The promise of a cooperative network of vehicles and smart cities envisioned in vehicle-to-anything (V2X) and European car-to-anything (C2X) depends on the underlying security and safety of wireless messages, on-board units (OBU) and smart city roadside units. The Green Hills Platform for Secure Connected Car combines the highest levels of multi-level security and ASIL safety with a mature V2X security toolkit, standards-based applications and cloud-based secure certificate management service.
No safety without security
The connected car represents the next stage in the evolution of motor vehicle safety—going beyond vehicle-resident technologies like cameras, radars, and sensors. Connected car technologies add another layer of intelligence to vehicles—the ability to "see" around corners and through other vehicles. For the first time, unfamiliar vehicles and roadside units on untrusted public networks can communcate with each other—with no human involvement—and influence life-critical decistions and vehicle actions.
While the trio of functionality, performance, and safety formed the traditional foundation for automotive software, the connected car also demands authentication, identification, and separation of critical software components running in an insecure environment for the operational lifespan of the vehicle. In short, there is no safety without security.
Connected car technologies add another layer of intelligence to vehicles—the ability to "see" around corners and through other vehicles.
Comprehensive V2X portfolio
Green Hills Software, INTEGRITY Security Services (ISS) and V2X partners have developed a comprehensive portfolio of integrated V2X capabilities to help speed the design innovation for the next generation of connected vehicles and address the US Department of Transportation announcement of New Proposed Rule Making (NPRM), Docket number NHTSA-2016-0126, delivering vehicle-to-anything (V2X) and European car-to-anything (C2X) certifications to automotive and smart city product manufacturers and operations worldwide.
The Platform for Secure Connected Car is a comprehensive solution for managed security credentials, OBU 1609.2 security, V2X safety applications and more.
Over-The-Air Service (OTA)
The Platform for Secure Connected Car incorporates the ISS Device Lifecycle Management (DLM) OTA service that securely manages connected devices anywhere in the world.
- Connect worldwide over all mobile networks
- Standards-based Open Mobile Alliance Device Management (OMA-DM 2.0) Includes latest Software Component Management Object (SCOMO)
- Web-based command center with automated REST interface
- DLM OTA agent includes FIPS-140 Level 2 embedded algorithms
The Platform for Secure Connected Car supports V2X applications based on the architecture of specifications of ISO / ETSI / IEEE / SAE / C2C-CC, providing a modular framework and small footprint for various resource-constrained target platforms. For example, the Commsignia comprehensive V2X safety applications include:
- Left Turn Assist (LTA)
- Intersection Collision Risk Warning (ICRW)
- Longitudinal Collision Risk Warning (LCRW)
- Cooperative Forward Collision Warning (CFCW)
- Road Hazard Signaling (RHS)
- Pre-Crash Sensing
- Blind Spot Warning
- Stop Sign Movement Assistance
V2X OBU Security Toolkit
ISS and Commsignia offer a security toolkit for the on-board unit (OBU) to transmit and process secure messages and perform core security functions compliant to IEEE 1609.2-2016 and ETSI TS 103 097 standards.
- Security service for IEEE 1609.3 WAVE networking services, including WAVE Short Message Protocol (WSMP) transmission and reception
- Secure storage of V2V, V2I, C2C, and C2I certificates on the OBU
- Secure boot
- Software signing for secure transmissions
- Over-the-air certificate top-offs over the vehicle’s lifetime
- Securely maintain Credential Revocation List (CRL)
- FIPS-140 Level 2 compliant Embedded Crypto toolkit
Security Credential Management System
The Platform for Secure Connected Car has been integrated and tested with the world’s first and only Security Credential Management System (SCMS). Ann ISS product, SCMS is the de facto standard for securely delivering V2X and C2X digital certificates to OBUs. The Certificate Management Service addresses the US Department of Transportation (US DOT) announcement of New Proposed Rule Making (NPRM), Docket number NHTSA-2016-0126, delivering vehicle-to-anything (V2X) and European car-to-anything (C2X) certificates to automotive and smart city product manufacturers and operators worldwide:
For more information on ISS' V2X and C2X certificate capabilties, click here
The ISS SCMS is a high-assurance infrastructure for real-time generation of V2X certificates to protect digital assets across all lifecycle phases.
Integrated V2X Processors
The Platform for Secure Connected Car is integrated and tested on automotive-grade, integrated V2X communication processors providing the highest communication and safety decision reliability while minimizing the external components. For example, the Autotalks CRATON V2X Communication Processor offers:
- IEEE 1609.4 Channel Switching and Decentralized Congestion Control (DCC)
- Dual channel/diversity IEEE 802.11p mobility optimized modem
- Concurrent 802.11p and WLAN (802.11a/b/g/n/ac at 2.4Ghz/5Ghz) connectivity
- Line-rate ECDSA and V2X-embedded Hardware Security Module (HSM)
- Integrated single or dual core Arm Cortex A7 application CPU
- Rich array of interfaces, including USB 2.0, Ethernet 10/100/1000 AVB
An essential requirement for the secure connected car is a trusted run-time platform, certified at the highest levels of safety and security.
