Paris, France – ProvenRun, a global leader in embedded security, demonstrated how a new generation TEE (Trusted Execution Environment) such as ProvenCore could be used to secure Automotive Criticial ECU’s, from its participation as industrial partner to the “Cybersecurity of Intelligent Transportation” (CTI) project.
The goal of the CTI project is to federate a common approach to best practices and innovative IT solutions for cyber security in the automotive, railway and aerospace industries. The project was conducted at the SystemX Institute for Technology, with the participation of key stakeholders in the automotive, railway and aerospace industries as well as the collaboration of the National Agency for the Security of Information Systems (ANSSI). Further details on the CTI project are available at here.
In the context of the CTI project, ProvenCore has been show cased on the ECUs that are critical for the security on a vehicle reference architecture, that includes:
- A Communication Unit and Electric Vehicle Charger Controller (EVCC) as they offer direct communication interfaces accessible from outside the vehicle.
- A central gateway, as it is the hotspot for internal car communications within the vehicle which also acts as a firewall between the subnetwork with external communication interfaces and subnetworks with safety-critical ECUs.
- The Multimedia and Navigation system (infotainment system), as it supports a very large codebase prone to many vulnerabilities.
Leveraging on ProvenCore’s ability to run as an autonomous secure OS, the CTI project was able to demonstrate the potential for security services supported by a new generation TEE, in terms of security, flexibility, portability and compliance to the automotive constraints. The approach is now mature enough to be deployed in modern connected vehicle ECUs as well as satisfying to the security requirements of the automotive industry.
Further details are available by downloading the document Trusted Execution Environment in Automotive Critical ECUs.
ProvenRun’s mission is to provide customers with the Trusted Products and Services that will help them Embed Security within their infrastructure of connected devices wherever this is required, at the chip, device, edge or cloud levels. With our security consulting services and secure-by-design off-the-shelf product solutions, we resolve the security challenges arising from the IoT revolution while dramatically improving the protection against remote cyberattacks.