing threats from hackers, viruses, and worms continue to make security a top priority for IT and business
More informationDevelop a Dallas 1-Wire Master Using the Z8F1680 Series of MCUs
Develop a Dallas 1-Wire Master Using the Z8F1680 Series of MCUs AN033101-0412 Abstract This describes how to interface the Dallas 1-Wire bus with Zilog s Z8F1680 Series of MCUs as master devices. The Z8F0880,
More informationChapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography
Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:
More informationFIPS 140 2 Non Proprietary Security Policy: Kingston Technology DataTraveler DT4000 Series USB Flash Drive
FIPS 140 2 Non Proprietary Security Policy Kingston Technology Company, Inc. DataTraveler DT4000 G2 Series USB Flash Drive Document Version 1.8 December 3, 2014 Document Version 1.8 Kingston Technology
More informationApplication Note. Atmel CryptoAuthentication Product Uses. Atmel ATSHA204. Abstract. Overview
Application Note Atmel CryptoAuthentication Product Uses Atmel Abstract Companies are continuously searching for ways to protect property using various security implementations; however, the cost of security
More informationARM Cortex STM series
ARM Cortex board 1 ARM Cortex STM series 2 STM32 Series 3 Abbreviation FS full speed HS high speed MC motor controller MSI multi speed internal oscillator RNG random number generator SDIO secure digital
More informationUSB Portable Storage Device: Security Problem Definition Summary
USB Portable Storage Device: Security Problem Definition Summary Introduction The USB Portable Storage Device (hereafter referred to as the device or the TOE ) is a portable storage device that provides
More informationSoftware Hardware Binding with Quiddikey
Software Hardware Binding with Quiddikey Mass scale solution against software piracy Secure your digital life Software-Hardware Binding solutions are typically required for Flash-based systems in which
More informationNXP Secure Smart Card Controllers P5CD016V1D / P5CD021V1D / P5CD041V1D / P5Cx081V1D with DESFire EV1
NXP Secure Smart Card Controllers P5CD016V1D / P5CD021V1D / P5CD041V1D / P5Cx081V1D with DESFire EV1 Rev. 1.1 24 October 2011 BSI-DSZ-CC-0707 Evaluation documentation Document information Info Keywords
More informationSKP16C62P Tutorial 1 Software Development Process using HEW. Renesas Technology America Inc.
SKP16C62P Tutorial 1 Software Development Process using HEW Renesas Technology America Inc. 1 Overview The following tutorial is a brief introduction on how to develop and debug programs using HEW (Highperformance
More informationHardware Security for Trustworthy C2X Applications Marko Wolf
Hardware Security for Trustworthy C2X Applications Marko Wolf C2C-CC/CAMP Harmonization Workshop, Wolfsburg, Germany, 15.3.2012 Outline 1. Three General Reasons for Automotive Hardware Security Modules
More informationMessage Authentication Codes
2 MAC Message Authentication Codes : and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l08, Steve/Courses/2013/s2/css322/lectures/mac.tex,
More informationArchitekturen und Einsatz von FPGAs mit integrierten Prozessor Kernen. Hans-Joachim Gelke Institute of Embedded Systems Professur für Mikroelektronik
Architekturen und Einsatz von FPGAs mit integrierten Prozessor Kernen Hans-Joachim Gelke Institute of Embedded Systems Professur für Mikroelektronik Contents Überblick: Aufbau moderner FPGA Einblick: Eigenschaften
More informationFondamenti su strumenti di sviluppo per microcontrollori PIC
Fondamenti su strumenti di sviluppo per microcontrollori PIC MPSIM ICE 2000 ICD 2 REAL ICE PICSTART Ad uso interno del corso Elettronica e Telecomunicazioni 1 2 MPLAB SIM /1 MPLAB SIM is a discrete-event
More informationSafety and Security Features in AUTOSAR
Safety and Security Features in AUTOSAR Nagarjuna Rao Kandimala, Michal Sojka Czech Technical University in Prague 166 27 Praha 6, Czech Republic Thursday 15 th November, 2012 Contents 1 Introduction 2
More informationDesigning a System-on-Chip (SoC) with an ARM Cortex -M Processor
Designing a System-on-Chip (SoC) with an ARM Cortex -M Processor A Starter Guide Joseph Yiu November 2014 version 1.02 27 Nov 2014 1 - Background Since the ARM Cortex -M0 Processor was released a few years
More informationEmbedded Display Module EDM6070
Embedded Display Module EDM6070 Atmel AT91SAM9X35 Based Single Board Computer BY Product Overview Version 1.0 Dated: 3 rd Dec 2013 Table of Contents Product Overview... 2 Introduction... 2 Kit Contents...