- INTEGRITY® RTOS – proven total reliability and separation security with unmatched Common Criteria EAL 6+ security credentials and ISO 26262 ASIL D safety certification.
- INTEGRITY Multivisor™ 64-bit Secure Virtualization – brings a decade of experience in safely and securely virtualizing guest operating systems alongside system-critical applications on a single platform.
- Advanced Software Development Tools – including MULTI® IDE, Optimizing C/C++ compilers, ISO26262 ASIL C/D qualification, MISRA C Adherence Checker and other integrated tools to produce automotive-grade code that runs at the highest possible execution speed. The Green Hills Probe and SuperTrace™ Probe connect MULTI to the target for board bring-up, trace debugging and multicore, multi-mode run control during debugging.
Scalable Family of Real-Time Operating Systems and Secure Virtualization
- Safe — The safety certified INTEGRITY RTOS technology is certified to the highest safety levels for ISO 26262 (ASIL D) and IEC 61508 (SIL 4).
- Secure —INTEGRITY RTOS technology is certified to the highest security level ever achieved for any software product—Common Criteria SKPP, EAL 6+ High Robustness—and is incorporating the latest automotive cybersecurity standards as defined by ISO/SAE DIS 21434 CAL 4 and UNECEVR EZP.29 CSMS
- Flexible — INTEGRITY Multivisor securely and safely runs guest operating sWems alongside critical applications
- Deeply embedded —µ-velOSity microkernel offers a tiny footprint and simple programming model for microcontroller architectures.
The µ-visor virtualization solution for microcontrollers features robust hardware-enforced software separation, multi-OS support, and real-time efficientcy to safely and securely consolidate critical workloads on resource-constrained processors
- Open — Automotive application programming interfaces to OSEK, AUTOSAR and POSIX
- V2X OBU Security Toolkit from INTEGRITY Security Services and Commsignia
- Over-The-Air Service (OTA) from INTEGRITY Security Services and Commsignia
- V2X Applications from Commsignia
- Integrated V2X Communications Processor from Autotalks
- Automotive connectivity includingCAN, Ethernet AVB/TSN, DoIP, SOME/IP, RTP/RTCP, gPTP Slave/Bridging, Wireless, USB, Bluetooth, and IPv4/v6 TCP/IP stack
- Graphics and UI Kits for 2D, 3D, OpenGL, Qt Commercial, Rightware Kanzi, Altia Design, DiSTI GL Studio, Crank Storyboard, CGI Studio, HTML5
- Internet application offerings including web servers, HTML5, email and HTTP clients
- File systems featuring partition journaling, wear leveling flash storage and more
- Embedded firewall
- Secure communications protocols—SSL, SSH, IPSec, IKEv2, HTTPS, FIPS 140-2, Suite B crypto
Software Development tools
- MULTI IDE and Green Hills toolchain are qualified to the highest functional safety levels, including ISO 26262 (ASIL D) and IEC 61508 (SIL 4) and EN 50128 (SIL 4)
- Green Hills Optimizing Compilers for C, C++, and Embedded C++ generate the fastest and smallest production-quality code on a broad range of automotive processor architectures
- MULTI IDE includes multicore debugger, profiler, simulator, run-time error checking, project builder, editor and much more
- TimeMachine revolutionary debugging suite. Run and step an application back in time to find even the most difficult bugs in minutes.
- MISRA C Adherence Wizard for building in code quality at the time of compilation
- DoubleCheck integrated static source code analyzer
- Integration with MathWorks' Embedded Coder and Simulink for modeling, simulation and PIL testing
Hardware Development tools
- Green Hills Probe V4 for multicore hardware bring-up, low-level debugging and trace-powered analysis tools
- Embedded Cryptographic Toolkit provides FIPS 140-2 compliant services for securing embedded devices through secure boot, secure data storage, secure networks (SSL, TSL, IPSec, SSH) and digitally signed secure OTA firmware updates
Device Lifecycle Management (DLM)
- Integrated products and services that enable embedded product manufacturers to monetize, manage and protect hardware and software intellectual property.
- System/software consulting
- Safety and security certification support
- BSP development & certification
Rich ecosystem for connected car
Green Hills understands the value of providing integrated, total solutions directly to its powertrain customers. In addition to offering the industry's most comprehensive solutions, we have partnered with best-in-class technology providers to integrate their complementary products with the Green Hills Platform for Secure Connected Car, including:
- Accelerated 2D and 3D graphics and UI kits
- Automotive connectivity
- AUTOSAR Classic and Adaptive support for the leading AUTOSAR stack providers
- Operating systems including Linux, Android, and ROS
- Applications development and services
- Co-simulation and co-verification
- Database and storage including embedded databases and flash devices
- Code quality, test, and management including automated testing and code coverage analysis tools
- Application modeling and simulation for building and evaluating applications early in the software lifecycle
- Network protocols and security for communications within the vehicle network and to the external world
- Automotive processors from leading semiconductor manufacturers
For a complete list of ecosystem partners for Green Hills Platforms for Automotive click here.