草榴社区

No Safety Without Security

The automotive industry is undergoing a rapid transformation, with connectivity and automation becoming integral components of modern vehicles. However, this increased connectivity also brings heightened risks. The automotive industry takes many measures to ensure safety for vehicles, but it is crucial to understand that these safety measures are ineffective if the vehicle's security is compromised. A hacked car can render virtually any safety mechanism useless, posing significant risks to passengers and other road users. Therefore, ensuring both safety and security is paramount in modern automotive design.

As vehicles become more automated with many features and applications delivered through powerful compute platforms, there is need for more security and higher data bandwidth with low latency, requirements that exceed by far the capability of legacy in-vehicle communication protocols. This has opened the door for Peripheral Component Interconnect Express (PCIe) type technology. Some specific applications driving this are: 

  • High-resolution sensing that drives the needs for supporting higher data rates between sensors and the centralized processor.
  • Heterogenous computing / AI that needs to allocate different computing tasks to associated compute cores.
  • 360-degree perceptions that needs more automation in order to leverage sensors covering the entire environment in the car.

These are among the requirements fueling the rapidly growing adoption of PCIe as an interface for the automotive industry, based on its ability to meet the high-performance, scalability, and interoperability needs of modern vehicles.

High-Level Features of PCIe Controller with IDE Security

The 草榴社区 PCIe solutions consist of controllers, IDE Security Modules, PHYs and verification IP, enabling real-time secure data connectivity with low-latency and high performance, and a quick integration into SoCs. The PCIe controller supports all required features by the standard and can be configured for Endpoint, Root Port, Dual Mode or Switch Port use cases. The Integrity and Data Encryption (IDE) Security Module provides confidentiality, integrity and replay protection for Transaction Layer Packets (TLP) as defined in the PCIe-SIG IDE specification, ensuring that data on the wire is secure from observation, tampering or replay of packets. It is seamlessly integrated and pre-validated with the controller to provide high bandwidth and low latency solutions, crucial for performance-intensive applications. The IDE Security Module supports maximum throughput in full-duplex and leverages optimized AES-GCM cryptographic cores with 256-bit keys for highly efficient encryption, decryption and authentication of TLP packets, ensuring that data remains secure and unaltered during transit.

Subscribe to the 草榴社区 IP Technical Bulletin

Includes in-depth technical articles, white papers, videos, upcoming webinars, product announcements and more.

草榴社区' PCIe 5.0 IP 草榴社区 with IDE Security: A Game Changer for Automotive Applications

草榴社区 solutions continue to push the boundaries of PCIe technology with standards compliant and feature rich solutions, including integrated IDE security to provide data confidentiality, integrity, and replay protection. Besides the company’s existing IP offerings for leading-edge standards like PCIe 5.0PCIe 6.0 and even PCIe 7.0, 草榴社区 is now also introducing the world’s first automotive-grade PCIe 5.0 IP solutions with IDE security. PCIe 5.0, which was already available as a robust offering for high-performance computing and data centers, has now been tailored to meet the stringent requirements of the automotive market, focusing on functional safety and cybersecurity in compliance with ISO 26262 and ISO/SAE 21434 standards. 

Figure 1: Overview of 草榴社区 PCIe 5.0 IP 草榴社区

 

The international ISO 26262 standard focuses on the functional safety of electrical and electronic systems in production automobiles. This standard is critical for addressing potential hazards that could arise from the malfunctioning of these systems, thereby ensuring the safety of both drivers and passengers. ISO/SAE 21434 is dedicated to the cybersecurity process of road vehicles. This standard offers a comprehensive framework for managing cybersecurity risks throughout a vehicle's lifecycle, from design and development to production, operation, and decommissioning.

