Powerful security software for your ECU


Modern vehicles are increasingly equipped with internet connectivity, which in turn is making vehicle IT systems more vulnerable to attacks. These systems must be protected against unauthorized access by intruders who may attempt to manipulate the ECU software (e.g. tuning) or manipulate the vehicle’s anti-theft mechanism (immobilizer). There is also a risk that criminals could misuse the internet connection of the vehicle to access the in-vehicle communication system and carry out targeted manipulation of the vehicle’s behavior.

ESCRYPT CycurHSM is an innovative and flexible HSM security firmware that ensures secure boot of the ECU, secure in-vehicle communication, ECU component protection and secure flashing.

Watch now the webinar recordings  "Future trends in HSM driven automotive cybersecurity" and "Protecting your firmware authenticity with ESCRYPT CycurHSM"!

Maximum security for your ECUs

ESCRYPT CycurHSM is a modular solution designed for security that provides extensive and customizable security mechanisms for a multitude of security applications via a large number of open, standardized interfaces. That makes ESCRYPT CycurHSM a great choice for seamless integration in automotive ECUs and for OEM specific security cases. ETAS' highly optimized HSM firmware implementation also supports ASIL-D for different safety use-cases.

  • Basic cryptographic services (AES, CMAC, Hashing, Key Derivation, TRNG, PRNG)
  • Chinese algorithms
  • RSA (Digital Signature Algorithm)
  • Key exchange protocols (Diffie-Hellmann)
  • Certificate support (authenticity, parsing)
  • Fail-Safe HSM Update
  • Secure Host Flashing
  • Fail-Safe HSM Update
  • HSM Debug
  • HSM Dump
  • Secure Logging
  • HSM-controlled Secure Access (Challenge Response Protocol)
  • Secure storage of data and keys
  • Support for systems with large number of keys (> 100)
  • Component protection (SHE+ support)
  • EEPROM emulation to extend flash endurance
  • HSM RAM mode
  • Multi-core support
  • Preemptive, parallel job processing
  • HSM Lifecycle Mode
  • Secure Boot / Trusted Boot / Authenticated Boot and other boot modes
  • Trust Anchor based on signatures
  • Bank swap SOTA support
  • Memory Unlock (flash password protection)
  • Runtime manipulation detection
  • Qualified OEM specific configurations including support for OEM specific protocols and functions

Your benefits with ESCRYPT CycurHSM

  • Fast
    Is based on a real-time operating system to ensure real-time HSM features

  • User friendly
    Can be seamlessly integrated in automotive ECUs

  • Comprehensive
    Encapsulates all required security functions needed to satisfy all OEM automotive security requirements

  • Robust
    Is most proven in field in millions of cars worldwide

  • Top quality
    Has been developed to the highest quality standards (ASPICE, ISO 26262, ASIL D, ISO 21434)

  • Secure
    Offers a powerful hardware/software co-design platform for customer-specific applications with high-performance cryptographic demands

  • Flexible
    Can be configured to meet your specific needs

  • Complete
    Offers a complete security solution with continuous innovation and development of the product to offer the best-in-class implementations with no hidden costs

Supported controllers


  • Aurix TC23XX
  • Aurix TC27XX
  • Aurix TC29XX
  • Aurix TC32XX
  • Aurix TC33XX
  • Aurix TC35XX
  • Aurix TC36XX
  • Aurix TC37XX
  • Aurix TC38XX
  • Aurix TC39XX
  • Aurix TC49XX
  • Traveo CYT2B7
  • Traveo CYT2B9
  • Traveo CYT2BL

ST Microelectronics

  • SPC58N Bernina
  • Chorus 4M
  • Chorus 6M
  • Chorus 10M
  • Stellar SR6X


  • RH850 P1H-C
  • RH850 P1H-CE
  • RH850 P1M-C
  • RH850 F1KM-S2
  • RH850 F1KM-S4
  • RH850 U2A
  • RH850 E2G
  • RH850 E2H
  • RH850 E2M
  • RH850 U2B


  • NXP MPC5748

ESCRYPT CycurHSM is under active development with several new ports on the roadmap. Please approach your sales contacts for latest information with regards to currently supported and upcoming controllers release information.