Embedded Analytcs and Automotve Security Aileen Smith Chief - PowerPoint PPT Presentation

Embedded Analytcs and Automotve Security Aileen Smith Chief Strategy Ofcer

Corporate Overview Tier-1 • VC-funded start-up Automotve • Recently completed round D ($6M) ARMv8 • Founded 2009 Server • Headquarters in Cambridge UK • 44 patents • New Chairman October 2017 • Alberto Sangiovanni-Vincentelli • Industry leaders adoptng UltraSoC • Silicon-proven with multple customers 5 April 2018 2

Actonable Insights across the whole SoC UltraSoC delivers Kno Kno actonable insights wled wled ge ge Value With system-wide understanding Informaton Informaton From rich data across the whole SoC Data Data UltraSoC enables full visibility of SoC 5 April 2018 3

UltraSoC: On-Chip Analytcs for SoC as a Whole A coherent architecture to debug, develop, optmize & secure • Full SoC visibility, HW & SW • Support all architectures: Freedom of IP selecton • Real-tme & non-intrusive • Advanced analytcs & forensics • “in life” analytcs & SLA compliance • Supports Functonal Safety • Supports Bare Metal Security™ 5 April 2018 4

UltraSoC Embedded Analytcs • Analytcs subsystem running contnuously, analysing, monitoring for safety and security, reconfguring H/W parameters as required JTAG CPU ME RISC CPU Core I/O • AI/ML algorithms defne “normal” SoC behaviour and identfy deviatons from the norm GPIO Stream Memory • Hardware resources are confgurable at runtme ME I/F • Allows reuse of hardware resources for diferent scenarios and diferent algorithms • Security and safety of systems • Hardware provides data so CPU load is small • Fastest speed of detecton 5 April 2018 5

Bare Metal Security: a diferent layer • Re-use the logic for debug • “Is the system operatng as expected?” • Hardware-based, under the OS • Completely independent monitoring system • Invisible to main system • Very hard to detect or subvert • Consistent and integrated with functonal safety • Supports requirements of SAE 3061 cybersecurity for automotve • Complements other security architectures • “intruder alarm” versus “lock” 5 April 2018 6

SAE J3061 Cyber Security for Automotve • SAE J3061 and ISO/SAE 21434 - Cybersecurity Guidebook for Cyber-Physical Vehicle Systems • Tailors a cybersecurity process framework from the ISO 26262 process framework • Cybersecurity and functonal safety share parallel processes • Threat analysis and risk assessment vs hazard analysis • Atack tree analysis vs fault tree analysis • Cybersecurity countermeasures should be consistent with safety measures and safety mechanisms • The cybersecurity and functonal safety teams need to interact • Implies need for hardware elements for cybersecurity • UltraSoC monitors can support both safety and cybersecurity 5 April 2018 7

UltraSoC in Automotve Resilience i) the ability to maintain a core purpose or ii) the ability to restore core purpose in the face of a disrupton • Partner with ResilTech (Italy) who are leaders in this space and consult on ISO 26262 • Partner with Moortec (on-chip PVT sensors) for resilience checking e.g. load balancing based on temperature Security – Real-tme monitoring Safety – Real-tme monitoring - - Challenge Response Hardware monitoring that system is - Authentcaton working within limits - - Alarm Functon (hacking, intrusion) Hardware monitoring to warn that system - UltraSoC provides Bare Metal security as is working outside limits - well as message encrypton UltraSoC can be used to monitor Data - Interacton between sofware and existng Corrupton or implement Lock-Step hardware (post silicon). - Ensure sofware updates do not have a negatve efect on system integrity 5 April 2018 8

Example 1 – Non-intrusive performance optmizaton Fastest tme to detecton 5 April 2018 9

Example 2 – Hardware layer security Check accesses to E-Fuse and Key Store Use Bus mon 1’ to capture accesses to the E-Fuse and Key Store enttes UltraSoC IP if <Address> >= MemAddressL && <Address> < mon 3 Status mon 2 Status Radio IF Radio IF DSP MemAddressH FFT I I I$ I$ TCM TCM Processor Processor && NOT (<Id> >= IdL && <Id> <= IdH) D D Interconnect D$ D$ TCM TCM then if Count > 0 Status Status USB Turbo mon 1 mon 1 MAC DSP DSP Interconnect CaptureTrace() Status Status mon 2 mon 2 Bus mon 1 SendEventMessage() UltraSoC Peripheral Interconnect else Interconnect IncrementCount() mon 3 Status Key DMA-1 RAM Efuse DMA-2 Timer Security Store fi Interconnect Where: Debug Hub Bus mon 2 • <> are Interconnect felds being observed by the bus monitor. PHY DFI-PHY DRAM controller • CaptureTrace() puts the transacton into the trace bufer • SendEventMessage() is an instructon to the monitor to send an event out DDR3 on UltraSoC’s message bus NB This is pseudo-code actual fltering is in hardware and not sofware • IncrementCount increments the counter by 1 (allows for BootRom access) 5 April 2018 10

Example 3 – Non-intrusive “stuck pixel” detecton Fastest tme to detecton Detected stuck pixels Incoming image 5 April 2018 11

Conclusions UltraSoC Security & Embedded Analytcs • The only commercial heterogeneous soluton • Non-intrusive, wire-speed monitors • Integraton Simplicity • Enables in-life monitoring and fastest detecton • Reliability, Compliance & Bare-Metal Security™ 5 April 2018 12

Contact details: Aileen Smith aileen.smith@ultrasoc.com www.ultrasoc.com @UltraSoC 5 April 2018 13