Maxim Integrated Products, Inc. has introduced the DS28E40 DeepCover automotive secure authenticator IC to protect automotive endpoints that are vulnerable to cyberattacks. The chip authenticates that genuine components are being used in automotive electronic systems, including advanced driver assistance systems (ADAS) and electric vehicle (EV) batteries. These systems include cameras, LiDAR, and radar, as a few examples of sensors that collect data for ADAS.
Using genuine components in safety-critical electronics applications ensure the safety and security of automotive systems, particularly as the number of electronic control units (ECUs) in vehicles continues to increase. Endpoints, which can be used to access sensitive information, are vulnerable to security attacks. These breaches can result in vehicles controlled or immobilized by the hackers.
The acceleration of electronic content in automotive, including ADAS, backup cameras, lighting control, steering and braking ECUs, and battery management systems, which expands the attack surfaces for hackers, “shows that there is a pronounced need to provide security solutions for all of these endpoints,” Michael Haight, director, Embedded Security at Maxim Integrated, told Electronic Products, during CES 2021.
“Anytime you have something that’s electronic and it’s interconnected with other parts of the car or any system for that matter, and it’s on a network you’ve got an attack surface,” he added.
Another vulnerability is counterfeit components in the system that could compromise safety and reliability, especially in safety-critical systems, said Haight.
There also can be dire situations that could occur as a result of a “class break” security attack that effects an entire product line in mass production, Haight said, as an example if a fleet of cars are enabled for autonomous driving it could result in whole cities becoming a parking lot of cars or worse, causing accidents.
The AEC-Q100 Grade 1 DS28E40 authenticator IC can authenticate a range of peripherals, or endpoints, from camera modules, LiDAR, and radar to headlights and EV batteries. “By adding authentication to these different sensors, you can trust that the entire ecosystem is genuine and the data coming from it is high quality,” Haight said.
Traditionally, secure microcontrollers have been used for automotive security, and many ECUs still use them to protect the ECU itself. The authenticator chip is used to protect the different sensors and endpoints connected to the ECU
Using secure microcontrollers is a very good solution, but there are challenges with using microcontroller-based solutions, said Haight. Typically, they are not only more complex to implement the code, they also have a bigger footprint, higher power consumption, and require more interface pins (including dedicated power and reset lines) for communicating with other points in the car, he added.
In addition, software development teams need to create, test, and debug their code, and these challenges can result in a higher risk of bugs or malware, higher costs, and more reliability issues, he said.
The DS28E40 DeepCover authenticator is a fixed-function, parasitically-powered 1-Wire solution (so no external power supply is required) that replaces microcontroller-based approaches. The fixed-function device gives OEMs a targeted algorithm and command toolset to meet their specific security needs, while reducing both system design complexity and associated code development efforts.
Block diagram of the DS28E40 authenticator (Image: Maxim Integrated)
Offering security, including key management and bi-directional authentication, in one chip, the device’s public/private key asymmetric ECDSA (ECC-P256 curve) and other key authentication algorithms are built into the IC, eliminating the need to develop proprietary device-level code.
A benefit of the 1-wire interface is that it combines power and communication on a single pin, only requiring two interconnects including the ground pin. This translates into fewer interconnect pins, which means lower cost and higher reliability by enabling smaller cable harnesses to connect an ECU to a remote endpoint.
Haight said this is the first time Maxim has used the 1-wire interface, which the company has used for many decades, in an automotive-grade security device. The benefit is the power and communication are combined on a single pin, and it’s not just one-way communication, it’s also bi-directional, he said.
“We believe the simplification of the connection between the ECU and these endpoints could add security with just this one chip,” he added.
Haight believes the new simplified solution also could extend the reach of security. In addition to providing security for mission-critical use cases like ADAS, the simple interface opens up opportunities to protect other sensors in the car that may not be quite so critical, said Haight.
“If a designer was looking to secure an endpoint with a full-blown microcontroller that is big, consumes a lot power, and is costly, they may just skip security, but now this solution offers fewer pins, a smaller footprint, and is easier to implement,” he added.
Here’s a fun demo (with a plastic replica of the DeLorean used in the movie Back to the Future) that shows how the authenticator works.
The DS28E40, in a 4 x 3 mm TDFN package, operates over the -40°C to 125°C temperature range. Available at Maxim Integrated’s website, the DS28E40 is priced at $1.15 (1000-up, FOB USA). The DS28E40 also is available from authorized distributors. The DS28E40EVKIT# evaluation kit, with a full set of code examples, is priced at $97.57.
Advertisement
Learn more about Maxim Integrated
