Features of the DesignWare tRoot HSMs include a small CPU with a tight code base, a limited amount of internal RAM that is secure and isolated for this processor, and a secure instruction controller and secure data controller for external memory in the ECU to be used as trusted memory within tRoot. These provide cryptographic confidentiality and authentication of the contents of the memory. They allow tRoot to detect when an external entity, like a rogue program, has tried to manipulate the memory, replace it, or cause it to misexecute or execute the incorrect instructions. If tRoot detects unexpected activity, it transitions to a safe state.
tRoot HSMs include entropy inputs for random number generators built inside the module so that the random number generators are completely isolated from the system and can't be manipulated by outside programs.
The tRoot HSMs also include communication interfaces via UARTs that are used to detect and respond to system-level upsets, including over and under voltage and over and under frequency operation of a chip. Device identity input brings in the keys that are stored in one-time programmable memory at the SoC level, and a host port interface is used to communicate with the host processor.
Security is Key to Ensuring Quality and Safety Automotive systems must meet functional safety standards, which means implementing security functions to ensure that functional safety cannot be tampered with. Without security, there is no safety or reliability, so automakers are approaching functional safety and security with a more holistic approach. Secure systems must be able to handle unpredictable inputs that would create unacceptable behaviors. Designing the security into automotive SoCs from the hardware level will help ensure that connected cars behave as expected and are able to fend off attacks.
For more information: