PUF based Security Enhancement for Automotive Software Update - - PDF document

PUFbasedSecurityEnhancementfor AutomotiveSoftwareUpdate

HiroyukiTomiyama

Ritsumeikan University http://hiroyuki.tomiyamalab.org/ MPSoC 2015

OurTeam

(c)RitsumeikanUniversity/WITZCo.Ltd./AtelierInc./AIST

Advisorsfrom Industryand Academia

NagoyaUniversity

WITZCo.Ltd.

Financial Support

LocalGovernment

AIST

Automotive Tier1 Semiconductor Electronics

Research and Development

Ritsumeikan University AtelierInc.

OEM Telecommunication

2

Recenttrendsinautomotiveelectronics

Moreandmorefunctionalitiesareimplementedinsoftware ConnectedtotheInternetandothernetworks

Automotivesoftwareneedstobeupdatedaftersales

Highersecurityandsafety,lowerCO2 emission,bettermileage,

betterdrivingcomfort,andsoon

Atpresent,automotivesoftwareupdate(a.k.a.reprogramming)

isonlypossibleatOEMauthorizedgarages

Atthetimeofrecall,repairorperiodicinspection Reprogrammingtakeshours NotaseasyasMicrosoftWindowsUpdate

Background

(c)RitsumeikanUniversity/WITZCo.Ltd./AtelierInc./AIST 3

Futureautomotivesoftwareneedstobeupdatedmoreoften. Remotesoftwareupdatewillbenecessary

Softwareisupdatedathomegarage

RemoteUpdateofAutomotiveSoftware

(c)RitsumeikanUniversity/WITZCo.Ltd./AtelierInc./AIST

OEM Server ReprogrammingData 01100101 11000111 OBD2 Port CAN CAN

Security Gateway ECU

Infortainment

(e.g.,Navigation)

3G/LTE OnBoard Ethernet ECU ECU ECU ECU ECU

Reprogram ECUsoftware Update ECUsoftware

4

Softwareupdateprocessmustbe

Secure

Iftheupdateprocessisnotsecure,thecargetsmoredangerous Secureupdateneedsauthentication andencryption

Fast

Usercannotdrivethecarduringtheupdateprocess

Inexpensive

Automotivemanufacturersalwaysworryaboutproductioncosts

But,thereisatradeoff

Problems

(c)RitsumeikanUniversity/WITZCo.Ltd./AtelierInc./AIST 5

WeemployAEStoencryptreprogrammingdatabetweenOEMserverand

vehicles

Fasterandlessexpensivethanpublickeycryptosystems(e.g.,RSA) But,weneedtoprotectsecretkeys

Inmanysystems,secretkeysarestoredinsecurenonvolatilememory SecureNVMisexpensive

WeencryptsecretkeysandusePUF asanAESkey

TheencryptedkeyscanbestoredinnormalNVM OthersecuredatacanbestoredinNVMorRAMwithPUFbased

encryption

PUFisimplementedinSecurityGatewayECU

OurApproach

(c)RitsumeikanUniversity/WITZCo.Ltd./AtelierInc./AIST

PUF

6

PUFexploitsphysicalvariationof

individualdevices

Unclonable Similartofingerprint,butfunctions

withinputsandoutputs

PUFgeneratesuniqueIDnumbers VariousPUFimplementations

OpticalPUF MagneticPUF SRAMPUF ArbiterPUF RingOscillatorPUF andmore

PUF:Physical(ly)Unclonable Functions

(c)RitsumeikanUniversity/WITZCo.Ltd./AtelierInc./AIST 7

PUFneedstobeuniqueandrobust Uniqueness

PUFindividualsshouldproducedifferentresponses(outputs)

fromthesamechallenges(inputs)

