- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Dear Community members
Is there any on board Hardware level Encryption available in Aurix TC397 Board for CAN Communication? I searched for this on Documents but didn't got any useful information.
Thanks
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Dear Ark,
Please contact your FAE for below application note (please note this document is for TC2xx) :
dw
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Dear customer,
Aurix do have a HSM module to implement encryption, please contact local FAE or disiti for document. In the user manual AURIXTC3XX_um_part2_v2.0.pdf, below description is for your reference:
47 Hardware Security Module (HSM)
The HSM is a separate processor subsystem dedicated for security tasks. It is connected as master and slave to
the SPB bus.
For security reasons this module is described in a separate documentation. Please contact your Infineon
representative for further information.
dw
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Dear dw
Thanks a lot for your reply . I found the HSM section in documentation, unfortunately it seems an NDA is required for access to that document.
I have another doubt. I have implemented a controller with a plant in HIL based setup. The controller and plant are communicating via CAN BUS, On kvaser CANKing bus monitor I can see we are receiving the CAN message as it is.
Is there any way to use some kind of encryption algorithm on the transmitting CAN BUS data in tricore boards. Any library function or some example code available to encrypt the data before sending. I found one training document on HSM. It seems tricore HSMs have the provisions for AES and PKC.
Regards
arkaprava
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Dear ark,
As standard CAN frame has 8 byte payload, for 256bit AES, there should be 32 bytes plaintext and which leads to 32bytes cyphertext. So, you could divides the data transmitted into groups and assign Sequence ID. As AES is symmetric encryption algorithm, the both side of link way should know the 256bit password initially which could be transmitted at start of the transmission using other asymmetric encryption algorithm or written by factory. The key element needs to consider is the algorithm compute speed, it depends on CPU speed and constrained by other system compute power cost on your system.
Beside HSM which is hardware module, you could select a software library for AES or others. The C code of the encrpytion you could search on internet. The encryption speed of each packet also needs to pay attention and test by yourself.
dw
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Dear Ark,
Please contact your FAE for below application note (please note this document is for TC2xx) :
dw
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks, but that may be difficult for me since these AURIX tricore boards(TC397,TC234) were bought 2-3 years back by my University, I am not sure how to contact them. I have to talk with my professor about that.