ARM Processor With Independent Hardware Security Module Protects CAN Bus Networks From Cyber Threats
The STA1385 by STMicroelectronics is a fully automotive, power efficient System-On-Chip (SoC), targeting cost effective processing solutions for innovative Telematics and Connectivity applications including Cyber-security protection.
It features a powerful Dual ARM Cortex-A7 processor, an embedded and independent Hardware Security Module (HSM), an isolated sub-system based on ARM Cortex-M3 for vehicle CAN interfaces and a full set of standard connectivity interfaces, including a dual Gbit ETH AVB controller and Flexray.
According to STMicroelectronics, the Telemaco3P telematics and connectivity processors (STA1385 and its variants) are the first automotive micro-processors to integrate an isolated Hardware Security Module (HSM), which acts like an independent security guard to watch data exchanges and encrypt and authenticate messages. The HSM checks the authenticity of received messages and any external devices that try to connect and protects against eavesdropping.
With this HSM on-chip, Telemaco3P devices are ahead of the general-purpose application processors typically found in current connected-car systems, which lack dedicated hardware-based security, said the company. ST’s chips also comes with a 105 °C maximum temperature rating for use in locations that can become extremely hot, such as on top or directly beneath the roof in a smart antenna. The HSM also runs software-security algorithms, giving freedom for the main high-performance CPU to host more applications.
Integrated CAN FD, Gigabit-Ethernet, and 100-Mbit/s Secure Digital I/O interfaces allow the Telemaco3P family to be used as communication gateways throughout the vehicle, for linking infotainment systems, or ECUs connected to the CAN network. This includes door controllers, engine or transmission management systems, or body electronics. The Telemaco3P features two CAN FD and one Classical CAN interface. Essential power-management circuitry is also integrated.
The STA1385 is designed to comply with the automotive functional-safety standard ISO 26261, up to safety integrity level B (Asil-B), and meet the Autosar specification for protected communication across the CAN network. Telemaco3P devices can run Posix-compliant operating systems (OS), giving users flexibility to choose their OS for a variety of intended use cases.
- Download/View the STMicroelectronics STA1385 data sheet (PDF)...
- Download/View Telemaco3P automotive family of telematics and connectivity microprocessor (PDF)...
- More Information...
When the Controller Area Network (CAN) was designed, security was not a requirement. The primary usage of CAN was considered closed; possible intruders or attackers would simply not get physical or remote access to the network. However, today it is more and more common that devices connected to a CAN system also have connections to other networks, including the Internet.
Recent car hacks have shown that attackers may get access to CAN systems. Without strong security features, an attacker automatically gains full access to everything connected, allowing active control commands to be recorded and replayed. In this book we examine which options developers of CAN based systems realistically can use to provide adequate security features.
What can we do - without using heavy-weight security features? What can we do - to detect possibly injected messages? What can we do - without any hardware change? What can we do - with minimal software change? The CANcrypt protocol and software is introduced as a scalable security solution for the Controller Area Network.
The SAM D5x and SAM E5x microcontroller (MCU) families are available from Microchip Technology. These 32-bit MCU families offer connectivity interfaces, performance and hardware-based security for a variety of applications.E5X Device Options:E51 (2 X CAN-FD)E53 (Ethernet MAC)E54 (2 X CAN-FD and Ethernet MAC)The SAM D5/E5 microcontrollers combine the performance of an ARM Cortex-M4 processor with a Floating [...]
The LPCXpresso54608 Development Board by NXP Semiconductors provides a powerful and flexible embedded development system for the NXP LPC546 ARM® Cortex®-M family of MCUs. The LPCXpresso54608 Development Board contains the target LPC54608 device with an on-board, CMSIS-DAP / SEGGER J-Link compatible debug probe. The on-board probe is compatible with the MCUXpresso IDE and other toolchains such as those [...]
The CEC1702 hardware cryptography-enabled microcontroller is now available from Microchip Technology, a provider of microcontroller, mixed-signal, analog and Flash-IP solutions. The CEC1702 is designed to address the increasing need for security measures, such as secure boot, driven by the continual growth of Internet of Things (IoT) applications. The CEC1702 is an ARM Cortex-M4-based microcontroller with a complete hardware cryptography-enabled [...]
Artila Electronics, a designer and manufacturer of embedded device networking and computing, released their RIO-2015PG, a FreeRTOS programmable remote I/O module. The RIO-2015PG is powered by a 32-bit Atmel SAM4E16E 120MHz ARM Cortex M4 processor, which comes with 256KB SRAM, 3MB Flash and the FreeRTOS real time operating system. The industrial I/O of RIO-2015PG features [...]
The Teensy is a breadboard-friendly development board that comes with loads of features in a very small package. Each Teensy 3.1 or 3.2 comes pre-flashed with a boot-loader so it can be programmed using the on-board USB connection, i.e. there is no external programmer required. You can program for the Teensy in your favorite program editor using C or you can [...]