How carmakers and Tier-1 suppliers can secure connected cars

Author : STMicroelectronics

Connected cars provide opportunities for car makers and Tier-1 suppliers to introduce new functionalities and services such as infotainment, digital key systems, authentication, and vehicle-to-everything (V2X) communication. While these new possibilities promise many benefits, cybersecurity experts have voiced well-founded concerns over how this connectivity is secured. Let’s discover how we can ensure the highest level of security in connected cars, in a timely and cost-effective manner.

Hardware secure MCUs: the safest road to security

Among the different strategies available to tighten security, hardware systems offer greater protection against tampering and other malicious attacks than any software-based approach. EAL6+ Common Criteria certified, ST’s secure hardware element offers the highest level of security currently available. Named ST33K-A, the product provides authentication, confidentiality, and integrity services to protect car manufacturers and Tier-1 suppliers against cloning, counterfeiting, malware injection and unauthorized production.

ST33K-A was specifically developed for the automotive industry. Designed to protect any kind of device from unauthorized access, this tamper-proof MCU can store confidential and cryptographic data, protect credentials and run secure, unique authentication and identification services. More specifically, ST33K-A securely generates and stores encryption keys in a Root of Trust (RoT) platform to encrypt and decrypt data “on demand”. These tasks can be performed effectively in harsh environments, from –40 °C up to 105 °C. In terms of performance, the chip incorporates the most recent generation of Arm® processors.

Easy Lego-like modular developments

ST’s hardware secure MCU has more to offer than just security. It can host and run a wide range of in-cabin applications, such as Qi charging pads, digital car keys and ‘plug and go’ platforms. To create and secure these connected services in a timely manner, ST has developed an easy-to-use modular approach. Developers can use the ST33K-A secure element as a strong security hardware foundation. Depending on their targeted applications, they can add STSAFE-V, a secure system solution for vehicles, with either a STSAFE-VJ multi-SoC solution based on Java Card or a STSAFE-TPM dedicated solution. This agile development process is the preferred solution of thousands of OEMs. More than 1.5 billion units of ST33 have been sold and customized so far.

ST provides end-to-end confidentiality. ST33K-A units are produced using certified manufacturing processes, through a trusted supply chain with pre-provisioned secrets and certificates. Sensitive customer data is handled in a highly confidential environment. Developers receive a set of software libraries and drivers to ensure their secure and seamless integration into the final device. If necessary, ST can also develop tailored innovative solutions that meet specific customer needs.

Affordable security access points

The automotive industry is moving to deliver the right level of security. But change doesn’t happen overnight. While a secure element might be the only viable route to security, concerns about the cost of implementing such a secure element into every single device may arise. ST’s R&D team is committed to helping carmakers and Tier-1 suppliers to gradually upgrade their architecture in a cost-effective way. As a leader in integrated solutions, ST R&D experts can create access points, with one single secure element addressing various applications.

Make sure you aren’t ignoring threats. Build new competitive infotainment services that keep hackers out with ST33K-A and STSAFE-V.

For more information visit, ST blog.