Automotive Authenticator Assures the Identity of OEM-Certified Components
New authenticator IC avoids the pitfalls of complex, microcontroller-based solutions
Maxim’s DS28E40 DeepCover automotive secure authenticator is powered “parasitically” and employs a 1-Wire interface for safer, more simplified connectivity.
The DS28E40 Deep Cover Authenticator. Image courtesy of Maxim
Modern automobiles have been described as “computers on wheels”, whether conventionally powered or EVs. To assure safety as well as to protect against malware attacks, the DS28E40 serves to assure that only genuine, OEM-approved components are employed. This is especially critical in application such as advanced driver assistance systems (ADAS) and EV batteries.
The Drawbacks of Conventional Protection Methodologies
Automotive manufacturers often use microcontroller-based solutions for authentication and to protect automotive systems from malware. However, such methods require major software development efforts. It also raises both the parts count and the need for additional connectivity, which in themselves can lead to reliability issues.
The DS28E40 DeepCover authenticator is a 1-Wire solution, providing OEMs a fixed function that specifically targets their security needs. At the same time, design complexity and development costs are reduced.
The device employs public/private key asymmetric ECDSA (ECC-P256 curve) and other key authentication algorithms, which are built into the IC. These protections assure that the peripherals providing mission critical data are genuine OEM-approved parts.
Maxim suggests the example of a non-approved, substandard ADAS camera not up to par with OEM specs. A sub-par camera might compromise the ADAS system, with the possible result being an accident.
As described by Michael Haight, director, Embedded Security at Maxim Integrated, “The parasitically powered 1-Wire authenticator really opens up automotive endpoints that can be secured and properly authenticated by adding just one chip,” He goes on to state that “With the ground plus single contact for power and communication, even a passive automotive component that doesn’t otherwise have electronics could be connected to an engine control unit (ECU) and authenticated.”
Inside the DS28E30
As indicated in the simplified block diagram illustrated below, there are only two connections needed to the authenticator. The reader will note that in most cases, no power connection is needed. The aforementioned “parasite power” powering the device is siphoned from the 1–wire I/O interface, and stored in an external capacitor.
Simplified Block Diagram. Image courtesy of DS28E40 Datasheet
The DS28E40 provides a set of cryptographic tools derived from integrated symmetric (SHA-256) and asymmetric (ECC-P256) and security functions.
The DS28E40 also includes:
- A FIPS/NIST true random number generator (TRNG)
- 6Kb of secured OTP memory divided into 3Kb of user memory and 3Kb of Keys/Secrets
- A configurable GPIO pin
- A unique 64-bit ROM identification number (ROM ID).
- Accessory and Peripheral Secure Authentication
- Identification and Calibration Automotive Parts/Tools/Accessories
- Secure Boot or Download of Firmware and/or System Parameter
- Automotive Secure Authentication
- IoT Node Crypto-Protection
- Secure Storage of Cryptographic Keys for a Host Controller
- The DS28E40 is available in a 4 x 3 mm TDFN package
- It operates over a -40 to +125℃ temperature range
Meets AEC-Q100 standard Grade 1
Getting to Market Faster
Maxim offers the DS28E40EVKIT, an evaluation system that includes all software and hardware needed to evaluate the features of the DS28E40, including a user interface.
The DS28E40EVKIT Evaluation Kit. Image courtesy of DS28E40EVKIT DataSheet
The kit includes:
- Five DS28E40G/V+ devices in a 10-pin TDFN package
- A DS9121CQ evaluation TDFN socket board
- A DS9481P-300# USB-to-I2C/1-Wire adapter.
Downloadable evaluation software runs under Windows 10.