Automotive Gateway: A Key Component to Securing the Connected Car

Similar documents
arm MULTICORE PLATFORMS FOR ADVANCED APPLICATIONS Product Longevity

NXP LPCOpen LPC11xx Release Notes

Securing the future of mobility

Rapid IoT prototyping kit: SLN-RPK-NODE

Upgrade the Solution With No Changes 2 Upgrade the Solution With No Changes If a Codebase does not contain updates to its properties, it is possible t

C-ITS: Three observations on LTE-V2X and ETSI ITS-G5 A comparison

USB Bootloader GUI User s Guide

Automotive Anomaly Monitors and Threat Analysis in the Cloud

PCB Layout Guidelines for the MC1321x

MC33696MODxxx Kit. 1 Overview. Freescale Semiconductor Quick Start Guide. Document Number: MC33696MODUG Rev. 0, 05/2007

MPC8349E-mITX-GP Board Errata

Power Cycling Algorithm using the MMA73x0L 3-Axis Linear Accelerometer

MIGRATING TO CAN FD. Tony Adamson. Marketing Director CAN / LIN / FlexRay

The modern car has 100 million lines of code and over half of new vehicles will be connected by 2020.

Connected Car Solutions Based on IoT

Using the Project Board LCD Display at 3.3 volts

Performance Analysis using NXP s i.mx RT1050 Crossover Processor and the Zephyr OS

Electrode Graphing Tool IIC Driver Errata Microcontroller Division

QorIQ Layerscape A Converged Architecture Approach

NXP LPCOpen LPC43XX Release Notes

Using the PowerQUICC II Auto-Load Feature

Component Development Environment Installation Guide

Addendum to HPCN User s Guide: Quick-Start Guide

EchoRemote Evaluation Software for Windows

Migrating from the MPC852T to the MPC875

Sicherheitsaspekte für Flashing Over The Air in Fahrzeugen. Axel Freiwald 1/2017

etpu General Function Set (Set 1) David Paterson MCD Applications Engineer

Mechanical Differences Between the 196-pin MAP-BGA and 196-pin PBGA Packages

MC33897 Single-Wire CAN Transceiver Reliability and Quality Documents

MPR083 Proximity Evaluation Kit User s Guide

Freescale BeeStack Documentation Overview Document Number: BSDO Rev /2008

NXP LPCOpen LPC43XX Release Notes

Cybersecurity Challenges for Connected and Automated Vehicles. Robert W. Heller, Ph.D. Program Director R&D, Southwest Research Institute

56F8300 BLDC Motor Control Application

SGTL5000 I 2 S DSP Mode

ColdFire Convert 1.0 Users Manual by: Ernest Holloway

M2MD Communications Gateway: fast, secure, efficient

Design Recommendations to Implement Compatibility Between the MC13783VK and the MC13783VK5

MC33794 Touch Panel System Using E-Field Sensor Setup Instructions

Updating the Firmware on USB SPI Boards (KITUSBSPIEVME, KITUSBSPIDGLEVME)

Optically-Isolated Multilink BDM Interface for the S08/S12 Microcontrollers by Michael A. Steffen

13W-AutoSPIN Automotive Cybersecurity

MPC8260 IDMA Timing Diagrams

INSPIRING IOT INNOVATION: MARKET EVOLUTION TO REMOVE BARRIERS. Mark Chen Taiwan Country Manager, Senior Director, Sales of Broadcom

Countermeasures against Cyber-attacks

Introduction to LIN 2.0 Connectivity Using Volcano LTP

SynkroRF Network. User s Guide

Turbocharging Connectivity Beyond Cellular

Pad Configuration and GPIO Driver for MPC5500 Martin Kaspar, EMEAGTM, Roznov Daniel McKenna, MSG Applications, East Kilbride

SW-Update. Thomas Fleischmann June 5 th 2015

Using the Multi-Axis g-select Evaluation Boards

HC912D60A / HC912Dx128A 0.5µ Microcontrollers Mask sets 2K38K, 1L02H/2L02H/3L02H & K91D, 0L05H/1L05H/2L05H

KPIT S Connected Vehicle Practice

MASP Chapter on Safety and Security

Using IIC to Read ADC Values on MC9S08QG8

SIMPLIFYING THE CAR. Helix chassis. Helix chassis. Helix chassis WIND RIVER HELIX CHASSIS WIND RIVER HELIX DRIVE WIND RIVER HELIX CARSYNC

