日本汽车安全元件：现状展望.pdf

《日本汽车安全元件：现状展望.pdf》由会员分享，可在线阅读，更多相关《日本汽车安全元件：现状展望.pdf（12页珍藏版）》请在三个皮匠报告上搜索。

1、ST RestrictedGlobal Platform ATF GP JVC Applet for AutomotiveSTMicroelectronics3rd of April 2025ST RestrictedHow to classify security robustness?2Ex:Side channel 60 to 5k curves robustness=hacker in a garageMajor attacksCountermeasuresHardware&Software Physical Shield Lock-step EDC Glue Logic Layout

2、 Bus&Memory Scrambling Bus&Memory Encryption Anti-reverse Advanced Lithography No external debug interface Hardware secure crypto fast computing Enhanced security of MCU with physical isolation of security toolbox(secure key storage,secure&trusted execution in secure element)Network protocols weakne

3、ss(weak ciphers,short keys,)Flaws in software design/implementation,buffer overflows Debug interfaces,gaining admin rightsSoftware attack SPA/DPA Power analysis,emission analysis,timing analysis Fault injection:glitches,laser,light,UV,X-rays,Electro-Magnetic Memory probingBoard-levelattack Device de

4、layering,circuit reverse engineering,micro-probing Fault injection:Focused Ion Beam Advanced microscopySilicon-level attack OS features(MPU)Jittered Clocks Data whitening Randomization Secured crypto-engines Design Flow Power regulation Environment Sensors Integrity checkers Code Signature Internal

5、Clock IntegrityA complete set of Hardware&Software countermeasures+certificationeSE EAL6+AVA VAN 5HSM EAL up to 3Security levelSESIP 2 or 3SESIP 4 or 5Ex:Side channel 1M curves robustness=BSI or expert labST RestrictedISO21434 and TARA analysis:where is executed my function?3How is it possible to co

6、pe withsecurity functions execution place uncertainty:HSM HW or CPU?There is a fundamental need to identifythe real level of security robustness needed to be reachWhich functions have to be bake or harden fromsecurity point of view?For exemple,could you accept an ECDSA-256 signature generation perfo