{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,10]],"date-time":"2026-01-10T02:22:13Z","timestamp":1768011733542,"version":"3.49.0"},"reference-count":17,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2021,4,30]],"date-time":"2021-04-30T00:00:00Z","timestamp":1619740800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2021,4,30]],"date-time":"2021-04-30T00:00:00Z","timestamp":1619740800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100004168","name":"Universit\u00e4t zu L\u00fcbeck","doi-asserted-by":"crossref","id":[{"id":"10.13039\/501100004168","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Hardw Syst Secur"],"published-print":{"date-parts":[[2021,6]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>New services such as autonomous driving, the connectivity of the traffic infrastructure and the tight coupling of user operated smart devices with the vehicle have significantly increased the demand for cryptographic protection in the automobile. To provide a secure environment for the calculation and verification of cryptographic material, automotive microcontrollers now frequently integrate Hardware Security Modules (HSM), special well-protected co-processors, which are protected against manipulation and external access. HSMs use special hardware accelerators to provide the required cryptographic services. While these accelerators provide good performance, they limit flexibility and updatability. In addition, as more services require cryptographic protection, the amount of key material that needs to be managed by the HSM also increases, turning the limited protected memory of the HSM into a bottleneck. This paper presents a framework that uses the safety mechanisms of a microcontroller to achieve both HSM-equivalent security through software solutions, while providing an equivalent level of functionality. Furthermore, the proposed framework provides crypto-agility, as the security stack can be updated if desired. In order to verify the functionality, the presented framework is implemented and evaluated on an Infineon AURIX TC399 and compared with the integrated HSM.<\/jats:p>","DOI":"10.1007\/s41635-021-00114-4","type":"journal-article","created":{"date-parts":[[2021,4,30]],"date-time":"2021-04-30T12:03:14Z","timestamp":1619784194000},"page":"103-113","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":8,"title":["Firmware Security Module"],"prefix":"10.1007","volume":"5","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1266-378X","authenticated-orcid":false,"given":"Claudius","family":"Pott","sequence":"first","affiliation":[]},{"given":"Philipp","family":"Jungklass","sequence":"additional","affiliation":[]},{"given":"David Jacek","family":"Csejka","sequence":"additional","affiliation":[]},{"given":"Thomas","family":"Eisenbarth","sequence":"additional","affiliation":[]},{"given":"Marco","family":"Siebert","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2021,4,30]]},"reference":[{"key":"114_CR1","unstructured":"Infineon Technologies AG (2020) AURIX TC3xx User's Manual. Infineon Technologies, AG. V1.2.0. https:\/\/www.infineon.com\/dgdl\/InfineonAURIX_TC3xx_Part2UserManualv01_00EN.pdf?"},{"key":"114_CR2","unstructured":"STMicroelectronics (2018)\u00a0SPC58xEx\/SPC58xGx 32-bit Power Architecture microcontroller for automotive ASILD applications - Reference Manual.\u00a0RM0391 Rev. 5. https:\/\/www.st.com\/resource\/en\/reference_manual\/dm00148989spc58egline32bitpowerarchitectureautomotivemcutriplez4cores180mhz6mbytesflashhsmasildstmicroelectronics.pdf"},{"key":"114_CR3","unstructured":"ARM A (2009) Security technology building a secure system using trustzone technology (white paper). ARM Limited"},{"key":"114_CR4","first-page":"86","volume":"2016","author":"V Costan","year":"2016","unstructured":"Costan V, Devadas S (2016) Intel sgx explained. IACR Cryptology ePrint Archive 2016:86","journal-title":"IACR Cryptology ePrint Archive"},{"key":"114_CR5","unstructured":"Kaplan D, Powell J, Woller T (2016) Amd memory encryption. White paper"},{"key":"114_CR6","doi-asserted-by":"crossref","unstructured":"Wolf M, Gendrullis T (2012) Design, implementation, and evaluation of a vehicular hardware security module. In H.\u00a0Kim, editor, Information Security and Cryptology - ICISC 2011.