PUF � based � Security � Enhancement � for � Automotive � Software � Update Hiroyuki � Tomiyama Ritsumeikan University http://hiroyuki.tomiyama � lab.org/ MPSoC 2015 Our � Team Advisors � from � WITZ � Co. � Ltd. Industry � and � Academia Atelier � Inc. Nagoya � University Local � Government Research Financial Electronics OEM and Support Development Automotive Tier � 1 Semiconductor Ritsumeikan University AIST Telecommunication (c) � Ritsumeikan � University � / � WITZ � Co. � Ltd. � / � Atelier � Inc. � / � AIST 2
Background � Recent � trends � in � automotive � electronics � More � and � more � functionalities � are � implemented � in � software � Connected � to � the � Internet � and � other � networks � Automotive � software � needs � to � be � updated � after � sales � Higher � security � and � safety, � lower � CO 2 emission, � better � mileage, � better � driving � comfort, � and � so � on � At � present, � automotive � software � update � (a.k.a. � reprogramming) � is � only � possible � at � OEM � authorized � garages � At � the � time � of � recall, � repair � or � periodic � inspection � Reprogramming � takes � hours � Not � as � easy � as � Microsoft � Windows � Update (c) � Ritsumeikan � University � / � WITZ � Co. � Ltd. � / � Atelier � Inc. � / � AIST 3 Remote � Update � of � Automotive � Software � Future � automotive � software � needs � to � be � updated � more � often. � Remote � software � update � will � be � necessary � Software � is � updated � at � home � garage Reprogram � Update ECU � software ECU � software Reprogramming � Data 01100101 ECU ECU 11000111 On � Board Security � 3G/LTE CAN Ethernet Gateway OEM Server ECU Infortainment (e.g., � Navigation) CAN ECU ECU ECU OBD2 Port (c) � Ritsumeikan � University � / � WITZ � Co. � Ltd. � / � Atelier � Inc. � / � AIST 4
Problems � Software � update � process � must � be � Secure � If � the � update � process � is � not � secure, � the � car � gets � more � dangerous � Secure � update � needs � authentication and � encryption � Fast � User � cannot � drive � the � car � during � the � update � process � Inexpensive � Automotive � manufacturers � always � worry � about � production � costs � But, � there � is � a � tradeoff (c) � Ritsumeikan � University � / � WITZ � Co. � Ltd. � / � Atelier � Inc. � / � AIST 5 Our � Approach � We � employ � AES � to � encrypt � reprogramming � data � between � OEM � server � and � vehicles � Faster � and � less � expensive � than � public � key � cryptosystems � (e.g., � RSA) � But, � we � need � to � protect � secret � keys � In � many � systems, � secret � keys � are � stored � in � secure � non � volatile � memory � Secure � NVM � is � expensive � We � encrypt � secret � keys � and � use � PUF as � an � AES � key � The � encrypted � keys � can � be � stored � in � normal � NVM � Other � secure � data � can � be � stored � in � NVM � or � RAM � with � PUF � based � encryption � PUF � is � implemented � in � Security � Gateway � ECU PUF (c) � Ritsumeikan � University � / � WITZ � Co. � Ltd. � / � Atelier � Inc. � / � AIST 6
PUF: � Physical(ly) � Unclonable Functions � PUF � exploits � physical � variation � of � individual � devices � Unclonable � Similar � to � fingerprint, � but � functions � with � inputs � and � outputs � PUF � generates � unique � ID � numbers � Various � PUF � implementations � Optical � PUF � Magnetic � PUF � SRAM � PUF � Arbiter � PUF � Ring � Oscillator � PUF � and � more (c) � Ritsumeikan � University � / � WITZ � Co. � Ltd. � / � Atelier � Inc. � / � AIST 7 PUF: � Physical(ly) � Unclonable Functions � PUF � needs � to � be � unique � and � robust � Uniqueness � PUF � individuals � should � produce � different � responses � (outputs) � from � the � same � challenges � (inputs) � Professor � Fujino, � a � member � of � our � team, � proposed � DPM � based � arbiter � PUF � for � better � uniqueness � Robustness � A � PUF � should � produce � same � responses � from � same � challenges � in � any � condition � over � years � Robustness � against � aging, � temperature, � voltage � variation, � and � so � on � Error � correction � is � necessary (c) � Ritsumeikan � University � / � WITZ � Co. � Ltd. � / � Atelier � Inc. � / � AIST 8
