Home > News > TCG Announces Solutions for Secure Automobile Data and Operations Using Key Concepts of Trust, Integrity, Attestation

Press Room

TCG Announces Solutions for Secure Automobile Data and Operations Using Key Concepts of Trust, Integrity, Attestation

Date Published: April, 01, 2015

TCG Members Fujitsu and Toyota InfoTechnology Center Will Demonstrate Solutions at SAE 2015 World Congress & Exhibition

PORTLAND, Ore., April 8, 2015Trusted Computing Group today announced solutions and a prototype demonstration to address growing security challenges in automobiles: the transmission of data between remote entities and vehicles and integrity of the embedded electronic control units (ECUs) that control auto operations.

A report issued by U.S. Senator Ed Markey earlier this year noted that security measures to prevent remote access to vehicle electronics are inconsistent and only two automobile manufacturers were able to describe any capabilities to diagnose or meaningfully respond to an infiltration in real-time.*

TCG members Fujitsu and Toyota InfoTechnology Center will demonstrate on April 22 at the SAE 2015 World Congress & Exhibition, Detroit, in a session organized for the SAE Vehicle Electrical Hardware Security Task Force, a sub-committee of the SAE Vehicle Electrical System Security Committee.

TCG’s approach and concept demonstration will leverage the widely used TPM (Trusted Platform Module) and TNC (Trusted Network Connect) specifications already deployed in millions of PCs, servers, tablets, phones and networking gear. The TPM and TNC can:

  • Measure and report on the integrity of firmware and software used in the ECU
  • Create, store, and manage cryptographic keys in the ECU
  • Provide attestation and assurance of identity of the ECU
  • Support secure firmware and software updates in the ECU
  • Provide anti-rollback protection and secure configuration memory for the ECU

New TPM Spec for Auto Environments
A new specification, the TCG TPM 2.0 Automotive Thin Profile, specifically provides key integrity, attestation, cryptographic key management and verification of digital signatures and safety remote installations. The spec recognizes auto environment constraints including temperature, vibration, limited memory, power management limitations and long life cycles.
TCG plans to develop a future TPM profile that will be suitable for inclusion in automotive head units for additional capabilities.

“With other TCG members, we have been working to secure communication with a remote service center or other entity. We also want to protect the integrity of the ECU against hacks and attacks to offer the safety and security for all automotive customers. Using the secure communication, we furthermore want to provide the connecting services, which enrich customers. Based on these viewpoints, we believe that the TCG technologies that help guarantee transparency and fairness are a good way to do all of these,” said Hisashi Oguma, co-editor of TCG TPM 2.0 Automotive-Thin profile, Toyota InfoTechnology Center. “The demonstration with TCG member Fujitsu shows how the TPM and TNC protocols are used, and the new specification gives component makers the blueprint for creating products that can be developed now.”

TCG members are participating in the SAE Vehicle Electrical System Security Committee and SAE Vehicle Electrical Hardware Security Task Force meetings. TCG also contributed a response to the U.S. National Highway Traffic Safety Administration’s Automotive Electronic Control Systems Safety and Security note. TCG also is collaborating with both the International Telecommunication Union Telecommunication Standardization Sector SG17, which is addressing secure software updates to cars, and oneM2M, the International Machine to Machine Organization that has led the standardization of service-layer to support every IoT (Internet of Things) devices.

Companies wishing to join TCG in its efforts can find more information on membership at https://trustedcomputinggroup.org/membership.

About TCG
More information and TCG’s specifications and work groups are available at the Trusted Computing Group’s website, trustedcomputinggroup.org. Follow TCG on Twitter and on LinkedIn.

Brands and trademarks are the property of their respective owners.

*Tracking & Hacking: Security & Privacy Gaps Put American Drivers at Risk
http://www.markey.senate.gov/imo/media/doc/2015-02-06_MarkeyReport-Tracking_Hacking_CarSecurity%202.pdf

Tweet this: Secure data & ECU in cars @TrustedComputin new #TPM auto spec. Demo @SAEIntl Apr 22 @Toyota @Fujitsu_global http://ow.ly/L6sXh

Tags:

Join

Membership in the Trusted Computing Group is your key to participating with fellow industry stakeholders in the quest to develop and promote trusted computing technologies.

Join Now

Trusted Computing

Standards-based Trusted Computing technologies developed by TCG members now are deployed in enterprise systems, storage systems, networks, embedded systems, and mobile devices and can help secure cloud computing and virtualized systems.

Read more

Specifications

Trusted Computing Group announced that its TPM 2.0 (Trusted Platform Module) Library Specification was approved as a formal international standard under ISO/IEC (the International Organization for Standardization and the International Electrotechnical Commission). TCG has 90+ specifications and guidance documents to help build a trusted computing environment.

Read More

Categories

FAQ

Newsletter Signup

Stay current with Trusted Computing Group (TCG) activities, including recent case studies, press releases, industry news and upcoming events via the TCG Newsletter!

By submitting this form, you are consenting to receive marketing emails from: . You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Contact Us

Trusted Computing Group Administration
3855 SW 153rd Drive
Beaverton, Oregon 97003

© 2024 Trusted Computing Group. All Rights Reserved.