News | January 31, 2018

New NXP CAN Transceiver Family Secures CAN Communications Without Cryptography

NXP accelerates the introduction of cybersecurity in today’s car networks

Shanghai, China (GLOBE NEWSWIRE) -- NXP Semiconductors (NASDAQ: NXPI), the world’s largest supplier of automotive semiconductors¹, today announced a new secure CAN transceiver family that offers a seamless, efficient solution for secure CAN communications — and does not require software or cryptography.

CAN networks are used in every car to connect electronic control units (ECUs) and are expected to remain the dominant network for the next decade. As automotive electronic content continues to rise, the amount of real-time data exchanged across CAN networks will increase.

Since CAN is a robust multi-point connection network, and up to now, most data communication within the vehicle is unsecured, a single compromised ECU has direct access to connected ECUs. Security solutions on the market today protect CAN communication with message authentication code (MAC) based on cryptography and complex key management, but they require increased CAN bus load, message latency and computing power consumption.

Existing ECU designs cannot be easily upgraded to support secure CAN messages if the processors do not have sufficient compute power. With secure CAN transceivers, however, automakers can secure messages from the ECUs already used in the design, offering a simpler, faster rollout of security than it would take to transition the existing ECUs to secure ones.

NXP has developed a pure transceiver based solution for the CAN network which is designed to secure efficiently – no bandwidth overhead, no delays and no processor load. This novel approach complements crypto-based security solutions with an additional layer in a Defense-in-Depth (DiD) concept, or as a standalone option.

“NXP´s secure CAN transceivers signal a disruptive approach compared with the status quo,” said Jens Hinrichsen, Senior Vice President & GM of Advanced Automotive Analog Business Line. “This translates to more efficiency and a reduction in the vital system resources needed for increasingly complex cars.”

Security features of the secure CAN transceiver

Spoofing prevention on transmit side: Designed to protect the CAN bus from a compromised ECU by filtering messages based on CAN message IDs in the transmit path. If the ECU tries to send a message with an ID that is originally not assigned to it, the secure CAN transceiver can refuse to transmit it to the bus.

Spoofing prevention on receive side: A complementary protection is used to invalidate messages on the bus with a CAN message ID assigned for transmission. This method means each ECU has the ability to protect its own IDs in the eventuality that a rogue ECU manages to send a message with the same ID.

Tamper protection: Invalidating messages on the CAN bus can be used to prevent tampering, offering a clear sign of a compromised ECU has stepped into the transmission.

Flooding prevention and rate limit control: Limiting the number of transmitted messages per ECU from the sender side at any time, helps prevent flooding the bus but leaves the busload open for certain types of critical tasks.

NXP Semiconductors

NXP Semiconductors N.V. (NASDAQ:NXPI) enables secure connections and infrastructure for a smarter world, advancing solutions that make lives easier, better and safer. As the world leader in secure connectivity solutions for embedded applications, NXP is driving innovation in the secure connected vehicle, end-to-end security & privacy and smart connected solutions markets. Built on more than 60 years of combined experience and expertise, the company has 30,000 employees in more than 35 countries and posted revenue of $9.5 billion in 2016. Find out more at www.nxp.com

NOTES
¹ Source: Strategy Analytics 2016

Source: NXP USA, Inc.

This website uses cookies to ensure you get the best experience on our website. Learn more