V2.1 | 2019-01
Fact Sheet Solution for Cybersecurity
www.vector.com/contact
vHSM - Software Stack for Hardware Security Modules
vHSM is a firmware for Hardware Security Modules (HSM)
from various semiconductor manufacturers for the inte-
gration of security services in AUTOSAR ECUs. vHSM offers
the following features and functions:
>
Basic cryptographic functions such as hash, random num-
ber generator, MAC/signature generation and verification
>
Functions for secure key storage, for symmetric and
asymmetric cryptographic algorithms and support of
Secure Boot
>
Modular and configurable software for optimal adapta-
tion to your use case
vHSM is adaptable through various addons and customer-
specific extensions.
Flash Bootloader
The Vector Flash Bootloader (FBL) contains security
modules that can be tailored to meet your specific project
requirements, e.g.:
>
Secure Bootmanager
>
Secure Update Manager
Testing of Security-protected ECUs and Networks
For test and diagnostic purposes, it must be possible for
authorized persons to participate in vehicle communication
during development and subsequent operation. The
Security Manager manages keys and certificates and
permits access to security-protected ECUs and networks.
It supports various OEM-specific security systems. It also
permits the simulation of networks with secure on-board
communication.
The Security Manager is an integral component of many
Vector tools, e.g. CANoe and CANape.
Testing of Security Mechanisms
Despite all the care taken during the analysis, design and
implementation of security mechanisms, it is still necessary
to test these. Fuzz testing is one methodology to test the
robustness of software. With CANoe, Vector has made
efficient, professional fuzz testing possible in the automo-
tive sector. You can generate signal-based fuzz tests auto-
matically from DBC and AUTOSAR files.
Testing of V2X Applications
Communication between vehicles and with the infrastruc-
ture is assured by security mechanisms. For testing V2X
applications, CANoe .Car2x offers all necessary functions
to establish communication with a V2X ECU.
More information: www.vector.com/security
you in both, setting up security processes and securing your
products. Our security experts also provide automotive-
focused coachings and inhouse trainings on the topic of
cybersecurity, defensive coding, etc.
Assessment and Development of Security Concepts
Vector analyzes your security concepts and develops secu-
rity requirements based on threat scenarios (PenTesting)
and automotive international standards. You will receive
methodological guidance, tool support and tailor-made
solutions for the entire life cycle – also in the form of virtual
security support.
Concept Validation for Security Mechanisms
Vector implements your security mechanisms as part of
preliminary projects with automotive technologies. This
helps you secure your concepts and prevent integration
problems.
AUTOSAR Basic Software
Vector supports your ECU development tasks through effi-
cient modules for the implementation of your security
requirements. The MICROSAR basic software includes
security modules that can be specifically tailored to meet
your project requirements:
>
AUTOSAR-compatible cryptographic stack
>
Secure Onboard Communication (SecOC)
>
Transport Layer Security (TLS) client
>
Ethernet firewall
>
Key Manager for the management and distribution of
key material and certificates
>
Security for smart charging
The Security Manager permits access to security-protected
ECUs and networks.
CANoe
Bus System
CANape
Vector Tools
Interface
Crypto Material
Provider
Security Manager
Security Sources
Device
under Test
Default Car2X
OEM Security
Backend Adapter
Cloud
Adapter
. . .