Introduction

This page is a continuation of "Security risks hidden in in-vehicle electronic systems (1)"and explains what measures should be taken to protect the security of in-vehicle systems.

See our previous article here.

Questions for automakers

Automakers and automotive electronics suppliers are at a crossroads right now, before a real security breach could hit the market in the near future.
Automakers have a choice of which flash memory technology to use,
It greatly influences whether or not a product equipped with the flash memory can protect the vehicle and the passengers when it hits the market.
For example, try asking:

Is the flash memory technology CC EAL certified? And what is that level?

A secure solution is not truly secure or trustworthy unless it is authenticated.
Achieving CC EAL5+ certification demonstrates meeting the highest security requirements in any automotive application, including V2V and V2X.
With this type of security, the architecture will detect even the slightest tampering with data and immediately report it to the host.
Stored data is protected against any tampering, intentional or erroneous overwriting.

Such changes are immediately reported to the host and the reporting system cannot be blocked.
Flash memory arrays should also be protected by an additional layer of bit error detection code with CRC, and sophisticated logic is built into the memory to detect false conditions.
In addition, the SPI interface protocol adds layers of both encryption and error detection to ensure both security and safety against errors.

Does the factory that manufactures flash memory have ISO 26262 certification for safety?

The functional safety standard ISO 26262, which was launched in 2011, is a certification index for verifying whether automotive electronic device suppliers meet the ASIL (Automotive Safety Integrity Level) requirements.
ISO 26262 automotive safety certification includes functional safety, concept phase, system-level, hardware-level, software-level design and verification, manufacturing, operation, maintenance and end-of-life service controls throughout the product lifecycle .
ASIL-D in ISO 26262 stands for the highest level of risk management and components and systems developed to ASIL-D meet the strictest safety requirements.
Flash memory devices that store code for critical automotive functions must meet high security requirements and provide reliable code storage to reduce safety risks.

Is the security implementation upgradeable and programmable? Implementation of RoT (Root of Trust)? Does the solution have platform resiliency?

A secure solution must have some level of platform resiliency that can evolve and adapt over time to protect the system from compromise.
The traditional ROM and flash-in-flash approach used by MCUs and SoCs uses a software implementation, with the RoT code stored in ROM.
These systems cannot be upgraded and are not adaptable to future attacks.
The latest approach, on the other hand, is based on MCU/SoC and programmable secure flash memory.
These solutions use software and hardened hardware-based implementations, making them programmable and upgradeable.
Such programmable, hardware-based RoTs can be continuously updated and provide platform resiliency to deal with an ever-growing variety of threats.

For the above reasons and others, it is clear that automotive systems require a modern approach to flash memory.
Via an encrypted and secure standard SPI bus, unlike conventional flash memory technology on the market,
New techniques are needed to enable code and data transfer between secure domains and SoC/MCU.
In the future, these more secure flash memory solutions will continue to grow, especially as cyberattacks become more widespread and sophisticated.
It is likely to become a requirement to meet security guidelines and standards.
In addition, regulations are expected to become more stringent, further increasing the importance of security and functional safety in automotive applications.

car of the future

Electronics play a vital role in almost every part of today's automobile, including the body, powertrain and infotainment system.

As consumers demand innovation in advanced safety, security, infotainment, comfort and convenience,

As governments' fuel efficiency standards continue to rise, next-generation vehicles will be equipped with more electronic components.

This makes it all the more important that core technologies like flash memory meet the highest security and safety standards.

Threats from hackers are growing in sophistication, requiring semiconductor manufacturers to develop modern approaches that can stop these attacks quickly and effectively.

If you think about your own car, safety and security are absolutely non-negotiable.

Inquiry

If you have any questions regarding this article, please contact us below.

Back to Winbond Manufacturer Information Top

If you want to return to Winbond manufacturer information top page, please click below.