vector cyber security solution vhsm firmware...u key derivation functions (kdf) and key exchange u...
TRANSCRIPT
V1.01.04 | 2019-07-11
MICROSAR.HSM – Optimized and Flexible Software for Hardware Security Modules
Vector Cyber Security Solution – vHSM Firmware
© 2019. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V1.01.04 | 2019-07-11
u Introduction
Fundamentals
MICROSAR.HSM - Features
MICROSAR.HSM - Architecture
MICROSAR.HSM - Integration and Workflow
Summary
Agenda
2/25
© 2019. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V1.01.04 | 2019-07-11
Cybersecurity in Automotive
Introduction
Cybersecurity gains increasing importance in automotive industry due to highly connected vehicles and accessible customer interfaces. Vehicles become a part of the internet of things.
Therefore, highly complex algorithms have to be executed efficiently in an isolated portion within the ECUs. A secure storage for cryptographic secrets is needed as well.
At this, a hardware security module including its software is used to provide necessary performance and isolation with appropriate small footprints.
Vector Solution
At a glance u
3/25
© 2019. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V1.01.04 | 2019-07-11
Layered Security Concept – Defense in Depth
Introduction
Secure External Communication
Secure Gateways
Secure In-Vehicle
Communication
Secure Platform
u Secure communication to services outside the vehicle via TLS
u Intrusion detection mechanisms
u Firewalls
u Key Infrastructure / Vehicle PKI
u Synchronized secure time
u Message authentication codes (MAC)
u Freshness to ensure integrity of messages
u Encryption to ensure confidentiality of messages
u Secure key storage
u Secure boot and secure flash
u Crypto algorithm library
u HW trust anchor (HTA)
u E.g. Hardware Security Modules (HSM)
Associated Security Controls
4/25
© 2019. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V1.01.04 | 2019-07-11
Firewall
Key Infrastructure
Secure On Board Com.
Secure Off Board Com.
Intrusion Detection / Prevention
Monitoring / Logging
Hypervisor
Crypto Primitives Download Manager
Connectivity Gateway
CU
Instrument
ClusterDSRC 4G LTE
Laptop
Tablet
Smart-phone
Central Gateway
ADAS DC
Smart Charging
Powertrain DC
Chassis DC
Body DC
Secure Flash/Boot
Security Mechanisms allocated in Example Architecture
Introduction
Head Unit
Secure SynchronizedTime Manager
Diagnostic Interface
5/25
© 2019. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V1.01.04 | 2019-07-11
Introduction
u Fundamentals
MICROSAR.HSM - Features
MICROSAR.HSM - Architecture
MICROSAR.HSM - Integration and Workflow
Summary
Agenda
6/25
© 2019. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V1.01.04 | 2019-07-11
Based On Crypto Peripheral
u Accelerating cryptographic algorithms in crypto peripheral
u Hardware support / acceleration possible
u No isolated secure core or memory available
u Secrets and application data in same memory
u No updates of crypto hardware are possible
Based On Pure Software Approach
u Executing cryptographic algorithms in software
u No hardware support / acceleration possible
u No isolated secure core or memory available
u May occupy many CPU resources (CPU time)
u Code size and speed highly depends on the microcontroller
Approaches for Cryptographic Solutions
Fundamentals
Microcontroller
CPU
RAM Flash
SW Crypto
Network Interface
internal connection
vehicle network
Microcontroller
CPU
RAM FlashHW
Crypto
Network Interface
internal connection
vehicle network
7/25
© 2019. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V1.01.04 | 2019-07-11
Secure hardware extension (SHE)
Fundamentals
u SHE design objectives
u Provide a secure anchor
u Define basic feature set of cryptographic services
u Low cost
u On-chip extension within an MCU
u Provides a set of cryptographic services to the application layer
u Isolates the secret keys from the rest of the MCU resources
u Cryptographic services based on AES-128
u Encryption & decryption
u CMAC generation & verification
u Random number generation
u Boot loader verification
u Unique device identification
u Stores secret keys in a dedicated NVM not accessible by the application
u The keys are referenced by an index (from 0 to 14)
u Keys are updated in the secure memory with a specific procedure
Microcontroller
CPU
Peripherals (CAN, UART, ...)
