How to Mitigate the Impact of Security and Safety Flaws on Automotive ICs

Nearly 7 years ago security researchers uncovered how to remotely access and control the steering, cruise control, and braking system in a Jeep Cherokee. They got in via a bug hidden in one of the entertainment unit chips, and ran roughshod through the CAN bus to take control of these critical systems. Fast forward to the present day: inspired by such research, there are all-new design and verification flows that can enable engineers to mitigate – and even eliminate – vulnerabilities in automotive ICs.

A real-world example of this is the story behind the creation of the Rambus RT-640 Embedded Hardware Security Module. Built on a custom 32-bit RISC-V siloed and layered secure co-processor — along with dedicated secure memories — the RT-640 features a number of high-capability cryptographic accelerators.

Even better: The RT-640 is certified by TÜV-SGS as ISO-26262 ASIL-B satisfying the ASIL-B Single Point Fault Metric (SPFM ≥ 90 % of faults detected) and Latent Fault Metric (LFM ≥ 60 % of faults detected). The development process for Rambus Root of Trust products is also certified to ISO-26262 (and it comes with all the requisite ASIL documentation).

How did Rambus make this happen?

There are two ways to find out:

(A) Read this whitepaper right now: Navigating the intersection of safety and security

— OR —

(B) On Tuesday July 19, at 2:30pm Pacific in the Security IP track of the Rambus Developers Summit (Virtual), watch the authors of this whitepaper bring the content to life in the presentation Automotive Security: Navigating the Intersection of Safety and Security

Specifically, Thierry Kouthon – a Principal Engineer of Security IP at Rambus, and Ann Keffer – a Product Manager of Siemens EDA’s Functional Safety flows, will walk through hardware-focused solutions for securing automotive electronics using the RT-640 project as a case study; including how functional safety tools from Siemens helped ensure the device met the requirements of ISO 26262.

Thierry Kouthon
Ann Keffer
Siemens EDA

Personally, I recommend both (A) and (B) – reviewing the whitepaper is a great way to warm-up and get more acquainted with the topics; and/or it will surely provoke meaningful questions to ask the presenters during the AMA/Q&A session.

Again, the conference is on Tuesday July 19, and it’s free to register:

We hope to see you there!

Joe Hupcey III,
for the Siemens EDA team

Reference links

Rambus Design Summit 2022 agenda

Whitepaper: Navigating the intersection of safety and security

Rambus RT-640 Embedded Hardware Security Module – an ISO-26262 ASIL-B hardware security core offering security by design for automotive applications.

Hackers Remotely Kill A Jeep On The Highway – With Me In It, Wired, July 21, 2015

Want to stay up to date on news from Siemens Digital Industries Software? Click here to choose content that's right for you

Leave a Reply

This article first appeared on the Siemens Digital Industries Software blog at