SEMICONDUCTOR AND SYSTEM SECURITY FOR A …tntdpc.com/automotiveelectronics/speak/Speakers...

EXTERNAL USE

ASHOK CHANDAKSR. DIRECTOR : GLOBAL SALES AND MARKETING

DEC 2016

SEMICONDUCTOR AND SYSTEM SECURITY FOR A CONNECTED WORLD AND ADAS

©2015 NXP Semiconductors

EXTERNAL USE1

ACCELERATING TECHNOLOGY TRENDS

Secure Connections for a Smarter World

Everything

Connected

1B+ additional

consumers online,

30B+ connected devices

Everything

Smart

40B+ devices with

intelligence shipped

Everything

Secure and Safe

Potential savings to

economy up to

half trillion dollars

Source: Euromonitor; Gartner; ARM Holdings; UBS; Center for Strategic and International Studies;

McAfee, NXP analysis, International Telecommunications Union

ProcessingConnectivitySecurity

EXTERNAL USE2

NXP BUSINESSES Security & Connectivity

Digital Networking

Best-in-class security, contactless

performance and the most complete

solutions to produce unmatched

mobile and IoT solutions

High-performance multicore

solutions that transport, analyze

and secure data from the edge

of the network to the cloud

Automotive

RF

Sensor and processing

technology driving all aspects

of the secure connected cars

of today and the autonomous

cars of tomorrow

Solutions spanning the wireless

infrastructure, broadcast, medical,

mobile radio, military, aviation,

cooking and industrial markets

Standard Products

Leading supplier for all major

automotive, identification,

wireless infrastructure, industrial,

mobile, lighting, consumer and

computing manufacturers

EXTERNAL USE3

Hyper-connectivity is Changing Our World Forever

50 BILLION NETWORKED

DEVICES BY 2020

CONVENIENCESECURITY

MOBILITY

ENERGY EFFICIENCY HEALTH

INDUSTRIAL AUTOMATION

*Source: World Economic Forum

http://www.weforum.org/issues/hyperconnected-world

EXTERNAL USE4

Mobile Commerce

Cyber Security

Brand Protection

Smart MobilityBanking

eGoverment

SEMICONDUCTORS ENABLING SYSTEM SECURITY

EXTERNAL USE5

TODAY: 90% OF AUTO INNOVATION VIA ELECTRONICS

NXP IS #1

#1 Auto Analog/ RF #1 Auto MCU (ex JPN) #1 Auto Merchant MEMS Sensors

#1 INFOTAINMENTTUNERS

SOFTWARE-DEFINED DIGITAL RADIO

MULTIMEDIA PROCESSORS

SOUND SYSTEM DSPs & AMPLIFIERS

NFC BT PAIRING

WIRELESS POWER CHARGING

POWER MANAGEMENT

#1 SECURE CAR ACCESSIMMOBILIZER/ SECURITY

REMOTE KEYLESS ENTRY

PASSIVE KEYLESS ENTRY/ GO

BI-DIRECTIONAL KEYS

NFC

ULTRA WIDE BAND

ADAS & SECURITY POWERTRAIN & CHASSISMICROCONTOLLERS

PRESSURE/ MOTION SENSORS

BATTERY MANAGEMENT

DRIVERS

STANDARD

PRODUCTSLOGIC

POWER

DISCRETES

#1 VEHICLE NETWORKINGCAN/LIN/ FLEXRAY

ETHERNET

CENTRAL GATEWAY CONTROLLER

SECURITY

#1 SAFETYMICROCONTROLLERS AIRBAG

ANALOG AIRBAG

MICROCONTROLLERS BRAKING

ANALOG BRAKING

SENSORS BRAKING

TIRE PRESSURE MONITORING

#1 BODYMICROCONTROLLERS

POSITION/ ANGLE SENSORS

SYSTEM BASIS CHIPS

EXTERNAL USE6

TOMORROW: ENABLING THE SECURE CONNECTED CAR

Radar

Vision

Secure V2X

SENSE

Processing

Sensor Fusion

Security

THINK

Powertrain

Chassis

Braking

ACT

Digital Networking

Infrastructure

Security

BIG DATASecure

Network

Secure

Network

Surround ViewBlind Spot

Detection

Park A

ssist

Rear

Collision

Warning

Park Assistance/

Surround View

Surround

View

Park A

ssist

Cross

Traffic

Alert

Traffic Sign

Recognition

Lane Departure

Warning

Emergency Braking

Pedestrian Detection

Collision Avoidance

Adaptive

Cruise Control

Secure Connected, Self-Driving Cars will

Save >1,3M Road fatalities globally

NXP Offers Complete Secure

ADAS System….

