With trends such as electrification, autonomous driving and connected cars, the number of communication interfaces in vehicles is growing and as a result are creating new attack surfaces, increasing the vulnerability of the systems. Comprehensive security concepts are therefore becoming more important to support safety of passengers and the protection of their data.
The SLS37 V2X HSM is based on a highly secured, tamper resistant microcontroller tailored to the security needs in V2X applications within telematics control units. It is intended to protect the integrity and moreover authenticity of messages, as well as the privacy of the sender. The HSM has received the Common Criteria EAL4+ certification, which is expected to become mandatory in European V2X systems.
In a V2X host environment, the discrete HSM helps system integrators to solve the conflicting requirements of high performance and high security. The SLS37 V2X HSM is focused on high security tasks such as key storage and the generation of signatures for outgoing messages. This removes the burden of a Security Certification from the host processor, which runs the Linux operating system, from the application software as well as the less security-relevant but performance-hungry verification of incoming messages.
In addition to automotive telematics control units, the target applications of the SLS37 V2X HSM are road side units or other infrastructure for V2X communication. The solution supports all major vehicle credential management systems including SCMS, CCMS and ESPS.
It also accepts a wide supply voltage range from 1,6 to 3,6 V, comes with a high-speed SPI interface with up to 10 MHz and is qualified for harsh automotive applications according to AEC-Q100.
Infineon’s complementary host software package makes the SLS37 V2X HSM a plug-and-play solution. Rooted in hardware and embedded in a secured and certified manufacturing environment, the personalisation concept ensures that customers do not have to be involved in key management while at the same time offering a maximum security during the product lifecycle.
The sophisticated personalisation concept leverages a set of chip-unique and customer-individual certificates and keys for ease of use enabling vendor verification, pairing and transport protection as well as secured-in-field-updates. As a discrete security controller, SLS37 also provides scalability for platform development covering different regions with different security-requirements.