Thought Leadership

How to Mitigate the Impact of Security and Safety Flaws on Automotive ICs

By Joe Hupcey III

Nearly 7 years ago security researchers uncovered how to remotely access and control the steering, cruise control, and braking system in a Jeep Cherokee. They got in via a bug hidden in one of the entertainment unit chips, and ran roughshod through the CAN bus to take control of these critical systems. Fast forward to the present day: inspired by such research, there are all-new design and verification flows that can enable engineers to mitigate – and even eliminate – vulnerabilities in automotive ICs.

A real-world example of this is the story behind the creation of the Rambus RT-640 Embedded Hardware Security Module. Built on a custom 32-bit RISC-V siloed and layered secure co-processor — along with dedicated secure memories — the RT-640 features a number of high-capability cryptographic accelerators.

Even better: The RT-640 is certified by TÜV-SGS as ISO-26262 ASIL-B satisfying the ASIL-B Single Point Fault Metric (SPFM ≥ 90 % of faults detected) and Latent Fault Metric (LFM ≥ 60 % of faults detected). The development process for Rambus Root of Trust products is also certified to ISO-26262 (and it comes with all the requisite ASIL documentation).

How did Rambus make this happen?

There are two ways to find out:

(A) Read this whitepaper right now: Navigating the intersection of safety and security

— OR —

(B) On Tuesday July 19, at 2:30pm Pacific in the Security IP track of the Rambus Developers Summit (Virtual), watch the authors of this whitepaper bring the content to life in the presentation Automotive Security: Navigating the Intersection of Safety and Security

Specifically, Thierry Kouthon – a Principal Engineer of Security IP at Rambus, and Ann Keffer – a Product Manager of Siemens EDA’s Functional Safety flows, will walk through hardware-focused solutions for securing automotive electronics using the RT-640 project as a case study; including how functional safety tools from Siemens helped ensure the device met the requirements of ISO 26262.

Thierry Kouthon
Ann Keffer
Siemens EDA

Personally, I recommend both (A) and (B) – reviewing the whitepaper is a great way to warm-up and get more acquainted with the topics; and/or it will surely provoke meaningful questions to ask the presenters during the AMA/Q&A session.

Again, the conference is on Tuesday July 19, and it’s free to register:

We hope to see you there!

Joe Hupcey III,
for the Siemens EDA team

Reference links

Rambus Design Summit 2022 agenda

Whitepaper: Navigating the intersection of safety and security

Rambus RT-640 Embedded Hardware Security Module – an ISO-26262 ASIL-B hardware security core offering security by design for automotive applications.

Hackers Remotely Kill A Jeep On The Highway – With Me In It, Wired, July 21, 2015

Leave a Reply

This article first appeared on the Siemens Digital Industries Software blog at