CAN Communication in Aurix TC3XX

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob
arkapravasain
Level 1
Level 1
5 replies posted 10 sign-ins 5 sign-ins

Dear Community members

Is there any on board Hardware level Encryption available in Aurix TC397 Board for CAN Communication? I searched for this on Documents but didn't got any useful information.

Thanks

0 Likes
1 Solution
Di_W
Moderator
Moderator
Moderator
500 solutions authored 1000 replies posted 250 solutions authored

Dear Ark,

Please contact your FAE for below application note (please note this document is for TC2xx) :

 

dw_0-1653274410582.png

dw

View solution in original post

0 Likes
5 Replies
Di_W
Moderator
Moderator
Moderator
500 solutions authored 1000 replies posted 250 solutions authored

Dear customer,

Aurix do have a HSM module to implement encryption, please contact local FAE or disiti for document. In the user manual AURIXTC3XX_um_part2_v2.0.pdf, below description is for your reference:

47 Hardware Security Module (HSM)
The HSM is a separate processor subsystem dedicated for security tasks. It is connected as master and slave to
the SPB bus.
For security reasons this module is described in a separate documentation. Please contact your Infineon
representative for further information.

 

dw

0 Likes

Dear dw

Thanks a lot for your reply . I found the HSM section in documentation, unfortunately it seems an NDA is required for access to that document.

I have another doubt. I have implemented a controller with a plant in HIL based setup. The controller and plant are communicating via CAN BUS, On kvaser CANKing bus monitor I can see we are receiving the CAN message as it is.

Is there any way to use some kind of encryption algorithm on the transmitting CAN BUS data in tricore boards. Any library function or some example code available to encrypt the data before sending. I found one training document on HSM. It seems tricore HSMs have the provisions for AES and PKC.

Regards

arkaprava

 

0 Likes
Di_W
Moderator
Moderator
Moderator
500 solutions authored 1000 replies posted 250 solutions authored

Dear ark,

As standard CAN frame has 8 byte payload, for 256bit AES, there should be 32 bytes plaintext and which leads to 32bytes cyphertext. So, you could divides the data transmitted into groups and assign Sequence ID. As AES is symmetric encryption algorithm,  the both side of link way should know the 256bit password initially which could be transmitted at start of the transmission using other asymmetric encryption algorithm or written by factory. The key element needs to consider is the algorithm compute speed, it depends on CPU speed and constrained by other system compute power cost on your system.

Beside HSM which is hardware module, you could select a software library for AES or others. The C code of the encrpytion you could search on internet. The encryption speed of each packet also needs to pay attention and test by yourself.

 

dw

0 Likes
Di_W
Moderator
Moderator
Moderator
500 solutions authored 1000 replies posted 250 solutions authored

Dear Ark,

Please contact your FAE for below application note (please note this document is for TC2xx) :

 

dw_0-1653274410582.png

dw

0 Likes

Thanks, but that may be difficult for me since these AURIX tricore boards(TC397,TC234) were bought 2-3 years back by my University, I am not sure how to contact them. I have to talk with my professor about that.

0 Likes