…including Big Data

Infrastructure

EXTERNAL USE7

Surround ViewBlind Spot

Detection

Park A

ssist

Rear

Collision

Warning

Park Assistance/

Surround View

Surround

View

Park A

ssist

Cross

Traffic

Alert

Traffic Sign

Recognition

Lane Departure

Warning

Emergency Braking

Pedestrian Detection

Collision Avoidance

Adaptive

Cruise Control

ADAS: FROM SENSORY DATA TO KNOWLEDGE

Front & Corner Radar

Mono/ Stereo Vision

Secure V2X

PERCEPTION

Safe DAS Processing

Sensor Fusion/ 360

Sense

Grid Mapping

COMPREHENSION

Path Optimization

Intelligent Vehicles

PREDICTIONSafe

Secure

Realiable

Safe

Secure

Reliable

ADAS – INFORMING SITUATIONAL AWARENESS

HIGHLY AUTOMATED VEHICLES (HAD)

INTELLIGENT FUNCTIONS

SCP220x

S32R2/3x

S32V234- S32V244

S32R4x

S32A 25x

EXTERNAL USE8

Applications Trends, Safety Context and Technical

Advancements

Assist Co-Pilot Automate

• NCAP 2016: Lane detect,

pedestrian detection, ACC

• Automotive safety (ASIL B) as

driver is active

• Classic machine learning for

mono front view/ rear view

• 2D/3D Surround View

• Active steering, emergency

braking, HW platoon and self-

park

• Automotive safety (ASIL B - C)

with security

• Optical flow, sensor fusion and

sophisticated classifiers

• 360° sensing; 3D high-

accuracy environmental model

• Fully automated vehicle and

fail operational system

• Deep learning and advanced

machine vision with integrated

V2X

Increasing complexity, increasing safety

EXTERNAL USE9

• Sensor to Centralized mC

• Driver Is Active

• Fail Safe

Assist

• Smart Sensor and Fusion

• Co-Pilot Mode

• Dependability

Partially Automated

• Independent Decision Full Automation

• Driverless

• Fail Operational

Fully Automated or Autonomous

The “Language” of Intelligent Vehicles

• Aut. cruise ctrl

• Lane det./ keep

• Blind spot det.

• Road sign rec.

• Park assist

• EBA

• Highway platoons

• ACC with steer

• Commercial autonomous

vehicles (drones-big vehicle)

• Driverless public transport

• ACC with steer

EXTERNAL USE10

ADAS – Real-Time Network of Sensors, Processors and Actuators

SENSE THINK ACT

Lidar

Ultrasonic

Radar

Camera

Speed

Motion

Instrument cluster

Vehicle Control

Engine

Transmission

Brake

Steering

Airbag

Suspension

Lin

e o

f S

ight

V2X

No

n-L

ine

of

Sig

ht

Ethernet / CAN

Vehic

le S

tate

NXP Portfolio

EXTERNAL USE11

Simplified Autonomous Vehicle Model

Human Machine I/F

Mission,

Behavior

& Motion

Planning

Environment

Perception

Localization

& MapSafe

Auto Pilot

Detection &

Classification

360° Sensing

Driver Monitor

V2x Comm

Vehicle Dynamics

Static Maps

IoT Connectivity

"Intelligent vehicles are a set of agents which

integrate multi-sensor fusion-based environment

perception,modeling, localization and map building,

path planning, decision making and motion control. "

Prof. Cheng - 2011

EXTERNAL USE12

Automated Driving – Computing Challenges

Motion Planning

Mission Planning

Behavior Generation

Real-time Data

Management

Sensor Processing

Dynamic Actuation

Probabilistic

Deterministic

Automated

Drive

Collision

Avoidance

Lane

KeepingCo-Pilot Self Parking

Collision

WarningSign View

Processing resources need to be dynamically managed to execute probabilistic and deterministic functions

