Security risks hidden in in-vehicle electronic systems

It is clear that automotive systems require a modern approach to flash memory.
Via an encrypted and secure standard SPI bus, unlike conventional flash memory technology on the market,
New techniques are needed to enable code and data transfer between secure domains and SoC/MCU.
In the future, these more secure flash memory solutions will continue to grow, especially as cyberattacks become more widespread and sophisticated.
It is likely to become a requirement to meet security guidelines and standards.

Introduction

The Internet of Things (IoT) is bringing new opportunities to change the way people live, work and play.
However, as everyday life becomes more networked, hacker attacks and security breaches on every new IoT device
Risk will increase.
Most of us are familiar with why we need to keep our most trusted devices, such as mobile phones and laptops, secure.
You probably haven't thought much about the connected intelligence that makes cars convenient today.
The fact is, these systems are easy targets for security breaches.

Just look at Tesla's Model 3, one of the most intelligent cars in the automotive industry.
In March 2019, hackers targeted the car's infotainment system by exploiting an image rendering JIT (Just In Time) bug.
Successfully seized control of the system.
This was part of a hacking event and did not endanger the actual owner, but
It exposed a security hole.
If cars continue to become more intelligent and connected to the world's growing IoT infrastructure, then this weakness should be addressed and
We have to solve it.

Applications Drive More Security and Safety Needs

Automotive electronic systems are steadily becoming more intelligent.
As shown in the figure below, advanced electronic functions are added throughout the vehicle, such as ADAS, gateways, powertrain, infotainment, V2V, V2X, etc.
It will be done.
These new features are calling for increased security and safety, especially around the system-critical component of flash memory.
Although flash memory has been around for decades, it has now evolved to serve the automotive industry.
However, today's embedded flash memory is a legacy technology and
The problem is that it has significant security risks because of the architecture it is based on.

Safety and security in in-vehicle systems is a basic requirement, as defined by the ISO 26262 standard, ensuring an acceptable level of risk
doing.
These risks are managed by automakers and subsystem suppliers, but as automotive electronics become more complex,
Functional safety is also the responsibility of IC manufacturers, including flash memory that stores critical code and data.

In-vehicle security is about hiding information and encrypting everything to prevent information leaks through advanced techniques such as side-channel attacks.
Data stored in flash memory arrays should be disassembled and mixed and encrypted, and communication channels should be strongly encrypted.
Similarly, 100% observability, error detection, and maximum disclosure of information are critical to the safety of in-vehicle systems.
The data must be validated and tested to ensure a very high quality level close to 0 DPPM.
In addition, defect analysis should be used to detect the root cause of defects and strive to improve quality.

In the next article, I will explain what you should actually do in the in-vehicle system.

Click here for more

Inquiry

If you have any questions regarding this article, please contact us below.

Back to Winbond Manufacturer Information Top

If you want to return to Winbond manufacturer information top page, please click below.