Modern vehicles are increasingly equipped with internet connectivity, which in turn is making vehicle IT systems more vulnerable to attacks. These systems must be protected against unauthorized access by intruders who may attempt to manipulate the ECU software (e.g. tuning) or manipulate the vehicle’s anti-theft mechanism (immobilizer). There is also a risk that criminals could misuse the internet connection of the vehicle to access the in-vehicle communication system and carry out targeted manipulation of the vehicle’s behavior.
ESCRYPT CycurHSM is an innovative and flexible HSM security firmware that ensures secure boot of the ECU, secure in-vehicle communication, ECU component protection and secure flashing.
Watch now the webinar recordings "Future trends in HSM driven automotive cybersecurity" and "Protecting your firmware authenticity with ESCRYPT CycurHSM"!
Maximum security for your ECUs
ESCRYPT CycurHSM is a modular solution designed for security that provides extensive and customizable security mechanisms for a multitude of security applications via a large number of open, standardized interfaces. That makes ESCRYPT CycurHSM a great choice for seamless integration in automotive ECUs and for OEM specific security cases. ETAS' highly optimized HSM firmware implementation also supports ASIL-D for different safety use-cases.
- Basic cryptographic services (AES, CMAC, Hashing, Key Derivation, TRNG, PRNG)
- Chinese algorithms
- RSA (Digital Signature Algorithm)
- ECDSA, ECBD, ECDH, ECDHE, EdDSA
- Key exchange protocols (Diffie-Hellmann)
- Certificate support (authenticity, parsing)
- Fail-Safe HSM Update
- Secure Host Flashing
- Fail-Safe HSM Update
- HSM Debug
- HSM Dump
- Secure Logging
- HSM-controlled Secure Access (Challenge Response Protocol)
- Secure storage of data and keys
- Support for systems with large number of keys (> 100)
- Component protection (SHE+ support)
- EEPROM emulation to extend flash endurance
- HSM RAM mode
- Multi-core support
- Preemptive, parallel job processing
- HSM Lifecycle Mode
- Secure Boot / Trusted Boot / Authenticated Boot and other boot modes
- Trust Anchor based on signatures
- Bank swap SOTA support
- Memory Unlock (flash password protection)
- Runtime manipulation detection
- Qualified OEM specific configurations including support for OEM specific protocols and functions
Your benefits with ESCRYPT CycurHSM
-
Fast
Is based on a real-time operating system to ensure real-time HSM features -
User friendly
Can be seamlessly integrated in automotive ECUs -
Comprehensive
Encapsulates all required security functions needed to satisfy all OEM automotive security requirements -
Robust
Is most proven in field in millions of cars worldwide -
Top quality
Has been developed to the highest quality standards (ASPICE, ISO 26262, ASIL D, ISO 21434) -
Secure
Offers a powerful hardware/software co-design platform for customer-specific applications with high-performance cryptographic demands -
Flexible
Can be configured to meet your specific needs -
Complete
Offers a complete security solution with continuous innovation and development of the product to offer the best-in-class implementations with no hidden costs
Supported controllers
Infineon
- Aurix TC23XX
- Aurix TC27XX
- Aurix TC29XX
- Aurix TC32XX
- Aurix TC33XX
- Aurix TC35XX
- Aurix TC36XX
- Aurix TC37XX
- Aurix TC38XX
- Aurix TC39XX
- Aurix TC49XX
- Traveo CYT2B7
- Traveo CYT2B9
- Traveo CYT2BL
ST Microelectronics
- SPC58N Bernina
- Chorus 4M
- Chorus 6M
- Chorus 10M
- Stellar SR6X
Renesas
- RH850 P1H-C
- RH850 P1H-CE
- RH850 P1M-C
- RH850 F1KM-S2
- RH850 F1KM-S4
- RH850 U2A
- RH850 E2G
- RH850 E2H
- RH850 E2M
- RH850 U2B
NXP
- NXP MPC5748
ESCRYPT CycurHSM is under active development with several new ports on the roadmap. Please approach your sales contacts for latest information with regards to currently supported and upcoming controllers release information.
Plug-and-play integration of hardware security modules
In addition to the ESCRYPT CycurHSM firmware, ETAS also offers a turnkey solution for plug-and-play integration of hardware security modules. This encompasses advice on which hardware security modules to choose and how to install and activate them securely.
Astemo automotive ECUs: ETAS cybersecurity included
Astemo, one of Japan’s leading automotive suppliers, relies on ESCRYPT CycurLIB crypto library and ESCRYPT CycurHSM security firmware for the security of its products. As part of a comprehensive license agreement, Astemo draws on ETAS embedded security to protect such as battery management, gateway, power and engine control ECUs.