Germany-based Infineon Technologies is claiming to be world’s first semiconductor manufacturer to put a Trusted Platform Module (TPM) specifically for automotive applications on the market. The new ‘OPTIGA TPM 2.0’ protects communication between the car manufacturer and the car which increasingly turns into a computer on wheels. A number of car manufacturers are already said to be designed in Infineon’s OPTIGA TPM.
The TPM is a hardware-based security solution that has proven its worth in IT security. By using it, car manufacturers can incorporate sensitive security keys for assigning access rights, authentication and data encryption in the car in a protected way. The TPM can also be updated so that the level of security can be kept up to date throughout the vehicle’s service life.
Securing the car from the first line of code
Incorporating the first or initial key into the vehicle is a particularly sensitive moment for car makers. When the TPM is used, this step can be carried out in Infineon’s certified production environment. After that, the keys are protected against unauthorised access; there is no need for further special security precautions throughout the various stages of the – often globally distributed – value chain.
The TPM likewise generates, stores and administers further security keys for communication within the vehicle. And it is also used to detect faulty or manipulated software and components in the vehicle and initiate troubleshooting by the manufacturer in such a case.
Whereas a vehicle has an average service lifetime of 12 to 15 years, security features and algorithms keep on being developed and enhanced on a continuous basis. The TPM’s firmware can be updated by remote access so the security it offers can be kept up-to-date – including the cryptographic mechanisms (cryptoagility).
“As a computer on wheels, the connected car benefits from the experience of the IT industry,” said Martin Brunner, expert for automotive security at Infineon. “In the complex interplay between software, network and cloud, security hardware creates the solid foundation for secured communication. Backed by Infineon’s many years of expertise in the automotive and security areas, we have optimised the OPTIGA TPM for automotive applications. It is easy to integrate and substantially increases cybersecurity – from production to recycling of connected cars.”
Intuitively built and internationally compliant
Infineon claims that the new OPTIGA TPM 2.0 SLI 9670 is a plug & play solution for automotive applications. It is especially suited for use in a central gateway, the telematics unit or the infotainment system of the vehicle. It consists of an attack-resistant security chip and high-performance firmware developed in accordance with the latest security standard. Furthermore, the firmware enables immediate use of security features, such as encryption, decryption, signing and verification. The TPM can be integrated quickly and easily in the system thanks to the open source software stack (TSS stack) for the host processor, which is also provided by Infineon. It has an SPI interface, an extended temperature range from -40°C to 105°C and the advanced encryption algorithms RSA-2048, ECC-256 and SHA-256.
The company says that the TPM complies with the internationally acknowledged ‘Trusted Computing Group TPM 2.0’ standard, is certified for security according to Common Criteria and is qualified in accordance with the automotive standard AEC-Q100. It is available now available and manufactured in security-certified production facilities of Infineon Germany and the Philippines.
The Company reported sales of around €7.1 billion (Rs 59,162 crore) with about 37,500 employees worldwide.
Also read: When the petabyte car becomes a dead end