SYSGO demonstrates Secure Automotive Connectivity Platform at CES 2020
Brings avionics grade safety and security to the automotive market
Klein-Winternheim, Germany, December 13, 2019 - At the upcoming Consumer Electronics Show (CES) 2020 in Las Vegas, NV (Jan 7-10, 2020), SYSGO will present its vision of a safe and networked automotive future: With the Secure Automotive Connectivity Platform (SACoP), SYSGO delivers a fully integrated software framework to administrate and exchange data securely thus encompassing the increasing challenge of connected cars. The platform guarantees information security by protecting data transfers through strict encapsulation and separation of all communication channels. This partitioning is complemented by a secure boot process, an integrated intrusion detection system and a firewall.
The platform takes advantage of the hypervisor technology in the real-time operating system (RTOS) PikeOS, which allows critical and non-critical infrastructure to be operated simultaneously in one system. By using the hypervisor functionality in PikeOS to run applications in strictly separated partitions, safety-critical applications in particular can be executed unimpaired in a predetermined time span. The platform is pre-certified to the Common Criteria level EAL3+ security standard and the ISO 26262 safety standard for the automotive industry. This is advantageous because only a single hardware system is required when planning the software architecture, thus reducing development and production costs while improving time to market. The platform provides a flexible software framework that helps customers design their software architecture to secure communication and updates.
At CES, SYSGO will demonstrate a prototype implementation of the SACoP platform, consisting of an STM Telemaco3P processor and an R-CAR H3 board from Renesas. The Renesas board demonstrates a digital cockpit display based on Automotive Grade Linux (AGL) and an in-vehicle infotainment system (IVI). The Telemaco 3P processor is the link to the outside world and acts as a secure gateway. It is also used to supply passengers' tablets and smartphones with Internet access. The software is based on PikeOS together with ELinOS, SYSGO’s robust industrial Linux distribution, long term supported and suitable for automobiles.
The demonstrator communicates with the outside world via a gateway supporting various protocols (3G/4G/5G), enabling a wide range of applications, like over-the-air updates of applications without the need to go to an authorized repair shop, V2X communications, connectivity to cloud back end or maintenance data upload. Internally, a Wifi hotspot set up for passengers is protected by the platform's firewall. The vehicle's internal network (Ethernet, CAN) is separated and can only be accessed via secure and monitored channels.
The platform leverages SYSGO's proven secure boot mechanism. Communication is performed using the Transport Layer Security (TLS) encryption protocol. The resulting data is encrypted and digitally signed, so that only the owner of the private keys created for it can actually make changes. The Intrusion Detection System (IDS) is running as a standalone partition and monitors network traffic.
The new Automotive Connectivity Platform will be demonstrated on the Automotive Grade Linux showcase in the Smart City exhibition (Westgate Booth 1815) and in SYSGO's hospitality suite in the Westgate Hotel (floor 18, suite 1830).
SYSGO is the leading European manufacturer of embedded operating systems, supporting safety and security-critical applications in the aerospace, automotive, railway and IIoT industries for more than 25 years. The company develops and maintains PikeOS, the world's first SIL 4 certified real-time operating system with multi-core support. The hypervisor (Type 1), which runs directly on the hardware, is certified according to the strictest safety standards such as IEC 61508, EN 50128 and ISO 26262. In terms of security, PikeOS is currently the only separation kernel certified to Common Criteria (EAL3+). In addition, PikeOS offers a fully certified programming interface and thus enables application development according to the "Safe & Secure by Design" principle. For less critical systems, SYSGO also offers ELinOS, an industrial grade Linux distribution with real-time extensions for embedded systems.
SYSGO works closely with customers throughout the product life cycle and supports clients in the formal certification of software according to international standards for functional safety and IT security. Headquartered in Klein-Winternheim near Frankfurt, Germany, SYSGO has subsidiaries in France, the Czech Republic and the UK and maintains a world-wide distribution network. The company is part of the European Thales Group.