On July 4, 2018, at the Baidu Developer Conference, Baidu Apollo and China's largest automotive electronics and artificial intelligence IoT chip company NXP Semiconductors jointly released China's first chip-level ECU information security solution, launched high The integrated and integrated software and hardware platform protects the safety of the electronic control unit (ECU) of the car, and combines strength and strength, and integrates the software and hardware into the chip layer to ensure the safety of the car.
In the era of smart cars, with in-vehicle infotainment networks, vehicle-to-vehicle communication (V2V) and road-to-road communication (V2I) becoming mainstream, more and more ECUs are deployed in cars. There are more and more ECU functions on the car, the amount of code realized is increased, potential code loops are more and more prominent; ECUs interact through CAN protocol, and CAN arbitration mechanism, passive address domain and non-authentication domain bring great problems. Security risks; the limited nature of ECU resources makes it difficult to design effective security solutions. With the security of the car Ethernet layer becoming more and more secure, car gateways and ECUs will become important targets for new attacks such as APT attacks and supply chain attacks.
In the field of automotive information security, highly interconnected, highly automated vehicle features such as software update over-the-air (OTA) and advanced driver assistance systems (ADAS) and the resulting in-vehicle communications require highly secure ECU hardware and software security solutions. Prevent unauthorized intrusion or malicious intrusion and manipulation of the vehicle.
Baidu Apollo Automotive Information Security Lab aims to provide intelligent car information security protection capabilities, and joint research institutions, universities, car companies, chip partners to conduct in-depth technical research to protect car information security. The laboratory's automotive information security liberation program mainly includes: network service security, in-vehicle network security, system software and connection security, and CAN security. At present, there are vehicle intrusion detection and defense systems, vehicle firewalls, security upgrade kits, security gateways, auto-driving black boxes and other products, and accelerate the deployment of products and solutions in vehicles, enhance the security of interconnected and highly automated vehicles, and provide customers with Provide additional value.
NXP's in-vehicle information security solution is a four-layer security system that blocks unauthorized access and attack detection through secure access interfaces, secure in-vehicle gateways, secure in-vehicle networks, and secure computing, blocking the scope of attacks and fixing them. sense. At the moment of automotive intelligent networking, ECU faces more stringent information security requirements. NXP's comprehensive system has a deep security protection system that provides full lifecycle security services, adapts to a networked ecosystem, and is pre-conceived. Application scenarios for risk analysis of the system.
In this ECU security solution, NXP provides CSE & HSM underlying API interface and physical layer communication information security protection. Baidu Apollo Information Lab provides ECU security SDK software stack and ECU security attack detection protection based on hardware security features. mechanism. Provide hardware chip-level secure boot, security upgrade, communication security, access authentication, intrusion detection and defense system, and block hackers to invade CAN bus and ECU by integrating security functions in relevant ECUs such as brakes, ADAS, and door control units. To protect the safety of the car network.
Through the two teams of Baidu and NXP, we will provide a chip-level ECU information security solution that integrates software and hardware, and deepen the chip layer to ensure the safety of the car. The program has the following characteristics:
1) High performance: After adding safety functions on the ECU, it does not affect its performance and can provide microsecond communication response.
2) Easy integration: deployed in the gateway or related ECU; no need to change the circuit, no need to change the original software architecture;
3) Multi-scene: Provides ECU soft/hard multiple security calls, ECU grading safety self-test, full-link ECU security interaction, lightweight ECU key distribution, multiple service-related ECU synchronization security update firmware and other scenarios.
Baidu Apollo Automotive Information Security Lab:
Apollo is an open, complete and secure platform that will help automotive and autonomous driving partners combine vehicle and hardware systems to quickly build their own complete autonomous driving system. Apollo will provide a complete set of hardware and software and service systems, including vehicle platform, hardware platform, software platform, cloud data service and so on. Baidu will also open code or capabilities for functions such as environment awareness, path planning, vehicle control, and vehicle operating systems, and provide complete development testing tools. In addition, Baidu will also select partners with the best compatibility and compatibility in the fields of vehicles and sensors, and recommend it to third-party partners who access the Apollo open platform to further reduce the R&D threshold for autonomous driving.
Baidu Apollo Automotive Information Security Lab was unveiled on April 19, 2018. It has become a strategic cooperation unit with China Automotive Technology and Research Center Co., Ltd. and China Information and Communication Research Institute. It has established a joint laboratory with FAW, Chery and Beiqi New Energy. Established academic research cooperation with Tsinghua University, Beijing University of Aeronautics and Astronautics, and Beijing Institute of Technology to carry out research on intelligent vehicle information security and comprehensively protect intelligent car information security.