Infineon aims for ISO/SAE 21434 automotive cyber-security with MCU family
Author: EIS Release Date: Nov 28, 2022
Infineon has a family of microcontrollers in the pipeline intended to achieve certification to the new ISO/SAE 21434 automotive cyber-security management system (CSMS) standard.
Infineon ISO_SAE_21434_Certification
This follows TÜV Nord certifying Infineon to ISO/SAE 21434.
Initially announced in January, the ‘TC4xx’ MCU family will carry the company’s ‘Aurix’ branding, have a “new cybersecurity architecture”, said Infineon, and the famil is “expected to achieve product certification under the ISO/SAE 21434 standard”.
The 28nm MCUs are built around the company’s 32bit TriCore 1.8 cores, plus accelerators including a new parallel processing unit (PPU), and a SIMD vector DSP which can be used for AI algorithms. Use cases as diverse as real-time control and radar post processing are envisaged in domain and zonal vehicle architectures.
Software-over-the-air updates will be supported, and amongst the family there will also be support for 5Gbit Ethernet, 10BASE T1S Ethernet, PCI Express and CAN-XL.
“To help customers achieve compliance with national and international cybersecurity regulations such as UN R155 [see below], Infineon Technologies is one of the first semiconductor suppliers to achieve certification under ISO/SAE 21434,” it said. Infineon’s ISO/SAE 21434-compliant CSMS applies to a range of Infineon products supporting automotive cybersecurity, including Aurix. Following industry best practices, the CSMS covers information technology, manufacturing technology, and selected regional and regulatory environments.”
Infineon’s threat monitoring system is able to analyse relevant vulnerability disclosures and potential threats to its security products, it claimed, and systems are evaluated and mitigated based on an ISO/SAE 21434 process. “Together, these compliant monitoring and incident response capabilities enable Infineon and its customers to work in cooperation to identify and mitigate product security risks.”
UN R155 was introduced by UNECE (United Nations Economic Commission for Europe) to addresses cyber-security in connected vehicles.
Coming into effect from July, it requires vehicle manufacturers to apply a security-by-design approach to their products and processes.
To sell in UN R155 markets, vehicle manufacturers must own a certificate of compliance for the CSMS, applied to each vehicle type, said Infineon. To achieve certification, vehicle OEMs must implement cyber-security practices across the supply chain to reduce overall risk-of-attack throughout the vehicle life-cycle.