SPRY345B february   2022  – april 2023 DP83TG720R-Q1 , DP83TG720S-Q1 , TCAN1043A-Q1

 

  1.   At a glance
  2.   Authors
  3.   Introduction
  4.   Overcoming E/E architecture challenges
  5.   Power distribution challenges and solutions
  6.   Decentralization of power distribution
  7.   Replacing melting fuses with semiconductor fuses
  8.   Smart sensor and actuator challenges and solutions
  9.   Zonal modules –new microcontroller requirements
  10.   Smart sensors and actuators
  11.   Data challenges and solutions
  12.   Types of data
  13.   Time sensitivity of data
  14.   Communication security
  15.   Conclusion

Communication security

Besides physical network properties like latency and jitter, the zone architecture requires a secure communication path. Ethernet-based attack methods and tools common on the internet will be largely applicable to road vehicles. When security is compromised in a car network, no trustful communication is feasible, and the whole concept of separating I/Os from computing collapses.

For these reasons, it is important to approach the cyber security topic holistically. Beyond the core functionality of data integrity, authenticity and confidentiality, a security mindset and culture accompanies the whole product development and life cycle. Similar to the International Organization for Standardization (ISO) 26262 functional safety standard, ISO/Society of Automotive Engineers ISO/SAE 21434 is a new standard for automotive cybersecurity engineering. In addition, the United Nations Economic Commission for Europe has released two new regulations that specify how to manage vehicle cybersecurity risks, and how to detect and respond to security incidents across a fleet of cars.

It is not possible to simply add security for such a diversity of data types; communication efficiency is also paramount. The classic approach of securing internet protocol packets with IPsec is suited for control and sensor data consuming low network bandwidth. To stream audio data or vision or radar sensor data requires a continuous stream of Internet Protocol packets, secured at least through authentication. Doing so in software, however, would result in large overhead, consuming vital processor resources.

Overcoming the bottleneck demands new lower-level encryption and authentication. An example is MACsec, which can be applied to Level 1 or 2 of an Ethernet protocol and integrated either into the ethernet media access control IP or into the Ethernet PHY for line-rate authentication, payload encryption, or both.