How Formal Techniques Can Keep Hackers from Driving You into a Ditch

Paper #:
  • 2016-01-0066

Published:
  • 2016-04-05
Citation:
Hupcey, J. and Ramirez, B., "How Formal Techniques Can Keep Hackers from Driving You into a Ditch," SAE Technical Paper 2016-01-0066, 2016, https://doi.org/10.4271/2016-01-0066.
Pages:
5
Abstract:
The number one priority in vehicle security is to harden the root-of-trust; from which everything else - the hardware, firmware, OS, and application layer’s security - is derived. If the root-of-trust can be compromised, then the whole system is vulnerable. In the near future the root-of-trust will effectively be an encryption key - a digital signature for each vehicle - that will be stored in a secure memory element inside all vehicles. In this paper we will show how a mathematical, formal analysis technique can be applied to ensure that this secure storage cannot (A) be read by an unauthorized party or accidentally “leak” to the outputs or (B) be altered, overwritten, or erased by unauthorized entities. We will include a real-world case study from a consumer electronics maker that has successfully used this technology to secure their products from attacks 24/7/365.Note that the techniques and solutions described herein are focused exclusively on digital circuitry specified in a register transfer level (RTL) language, such as Verilog or VHDL - i.e. the most fundamental level of digital design. This paper does not go into any physical design and verification issues or related “side-channel” attacks, nor do we address firmware or higher level software security best practices.
Access
Now
SAE MOBILUS Subscriber? You may already have access.
Buy
Select
Price
List
Download
$27.00
Mail
$27.00
Members save up to 40% off list price.
Share
HTML for Linking to Page
Page URL

Related Items

Technical Paper / Journal Article
2013-05-13
Technical Paper / Journal Article
2004-03-08