Regardless of your industry, threats to data corruption and the possibility of unauthorized access are pervasive and real. While there are different levels of sensitivity, or criticality, depending on the information, the truth is that all electronic systems are vulnerable to attack.
Here are some examples of industries helping drive the Ethernet security landscape forward:
- Automotive industry's key challenge—security measues must also encompass safety compliance.
Autonomous driving, over-the-air software updates, shared connectivity, and mobility have been some of the latest innovations in the automotive industry, helping motivate the need for greater data security and defense in depth.
For automotive, the integrity of the network is not only about data security, but also about safety on the road. Because of this, the industry has been a driver (no pun intended) for all types of interface security. Today, MACsec is being adopted in electronic control units (ECUs) and is well suited for almost all onboard use cases for automotive network security.
In automotive designs, you cannot have safety without security and vice versa. This means you need to add safety mechanisms, have safety compliance, and have all the safety documentation along with your security implementations. For example, it’s a common requirement to mitigate the highest levels of risk or injury defined in the automotive safety integrity level D (ASIL-D) risk classification within ISO 26262. These safety requirements must be implemented efficiently, together with security.
- 5G/Mobile industry's key challenge—support for aggregation with scalable performance and area-efficient solutions for a wide variety of use cases.
MACsec has already been used over the years in mobile computing to secure the Ethernet, but there is a disruption in the traditional solutions for MACsec because of the need for greater optimization in a universe of diverse 5G applications.
5G involves a great deal of communication with enhanced mobile broadband, delivering multi-network slicing, multi-connectivity network capabilities, and more. Because of this, you need to consider multi port in addition to single port solutions, requiring more efficient configurability with aggregation support and scalable performance – more so than required in the past.
- HPC industry's key challenge—scaling for high data rates and diverse bandwidths with optimal latency and are.
High-Performance Computing (HPC) has rapidly adopted interface security for PCIe and CXL, and because of this, high-performance Ethernet MACsec adoption is likely to follow a similar trajectory. In the past, we dreamed of 800G and then 1.6T Ethernet speeds, and these rates are now becoming a reality. The demand for accelerated performance and increased bandwidth makes HPC a driver for MACsec solutions.
While the MACsec protocol allows you to scale to high speeds through pipelining of the AES-GCM crypto, this can be tricky for the cloud because the scaling needs to support various high-performance interface bandwidths. The challenge for Ethernet interface security in HPC is to do all this with the lowest latency while keeping the area in check.
The complexity of advanced systems means that there is no one-size-fits-all answer to data security. Adding to these complexities, the sheer volume of interfaces is growing, and new laws and regulations are coming on board all the time to address data privacy and systems security. Not only should SoC security address the unique needs of your industry and use cases, but it should also work holistically within your overall system design providing protection while offline, during power up and at runtime.
But how do you ensure that you meet all these requirements and keep your Ethernet network secure?