DPM � based � Arbiter � PUF � Developed � by � Professor � Takeshi � Fujino (our � team � member) � [ISCAS � 2011] � Based � on � arbiter � PUF � multiplexer � chain � Finer � granularity � delay � time � measurement � Higher � uniqueness N Challenges � t 1 1 1 1 1 1 1 1 1 … 0 0 0 0 0 0 0 0 0 Response 0 0 0 … 1 1 1 Arbiter � PUF 0 1 1 0 1 0 1 0 1 0 � dt � t 0 � t 0 Conventional � Arbiter � PUF DTM � based � Arbiter � PUF (c) � Ritsumeikan University � / � WITZ � Co. � Ltd. � / � Atelier � Inc. � / � AIST 9 Secure � Key � Storage � with � PUF � Traditional � Method � Key � (K) � has � to � be � stored � in � secure � non � volatile � memory � Our � Method � Manufacturing � time � Encrypt � the � key � (K) � with � PUF � ID � and � store � the � PUF � encrypted � key � in � non � secure � NVM � Reprogramming � time � Decrypt � the � key � with � PUF � ID Non � Secure Non � Volatile Memory Secure PUF Non � Volatile PUF � ID Challenge Memory K K AES AES Encrypt (c) � Ritsumeikan � University � / � WITZ � Co. � Ltd. � / � Atelier � Inc. � / � AIST 10
Secure � Key � Storage � with � PUF � Traditional � Method � Key � (K) � has � to � be � stored � in � secure � non � volatile � memory � Our � Method � Manufacturing � time � Encrypt � the � key � (K) � with � PUF � ID � and � store � the � PUF � encrypted � key � in � non � secure � NVM � Reprogramming � time � Decrypt � the � key � with � PUF � ID Non � Secure Non � Volatile Memory Secure PUF Non � Volatile PUF � ID Challenge Memory K K AES AES Decrypt (c) � Ritsumeikan � University � / � WITZ � Co. � Ltd. � / � Atelier � Inc. � / � AIST 11 Product � Key � and � Session � Key PUF AES Product � Key Car � ID Product � key Decrypt PUF � encrypted AAAA XXXX Car � ID Product � Key BBBB YYYY Product � key ZZZZ CCCC + BBBB … … Nonce � S + + Nonce � S Generate Nonce � C with � hash Generate + Session � key with � hash Nonce � C Session � key Car � ID Nonce � S Nonce � C OEM Server Encrypted � Reprogramming � Data � with � MAC 01011101 � 10100011 � 00001100 (c) � Ritsumeikan � University � / � WITZ � Co. � Ltd. � / � Atelier � Inc. � / � AIST 12
Security � Gateway � EUC � Architecure Security � Gateway ECU Application Service � Application Reprogramming � Application Other � Applications Security Basic � Software Module Ethernet OS Com � stack � Diagnostic Module Untrusted � Application Security � Audit � Log Trusted � Library Manager Application Partition � OS Key � CAN Non � volatile Manager Com � stack � Memory Manager HW Cryptograph Non � Random Hash MCU Infotain Ethernet � Circuit volatile � Number circuit MPU Timer ment module Memory generator Clock PUF CPU INT � C Reset Generates Encrypted � Product � Key, � Power ROM WDT Session � Key CAN Car � ID, � challenge � data AES (c) � Ritsumeikan � University � / � WITZ � Co. � Ltd. � / � Atelier � Inc. � / � AIST RAM etc... 13 Controller FPGA � Prototype � of � Security � Gateway � ECU Altera � Cyclone � V � SoC (dual � core � Cortex � A9 � and � FPGA � fabric) USB � connection to � host � PC Ethernet CAN (c) � Ritsumeikan � University � / � WITZ � Co. � Ltd. � / � Atelier � Inc. � / � AIST 14
Concluding � Remarks � Our � on � going � project � on � remote � update � of � automotive � software � The � key � idea � is � to � encrypt � secret � keys � using � PUF � ID � as � a � key � Secure � NVM � is � not � necessary � FPGA � prototyping � of � security � gateway � ECU � Future � work � Prototyping � a � server � system � Special � Thanks � Takeshi � Fujino (Ritsumeikan University) � Hideyuki � Takeda � (WITZ � Co. � Ltd.) � Ayumu Sugiyama � (WITZ � Co. � Ltd.) � Hiroaki � Hara � (WITZ � Co. � Ltd.) (c) � Ritsumeikan � University � / � WITZ � Co. � Ltd. � / � Atelier � Inc. � / � AIST 15
Recommend
More recommend
