drivesec offers software solutions to be implemented in the Customer processes.
Flexible and adaptable to the Customer need, all solutions provided follow the best practices of secure coding.
DriV-SHEC
Virtual Secure HW Encrypt Component
The rapidly growing connectivity of vehicles is opening up numerous opportunities for new functions and attractive business models. At the same time, it represents a challenge for cyber-attacker due to the increase of the attack surface of modern vehicle. Cyber-attacks can have a huge impact on the safety of the vehicle and could cause financial damage.
Unauthorized access and data manipulation represents only the main threats that can affect the ECUs, for these reasons countermeasures become a must.
drivesec has developed a software module that acts like a Hardware Security Module (HSM).
The main feature of DriV-SHEC are:
A software secure element fully customizable and compatible with openssl
Support for cryptographic algorithm (AES, CMAC, SHA, Key Derivation Function)
Support for random generator (TRNG, PRNG)
Support for RSA key generation
Key exchange protocols (Diffie-Hellman)
In addition this component is secure itself by means:
Use of more that 20 software obfuscation techniques
Anti-debug protection
Data anti-tampering
Self tampering protection
Secure storage of data and keys with AEAD algorithms
IoT SW secure baseline
drivesec know-how is useful to the development of new IoT system. The proposal is a firmware baseline tailored on customer needs.
It is fully configurable firmware baseline based on RTOS, crypto and key management basic package, with customizable secure communication and security applicative functions. The low footprint assures an easy integration on different ARM Cortex Family(ies) microprocessors.
SECURE STORAGE / SECURE FILE SYSTEM
SECURE COMM
(TLS 1.3)
AUTHENTICATED FIRMWARE UPDATE
Secure
Boot
CRYPTO LIBRARY
CERTIFICATE MANAGEMENT
SECURE CODE EXEC
REAL TIME OS (Free RTOS)
uVISOR
BSP (+drivers)
HARDWARE (reference ARM CORTEX M4)
The main benefits of this approach are:
- Portable API, the same function can be exported on different microcontrollers
- Increased performances, using highly configurable ROM footprint, high efficiency kernel, stack sharing to limit RAM consumption.
This represents a very flexible approach since we can configure the firmware with many different module like:
Secure Filesystem
Secure Boot
Secure Update
Secure communication
The feature of our IoT firmware baseline are:
Real-time kernel, priority based, with stack sharing for RAM optimization.
Minimal multithreading RTOS interface (A minimal configuration is typically in the order of 1 to 6 KB of Flash memory. )
RTOS API for: Tasks, Events, Alarms, Resources, Application modes, Semaphores, Error handling.
Support for preemptive and non-preemptive multitasking.
Support for fixed priority scheduling and Preemption Thresholds.
Support for stack sharing techniques, and one-shot task model to reduce the overall stack usage.
Support for shared resources.
Support for periodic activations using Alarms.
Support for centralized Error Handling.
Support for hook functions before and after each context switch.
Support Core integrated security measures (MMU,MPU)