... Within the same vehicle context

Number Cruncher

QorIQ Layerscape

72,000 DMIPS

Safety Processor

S32V234

10,000 DMIPS

EXTERNAL USE13

Automated Drive – Prototyping Platform

+

=

S32V234 PCIe® Plug-in BoardLS2085A-RDB

NXP Blue Box

1. Rapid prototype platform

2. Performance analysis tool

3. Optimization of acceleration SW

4. Abstract and virtualize (MILS,

processing affinity)

Coding

SW IntegrationSW Design

HW / SW

Integration

System

Design

System

Requirement

System

Integration &

Calibration

Simulation

Rapid Prototype SW to HW in the loop

EXTERNAL USE14

‘Blue Box’ Prototyping Platform: 2015-17

Autonomous Vehicle ECU

LS2085A

Coherency FabricSMMU SMMU

Trust

Flash Controller

Power Mgt

SDXC/eMMC

2x DUART, 4xI2C

SPI, GPIO, JTAG

SMMU

64-bit

DDR2/3

Memory Controller

64-bit

DDR4

Memory

Controller

1MB

Platform

Cache

2x USB3.0 + PHY

Queue

Mgr.

Buffer

Mgr.

SECDCE 8x10 + 8x1 Ethernet

PME

64-bit

DDR2/3

Memory Controller

64-bit

DDR4

Memory

Controller

Advanced

IO

Processor

(AIOP)

L2 Switching

Buffering

PC

I

eP

CI

eP

CI

eP

CI

e

SRIOV RC

SA

TA

3.0

SA

TA

3.0

32-bit DDR4

Memory Controller

48KB

L1-I

32KB

L1-D

48KB

L1-I

2MB Banked L2

ARM A57

32KB

L1-D

48KB

L1-I

ARM A57

32KB

L1-D

48KB

L1-I

1MB Banked L2`

ARM A57

32KB

L1-D

48KB

L1-I

ARM A57

32KB

L1-D

48KB

L1-I

48KB

L1-I

32KB

L1-D

48KB

L1-I

2MB Banked L2

ARM A57

32KB

L1-D

48KB

L1-I

ARM A57

32KB

L1-D

48KB

L1-I

1MB Banked L2

ARM A57

32KB

L1-D

48KB

L1-I

ARM A57

32KB

L1-D

48KB

L1-I

48KB

L1-I

32KB

L1-D

48KB

L1-I

2MB Banked L2

ARM A53

32KB

L1-D

48KB

L1-I

ARM A53

32KB

L1-D

48KB

L1-I

256MB Banked L2

ARM A53

32KB

L1-D

32KB

L1-I

ARM A53

32KB

L1-D

32KB

L1-I

Coherency FabricCSE2 - flashless

2x CSI2 4ln

2x 16 bit Par I/F

Power

SDHC

LinFLex

I2C

GPIO, JTAG

4MB

System RAM

CSE2

Gb

ET

H

Fle

xR

AY

M4

32-bit DDR2/3

Memory Controller

32-bit DDR2/3

Memory Controller

LF

AS

T

PC

Ie

GPU

ISPSafe

DMA

Multi

Master

Sram

Ctrl

ADC

FCCU

APEX

2

APEX

2

H.264 MJPEG

S32V234

Fault DetectionMemory Checks, Hardware config checks, Program flow checks, Error management

Sti

mu

lus

Co

ntr

ol

High Level Intelligence

Sensor and Actuator management

High Level Intelligence Monitor

Number Cruncher

Safety Controller

Low Level Intelligence

• Very high performance multicore SoC - 72,000 DMIPS, 64 GFLOPS

• Multiprotocol networking acceleration

• Hardware support for virtualization/separation of real-time and non-real-time

functions

• Secure Boot, Secure Debug, Anti-Tamper

Low Level Intelligence Monitor

• Scalable & SAFE Multicore SoC - ~10,000 DMIPS, 40 GMACS

• SW: Automotive and safe quality

• Secure boot, secure debug, anti-tamper

EXTERNAL USE15

Infotainment & Driver Assistance

Application: Short / mid / long-range radar

Key Product: Dolphin (digital radar front-end)

Orca (radar 1-chip)

Technology:RFCMOS 1-chip integration, C040

Application: Car-2-car/infrastructure comm., DSRC

Key Product: Mars (DSP)

Wispa (RF transceiver)

SmartMX2 (security)

Technology:RFCMOS 1-chip integration

SDR-based multi-standard reception, C065 & C040

Application: Audio Headunit & Sound System

New use cases: engine sound

Key Product: BAP3 / TDF853x (new gen. Class-D)

TDF859x / 8530 (Class-D)

TDF854x (Class-AB)

Technology:Full-digital incl. low-latency ADC, ABCD9

Application: AM/FM, Digital Radio / TV, Audio

Key Product: Dirana, Hero, Atomic (AM/FM)

Cayman, Saturn (Digital Radio / TV)

Mercury (AM/FM/DR - hybrid)

Technology:RFCMOS 1-chip integration

SDR-based multi-standard reception, C065 & C040

Radar

Car-2-X Comm.

