Cooperation for more security in cars and in Industry 4.0
Infineon, one of the leading semiconductor manufacturers for embedded systems, and ESCRYPT are entering into a partnership designed to bring more security to vehicles and to Industry 4.0. Together, the two companies will develop innovative technologies for the focus markets automotive and Industry 4.0.
In the automotive sector, increasing in-vehicle connectivity means that vehicle IT is becoming more open to attack. On the one hand, vehicle IT must be protected from unauthorized attempts to tune the vehicle; on the other, there is the danger that criminals penetrate the vehicle network through the web interface, allowing them to alter vehicle behavior by way of targeted manipulation. Hardware security modules (HSMs) are an invaluable part of preventing unauthorized access. They strengthen ECUs against attack and help protect software integrity. Infineon’s AURIX microcontroller features an HSM that supports the generation of authentication codes using strong cryptography. ESCRYPT is now the “preferred Infineon design house” for this type of microcontroller. With the CycurHSM security software stack, ESCRYPT offers flexible HSM firmware equipped with open, standardized interfaces to provide the security mechanisms required for a multitude of security applications.
In the industrial field, ESCRYPT’s Key Management Solution safeguards industrial control systems (PLC) from software-based attacks originat-ing outside or inside the plant. The solution protects integrity and authenticity of the software executed on the PLC. It enables secured identification of devices, PLC administrators or users and even complex machines in a cyber-physical system. In addition, the solution hampers malware as well as unauthorized software updates and allows for complex rights management for e.g. licensing of software on the PLCs throughout its whole lifetime. Besides providing onsite integration support for the Key Management Solution, ESCRYPT offers a comprehensive consulting service including security strategy and concepts development, security assessment, customized security engineering, application and code testing. A comprehensive security training program rounds off these services.