AUTOSAR KeyM – Certificate Handling
Transcript of AUTOSAR KeyM – Certificate Handling
![Page 1: AUTOSAR KeyM – Certificate Handling](https://reader031.fdocuments.us/reader031/viewer/2022012015/615a680d967f5b45c3387528/html5/thumbnails/1.jpg)
V2.01.00 | 2019-11-19
Security Webinar November 2019
AUTOSAR KeyM – Certificate Handling
![Page 2: AUTOSAR KeyM – Certificate Handling](https://reader031.fdocuments.us/reader031/viewer/2022012015/615a680d967f5b45c3387528/html5/thumbnails/2.jpg)
2
Importance of Cryptographic Material
KeyM Module
Certificate Structure
KeyM Interfaces for Certificate Handling
KeyM Configuration for Certificate Handling
Summary
Agenda
![Page 3: AUTOSAR KeyM – Certificate Handling](https://reader031.fdocuments.us/reader031/viewer/2022012015/615a680d967f5b45c3387528/html5/thumbnails/3.jpg)
3
Cryptographic keys are the foundation for technical security mechanismsImportance of Cryptographic Material
Connectivity Gateway
CU
Instrument
ClusterDSRC 4G
LTE
Laptop
Tablet
Smart-phone
Central Gateway
ADAS DC
Smart Charging
Powertrain DC
ChassisDC
BodyDC
Head Unit
Diagnostic Interface
For security reasons different keys are used for different security related use cases, e.g.
Secure flashing of ECUs (a.k.a code signing, secure reprogramming)
Secure boot of ECUs
Diagnostic access control
Secured communication between the ECUs of a vehicle (e.g. via SECOC)
Secure communication from the ECU to external services (e.g. via TLS)
SW update over the air (SOTA)
Remote feature activation
Component theft protection
Immobilizer
Mobile online services
…
The affected ECUs require a considerable number of cryptographic keys
![Page 4: AUTOSAR KeyM – Certificate Handling](https://reader031.fdocuments.us/reader031/viewer/2022012015/615a680d967f5b45c3387528/html5/thumbnails/4.jpg)
4
Importance of Cryptographic Material
KeyM Module
Certificate Structure
KeyM Interfaces for Certificate Handling
KeyM Configuration for Certificate Handling
Summary
Agenda
![Page 5: AUTOSAR KeyM – Certificate Handling](https://reader031.fdocuments.us/reader031/viewer/2022012015/615a680d967f5b45c3387528/html5/thumbnails/5.jpg)
5
OverviewKeyM Module
Goal: Simplifies typical and common key lifecycle
management tasks
Basic Functions and Key Aspects: Receives new cryptographic material (keys,
certificates) via diagnostic routines Verifies authenticity, integrity and freshness of
cryptographic material Provides callouts to integrate with business logic for
different typical key lifecycle phases (production, initialization, update, repair, replacement)
Supports onboard key agreement protocols Supports secure distribution of shared secret keys Logs security events to security event memory
(SEM)
Microcontroller
RTE
CRYPTO
CAN
COM
ETH
MCAL
DIAG
CSM
CRYPTO (HW)
CRYIF
CRYPTO (SW)
ApplicationApp
SYS
KEYM
SEM
Hardware Trust Anchor (HTA)
DCM
![Page 6: AUTOSAR KeyM – Certificate Handling](https://reader031.fdocuments.us/reader031/viewer/2022012015/615a680d967f5b45c3387528/html5/thumbnails/6.jpg)
6
SubmodulesKeyM Module
KeyM consists of: Key Submodule and Certificate Submodule
Key Submodule: initialize, update and maintain cryptographic key material
Certificate Submodule:
• Allow BSW modules and SWCs to perform operations with
certificates on a central point within AUTOSAR software architecture
• Verication of single certificates as well as complete certificate chain
• Retrieving and verification of elements from a certificate
• Cryprographic operations are performed by associated crypto jobs,
defined in CSM
• Secure storage in key storage locations of the CSM or NVM
![Page 7: AUTOSAR KeyM – Certificate Handling](https://reader031.fdocuments.us/reader031/viewer/2022012015/615a680d967f5b45c3387528/html5/thumbnails/7.jpg)
7
Importance of Cryptographic Material
KeyM Module
Certificate Structure
KeyM Interfaces for Certificate Handling
KeyM Configuration for Certificate Handling
Summary
Agenda
![Page 8: AUTOSAR KeyM – Certificate Handling](https://reader031.fdocuments.us/reader031/viewer/2022012015/615a680d967f5b45c3387528/html5/thumbnails/8.jpg)
8
Public Key CertificatesCertificate Structure
Certificate Public Key Subject
Valid since… until…
Additional content
Signature
Content
Private Key
![Page 9: AUTOSAR KeyM – Certificate Handling](https://reader031.fdocuments.us/reader031/viewer/2022012015/615a680d967f5b45c3387528/html5/thumbnails/9.jpg)
9
Chain of trust with digital certificatesCertificate Structure
Public Key CA Certificate
Public Key
Subject
Valid since… until…
Additional content
Signature
Private Key
Signature of root certificate cannot be verified (it is self-signed)
Certificate Authority (CA) can issue new certificates by signing them with itsprivate key.