MPXH6250A SERIES. Freescale Semiconductor Technical Data MPXH6250A. Rev 2, 01/2007

MCF5445x Configuration and Boot Options Michael Norman Microcontroller Division

Automotive Cyber Security

UNECE WP29/TFCS Regulation standards on threats analysis (cybersecurity) and OTA (software update)

56F805. BLDC Motor Control Application with Quadrature Encoder using Processor Expert TM Targeting Document. 56F bit Digital Signal Controllers

NetComm Software Errata

SECURING DEVICES IN THE INTERNET OF THINGS

MC56F825x/MC56F824x (2M53V) Chip Errata

Connected Cars Architecture, Challenges and Way Forward. Whitepaper 1

M2MD Communications Gateway: fast, secure and efficient

MPR121 Jitter and False Touch Detection

Utilizing Extra FC Credits for PCI Express Inbound Posted Memory Write Transactions in PowerQUICC III Devices

ARM processors driving automotive innovation

MPXHZ6400A. Freescale Semiconductor Technical Data. MPXHZ6400A Rev 0, 08/2005

MPC7410 RISC Microprocessor Hardware Specifications Addendum for the MPC7410TxxnnnLE Series

MTIM Driver for the MC9S08GW64

Autorama, Connecting Your Car to

Ordering Information Industry standard SOT343R package Device weight = g (typical) Available only in tape and reel packaging Available only in

Performance Testing BroadR-Reach Automotive Ethernet

MPC5200(b) ATA MDMA, UDMA Functionality BestComm Setup Recommendations

16-bit MCU: S12XHY256 Automotive Cluster Demo by: Jose M. Cisneros Steven McLaughlin Applications Engineer Microcontroller Solutions Group, Scotland

Multi-Layered Security Framework for Metro-Scale Wi-Fi Networks

THE RTOS AS THE ENGINE POWERING THE INTERNET OF THINGS

Secure Ethernet Communication for Autonomous Driving. Jared Combs June 2016

CONNECTED MOBILITY SOLUTIONS

Application Strategic Focus

Internet of Things Toolkit for Small and Medium Businesses

Gallium Arsenide PHEMT RF Power Field Effect Transistor

Using GCR4 to Adjust Ethernet Timing in MSC8144 DSPs

SECURING DEVICES IN THE INTERNET OF THINGS

Configuring the MCF5445x Family for PCI Host Operation

Integrated Silicon Pressure Sensor On-Chip Signal Conditioned, Temperature Compensated and Calibrated

Functional Differences Between the DSP56307 and DSP56L307

European Conference on Nanoelectronics and Embedded Systems for Electric Mobility. Automotive Ethernet The Road Ahead

Advanced IP solutions enabling the autonomous driving revolution

TRENDS IN SECURE MULTICORE EMBEDDED SYSTEMS

Securing Devices in the Internet of Things

Managing Failure Detections and Using Required Components to Meet ISO7637 pulse 1 on MC33903/4/5 Common Mode Choke Implementation

LFAE Bootloader Example and Interface for use with AN2546 Daniel McKenna MCD Applications, East Kilbride Scotland

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

Riccardo Mariani, Intel Fellow, IOTG SEG, Chief Functional Safety Technologist

The Key Principles of Cyber Security for Connected and Automated Vehicles. Government

PowerQUICC II Parity and ECC Capability

MCF5216 Device Errata

Transcription:

Automotive : A Key Component to Securing the Connected Car Introduction Building vehicles with gateways electronic devices that enable secure and reliable communications among a vehicle s electronic systems is an emerging trend in the automotive industry. An increasing number of electronic systems contribute more than 90% of modern vehicle innovations and features. This growth is transforming vehicle network architectures with automotive gateways that provide seamless communications between heterogeneous vehicle networks and address data bandwidth, security, and safety challenges. Connected cars are potential targets for remote attacks, and without proper protection, they can be compromised, resulting in loss of control, driver injury, and costly litigation. Fortunately, gateway security mechanisms can help greatly reduce the risk of cyberattacks to maximize driver safety, as well as prevent vehicle theft and loss of intellectual property. An automotive gateway serves a critical role in vehicle security, in addition to performing data routing functions, and supporting new, vehicle-wide applications. What Is a? Increased consumer demand for greater vehicle functionality is spurring more complex electronics in cars with an increased number of computers called Electronic Control Units (s) with different network interfaces. Modern vehicles can integrate over 100 s connected over multiple networks such as (Control Area Network), (Local Interconnect Network),, and Ethernet. The heterogeneous vehicle networks have unique protocols with a wide range of data rates. is used for lowspeed applications like sensors and actuators (20 kbps), is used for medium-speed applications, including most -to- communications (1-5 Mbps), is used for real-time, safety-critical applications (10 Mbps), and Ethernet is used for high-speed applications such as infotainment and advanced driver-assistance systems (ADAS), as well as wireless interfaces (3G/4G/future 5G, BT, Wi-Fi, V2X) (100 Mbps to gigabit speeds). A gateway is a central hub that securely and reliably interconnects and processes data across these heterogeneous vehicle networks. It provides physical isolation and protocol translation to route data between functional domains (powertrain, chassis and safety, body control, infotainment, telematics, ADAS) that share data to enable new features. s allow engineers to design more robust and functional vehicle networks that can enhance the driving experience.