ASIL B Compliant PCIe 5.0 Controller with IDE Security: Safety Mechanisms

草榴社区' PCIe IP solutions for automotive applications incorporate a range of safety mechanisms to align with the ISO 26262 standard, ASIL B level, to protect against permanent and transient faults that can occur unpredictably during the lifetime of an automotive system. The ISO 26262 safety mechanisms incorporated in 草榴社区' PCIe IP solutions include:

  • Safety AUX - Dual Rail Architecture: Two separate power rails are used to ensure redundancy. The Safety Monitor checks these rails for parity to detect any inconsistencies.
  • Comparators - Self-Checking: Comparators used in the system are designed to perform self-checks to ensure they are functioning correctly, enhancing fault detection capabilities.
  • Safety Monitor Registers - Parity Protected: Registers used by the Safety Monitor are protected with parity bits, allowing for the detection of single-bit errors.
  • Safety State Machines – One-Hot-State Machines: One-hot-state machines are used to ensure that only one state is active at a time, simplifying error detection and improving reliability.
  • Advanced Peripheral Bus (APB) - Parity Protected: The APB is protected with parity bits to detect single-bit errors during data transfers.
  • Diagnostic Error Injection - Supported via Software: The system supports diagnostic error injection through software, allowing for the testing and validation of safety mechanisms by simulating faults.
  • Error Correction Code (ECC) Error Injection - Supported via Software: Error injection for ECC is supported via software, enabling the simulation of errors to test the system's error correction capabilities.
  • Processing Monitor - for timing events: The Processing Monitor detects additional processing lock-up errors, enhancing the safety fault detectability for any PCIe transfer type.
  • Logic Built-In Self-Test (LBIST) - External, Mandatory at Boot: External LBIST is mandatory to run at boot time to verify the integrity of the logic circuits, ensuring that they are free from faults.

Comprehensive Safety Documentation

草榴社区 provides extensive safety documentation for its PCIe 5.0 controller with IDE security, which is indispensable for achieving ISO 26262 compliance, ASIL D level, to protect against systematic faults that can occur during the development process. The documentation ensures regulatory adherence, enhances traceability, aids in risk management, supports continuous improvement, and facilitates stakeholder communication. 草榴社区 provides amongst others:

  • Quality Manual
  • Design Failure Mode and Effects Analysis (DFMEA)
  • Failure Modes, Effects, and Diagnostic Analysis (FMEDA)
  • Safety Manual
  • Dependent Fault Analysis (DFA)
  • Safety Case Report
  • ISO 26262 Assessment Report

Deliverables Related to the ISO/SAE 21434 Standard

Similar to ISO26262, in order to comply with the ISO/SAE 21434 standard, which focuses on cybersecurity for road vehicles, 草榴社区 has implemented a rigorous and certified cybersecurity process. 草榴社区 also provides an additional set of comprehensive deliverables designed to ensure robust security throughout the lifecycle of its PCIe IP solutions. Here are the key deliverables related to ISO/SAE 21434:

  • Cybersecurity Interface Report
  • Security Risk Analysis Report, Including Threat Model
  • Cybersecurity Case Report
  • Cybersecurity Assessment Report
  • IP-SIRT (IP Security Incident Response Team) Services

These deliverables ensure that 草榴社区' PCIe IP solutions not only meet the functional safety requirements of ISO 26262 but also adhere to the stringent cybersecurity standards of ISO/SAE 21434. By providing comprehensive documentation and ongoing support, 草榴社区 helps its customers integrate secure and reliable PCIe IP solutions into their automotive applications.

Conclusion

With more than two decades of experience in PCIe designs, and dozens of customers using 草榴社区 automotive grade controllers, 草榴社区 provides designers with the industry’s most robust IP solutions for the world’s most advanced vehicles. The comprehensive solution, including PHY, Controller with IDE, and verification IP, offers ADAS and IVI SoC designers the seamless integration they need to speed their time to market. Now, the 草榴社区 PCIe 5.0 IDE automotive solution sets a new benchmark in the automotive industry by integrating functional safety and cybersecurity measures that comply with ISO 26262 and ISO/SAE 21434 standards. As the world’s first company to introduce such a solution for the automotive market, 草榴社区 demonstrates its commitment to innovation and leadership in PCIe technology. This advanced solution not only meets the growing demands for safety and security in automotive applications but also aligns with global legislative trends, ensuring that modern vehicles are both safe and secure.

For more information about the PCIe 5.0 IDE solution, please visit its webpage

草榴社区 IP Technical Bulletin

In-depth technical articles, white papers, videos, webinars, product announcements and more.

Continue Reading