Audio Amplifiers

Car Radio / TV

Car Infotainment Driver Assistance

EXTERNAL USE17

CONNECTED CAR – WHY A HACKER‘S TARGET?

Protect Privacy

Easy Access

• Fully Connected Car

• External & internal interfaces

• Wired & wireless interfaces

Prevent unauthorized

Access

High Vulnerability

• Increasing number of nodes

• More advanced features

• X-by-Wire

Valuable Data

• Collection of data/info

• Storage of data

• Diagnostic functions

Increase Safety

Cloud Connection

Smart Car Access

In-Vehicle Network Car2X

Consumer Device Integration

EXTERNAL USE18

ENTRY POINT: WIRELESS CAR INTERFACES

Vicinity of the hacker

Long Range

Mid Range

Short Range

Wired

The Cloud (internet)

BT(LE), car access

NFC

Wireless interfaces allow for remote attacks:

• More anonymous less risk for the attacker

• More people can attempt lower (avg.) cost

• More cars can be affected larger benefits

Easier and scalable, so likelihood is high!

3G, LTE, WiFi, V2X, radio, …

Physical Attacks Lead to Remote Attacks

EXTERNAL USE19

CHALLANGE: VEHICLE NETWORK ARCHITECTURE

Time

Network

Architecture

Protection

Level

Network

Protection

Low Medium High

Full Network is

exposed to Attacks

Gateway controls Access to

sub Networks

Domain Gateways control Access

to Domain Networks

GWG

W

PowertrainSafety

InfotainmentGW

GW GW

GW

EXTERNAL USE20

update

malware

We need to prevent that keys can leak out!

Physical (tamper-resistant) protection of the keys

FROM PHYSICAL TO REMOTE ATTACKExample: remote software update

EXTERNAL USE21

UNOBTRUSIVE

UPGRADABLE

STATE OF THE ART

DECENTRALIZEDLAYERED

REVIEWED

ADDING VALUE

SECURITY BY DESIGN Prerequisite for all applications in the connected world

SECURITY BY

DESIGN

EXTERNAL USE22

Secure Telematics

Securing V2X

Communications

Trust Provisioning

for System Security

Securing Car

Entertainment

SOLUTIONS PREVENTING SECURITY ATTACKSExample: Secure Connected Car

Secure Car Access

EXTERNAL USE23 December 14,

2016

2

3.

Secure Car Access : ApplicationsRemote Keyless

Entry (RKE)

Passive Keyless

Entry (PKE)

Consisting of:

• Car theft protection

• Remote car door lock

and unlock

Consisting of:

• Car Theft protection

• Remote car door lock

and unlock

• Passive keyless entry

• Passive Start

Immobilizer

• Car theft protection

Connected

Keyless Entry

• Car Access via NFC enabled

phones/wearables

• NFC key advantage: secure

transport of keys

• Alternative: Car access via

phone using BLE and key

fob as ‘Gateway’

Car-key communication for:

• Remote start

• Car finder

• Alarm Systems

• Tire pressure information

• Fuel level / Charging state

• Door lock status

Smart

Car Management

EXTERNAL USE242

4.

Secure Car Access: How does it work?

RF data Exchange

Up to 500m2 way RF for convenience & robustness

Smart

Car ManagementµC

RF TRx

µC

RF TRx

Transponder

TP

Base station

BS

1. LF Challenge

2. LF Response

TP*

RF Tx

µC Base station

BS*

RF Rx

Immobilizer function included*

RF signal (rolling code)

(on Button press)

LF Driver

Immo/RKE function included*

LF Rx 1. LF Wake-Up/Challenge

2. RF Response

Immobilizer

Remote Keyless Entry

Passive Keyless Entry TP*µC

RF Rx*RF Tx*

BS*

Authentication for Engine Start

Authentication for Car Entry

Hands free Authentication

LF Tx

12/14/2016 COMPANY CONFIDENTIAL24.