ProfessorFujino,amemberofourteam,proposedDPM

basedarbiterPUFforbetteruniqueness

Robustness

APUFshouldproducesameresponsesfromsamechallenges

inanyconditionoveryears

Robustnessagainstaging,temperature,voltagevariation,and

soon

Errorcorrectionisnecessary

PUF:Physical(ly)Unclonable Functions

(c)RitsumeikanUniversity/WITZCo.Ltd./AtelierInc./AIST 8

DevelopedbyProfessorTakeshiFujino (ourteammember)[ISCAS2011] BasedonarbiterPUF

multiplexerchain

Finergranularitydelaytimemeasurement

Higheruniqueness

DPMbasedArbiterPUF

Challenges

1 1 1 1 1 1

…

1 1 1 1 1 1

N

t Response ArbiterPUF

1

ConventionalArbiterPUF t

1 1 1 1 dt

DTMbasedArbiterPUF t

(c)Ritsumeikan University/WITZCo.Ltd./AtelierInc./AIST 9

…

AES

TraditionalMethod

Key(K)hastobestoredinsecurenonvolatilememory

OurMethod

Manufacturingtime

Encryptthekey(K)withPUFIDandstorethePUFencryptedkeyinnonsecureNVM

Reprogrammingtime

DecryptthekeywithPUFID

SecureKeyStoragewithPUF

AES

Secure NonVolatile Memory K PUFID

Challenge

NonSecure NonVolatile Memory K Encrypt

(c)RitsumeikanUniversity/WITZCo.Ltd./AtelierInc./AIST 10

PUF

TraditionalMethod

Key(K)hastobestoredinsecurenonvolatilememory

OurMethod

Manufacturingtime

Encryptthekey(K)withPUFIDandstorethePUFencryptedkeyinnonsecureNVM

Reprogrammingtime

DecryptthekeywithPUFID

SecureKeyStoragewithPUF

AES

Secure NonVolatile Memory K

(c)RitsumeikanUniversity/WITZCo.Ltd./AtelierInc./AIST 11

AES

PUFID

Challenge

NonSecure NonVolatile Memory K Decrypt

PUF

ProductKeyandSessionKey

CarID ProductKey AAAA XXXX BBBB YYYY CCCC ZZZZ … … Productkey NonceS NonceC + + Generate withhash CarID PUFencrypted ProductKey BBBB Sessionkey AES PUF Decrypt NonceS NonceC EncryptedReprogrammingDatawithMAC 010111011010001100001100 CarID Productkey NonceS NonceC + + Sessionkey Generate withhash OEM Server

(c)RitsumeikanUniversity/WITZCo.Ltd./AtelierInc./AIST 12

SecurityGatewayEUCArchitecure

HW

Application

MCU

CPU INTC ROM RAM MPU Timer WDT etc... Clock Reset Power Ethernet Comstack Nonvolatile Memory Manager

SecurityGateway ECU Security OS

Diagnostic Module AuditLog Manager Key Manager CAN Controller ReprogrammingApplication OtherApplications Ethernet module Infotain ment

PartitionOS Security Library

ServiceApplication BasicSoftware Module CAN Comstack

Trusted Application Untrusted Application

Non volatile Memory Cryptograph Circuit PUF AES Hash circuit Random Number generator Generates SessionKey EncryptedProductKey, CarID,challengedata

(c)RitsumeikanUniversity/WITZCo.Ltd./AtelierInc./AIST 13

FPGAPrototypeofSecurityGatewayECU

(c)RitsumeikanUniversity/WITZCo.Ltd./AtelierInc./AIST

Ethernet CAN AlteraCycloneVSoC (dualcoreCortexA9andFPGAfabric) USBconnection tohostPC

14

Ourongoingprojectonremoteupdateofautomotivesoftware

ThekeyideaistoencryptsecretkeysusingPUFIDasakey SecureNVMisnotnecessary FPGAprototypingofsecuritygatewayECU

Futurework

Prototypingaserversystem

SpecialThanks

TakeshiFujino (Ritsumeikan University) HideyukiTakeda(WITZCo.Ltd.) Ayumu Sugiyama (WITZCo.Ltd.) HiroakiHara(WITZCo.Ltd.)

ConcludingRemarks

(c)RitsumeikanUniversity/WITZCo.Ltd./AtelierInc./AIST 15