Automotive designs cater to wide range of applications like infotainment, engine and braking controls, driver-assistance as well as autonomous driving; containing vendor as well as customer secret keys in the memories. With growing security incidents and attack surfaces within these applications, it’s critical that assets stored within on-chip or off-chip memories are well-protected.
In many scenarios, we come across a situation where the core may need access to certain keys/security assets for various house-keeping activities. However, the core may not be the consumer for the data but only transfer/install it to be used by some security module. Allowing core to assess plaintext data can create vulnerabilities, if the software running on the core gets tampered or compromised.
We recommend that sensitive data should be available to core as ‘black’ data –
- Core can only interpret instructions but not sensitive data/keys, even though accessible to core (for copy etc)
- Removes vulnerabilities introduced due to SW
- Memory will contain encrypted content, to prevent secrets from any attack using debug or test mechanisms, that can enable complete physical reading of RAM
As shown in Fig-1, we assign different functional privileges to different masters, while the content is physically accessible to all masters.