RF Tx*

Connected

Keyless EntryAccess via NFC enabled phones eSE

NFC

eSE

NFCRF data Exchange

Up to 10cm

EXTERNAL USE25

Security: Was the message not modified?

Did it really originate from car A?

Can I trust car A?

Car and message authentication required

to prevent traffic disruption or impersonation

Privacy: Can others track me while driving?

High degree of anonymity (identity hiding) required to

prevent tracking

Emergency Vehicle Warning

Seeing Around Corners

Hazard Warning

Vehicle-to-

Roadside

communication

Inter-vehicle

communications

Emergency

Event

SECURING V2X COMMUNICATIONS

EXTERNAL USE26

SECURING V2X COMMUNICATIONSMessage authentication via digital signatures … with very high performance requirements

• Digital signature

− For authentication (sender identity, content integrity)

− And non-repudiation (no plausible deniability)

• Based on

− Hash function unique identifier for message

− Public-key crypto: two keys, one is private (secret), other public (non-secret)

• ETSI (EU) and IEEE (US) standards mandate ECDSA

− RSA signatures too long (bandwidth limitation)

− Comparable security strength: RSA 3072b ~ ECC 256b ~ AES 128b

• Performance requirements

− Up to 1000 messages per second for signature verification

Public key exchange

(can be part of message)

Hello!

sign

Hello! Hello! Hello!verify

EXTERNAL USE27

Secure

Root of Trust

Secure

Key extraction CA

Prime

Crypto

Engine

User services

Trusted

Environment

restricted

communication

with security

primitives

NXP Digital Radio 1-Chip Receiver

Scrambled data

from content providerConditional Access Application

SECURING CAR ENTERTAINMENTConditional Access for Subscribed Services

• Flexible approach for key ladder usage via embedded CA application

• All (intermediate) keys remain in private Trusted Environment

• Secure root of trust key storage mechanism in place

EXTERNAL USE28

Leadership Security – i.MX Hardware Enablement

Secure Storage

Tamper Resistance

Secure S/W Execution

Identity Management

Secure Data Communications

Secure Network Access

Policies & Certifications

In-line encryption (memory)

Manufacturing protection

Authenticated debug & field returns

Run-time integrity

Trust zone

Secure Storage

Zeroizable RAM

Root of trust

Cryptographic Acceleration

Symmetric and asymmetric accl.

Random number generator

Attack Protection

Active tamper detection (Physical)

DPA protection (side channel)

Secure S/W Execution

Resource domain control

System memory protection unit

On-the-fly decryption (code)

EXTERNAL USE29

Initial Security Module key

OEMs

Tier x Dealer

Trusted Service

ManagerService

Provider

Data/App

Secure communication

Secure

communication

Not impacted by key management

Manufacturing

TRUST PROVISIONING FOR SYSTEM SECURITY

EXTERNAL USE30

SECURE TELEMATICSEnabling Privacy and Fraud Protection

Inte

rfa

ce

Mo

du

le

RF

PA

CAN

USB

GPIO

SIM

ADC

UART

PCM

Antenna

2nd Antenna

Active GPSAntenna

Passive GPSAntenna

NFC Antenna

GPS

NFCSMX

Secure Element

Memory

Baseband

MicroprocessorGSM

Mic

rop

ho

ne

Lo

ud

speake

r

RT

C B

att

ery

Cha

rge

r

Ma

in B

att

ery

Semiconductors as Enabling Technology for

Secure Connections in a Smarter World

Approach Security and Privacy BY DESIGN

TAMPER RESISTANT components

RELIABLE KEY MANAGEMENT schemes

PROVEN & CERTIFIED solutions

Handshake of Government, Industry, Public Definition and consistent exertion of “security &

privacy by design” principles, transparency and

need-to-know principle

The Human in the Center

Secure Identities and Consumer Trust driving

the IoT Market

SUMMARY

SEMICONDUCTOR AND SYSTEM SECURITY FOR A …tntdpc.com/automotiveelectronics/speak/Speakers...

Documents

Transcript of SEMICONDUCTOR AND SYSTEM SECURITY FOR A …tntdpc.com/automotiveelectronics/speak/Speakers...