V2.2 | 2021-10
Fact Sheet Solution for Cybersecurity
www.vector.com/contact
integration of security services in AUTOSAR ECUs. It offers
the following features and functions:
>
Basic cryptographic functions such as hash, random num-
ber generator, MAC/signature generation and verification
>
Functions for secure key storage, for symmetric and
asymmetric cryptographic algorithms and support of
Secure Boot
>
Modular and configurable software for optimal adapta-
tion to your use case
The firmware can be adapted to your requirements by
various add-ons and by customer-specific extensions.
Flash Bootloader
The Vector Flash Bootloader (FBL) contains security
modules that can be tailored to meet your specific project
requirements, e.g.:
>
Secure Bootmanager
>
Secure Update Manager
Testing of Security-protected ECUs and Networks
Security mechanisms prevent unauthorized access to vehi-
cles and ECUs. This means that, at first, vehicle communi-
cation cannot be accessed during development and later
operation. In order to still be able to access ECUs, the Secu-
rity Manager offers valuable services such as SecOC,
secured diagnostics, TLS and IPsec as well as the manage-
ment of keys and certificates. Furthermore, it supports
various OEM-specific security systems through corre-
sponding add-ons.
The Security Manager is an integral component of the
Vector tools CANoe, CANalyzer, CANape, Indigo, vFlash
and CANoe.DiVa.
More Robust Software Through Fuzz Testing
Despite all the care taken in the analysis, design and imple-
mentation of security mechanisms, it is still necessary to
test them. Fuzz testing is one methodology for testing the
robustness of software. With vTESTstudio and CANoe, you
perform fuzz tests in the automotive field professionally
and efficiently. Signal-based fuzz tests are generated
automatically from DBC and AUTOSAR files.
Testing of V2X Applications
Communication between vehicles and with the infrastruc-
ture is assured by security mechanisms. For testing V2X
applications, CANoe.Car2x offers all necessary functions to
establish communication with a V2X ECU.
More information: www.vector.com/security
scenarios and international standards. You will receive
methodological guidance, tool support and tailored solu-
tions for the entire lifecycle – also in the form of virtual
security support.
Security Testing
Vector Consulting provides independent penetration
testing and further operational assurance for OEMs and
Tier-1s – on the ECU and vehicle level. Our systematic
approach is based on a grey-box method. This is also suit-
able for incremental regression tests and is more efficient
than classic pen testing.
UNECE CSMS and SUMS
Vector supports you in the implementation of UNECE stan-
dards regarding cybersecurity and data protection. The
focus is on cybersecurity management systems
CSMS (R155) and software update management systems
SUMS (R156).
AUTOSAR Basic Software
For your ECU development, Vector provides efficient
modules for realizing your security requirements. The
MICROSAR basic software includes security modules that
can be tailored specifically to your project requirements:
>
AUTOSAR-compatible cryptographic stack
>
Secure Onboard Communication (SecOC)
>
Intrusion Detection System
>
Transport Layer Security (TLS) client
>
Ethernet firewall
>
Key Manager for the management and distribution of
key material and certificates
>
Security for smart charging
Software Stack for Hardware Security Modules
Vector offers a firmware for Hardware Security Modules
(HSM) from various semiconductor manufacturers for the
Security testing at Vector: Penetration and fuzz testing
as well as testing despite Security