More informationSystem Design Issues in Embedded Processing
System Design Issues in Embedded Processing 9/16/10 Jacob Borgeson 1 Agenda What does TI do? From MCU to MPU to DSP: What are some trends? Design Challenges Tools to Help 2 TI - the complete system The
More informationSide Channel Analysis and Embedded Systems Impact and Countermeasures
Side Channel Analysis and Embedded Systems Impact and Countermeasures Job de Haas Agenda Advances in Embedded Systems Security From USB stick to game console Current attacks Cryptographic devices Side
More informationConfidentio. Integrated security processing unit. Including key management module, encryption engine and random number generator
Confidentio Integrated security processing unit Including key management module, encryption engine and random number generator Secure your digital life Confidentio : An integrated security processing unit
More informationSPI I2C LIN Ethernet. u Today: Wired embedded networks. u Next lecture: CAN bus u Then: 802.15.4 wireless embedded network
u Today: Wired embedded networks Ø Characteristics and requirements Ø Some embedded LANs SPI I2C LIN Ethernet u Next lecture: CAN bus u Then: 802.15.4 wireless embedded network Network from a High End
More informationSecure Hardware PV018 Masaryk University Faculty of Informatics
Secure Hardware PV018 Masaryk University Faculty of Informatics Jan Krhovják Vašek Matyáš Roadmap Introduction The need of secure HW Basic terminology Architecture Cryptographic coprocessors/accelerators
More informationCustomer Experience. Silicon. Support & Professional Eng. Services. Freescale Provided SW & Solutions
September 2013 Silicon Support & Professional Eng. Services Customer Experience Freescale Provided SW & Solutions Provide Valued Software, Support & Professional Engineering Services, Competitively 2 Customer
More informationDeliverable D2.2: Specification of security services incl. virtualization and firewall mechanisms
Project acronym: OVERSEE Project title: Open Vehicular Secure Platform Project ID: 248333 Call ID: FP7-ICT-2009-4 Programme: 7th Framework Programme for Research and Technological Development Objective:
More informationCautions When Using BitLocker Drive Encryption on PRIMERGY
Cautions When Using BitLocker Drive Encryption on PRIMERGY July 2008 Fujitsu Limited Table of Contents Preface...3 1 Recovery mode...4 2 Changes in hardware configurations...5 3 Prior to hardware maintenance
More informationSecure Cloud Storage and Computing Using Reconfigurable Hardware
Secure Cloud Storage and Computing Using Reconfigurable Hardware Victor Costan, Brandon Cho, Srini Devadas Motivation Computing is more cost-efficient in public clouds but what about security? Cloud Applications
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure
More informationFIPS 140-2 Non- Proprietary Security Policy. McAfee SIEM Cryptographic Module, Version 1.0
FIPS 40-2 Non- Proprietary Security Policy McAfee SIEM Cryptographic Module, Version.0 Document Version.4 December 2, 203 Document Version.4 McAfee Page of 6 Prepared For: Prepared By: McAfee, Inc. 282
More informationHow encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and
How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and non-repudiation. How to obtain a digital certificate. Installing
More informationSecurity Policy. Trapeze Networks
MP-422F Mobility Point Security Policy Trapeze Networks August 14, 2009 Copyright Trapeze Networks 2007. May be reproduced only in its original entirety [without revision]. TABLE OF CONTENTS 1. MODULE
More informationSoftware Development for Multiple OEMs Using Tool Configured Middleware for CAN Communication
01PC-422 Software Development for Multiple OEMs Using Tool Configured Middleware for CAN Communication Pascal Jost IAS, University of Stuttgart, Germany Stephan Hoffmann Vector CANtech Inc., USA Copyright
More informationMicrotronics technologies Mobile: 99707 90092
For more Project details visit: http://www.projectsof8051.com/rfid-based-attendance-management-system/ Code Project Title 1500 RFid Based Attendance System Synopsis for RFid Based Attendance System 1.
