Path: EDN Asia >> Design Centre >> Automotive >> Basics of automotive instrument cluster architectures (Part 2)
Automotive Share print

Basics of automotive instrument cluster architectures (Part 2)

28 Sep 2015  | Deepak Mahajan, Vikas Agarwal, Arjun Pal Chowdhury

Share this page with your friends

Secure debugger access: Security of a device versus testability is always a vulnerable area for the hackers. It is important to provide the debug capabilities on the devices in case there is a device malfunction or misbehaviour. But since the debug access provides an insight of the devices and opens the device for certain critical tests, it should be protected through some mechanism. The approaches usually used are password protection with challenge-response mechanism, restricted debugging capabilities, etc.

Password protection: To allow access to the deviceā€šÄôs secure modules and other critical memory regions, there is usually password protection that is implemented. Further protection of access and availability of these passwords is critical and can be implemented using a challenge response mechanism.

Security applications of cluster device
Immobilizer: The electronic immobilizer is used as a component of theft protection of automobiles. To protect the malicious user from using a fake key, authentication takes place between the ignition key and other electronic control units of the car. The authentication steps are as follows:

When ignition is turned ON using the car key, the challenge response begins. A transmitter, i.e. ECU (challenger) generates a random number using True Random Number Generator and sends it to the car key. The responder (the car key) encrypts the random number using a secret cryptographic key and sends back the encrypted message to the challenger. The challenger then decrypts the encrypted message with the same secret key and compares it with the actual transmitted key. In this way the authenticity of the responder is validated. The entropy of the random number generator should be very high; otherwise an attacker can fake the identity of the responder by monitoring the encrypted message and sending it back to the challenger.

Mileage protection: Mileage fraud artificially raises the cost of used vehicles and can be controlled through odometer protection. Mileage protection is achieved in security-based microcontrollers through:

Preventing unauthorised access to the odometer unit through "SHE" based hardware solutions.

The protected ECUs allow secure communication using challenge and response mechanisms achieved through crypto keys and secure memory.

Component protection: Component protection again uses the challenge response authentication to identify the replacement of automotive components, unintended by the manufacturer. A challenge-response is run between an engine control unit (which will be a security master assigned by an algorithm during the start up phase or it can be fixed assigned by OEM) and other components of a car. UID is sent to the Security Master by each of the car components in encrypted form using a crypto key. If the UID doesn't match with the internal database stored at SM end, it blocks the start of the engine.



Secure-on-board communication: The ECUs that communicate to the outside world and to the internal vehicle network, pose the biggest risk for car security. These ECUs can become the part of the communication system over which data is sent. An attacker can hack the communication bus and can manipulate the data on the bus. This can be controlled by using strong cryptographic methods which involves complex and truly random keys. Such keys cannot be retrieved just by monitoring the data traffic on the bus for long enough.

Passive Anti Theft System: An example could be a key immobilizer, which in case of challenge authentication failure, can keep a fuel pump or starter disabled. The sensors that capture the RF signals (encrypted ID sent by key) are designed to pick up only nearby signals to avoid car theft.

Tyre Pressure Monitoring System: Each tyre has a pressure sensor which monitors the tyre pressure and sends the real time data to the ECU. It is possible to make hack the TPMS system if connected to the network and make it think that there is some problem with the tyre or the TPMS system.


Device memory requirements
SRAM (System RAM): SRAM is the primary memory of the chip. It constitutes one of the major portions of the available on-chip RAM on the device. It is mainly used to put the application code of the core responsible for AUTOSAR related execution. It is also enabled with ECC protection for safety and quality reasons. It is used along with a part of Flash to store the AUTOSAR application code. SRAM can also be used to store graphics application code depending upon the use case requirement. The device also supports a low-power mode, within which a portion of the system RAM remains powered in a state capable of retaining RAM contents.

 First Page Previous Page 1 • 2 • 3 • 4 Next Page Last Page


Want to more of this to be delivered to you for FREE?

Subscribe to EDN Asia alerts and receive the latest design ideas and product news in your inbox.

Got to make sure you're not a robot. Please enter the code displayed on the right.

Time to activate your subscription - it's easy!

We have sent an activate request to your registerd e-email. Simply click on the link to activate your subscription.

We're doing this to protect your privacy and ensure you successfully receive your e-mail alerts.


Add New Comment
Visitor (To avoid code verification, simply login or register with us. It is fast and free!)
*Verify code:
Tech Impact

Regional Roundup
Control this smart glass with the blink of an eye
K-Glass 2 detects users' eye movements to point the cursor to recognise computer icons or objects in the Internet, and uses winks for commands. The researchers call this interface the "i-Mouse."

GlobalFoundries extends grants to Singapore students
ARM, Tencent Games team up to improve mobile gaming


News | Products | Design Features | Regional Roundup | Tech Impact