User certificates reside at the bottom level of this trust chain hirarchy.
Public Key CA Certificate
Public Key
Subject
Valid since… until…
Additional content
Signature
Private Key sign
sign
Public Key Certificate
Public Key
Subject
Valid since… until…
Additional content
Signature
End User Certificate
Private Key
verify
![Page 10: AUTOSAR KeyM – Certificate Handling](https://reader031.fdocuments.us/reader031/viewer/2022012015/615a680d967f5b45c3387528/html5/thumbnails/10.jpg)
10
Standardization: Structure of X.509 certificatesCertificate Structure
![Page 11: AUTOSAR KeyM – Certificate Handling](https://reader031.fdocuments.us/reader031/viewer/2022012015/615a680d967f5b45c3387528/html5/thumbnails/11.jpg)
11
Certificate HandlingKeyM Interfaces for Certificate Handling
KeyM_ServiceCertificate()
KeyM_SetCertificate()
KeyM_GetCertificate()
KeyM_CertElementGet()
KeyM_CertGetStatus()
KeyM_VerifyCertificates()
KeyM_VerifyCertificate()
KeyM_VerifyCertificateChain()
KeyM_CertElementGetFirst()
KeyM_CertElementGetNext()
Set Root or Intermediate Certificate, Update, StoreSet Working Certificate
Retrieve Certificate Information
Verification
Retrieve Data from Certificates
with Iteratable Elements
![Page 12: AUTOSAR KeyM – Certificate Handling](https://reader031.fdocuments.us/reader031/viewer/2022012015/615a680d967f5b45c3387528/html5/thumbnails/12.jpg)
12
Importance of Cryptographic Material
KeyM Module
Certificate Structure
KeyM Interfaces for Certificate Handling
KeyM Configuration for Certificate Handling
Summary
Agenda
![Page 13: AUTOSAR KeyM – Certificate Handling](https://reader031.fdocuments.us/reader031/viewer/2022012015/615a680d967f5b45c3387528/html5/thumbnails/13.jpg)
13
Configuration – Verification Job and Key DependenciesKeyM Configuration for Certificate Handling
Mdl Certificate Configuration
Root
Signature Verify Job Ref
Signature Verify Key Ref
Job 1
Job Key Ref
Job 3
Job Key Ref
Key 1
Key 2
Key 3
Intermediate
Working Certificate
Signature Verify Job Ref
Signature Verify Key Ref
Signature Verify Job Ref
Signature Verify Key Ref
Job 2
Job Key Ref
«use forverification»
«use forverification»
«use forverification»
![Page 14: AUTOSAR KeyM – Certificate Handling](https://reader031.fdocuments.us/reader031/viewer/2022012015/615a680d967f5b45c3387528/html5/thumbnails/14.jpg)
14
Configuration – Algorithm FamilyKeyM Configuration for Certificate Handling
Additional parameter: used to give more information about the used algorithm
Needs to be set for KeyMCertAlgorithmType ECC
![Page 15: AUTOSAR KeyM – Certificate Handling](https://reader031.fdocuments.us/reader031/viewer/2022012015/615a680d967f5b45c3387528/html5/thumbnails/15.jpg)
15
Configuration – Public Key ConfigurationKeyM Configuration for Certificate Handling
CertificateSubjectPublicKeyInfo_PublicKeyAlgorithm: element for object identifier of public key
CertificateSubjectPublicKeyInfo_SubjectPublicKey: element for plain data of public key
![Page 16: AUTOSAR KeyM – Certificate Handling](https://reader031.fdocuments.us/reader031/viewer/2022012015/615a680d967f5b45c3387528/html5/thumbnails/16.jpg)
16
Importance of Cryptographic Material
KeyM Module
Certificate Structure
KeyM Interfaces for Certificate Handling
KeyM Configuration for Certificate Handling
Summary
Agenda
![Page 17: AUTOSAR KeyM – Certificate Handling](https://reader031.fdocuments.us/reader031/viewer/2022012015/615a680d967f5b45c3387528/html5/thumbnails/17.jpg)
17
Importance of cryptographic material (keys, certificates)
Certificate handling is covered by KeyM (AUTOSAR 4.4)
Functions provided by KeyM for certificate handling
Configuration of certificate properties
Topic for next webinar: AUTOSAR concept for distributed onboard Intrusion Detection System (IDS)
Key PointsSummary
![Page 18: AUTOSAR KeyM – Certificate Handling](https://reader031.fdocuments.us/reader031/viewer/2022012015/615a680d967f5b45c3387528/html5/thumbnails/18.jpg)
18 © 2015. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V2.01.00 | 2019-11-19
Author:Dr. Eduard MetzkerVector Informatik GmbH
For more information about Vectorand our products please visit
www.vector.com