Introduction to CyberSecurity Capabilities of Tianjin Yidingfeng Powertrain Technology Co., Ltd.
Tianjin Yidingfeng Powertrain Technology Co., Ltd. (hereinafter referred to as EVPT) takes a forward-looking approach to layout its R&D capabilities in Functional Safety and CyberSecurity. Based on ASPICE, it integrates the development process systems of ISO 26262 (Functional Safety) and ISO 21434 (CyberSecurity). Up to now, EVPT has two R & D centers with more than 120 engineers, where core members are from global leading Tier1 companies with more than 10 years of experience in development. EVPT has finished more than 100 mass-production projects. In response to CyberSecurity and Functional Safety standards such as ISO 21434, ISO 26262 and GB 44495. EVPT provides customers with a full range of automotive electronic control products.
1、Process System Capability
EVPT has established CyberSecurity management development process based on ISO 21434, covering various stages such as requirement analysis, product system design, research and development, production management, testing, and maintenance. Develop processes that meet the whole life cycle of ISO 21434 and GB 44495, and support OEM certification through R155.
lA comprehensive CyberSecurity management system and process to effectively control and supervise information security.
lA comprehensive security management system, including security plans, Threat Analysis and Risk Assessment (TARA), and vulnerability analysis management.
lA comprehensive development process is established to implement mechanisms for security intelligence monitoring, situation analysis, vulnerability analysis and management, as well as emergency response.
lA comprehensive system, software, and hardware development process.
2、Platformization Capability
EVPT works closely with global chip manufacturer and domestic chip manufacturers, and has the ability to quickly transplant different chip platforms. By using HSM modules that meet Evita Full Level and combining them with AUTOSAR architecture, a complete CyberSecurity solution can be flexibly implemented.
The solution includes functions such as secure boot, secure flash, secure communication (SecOC), secure memory, secure diagnosis, secure debugging, secure logging, key management, certificate management, etc. And support customer specifical requirements.
Function List | Description |
HW HSM | HSM module that meets Evita Full Level requirements |
Hardware Silk Screen Control | Support removing silk screen to protect hardware information security |
Hardware Pin Packaging | Support secure packaging formats such as BGA |
Hardware Debugging Port Control | Support debugging port hardware removal and software encryption protection |
Secure Boot | Use HSM trust root to protect code from tampering |
Security Refresh | Ensure that the code flashed in is trustworthy |
Secure Communication SecOc | SecOc supporting AUTOSAR architecture ensures secure communication of CAN, ETH, LIN between various ECU nodes |
Identity Authentication | Support various identity authentication methods to achieve permission authentication for ECU and external devices |
Security Diagnosis | Support various key learning algorithms for UDS 27 services |
Secure Storage | Ensure the authenticity and integrity of key data |
Security Debugging | Prevent the internal data of the controller from being illegally exported or tampered with |
Security Log | Record abnormal data to protect the information security of ECU |
Support Algorithm | Various mainstream algorithms such as AES, ECC, Hash, ECC, SM2/3/4, etc |
Code Safety | Support CERT C scanning, secure coding, and obfuscation protection |
2.1 Hardware Security
lSupport mainstream chip HSM modules to ensure the security of ECU hardware and prevent physical attacks.
lUse tampering techniques to protect hardware and prevent it from being modified or replaced.
lUse physical isolation technology to isolate sensitive components and prevent unauthorized access.
2.2 Software Security
lSupport the integration and development of mainstream chip HSM drive
lSupport various standard cryptographic algorithms, including AES, RSA, ECC, SHA, RSA, SM2/3/4, etc.
lOTA refresh security ensures that refresh packages are authorized
lSupport secure boot and verify the Integration of application software
lSupport Customized Development of SecOC Secure Communication based on CyberSecurity Software Architecture
lSupport key security management, updates,logout,the parsing and storage of various certificates
lSupport identity authentication to ensure that only authorized devices or software can access the ECU.
lSupport debugger security and encryption protection for debugging devices
lDevelop software with secure coding standards and conduct rigorous testing and validation.
2.3 Data Security
lSupport secure storage of data
lSupport data storage with hardware security component HSM
lSupport encrypted storage protection for sensitive data
3、Deliverables
Name | Description | Form |
HSM | A set of software running on HSM hardware, used to drive encryption algorithm hardware, perform key management and other actions | Software code or binary file (HEX) |
Crypto Driver | Driver software package used for communication with HSM firmware on the APP side | Software code |
CSM&SecOC(AUTOSAR) | A software protocol stack used to provide key management, certificate verification, and other services in BSW | Library files or software code provided within AUTOSAR software |
Manual | Instruction document for guiding users to integrate and use Crypto Driver components | Electronic documents |
ISO21434 Process Document | Used to demonstrate that the developed software and hardware comply with information security processes (including design files, testing files, management files, etc.) | Full text or cropped partial evidence proof documents of electronic documents |
4、Summary
EVPT can provide CyberSecurity solutions for OEM and assembly level Tier1, covering a variety of automotive electronic control products such as distributed controllers, regional domain controllers, and cross domain fusion domain controllers, all of which comply with CyberSecurity (ISO 21434 and GB 44495), Functional Safety (ISO 26262), and ASPICE to improve vehicle safety comprehensively. Assist in the implementation of enterprise safety solutions and provide global customers with more intelligent, more efficient and safer automotive electronic control products and services.
- Official Account
- Recruitment official account