Cybersecurity hardware research: security chip and HSM that meet the national encryption standards will build the automotive cybersecurity hardware foundation for China.
1. OEMs generally adopt the security chip + HSM strategy to build their cybersecurity protection system.
At the core of cybersecurity hardware are security chip and hardware security module (HSM).
Security chip, or secure element (SE), is an integrated circuit that integrates cryptographic algorithms and features physical attack prevention design.
Hardware security module (HSM) is a computer device used to protect and manage the keys and sensitive data applied by the strong authentication system, and also provide related cryptographic operations. It is the basic support for automotive security solutions.
At present, most OEMs employ the security chip + HSM strategy to build an automotive cybersecurity protection system.
For example, in its automotive cybersecurity security system, NIO uses security chips and HSM to reinforce hardware and networks; in terms of secure communication, the HSM and certificate system featuring integrity, encryption, pseudonymization and anonymity is the basis for enabling data privacy protection. In addition, bug fixes over the air (OTA) are available in the case of emergency.
GAC completes the hardware security design and creates the four systems of border protection, automotive security, PKI certification & transmission, and security services, using security chip (SE) + HSM, and secure boot, trusted zone and encryption technologies. And at the vehicle end, GAC conducts in-depth research on vehicle inside and outside multi-node security protections, such as Linux OS for T BOX 4G module, Android OS for vehicle head unit, QNX OS for gateway and MCU, and communication interaction, aiming to establish an in-depth protection system for in-vehicle security.
2. Homemade SE chips are mass-produced and applied in vehicles.
As the US passed CHIPS Act, the localization of semiconductors in China assumes greater urgency. More chip equipment, materials and industrial software among others will be homemade. The cybersecurity hardware market is no exception. The need for local security chips that conform to the national encryption algorithms is a pressing problem.
In current stage, Tongxin Micro’s automotive-grade security chips are often used in the Internet of Vehicles, and are being tried out in small batches by Chinese manufacturers. They are expected to be mass-produced during 2023-2024. In the future, Tongxin Micro’s SE chips will head in the direction of vehicle controllers that meet higher vehicle driving safety and product performance requirements. Following the completion of development and testing of samples of key products in this series in 2022, the research and development is expected to be fulfilled around 2025.
Despite a large number of companies, their mass production capacity is limited. Only a few players like Tongxin Micro and CEC Huada Electronic Design have products largely mounted on vehicles in the OEM market. Nations Technologies has mass-produced products for the aftermarket covering T-BOX, driving recorder, vehicle diagnosis, in-vehicle infotainment and navigation, vehicle ambient lighting, and 360-degree panoramic view.
Tongxin Micro was established by the national second-generation resident ID card chip R&D team at the Institute of Microelectronics of Tsinghua University. Its T9 Series security chips that were introduced into homegrown vehicle models in 2021 have been spawned and used in T-BOX, V2X, eUICC, China Phase VI OBD, and digital car keys, building a four-in-one trustworthy application environment for connected vehicles, that integrates cybersecurity, payment security, communication security, and identity authentication security.
Currently Tongxin Micro’s automotive-grade security chips are largely seen in the Internet of Vehicles, often not involving vehicle driving safety, with a relatively short assessment and certification cycle. Chinese manufacturers have the chips on trial in small batches, which are projected to be produced in quantities during 2023-2024. In the future, Tongxin Micro’s SE chips will head in the direction of vehicle controllers, involving high vehicle driving safety and product performance requirements, with a relatively long certification period. The key products in this series, with samples developed in 2022, are being tested, and the research and development is expected to be completed around 2025.
CEC Huada Electronic Design is a group company formed by CEC integrating its integrated circuit companies. In 2019, CEC Huada Electronic Design made a foray into telematics security chips. Its telematics solutions based on its high security SEs are led by:
The in-vehicle security involves the security protection of vehicle bus, ECU, OBD, TBOX and IVI system. The SEs deployed on key nodes guarantee the link security of the in-vehicle network and TSP platform.
For V2X security, devices such as on-board unit (OBU) and roadside unit (RSU) use the integrated SEs to store the unique network access identifier, registration certificate and application certificate; the verification of communication message signatures is a solution to such problems as protocol cracking, illegal authentication and privacy leakage in the direct connection environment.
CEC Huada Electronic Design’s series of automotive-grade security chip products have been spawned and launched on market, with more than 8 million units having been pre-installed and deployed in commercial vehicles and passenger cars.
3. Most HSM players are foreign companies, and the SecIC-HSM based on national encryption algorithms will become an application direction.
HSM providers are mainly foreign companies including Thales, Entrust Datacard, Utimaco, ATOS SE, Exceet Secure Solutions GmbH, Securosys, Ultra Electronics, Synopsys, Futurex, Marvell Technology Group, and Yubico. Typical application solutions are also from these foreign players, for example, the HSM framework in Infineon’s AURIX chip and Vector’s HSM firmware solution.
In the context of the hindered global semiconductor industry chain, the demand for homemade HSM and solutions in China is bound to rise. Westone and Sansec are among the few HSM providers in China. The SecIC-HSM Series security modules created by Shanghai Uni-Sentry adopt the HSM security stack that uses national encryption algorithms, support mainstream chips used in production vehicle models, and are compatible with chips of NXP and ST and domestic mainstream domain controllers, meeting the technical requirements of vehicle controller security.
4. The providers of software and hardware integrated solutions walk at a faster pace in application to vehicles.
In terms of mass production, providers of software and hardware integrated solutions go ahead of simple SE chip vendors.
Since 2015, Zhengzhou Xinda Jiean Information Technology Co., Ltd. has signed agreements with BYD, AIWAYS, BAIC, Ingeek and Suzhou Zhito Technology among others, providing customized cybersecurity solutions as they require.
In addition, Xinda Jiean provides V2X security chips that comply with national encryption standards and supporting security services for its partners Huawei and Lear, in a bid to support Audi’s next-generation V2X intelligent connected vehicle project.
China Automotive Cybersecurity Hardware Research Report, 2022 combs through China’s automotive cybersecurity hardware system and highlights the following:
-Automotive cybersecurity system architecture and the range of key hardware products, with vehicle systems as the main object;
-Cybersecurity policies, regulations and standard systems (the main content and certification process of ISO21434 and R155, and the process and planning of Chinese standards and regulations);
-Automotive SE security chips (features, application scenarios, and major Chinese and foreign vendors);
-Features and application solutions of automotive hardware security module (HSM);
-OEMs’ construction of cybersecurity systems and application of hardware modules.