SHE – Secure Hardware Extension
Control Logic
HW Crypto
Secure Memory
Secure Zone
8/25
© 2019. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V1.01.04 | 2019-07-11
Hardware security module (HSM)
Fundamentals
u HSM design objectives
u Harden ECUs against SW and selected HW attacks
u Provide HW acceleration for crypto functions
u Support ECU to ECU communication protection
u Standardized by EVITA
u EVITA HSM profiles
u HSM full: > Support strong authentication (e.g. via RSA, ECC)
> Support complex block ciphers
> High performance
u HSM medium: > Secure ECU 2 ECU communication
u HSM small:> Secure critical sensors / actuators
> Simple block ciphers
> Low cost modules
SHE behavior can be emulated on an HSM
Microcontroller
HSM
CPU
RAM FlashHW
Crypto
Network Interface
internal connection
vehicle network
Secure Memory
CPU
SW Crypto
Secure Zone
Target architecture for MICROSAR.HSM
9/25
© 2019. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V1.01.04 | 2019-07-11
Introduction
Fundamentals
u MICROSAR.HSM - Features
MICROSAR.HSM - Architecture
MICROSAR.HSM - Integration and Workflow
Summary
Agenda
10/25
© 2019. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V1.01.04 | 2019-07-11
MICROSAR.HSM: vHsm – What it actually is and does.
MICROSAR.HSM - Features
u Execution of cryptographic services in an trusted environment
u Large library of crypto algorithms/primitives
u Cryptographic basic functions (hash, random numbers)
u Message authentication code (HMAC, CMAC)
u Symmetric and asymmetric crypto ciphers
u Supporting signature generation and verification
u Providing protected storage for security assets (e.g. keys)
u Providing secure startup protocol (SecureBoot / AuthenticatedBoot / TrustedBoot)
u Supporting hardware acceleration for better performance
u Providing possibilities to securely update vHsm software
u Modular architecture with extensive configuration space
u Adaptable HSM firmware to match use case requirements and foot print
u Comprehensive configuration tool DaVinci Configurator
u Add-Ons to support OEM specific requirements
MICROSAR.HSM – Functionality MICROSAR.HSM – Configuration
vHsm is an efficient and flexible software stack for hardware security modules that is adaptable to your use case in order to improve cybersecurity.
u Secure boot in combination with flash bootloader
u Secure software update and code signing for the application
u Secure OnBoard Communication (SecOC)
MICROSAR.HSM – Exemplary Use Cases
11/25
© 2019. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V1.01.04 | 2019-07-11
u Basic functions and symmetric crypto algorithms
u Hash (e.g. SHA-256, SHA-384, SHA-512,…)
u Random number generation
u MAC Generation and Verification> CMAC
> HMAC
u Cipher> AES in the modes ECB, CBC, GCM
u Key derivation functions (KDF) and key exchange
u KDF in counter mode
u Concatenation KDF
u Key exchange protocol EC-DHE
u Asymmetric crypto algorithms**
u RSA (Generation and Verification of Signatures)
u RSA (Encryption and Decryption)
u ECDSA (Generation and Verification of Signatures)
u EdDSA
u RSASSA-PSS
Supported Basic Functions and Cryptographic Algorithms*
MICROSAR.HSM - Features
* A full list of supported algorithms can be found in the annex
** These algorithms require vHSM Add-On Asymmetric Crypto
Example: Symmetric encryption and decryption
Example: ECC signature for integrity protected flash programming
12/25
© 2019. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V1.01.04 | 2019-07-11
u Data can be passed in plaintext to and stored inside the HSM
