Macronix ArmorFlash completes verification of TARA suggested by ISO/SAE 21434, creating a more protective environment for automotive cybersecurity

Ethan Chen, DIGITIMES Asia, Taipei 0

Donald Huang, director of product marketing at Macronix International. Credit: Macronix

The miscellaneous applications of the Internet of Vehicles (IoV) and autonomous-driving systems in the automotive market range from in-vehicle entertainment, mobile office and navigation, to name a few. This has lifted the curtain on the surging growth of this area, as well as the rapid emergence of secure automotive memory to satisfy the storage needs for low-level code, data and parameters. Moreover, it plays a key role in several segments, such as advanced driver-assistance system (ADAS), heads-up display (HUD), electronic dashboard, navigation, infotainment, and transmission systems. Behind such prospecting smart vehicle solutions, a very real concern is information protection and cybersecurity under the hood.

To guard drivers' and passengers' rights and promote the awareness of cybersecurity in car manufacturers and supply chains, beginning July 2022 car manufacturers must comply with regulations before engaging in the design of new models in Europe, Japan and Korea. The United Nations Economic Commission for Europe (UNECE) further specified, in Regulation No. R155 and No. R156, the rules governing the automotive cybersecurity management system in the car manufacturing supply chain. From July 2024, all new cars in the world should be compliant with this new cybersecurity regulation. International car brands therefore require automotive semiconductor sectors to deliver products that meet the International Organization of Standards' ISO/SAE 21434 framework.

In the North American market, the launch of the ISO/SAE 21434 standard is in full swing. Vehicle information protection and cybersecurity standards will dominate the automotive electronics and semiconductor sectors. In future smart vehicles, whose electronic devices are connected to a network, a semiconductor embedded will be mandated to be equipped with cybersecurity. Information protection and cybersecurity, therefore, have become a fundamentally vital element in automotive electronics.

ArmorFlash series of secure flash memory expands its touch with ISO/SAE 21434 certification

Dr. Donald Huang, director of product marketing at Macronix International, pointed out in a recent interview the pressing need for memory security to achieve confidentiality, integrity and availability of automotive electronic data. Macronix has developed a family of secure flash memory solutions: the ArmorFlash portfolio, with features that include building keys, encryption, decryption, authentication, and anti-tempering. In addition, the memories have "unpredictable" physical properties that cannot be copied, which enables high-level encryption and various applications related to confidential information.

Many leading technologies have leaned towards using biometric sensors in chips as the foundation of coding. Physical Unclonable Functions (PUFs) are employed to program and generate "fingerprints" for chips. An essential secure component is added to the memory chip as a secure ID or key that applies to an array of identity authentication or mechanisms, such as crypto keys or security boot. Highly favored by international graphics processor unit (GPU) and automotive microprocessor (MPU) foundries, these functionalities lead their way to the supply chain of automotive market seamlessly.

The ISO/SAE 21434 standard, announced in August 2021, covers the complete life cycle of a vehicle and emphasizes the requirements for cybersecurity risk management. Macronix immediately formed a project team to gear up for intensive planning to adhere to the standard. ISO/SAE 21434 includes 15 clauses, detailing engineering requirements for cybersecurity risk management. Among those 15 requirements, conducting a threat analysis and risk assessment (TARA) is of particular significance for compliance.

TARA compliance report for ArmorFlash accelerates the certification of ISO/SAE 21434

Macronix initiated a verification activity of ArmorFlash for ISO/SAE 21434 at the end of 2021. In May 2022, the company accomplished TARA and received a report, showcasing plenty of scenarios where threats and attacks could happen. The verification of TARA is needed at the development phase of automotive design to identify underlying threats and vulnerabilities. Meanwhile, a common framework would be defined to support the requirements of cybersecurity and risk management from the fundamentals.

Attaining the TARA compliance report for ArmorFlash has marked a new milestone for Macronix and its secure memory for automotive applications. The company is conducting ISO/SAE 21434 process certification, followed by the ISO/SAE 21434 product certification specifically for the ArmorFlash™ MX78 flash memory series. The goal is to provide secure flash memory solutions compliant with international information security standards to fulfill the requirements of the automotive industry.

The ArmorFlash portfolio has already achieved various industry safety certifications, including "functional safety" steered by ISO 26262, CAVP of National Institute of Standards and Technology (NIST), FIPS 140-2 Level 2 under CMVP, and Arm PSA Level 1. With each step, the Macronix memory portfolio has served as a shining example in the collaboration with international GPU and automotive MCU chip foundries. Their offerings have been adopted by top-tier car manufacturers and automotive electronics manufacturers, helping them produce phenomenal revenue.

Dr. Huang stated that Macronix memory solutions have been widely used in major brands worldwide across computers, communications, consumer electronics, 5G, medical, automotive, and various industrial-control sectors. As the needs for information protection and cybersecurity in IoV and smart vehicles escalate, a strong memory demand is inevitably soaring in the automotive market. ArmorFlash can help Macronix win top-tier car manufacturers' continuous trust to address broad applications, and as a result, bolster its global reach.

Macronix ArmorFlash completed ISO/SAE 21434 TARA

Macronix ArmorFlash completed ISO/SAE 21434 TARA