\u00a0Berlin, Heidelberg. Springer Berlin Heidelberg,\u00a0p 302\u2013318","DOI":"10.1007\/978-3-642-31912-9_20"},{"key":"114_CR7","unstructured":"Group TC (2020) Tpm 1.2 main specifictaion. https:\/\/trustedcomputinggroup.org\/resource\/tpm-main-specification\/. Accessed 04 June\u00a02020"},{"key":"114_CR8","unstructured":"Raj H, Saroiu S, Wolman A, Aigner R, Cox J, England P, Fenner C, Kinshumann K, Loeser J, Mattoon D, Nystrom M, Robinson D, Spiger R, Thom S, Wooten D (2016) fTPM: A software-only implementation of a TPM chip. In 25th USENIX Security Symposium (USENIX Security 16), Austin, TX. USENIX Association, p 841\u2013856"},{"key":"114_CR9","unstructured":"Barth T, Fromm P (2016) Functional safety on multicore microcontrollers for industrial applications. In Embedded World 2016 Exhibition & Conference"},{"key":"114_CR10","doi-asserted-by":"crossref","unstructured":"Hattendorf A, Raabe A, Knoll A (2012) Shared memory protection for spatial separation in multicore architectures. In 7th IEEE International Symposium on Industrial Embedded Systems (SIES\u201912), p 299\u2013302","DOI":"10.1109\/SIES.2012.6356601"},{"key":"114_CR11","doi-asserted-by":"crossref","unstructured":"Jungklass P, Berekovic M (2019) Memopt: Automated memory distribution for multicore microcontrollers with hard real-time requirements. In 2019 IEEE NORCAS, p 1\u20137","DOI":"10.1109\/NORCHIP.2019.8906914"},{"key":"114_CR12","doi-asserted-by":"crossref","unstructured":"Saidi S, Ernst R, Uhrig S, Theiling H, de\u00a0Dinechin BD (2015) The shift to multicores in real-time and safety-critical systems. In Proceedings of the 10th International Conference on Hardware\/Software Codesign and System Synthesis. IEEE Press, p 220\u2013229","DOI":"10.1109\/CODESISSS.2015.7331385"},{"issue":"3","key":"114_CR13","doi-asserted-by":"publisher","first-page":"65","DOI":"10.1109\/LES.2017.2771206","volume":"10","author":"F Maj\u00e9ric","year":"2018","unstructured":"Maj\u00e9ric F, Gonzalvo B, Bossuet L (2018) Jtag fault injection attack. IEEE Embed Syst Lett 10(3):65\u201368","journal-title":"IEEE Embed Syst Lett"},{"key":"114_CR14","unstructured":"AG IT. AURIX 32-bit microcontrollers for automotive and industrial applications - Highly integrated and performance optimized. Infineon Technologies AG. V1.0"},{"key":"114_CR15","unstructured":"AG IT. HSM - Hardware Security Module, AURIX TC2xx Microcontroller Training. Infineon Technologies AG. V1.1"},{"key":"114_CR16","doi-asserted-by":"crossref","unstructured":"Bernstein DJ (2006) Curve25519: New diffie-hellman speed records. In M.\u00a0Yung, Y.\u00a0Dodis, A.\u00a0Kiayias, and T.\u00a0Malkin, editors, Public Key Cryptography - PKC 2006.\u00a0Springer Berlin Heidelberg,\u00a0p 207\u2013228","DOI":"10.1007\/11745853_14"},{"issue":"2\u20133","key":"114_CR17","doi-asserted-by":"publisher","first-page":"493","DOI":"10.1007\/s10623-015-0087-1","volume":"77","author":"M D\u00fcll","year":"2015","unstructured":"D\u00fcll M, Haase B, Hinterw\u00e4lder G, Hutter M, Paar C, S\u00e1nchez AH, Schwabe P (2015) High-speed curve25519 on 8-bit, 16-bit, and 32-bit microcontrollers. Designs, Codes and Cryptography 77(2\u20133):493\u2013514","journal-title":"Designs, Codes and Cryptography"}],"container-title":["Journal of Hardware and Systems Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s41635-021-00114-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s41635-021-00114-4\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s41635-021-00114-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,7,10]],"date-time":"2021-07-10T03:35:50Z","timestamp":1625888150000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s41635-021-00114-4"}},"subtitle":["A Framework for Trusted Computing in Automotive Multiprocessors"],"short-title":[],"issued":{"date-parts":[[2021,4,30]]},"references-count":17,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2021,6]]}},"alternative-id":["114"],"URL":"https:\/\/doi.org\/10.1007\/s41635-021-00114-4","relation":{},"ISSN":["2509-3428","2509-3436"],"issn-type":[{"value":"2509-3428","type":"print"},{"value":"2509-3436","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,4,30]]},"assertion":[{"value":"2 October 2020","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"13 April 2021","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"30 April 2021","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}