u Includes symmetric/asymmetric keys and certificates
u Any other (security related) data (e.g. mileage, freshness values, certificates) can be stored as well
u Key Installation of symmetric keys according SHE 1.1
u Support of counter handling
u UID can be read out
u Extensive configuration options per key/data:
u RAM-Key or persisted Key
u Redundant and reset safe key storage
u Pre-loading / cashing of keys on startup reduce loading times
u No limitation regarding the amount of keys*
u Locking of keys until secure boot has finished
u Write once keys
u Immediate or deferred (“lazy”) persisting of Keys
Secure Key and Data Storage
MICROSAR.HSM - Features
kprivate
kpublic
ksecret
Secure Mem
Example: Secure key, mileage and SecOC freshness value storage
Authentic I-PDU
Freshness Value
MACSecured I-
PDU Header
SecOC Message:
*only limited by available hardware memory resources
13/25
© 2019. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V1.01.04 | 2019-07-11
u vHSM provides an error log, which can be used to log error events which occur on the HSM
u Errors can be written to secure data flash and read out by application
u The maximum number of log entries is configurable
u Reporting of Det Errors on vHSM
u Can be treated as error and logged
u Can be forwarded to application
u Det of vHSM works as proxy of the host DET> Errors are forwarded and reported on the host
u Source code delivery allows better debugging, code reviews and customization within custom crypto driver
vHSM Error Log, DETs and Debugging
MICROSAR.HSM - Features
14/25
© 2019. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V1.01.04 | 2019-07-11
u Support of different secure startup modes:
u Secure Boot / Sequential mode: Jobs can be executed as a sequence so that application is not started before finishing secure boot jobs
u Authenticated Boot / Parallel mode: Jobs can be executed in parallel to application start to enable fast boot times
u Trusted Boot / mixed mode: first job is started automatically before host cores are started, other jobs can than be triggered for background check
u Secure startup can be split up in several jobs/phases
u Auto-start of jobs can be configured
u e.g. for boot-manager verification
u Configurable secure boot sanctions are:
u System reset
u HSM Halt
u None
u Custom
Secure Startup Support - Basics
MICROSAR.HSM - Features
Example: Signatures for code signing and secure boot update
15/25
© 2019. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V1.01.04 | 2019-07-11
Introduction
Fundamentals
MICROSAR.HSM - Features
u MICROSAR.HSM - Architecture
MICROSAR.HSM - Integration and Workflow
Summary
Agenda
16/25
© 2019. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V1.01.04 | 2019-07-11
u The vHSM firmware consists of vHSM dedicated and Vector standard modules
u Modular architecture with configurable modules to optimally meet use case needs (footprint and latency)
u Crypto(vHSM) host driver in compliance with ISO 26262 ASIL A/B and ASIL C/D
Delivery contains:
u vHSM Software Integration Package (SIP)
u Crypto(vHSM) driver
u as part of MICROSAR SIP or
u as Mini SIP for 3rd Party Stacks
u DaVinci Configurator Pro for vHSM configuration
Available Add-Ons:
u Asymmetric Crypto
u vHsm Updater
u Certificate Handling*
u OEM specific extensions*
Delivery Content and Options of vHSM
MICROSAR.HSM - Architecture
u vHSM is independent of MICROSAR and FBL but has all necessary interfaces and modules for interaction, simplified integration, configuration and debugging!
