New Industry Products

Automotive Authenticator Assures the Identity of OEM-Certified Components

February 03, 2021 by Gary Elinoff

New authenticator IC avoids the pitfalls of complex, microcontroller-based solutions

Maxim’s DS28E40 DeepCover automotive secure authenticator is powered “parasitically” and employs a 1-Wire interface for safer, more simplified connectivity. 

 

The DS28E40 Deep Cover Authenticator
The DS28E40 Deep Cover Authenticator. Image courtesy of Maxim

 

Modern automobiles have been described as “computers on wheels”, whether conventionally powered or EVs. To assure safety as well as to protect against malware attacks, the DS28E40 serves to assure that only genuine, OEM-approved components are employed. This is especially critical in application such as advanced driver assistance systems (ADAS) and EV batteries.

 

The Drawbacks of Conventional Protection Methodologies

Automotive manufacturers often use microcontroller-based solutions for authentication and to protect automotive systems from malware. However, such methods require major software development efforts. It also raises both the parts count and the need for additional connectivity, which in themselves can lead to reliability issues.

The DS28E40 DeepCover authenticator is a 1-Wire solution, providing OEMs a fixed function that specifically targets their security needs. At the same time, design complexity and development costs are reduced.

The device employs public/private key asymmetric ECDSA (ECC-P256 curve) and other key authentication algorithms, which are built into the IC. These protections assure that the peripherals providing mission critical data are genuine OEM-approved parts.

Maxim suggests the example of a non-approved, substandard ADAS camera not up to par with OEM specs. A sub-par camera might compromise the ADAS system, with the possible result being an accident. 

As described by Michael Haight, director, Embedded Security at Maxim Integrated, “The parasitically powered 1-Wire authenticator really opens up automotive endpoints that can be secured and properly authenticated by adding just one chip,” He goes on to state that “With the ground plus single contact for power and communication, even a passive automotive component that doesn’t otherwise have electronics could be connected to an engine control unit (ECU) and authenticated.” 

 

Inside the DS28E30

As indicated in the simplified block diagram illustrated below, there are only two connections needed to the authenticator. The reader will note that in most cases, no power connection is needed. The aforementioned “parasite power” powering the device is siphoned from the 1–wire I/O interface, and stored in an external capacitor. 

 

Simplified Block Diagram
Simplified Block Diagram. Image courtesy of DS28E40 Datasheet

 

The DS28E40 provides a set of cryptographic tools derived from integrated symmetric (SHA-256) and asymmetric (ECC-P256) and security functions. 

The DS28E40 also includes: 

  • A FIPS/NIST true random number generator (TRNG)
  • 6Kb of secured OTP memory divided into 3Kb of user memory and 3Kb of Keys/Secrets
  • A configurable GPIO pin
  • A unique 64-bit ROM identification number (ROM ID).

 

Applications

  • Accessory and Peripheral Secure Authentication
  • Identification and Calibration Automotive Parts/Tools/Accessories
  • Secure Boot or Download of Firmware and/or System Parameter
  • Automotive Secure Authentication
  • IoT Node Crypto-Protection
  • Secure Storage of Cryptographic Keys for a Host Controller

 

Physical

  • The DS28E40 is available in a 4 x 3 mm TDFN package
  • It operates over a  -40 to +125℃ temperature range

 

Regulatory Considerations

Meets AEC-Q100 standard Grade 1

 

Getting to Market Faster

Maxim offers the DS28E40EVKIT, an evaluation system that includes all software and hardware needed to evaluate the features of the DS28E40, including a user interface.

 

The DS28E40EVKIT Evaluation Kit.
The DS28E40EVKIT Evaluation Kit. Image courtesy of DS28E40EVKIT DataSheet

 

The  kit includes: 

  • Five DS28E40G/V+ devices in a 10-pin TDFN package
  • A DS9121CQ  evaluation  TDFN  socket  board
  • A DS9481P-300# USB-to-I2C/1-Wire adapter. 

Downloadable evaluation software runs under Windows 10.