Vehicle manufacturers (OEMs) are highly motivated to create new features to differentiate themselves from competition. A gateway is essential for enabling autonomous driving which requires secure connectivity and highbandwidth communications across functional domain s. Being central to the vehicle networks, the gateway is also ideal to support vehicle-wide applications such as Over-the-Air (OTA) updates and vehicle analytics with secure communications to OEM servers (cloud). KEY 100 MbpsEthernet Connectivity Telematics Unit Central On-Board Diagnostics Port Infotainment Radio Amp Front Display Rear Display Speakers In-Vehicle Experience Driver Replacement Body and Comfort Powertrain and Vehicle Dynamics Fig. 1 Automotive Bridges Functional s and Heterogeneous Vehicle Networks Capabilities The main function of a gateway is to provide secure, seamless communications between networks and s, including bridging between the many internal networks of the vehicle and the external networks of the outside world. The smooth transfer of data is essential for ensuring s have the information they need for proper vehicle operation, so the gateway must provide any-to-any network communications and with low latency and jitter. There are many gateway capabilities that are required to accomplish the seamless communications. The following table provides a summary of key gateway capabilities (not an exhaustive list). Capability Protocol Translation Data Routing Diagnostic Routing Firewall Message Mirroring Intrusion Detection Network Management Key Management OTA Management Description Translating data and control information to/from incompatible networks to enable communications between them Routing of data on a path to reach its intended destination. It may be on different networks requiring protocol translation. Routing of diagnostic messages between external diagnostic devices and s which may involve translation between diagnostic protocols such as DoIP and UDS. Filtering inbound and outbound network traffic based on rules, disallowing data transfers from unauthorized sources. Advanced firewalls may include context-aware filtering. Capturing data from received interfaces to transmit over another interface for diagnostics or data logging (storage) Monitoring network traffic for anomalies that may indicate intrusion Manages the states and configuration of the network and s connected to network, and support diagnostics Secure processing and storage of network keys and certificates Managing remote OTA firmware updates of s within the vehicle that are accessible from the gateway 2

Key Capabilities Summary A gateway in a connected car is ideal for managing remote OTA updates of s firmware. The few vehicles that support OTA updates today typically only update the infotainment or telematics systems. OTA updates through a gateway, which interfaces with all vehicle functional domains, allow OEMs to remotely fix/prevent vehicle problems, address security vulnerabilities, and enable new features that improve the user experience and can generate revenue. NXP has optimized gateway processors to support efficient, and flexible OTA updates. The NXP whitepaper Making Full Vehicle OTA Updates a Reality provides more details. Speaking of Security Addressing the fast-growing automotive market requirements for security is an increasingly complex challenge. Automotive networks can be targets of cyberattacks especially legacy networks like that were not designed with security in mind making them vulnerable to forged messages and jamming attacks. Connected cars external wireless interfaces present another attack vector that increase security risks further. Hackers could extract assets such as private information or cryptographic keys or impact the operation of vehicle by exploiting implementation vulnerabilities. These security risks can in part be mitigated with a Secure as part of a multi-layer security architecture. NXP delivers a comprehensive, multi-layer approach for automotive security. The NXP whitepaper Cybersecurity for s: Attacks and Countermeasures is also an excellent reference that dives into more details and guidance on security protections for s, including gateways. The Secure layer acts as a firewall that controls access from the external interfaces (such as the Internet) to the vehicle s inner network, and controls which nodes in the vehicle s network can communicate with each other. It also provides functional domain isolation; for example, between an untrusted infotainment system and trusted safety-critical systems. The Secure Processing layer provided by NXP gateway processors features secure boot and real-time integrity checking schemes to guarantee code is authentic, trusted, and unaltered, and provide an embedded Hardware Security Module (HSM) for cryptography and secure key management. isolation, firewall/filter, centralized intrusion detection (IDS) TCU OBD Infotainment Safety domain Comfort domain Driver Replacement Comfort Vehicle Dynamics Body Powertrain Fig. 2 Secure and Processing Security mechanisms also protect the interfaces and communications through message authentication to validate senders, encryption to protect data integrity and privacy, and traffic monitoring for intrusion detection to prevent externally-induced hazards that can impact safety. It is crucial that a gateway has a trusted execution environment that is physically isolated, has secure memory, and is resistant to physical attacks to maintain the security integrity. 3