* Please contact Vector for availability
17/25
© 2019. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V1.01.04 | 2019-07-11
Internal Architecture of the vHSM
MICROSAR.HSM - Architecture
Microcontroller
vHSM
vHSM CryIfvHSM KeyM
Crypto Hardware
Accelerator
Crypto Software Library
Custom Crypto Job
Secure Memory
vHSM Job Processor
RAMHSM Channel
HSM Channel
HSM Channel
HSM Channel
AUTOSAR 4.3BSW
Flash Bootloader
Secure Boot and Update
Support
HSM Channel
RTE
SYS
COM
MCAL
SWC / Application
Crypto(vHSM)
OS
Application core subsystem
HSM subsystem
Shared memory
18/25
© 2019. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V1.01.04 | 2019-07-11
Introduction
Fundamentals
MICROSAR.HSM - Features
MICROSAR.HSM - Architecture
u MICROSAR.HSM - Integration and Workflow
Summary
Agenda
19/25
© 2019. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V1.01.04 | 2019-07-11
Integration Scenarios with Vector Software
MICROSAR.HSM - Integration and Workflow
vHSM + MICROSAR
u Advantages> Better tool support → DaVinci Configurator
provides consistency between MSR and vHSM configurations
> Combination already in use
> Better technical support possible
> Easier debugging
vHSM + FBL*
u Advantages> Secure Startup support
> Updating SecureBoot based on segmentation table update on host
> Better tool support
> Usage of vHsm crypto primitives for secure software downloads/updates from FBL
> Using vHsm key storage from FBL
*For availability of vHsm integration in FBL and supported features please contact Vector
20/25
© 2019. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V1.01.04 | 2019-07-11
u Comprehensive configuration with DaVinci Configurator Pro
u DaVinci Configurator Pro provides pre-config file to sync vHSM configuration with MICROSAR configuration including:
u Available primitives
u Available and configured keys
Configuration of vHSM: Synchronization
MICROSAR.HSM - Integration and Workflow
Developer 1
DaVinci Cfg5
vHSM config
Developer 2
DaVinci Cfg5
MSR config
*.arxml
Generate pre-config file as output
Input asAdditional Definitions
- Available primitives
- Available and configured Keys
21/25
© 2019. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V1.01.04 | 2019-07-11
u Prevent execution of tampered ECU software by means of a chain of trust
u Integrity check is performed at ECU startup
u Each software unit involved in the boot process validates the integrity of the subsequent software unit, forming a chain of trust
u Validation can be done via checking signature / MAC
u Keys and MAC must be stored in a secure area
vHSM supports Secure Boot in:
u Secure key and MAC storage
u Signature / MAC verification
u 1..n secure boot segments with
u Configurable keys
u Configurable sanctions
u Configurable performance improvement options
u Sequential or parallel secure boot
u Isolation of host and secure domains
Example Use Case: Secure Boot
MICROSAR.HSM - Integration and Workflow
vHSM
FBL
App
FBL Code CMAC
App Code CMAC
Start
Start
22/25
© 2019. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V1.01.04 | 2019-07-11
Introduction
Fundamentals
MICROSAR.HSM - Features
MICROSAR.HSM - Architecture
MICROSAR.HSM - Integration and Workflow
u Summary
Agenda
23/25
© 2019. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V1.01.04 | 2019-07-11
MICROSAR.HSM: vHsm – What it actually is and does.
Summary
u Execution of cryptographic services in an trusted environment
u Large library of crypto algorithms/primitives
u Cryptographic basic functions (hash, random numbers)
u Message authentication code (HMAC, CMAC)
u Symmetric and asymmetric crypto ciphers
u Supporting signature generation and verification
u Providing protected storage for security assets (e.g. keys)
u Providing secure startup protocol (SecureBoot / AuthenticatedBoot / TrustedBoot)
u Supporting hardware acceleration for better performance
u Providing possibilities to securely update vHsm software
u Modular architecture with extensive configuration space
u Adaptable HSM firmware to match use case requirements and foot print
u Comprehensive configuration tool DaVinci Configurator
u Add-Ons to support OEM specific requirements
MICROSAR.HSM – Functionality MICROSAR.HSM – Configuration
vHsm is an efficient and flexible software stack for hardware security modules that is adaptable to your use case in order to improve cybersecurity.
u Secure boot in combination with flash bootloader
u Secure software update and code signing for the application
u Secure OnBoard Communication (SecOC)
MICROSAR.HSM – Exemplary Use Cases
24/25
© 2019. Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V1.01.04 | 2019-07-11
Author:Dr.-Ing. Falco BappVector Germany
For more information about Vectorand our products please visit
www.vector.com