Evolution of Data Protection Schemes Takes Security to the Edge

By Antonino Mondello - 2018-03-02

For decades, memory architects and designers have proposed various protection-enhancing schemes to guard against malicious or accidental modification of data.

A high level of protection is critical in numerous industries, like automotive, where secure updates are required to bring the full benefits of technologies like artificial intelligence to autonomous driving. Check out my How to Take Full Advantage of AI in Automotive Systems blog to learn more.

In this post, let’s briefly review some protection schemes of the past, and then look at how some modern-day security schemes are evolving to bring tighter security to automotive solutions like autonomous cars.

A Glimpse Into Past Protection

Over the years, some protection schemes have been based on a simple command protected by a password, which protected only selected portions of data in the memory array. This level of protection allowed hackers to detect the password by sniffing commands from board buses and reusing them later.

Capturing and reusing transition on the bus is known as a “replay attack” or a “man in the middle attack.” In general, this kind of attack uses a methodology to hack the data communication in a bus based on recording the messages transmitted through the channel. The recorded messages can be used later to take control of the whole system and/or to generate a certain malfunction in the system under certain circumstances.

This kind of attack can be executed more easily in systems that don’t use a cryptographic command set, which uses a key (known to senders and receivers) to validate the command and the arguments.

Another practice used to break a “weak-protected” storage system uses a non-original memory component, where the content is the same as the original component and can emulate the original component; this kind of technique is called component replacement attack.

A Look at Security of the Future

Some new security paradigms and implementations suggest that each end-point (or edge) component contributes to the security of the entire electronic system. Each device has the capability embedded to prove its identity (to ensure that a component replacement attack fails) and to confirm to the provider of the update that the data stored has not been changed by a malicious entity.

Confirming authenticity of the data is accomplished via cryptographic measurements.

Modern protection schemes must provide protection against automotive system attacks while at the same time enabling secure, over-the-air firmware and data updates.

With over 25 years in the automotive industry, Micron has been actively working on solutions to meet these automotive system security requirements for years.

This experience helped Micron develop our Authenta™ technology, which allows the end customer to use memory devices that can receive and validate cryptographic commands to manipulate the content of the memory and to validate the content itself.

Automotive systems using standard flash memory chips can experience improved system-level cyber security and better device management capabilities using this new technology. 

Discover more about Micron's Automotive Solutions now.

Antonio Mondello

Antonino Mondello