Looking to the Future Connected cars are like mobile devices: always-connected devices with increasing complexity, performance, and security requirements. Future autonomous vehicles s must work together to sense, process, and act to drive. This requires moving and processing a tremendous amount of data securely between s. Connected cars will continue to drive higher data bandwidth requirements with 5G cellular. There is a trend to move to multi-gigabit Ethernet for internal networking, and eventually as a backbone for communications between domains. The transition to Ethernet may distribute gateway functionality into domain controllers (DCs) that provide localized processing/control and routing data between legacy automotive interfaces, while a central gateway routes Ethernet data packets between domains within the vehicle. s will continue to evolve to meet these architectural changes and challenges to perform capably (bandwidth, latency, performance, security). NXP is leading the way to enable next-generation automotive gateways with optimized solutions. KEY Connectivity On-Board Diagnostics Port Central Telematics Unit 100 Mbps Ethernet In-Vehicle Experience Driver Replacement Body and Comfort Speakers Fig. 3 Powertrain and Vehicle Dynamics Evolution to Central with Ethernet Backbone and s Secure Connectivity Network Management Over-the-Air Updates Body Control HVAC Seat Module Comfort Modules Connectivity GATEWAY Body & Comfort Driver Replacement In-vehicle Experience Vision Radar Ultrasonic Autonomous Powertrain & Vehicle Dynamics EV/HEV Engine Transmission Chassis Steering ecockpit Fig. 4 Central Interconnects Functional s 4

NXP and the Connected Car NXP Semiconductors is the world leader in vehicle network (gateway) processors and In-Vehicle Networking (IVN), providing about half of all network connections found in a new car.,,, and Ethernet networks with robust processors tie everything together, ensuring reliable, safe, and secure communication between the electronics inside the vehicle. IVN systems and gateways must be easy to design, using products with characteristics that meet real network needs. High integration levels reduce component count, reduce robustness in the challenging vehicle environment, and reduce system cost. NXP offers complete system solutions and reference designs for gateways with vehicle network processors, secure elements, network transceivers, switches, and power management devices optimized to work together. V bat Power Management Networks Interface Networks Interface Processor Ethernet PHY Ethernet Network(s) Network Interface Ethernet Switch NXP Technology Fig. 4 NXP Offers Complete Solution For more information, please visit the NXP website at: https://www.nxp.com/gateway 5

How to Reach Us: Home Page: www.nxp.com Web Support: www.nxp.com/support USA/Europe or Locations Not Listed: NXP Semiconductor Technical Information Center, EL516 2100 East Elliot Road Tempe, Arizona 85284 +1-800-521-6274 or +1-480-768-2130 www.nxp.com/support Europe, Middle East, and Africa: NXPHalbleiter Deutschland GmbH Technical Information Center Schatzbogen 7 81829 Muenchen, Germany +44 1296 380 456 (English) +46 8 52200080 (English) +49 89 92103 559 (German) +33 1 69 35 48 48 (French) www.nxp.com/support Japan: NXP Japan Ltd. Yebisu Garden Place Tower 24F, 4-20-3, Ebisu, Shibuya-ku, Tokyo 150-6024, Japan 0120 950 032 (Domestic Toll Free) www.nxp.com/jp/support/ Asia/Pacific: NXP Semiconductor Hong Kong Ltd. Technical Information Center 2 Dai King Street Tai Po Industrial Estate Tai Po, N.T., Hong Kong +800 2666 8080 support.asia@nxp.com www.nxp.com NXP and the NXP logo are trademarks of NXP B.V. All other product or service names are the property of their respective owners. 2018 NXP B.V. Document Number: AUTOGWDEVWPUS REV 0

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback