Security stack for HSM

Modern systems are increasingly equipped with connectivity features that also make them more vulnerable to attacks. Therefore, it is mandatory to protect these systems against unauthorized access by intruders and to prevent any attempt to manipulate the systems software.

For security at systems level, software based security solutions cannot sufficiently protect the integrity of a system. Hardware Security Modules (HSM) provide embedded systems with strong protection against attacks and thus strengthen the integrity of the software. ESCRYPT CycurHSM is a complete software stack adapted to automotive HSM implementations. ESCRYPT CycurHSMis a flexible HSM firmware that provides open and standardized interfaces (e.g. AUTOSAR CSM) to HSM-enhanced security applications.

CycurHSM

Proven millions of times over, not just for automotive

ESCRYPT CycurHSM is a product of ETAS with more than 100 successful projects in the TIER1 environment. Hitex is your partner to source the software and for the efficient integration of ESCRYPT CycurHSM into your application.

Special features of the ESCRYPT CycurHSM

  • user-friendly and seamless integration into automotive ECUs
  • based on a real-time operating system to ensure real-time HSM features
  • encapsulates all required security functions needed to satisfy all OEM automotive security requirements.
  • developed to the highest quality standards (ASPICE, ISO 26262, ASIL D)
  • offers a powerful hardware/software co-design platform for customer- specific applications with high-performance cryptographic demands
  • HSM can be configured to meet your specific needs

ESCRYPT CycurHSM is a modular system and provides security mechanisms for a variety of security applications via a high number of open, standardized interfaces. This allows ESCRYPT CycurHSM to be seamlessly integrated into an automotive control unit. ESCRYPT CycurHSM also supports various safety use cases in ASIL-D.

    Features in Detail

    Field return analysis and HSM debugging

    • HSM Update
    • HSM-secured host flashing
    • HSM Debug
    • HSM-controlled Secure Access (Challenge Response protocols)

    HSM Core Functionality and Generic Features

    • Preemptive, parallel job processing
    • HSM Lifecycle Mode
    • Secure Storage of data and keys
    • Support for systems with high number of keys (> 100)
    • Component Protection (SHE+ Support)
    • EEPROM emulation to extend flash endurance
    • HSM RAM mode
    • Multi-Core Support
    • Secure Boot
    • Trusted Boot
    • Runtime manipulation detection

    Cryptographic and certificate features

    • Basic cryptographic services (AES, CMAC, Hashing, key derivation, TRNG)
    • RSA (Digital Signature Algorithm)
    • ECDSA
    • Key exchange protocols (Diffie-Hellman)
    • Certificate support (Authenticity, Basic Parsing)