Project Description
Cyber Security has become a critical aspect in the modern technological landscape, especially within sectors like automotive, where In-System Programming (ISP) is extensively employed.
As industries continue to adopt advanced technologies, such as autonomous vehicles, the need to safeguard systems against cyber threats becomes paramount. This document aims to explore how FlashRunner, a leading universal programmer, addresses these evolving market needs by integrating robust Cyber Security measures. The security mechanisms provided by FlashRunner ensure the integrity, confidentiality, and traceability of data, contributing to safer and more reliable operations within automotive applications.
Cyber Security is increasingly crucial for In-System Programming (ISP), especially in the context of automotive applications, where protecting embedded systems is essential. The FlashRunner universal programmer provides a comprehensive suite of security features designed to safeguard devices from attacks, ensuring safe deployment in customer applications. This is particularly significant in automotive projects, including autonomous vehicles, which demand high levels of security due to their critical safety functions.
Cyber Security and FlashRunner key measures
FlashRunner supports a wide range of microcontroller architectures and offers various security mechanisms such as One-Time Programmable (OTP) fuses, permanent debug port locks, and memory protections if available on the device.
There are instead features that are implemented directly by FlashRunner and which can therefore be used on any device.
To address different aspects of Cyber Security, FlashRunner incorporates several key measures:
– Anti-Piracy Protection: FlashRunner controls access to its data and functionality by offering options for encrypted data storage and two distinct user permission levels: Admin and Guest. FlashRunner employs secure encryption protocols, using a combination of public and private key encryption to protect sensitive data. Each FlashRunner unit is assigned a unique encryption key, which the user can regenerate as needed. This process not only secures static data but also ensures the protection of dynamic data throughout programming cycles.
– Intellectual Properties Protection: Custom solutions can also be developed to further enhance data security, ensuring that intellectual property is protected from unauthorized use or copying. Advanced permission management is another critical feature of FlashRunner’s security infrastructure. Admin users can define access levels for Guest users, restricting the availability of certain features to prevent unauthorized configuration changes. This hierarchical structure maintains higher levels of security, ensuring that only authorized personnel can modify critical settings.
– Data Integrity: FlashRunner ensures the integrity of the data being programmed by detecting and verifying any alterations. By utilizing techniques such as CRC32 and SHA256 checks for both files and target device memory, it guarantees that the programmed data remains unaltered and accurate. Furthermore, FlashRunner implements sophisticated methods to verify data integrity beyond basic error detection. By using Cipher-based Message Authentication Code (CMAC), it authenticates firmware files, protecting them against any intentional modifications and ensuring their integrity during the programming process.
– Traceability: Traceability is a key security feature in FlashRunner, providing detailed operation logs and unique identifiers to track each programming process. This helps to maintain accountability throughout the production cycle and prevents unauthorized duplication by setting programming limits. To maintain control over production, FlashRunner monitors the number of programming cycles. This is particularly useful when third-party manufacturers are involved. Admin users can set strict limits and reset counters to control the number of programming operations, preventing overproduction and ensuring that only authorized programming is performed.
In the second part of this technical article, we will explain how to implement Cyber Security features on FlashRunner Workbench.