Can’t Touch This: Inertial HSMs Thwart Advanced Physical Attacks

In this paper, we introduce a novel countermeasure against physical attacks: Inertial Hardware Security Modules (IHSMs). Conventional systems have in common that their security requires the crafting of fine sensor structures that respond to minute manipulations of the monitored security boundary or volume. Our approach is novel in that we reduce the sensitivity requirement of security meshes and other sensors and increase the complexity of any manipulations by rotating the security mesh or sensor at high speed—thereby presenting a moving target to an attacker. Attempts to stop the rotation are easily monitored with commercial MEMS accelerometers and gyroscopes. Our approach leads to an HSM that can easily be built from off-the-shelf parts by any university electronics lab, yet offers a level of security that is comparable to commercial HSMs. We have built a proof-of-concept hardware prototype that demonstrates solutions to the concept’s main engineering challenges. As part of this proof-of-concept, we have found that a system using a coarse security mesh made from commercial printed circuit boards and an automotive high-g-force accelerometer already provides a useful level of security.

Firmware Security Module

New services such as autonomous driving, the connectivity of the traffic infrastructure and the tight coupling of user operated smart devices with the vehicle have significantly increased the demand for cryptographic protection in the automobile. To provide a secure environment for the calculation and verification of cryptographic material, automotive microcontrollers now frequently integrate Hardware Security Modules (HSM), special well-protected co-processors, which are protected against manipulation and external access. HSMs use special hardware accelerators to provide the required cryptographic services. While these accelerators provide good performance, they limit flexibility and updatability. In addition, as more services require cryptographic protection, the amount of key material that needs to be managed by the HSM also increases, turning the limited protected memory of the HSM into a bottleneck. This paper presents a framework that uses the safety mechanisms of a microcontroller to achieve both HSM-equivalent security through software solutions, while providing an equivalent level of functionality. Furthermore, the proposed framework provides crypto-agility, as the security stack can be updated if desired. In order to verify the functionality, the presented framework is implemented and evaluated on an Infineon AURIX TC399 and compared with the integrated HSM.

A Sensing Device with the Optical Temperature Sensors-Based Quad-RX Module and a Security Module

In this paper, we present a sensing device with the optical temperature sensors-based quad receiver (Quad-RX) module and a security module. In addition, in order to prevent cyberattacks on critical national infrastructures and key facilities, we implemented symmetric-key and secure hash algorithm-based hardware security modules in the key elements of the sensing device. A preliminary test was conducted prior to a field trial to verify the performance of the developed sensing device. The accuracy and stability of the sensing device were then verified for 1 month in a field test at facilities for energy storage systems and photovoltaic converters in sewage treatment plants.

The Security Aspects of Automotive Over-the-Air Updates

Over-the-air (OTA) update is a method for vehicle manufacturers to remotely distribute maintenance updates, performance, and feature enhancements through the vehicle's lifespan. Recalls of vehicles cost the manufactures a lot of money. OTA solves the recall issue, while allowing consumers to pay for services and features via an update. The OTA ecosystem includes the coders who first developed the firmware, the 1st Tier suppliers, the vehicle manufacturers, and the vehicle itself. Currently, manufacturers designed the networks for speed and responsiveness, and not security. This article examines these elements and drills into the security available for each. The slowest and one of the most vulnerable parts of the system is the communications within the vehicle. The vehicle networks must ensure the integrity and authenticity of messages transmitted to guarantee software programmed onto ECUs are authorized and tamper-free. Specialist hardware within the vehicle makes this possible in an operation environment, such as hardware security modules.