Hardware security module safeguards vehicle to everything communication

Infineon Technologies AG is launching the SLS37 V2X hardware security module (HSM), a plug-and-play security solution for V2X. The SLS37 V2X HSM is based on a highly secured, tamper-resistant microcontroller tailored to the security demands in V2X applications within telematics control units. It protects the integrity and authenticity of messages, as well as the privacy of the sender. The HSM received the Common Criteria EAL4+ certification, which is anticipated to become mandatory in European V2X systems.

In a V2X host environment, the discrete HSM assists system integrators in solving the conflicting demands of high performance and high security. Therefore, the scope of the device is directed on high-security tasks such as key storage and the generation of signatures for outgoing messages. This eliminates the burden of a Security Certification from the host processor, which runs the Linux operating system, from the application software and the less security-relevant but performance-hungry verification of incoming messages.

As well as automotive telematics control units, the target applications of the V2X HSM are roadside units or other infrastructure for V2X communication. The solution supports all major vehicle credential management systems, including SCMS, CCMS and ESPS. It takes a wide supply voltage range from 1.6V to 3.6V, comes with a high-speed SPI interface with up to 10MHz and is qualified for harsh automotive applications according to AEC-Q100.

The company's complementary host software package makes the V2X HSM a plug-and-play solution. Rooted in hardware and embedded in a secured and certified manufacturing environment, the personalisation concept minimises customers efforts for key management while providing a maximum of security throughout the product lifecycle. The sophisticated personalisation concept is leveraging a set of chip-unique and customer-individual certificates and keys for ease of use allowing vendor verification, pairing and transport protection as well as secured-in-field-updates. As a discrete security controller, device also offers scalability for platform development covering different regions with different security-requirements.