drivesec offers software solutions to be implemented in the Customer processes.

Flexible and adaptable to the Customer need, all solutions provided follow the best practices of secure coding.

DriV-SHEC

Virtual Secure HW Encrypt Component
The rapidly growing connectivity of vehicles is opening up numerous opportunities for new functions and attractive business models. At the same time, it represents a challenge for cyber-attacker due to the increase of the attack surface of modern vehicle. Cyber-attacks can have a huge impact on the safety of the vehicle and could cause financial damage.
Unauthorized access and data manipulation represents only the main threats that can affect the ECUs, for these reasons countermeasures become a must.
drivesec has developed a software module that acts like a Hardware Security Module (HSM).

The main feature of DriV-SHEC are:

  • A software secure element fully customizable and compatible with openssl

  • Support for cryptographic algorithm (AES, CMAC, SHA, Key Derivation Function)

  • Support for random generator (TRNG, PRNG)

  • Support for RSA key generation

  • Key exchange protocols (Diffie-Hellman)

In addition this component is secure itself by means:

  • Use of more that 20 software obfuscation techniques

  • Anti-debug protection

  • Data anti-tampering

  • Self tampering protection

  • Secure storage of data and keys with AEAD algorithms

IoT SW secure baseline

drivesec know-how is useful to the development of new IoT system. The proposal is a firmware baseline tailored on customer needs.

It is fully configurable firmware baseline based on RTOS, crypto and key management basic package, with customizable secure communication and security applicative functions. The low footprint assures an easy integration on different ARM Cortex Family(ies) microprocessors.

SECURE STORAGE / SECURE FILE SYSTEM

SECURE COMM
(TLS 1.3)

AUTHENTICATED FIRMWARE UPDATE

Secure
Boot

CRYPTO LIBRARY
CERTIFICATE MANAGEMENT
SECURE CODE EXEC

REAL TIME OS (Free RTOS)

uVISOR

BSP (+drivers)

HARDWARE (reference ARM CORTEX M4)

The main benefits of this approach are:
  • Portable API, the same function can be exported on different microcontrollers
  • Increased performances, using highly configurable ROM footprint, high efficiency kernel, stack sharing to limit RAM consumption.
This represents a very flexible approach since we can configure the firmware with many different module like:

  • Secure Filesystem

  • Secure Boot

  • Secure Update

  • Secure communication

The feature of our IoT firmware baseline are:

  • Real-time kernel, priority based, with stack sharing for RAM optimization.

  • Minimal multithreading RTOS interface (A minimal configuration is typically in the order of 1 to 6 KB of Flash memory. )

  • RTOS API for: Tasks, Events, Alarms, Resources, Application modes, Semaphores, Error handling.

  • Support for preemptive and non-preemptive multitasking.

  • Support for fixed priority scheduling and Preemption Thresholds.

  • Support for stack sharing techniques, and one-shot task model to reduce the overall stack usage.

  • Support for shared resources.

  • Support for periodic activations using Alarms.

  • Support for centralized Error Handling.

  • Support for hook functions before and after each context switch.

  • Support Core integrated security measures (MMU,MPU)