More informationKeeping Up with the Data & Security Demands of the Automotive IoT
Keeping Up with the Data & Security Demands of the Automotive IoT AESIN 2015 Robert Moran Automotive Systems Engineering O C T O B E R 2 0 1 5 External Use Keeping Up with the Data & Security Demands of
More informationFIPS 140-2 Non-Proprietary Security Policy. IBM Internet Security Systems SiteProtector Cryptographic Module (Version 1.0)
FIPS 140-2 Non-Proprietary Security Policy IBM Internet Security Systems SiteProtector Document Version 2.3 August 5, 2010 Document Version 2.3 IBM Internet Security Systems Page 1 of 24 Prepared For:
More informationSecureD Technical Overview
WHITEPAPER: SecureD Technical Overview WHITEPAPER: SecureD Technical Overview CONTENTS section page 1 The Challenge to Protect Data at Rest 3 2 Hardware Data Encryption Provides Maximum Security 3 3 SecureD
More informationBroadSAFE Enhanced IP Phone Networks
White Paper BroadSAFE Enhanced IP Phone Networks Secure VoIP Using the Broadcom BCM11xx IP Phone Technology September 2005 Executive Summary Voice over Internet Protocol (VoIP) enables telephone calls
More informationAutomotive Ethernet Security Testing. Alon Regev and Abhijit Lahiri
Automotive Ethernet Security Testing Alon Regev and Abhijit Lahiri 1 Automotive Network Security Cars are evolving Number of ECUs, sensors, and interconnects is growing Moving to Ethernet networks utilizing
More information802.11 Security (WEP, WPA\WPA2) 19/05/2009. Giulio Rossetti Unipi Giulio.Rossetti@gmail.com
802.11 Security (WEP, WPA\WPA2) 19/05/2009 Giulio Rossetti Unipi Giulio.Rossetti@gmail.com 802.11 Security Standard: WEP Wired Equivalent Privacy The packets are encrypted, before sent, with a Secret Key
More informationIndustrial Flash Storage Trends in Software and Security
January 22, 2013 Industrial Flash Storage Trends in Software and Security Many flash storage devices in embedded applications are used to save data but also function as disks for the OS. Most users are
More informationZigBee Technology Overview
ZigBee Technology Overview Presented by Silicon Laboratories Shaoxian Luo 1 EM351 & EM357 introduction EM358x Family introduction 2 EM351 & EM357 3 Ember ZigBee Platform Complete, ready for certification
More informationPre-tested System-on-Chip Design. Accelerates PLD Development
Pre-tested System-on-Chip Design Accelerates PLD Development March 2010 Lattice Semiconductor 5555 Northeast Moore Ct. Hillsboro, Oregon 97124 USA Telephone: (503) 268-8000 www.latticesemi.com 1 Pre-tested
More informationDesign, Implementation, and Evaluation of a Vehicular Hardware Security Module
Design, Implementation, and Evaluation of a Vehicular Hardware Security Module Marko Wolf and Timo Gendrullis ESCRYPT GmbH Embedded Security, Munich, Germany {marko.wolf, timo.gendrullis}@escrypt.com Abstract.
More informationUM0586 User manual. STM32 Cryptographic Library. Introduction
User manual STM32 Cryptographic Library Introduction This manual describes the API of the STM32 cryptographic library (STM32-CRYP-LIB) that supports the following cryptographic algorithms: AES-128, AES-192,
More informationReverse engineering hardware for software reversers: studying an encrypted external HDD
Reverse engineering hardware for software reversers: studying an encrypted external HDD Joffrey Czarny & Raphaël Rigo / AGI / TX5IT 2015-10-02 / Hardwear.io 2015-10-02 / Hardwear.io 2 Introduction Why
More informationSmartFusion csoc: Basic Bootloader and Field Upgrade envm Through IAP Interface
Application Note AC372 SmartFusion csoc: Basic Bootloader and Field Upgrade envm Through IAP Interface Table of Contents Introduction................................................ 1 Introduction to Field
More informationXTREMIO DATA AT REST ENCRYPTION
White Paper XTREMIO DATA AT REST ENCRYPTION Abstract Data at Rest Encryption is a mandatory requirement in various industries that host private or sensitive data. This white paper introduces and explains
More informationST19NP18-TPM-I2C. Trusted Platform Module (TPM) with I²C Interface. Features
Trusted Platform Module (TPM) with I²C Interface Data brief Features Single-chip Trusted Platform Module (TPM) Embedded TPM 1.2 firmware I²C communication interface (Slave mode) Architecture based on ST19N
More informationSilabs Ember Development Tools
Silabs Ember Development Tools Presented by Silicon Laboratories Shaoxian Luo 1 Development Tools Desktop Network Analyzer Debug Adapter Packet Trace Port Desktop Network Analyzer provides a macroscopic
More informationFastboot Techniques for x86 Architectures. Marcus Bortel Field Application Engineer QNX Software Systems
Fastboot Techniques for x86 Architectures Marcus Bortel Field Application Engineer QNX Software Systems Agenda Introduction BIOS and BIOS boot time Fastboot versus BIOS? Fastboot time Customizing the boot
More informationHow To Use Atmel'S Atmel Crypto Device For A Year On A Computer Or Cell Phone
Atmel Crypto Products Portfolio Family of Secure Authentication Solutions Atmel Crypto Products Portfolio The Atmel Crypto Products Portfolio offers full system security solution options for a wide variety
More information