wolfHSM Automotive Hardware Security Modules
Automotive HSMs (Hardware Security Modules) dramatically improve the security of cryptographic keys and cryptographic processing by isolating signature verification and cryptographic execution, which are the core of security, into physically independent processors. Automotive HSMs are mandatory or strongly recommended for ECU’s that require robust security. With this in mind, wolfSSL has ported our popular, well tested, and industry leading cryptographic library to run in popular Automotive HSMs like Aurix Tricore TC3XX.
wolfHSM provides a portable and open-source abstraction to hardware cryptography, non-volatile memory, and isolated secure processing that maximizes security and performance for ECUs. By integrating the wolfCrypt software crypto engine on hardware HSM’s like Infineon Aurix Tricore TC3XX, Chinese mandated government algorithms like SM2, SM3, SM4 are available. Additionally, Post Quantum Cryptography algos like Kyber, LMS, XMSS and others are easily made available to automotive users to meet customer requirements. At the same time, when hardware cryptographic processing is available on the HSM, we consume it to enhance performance.
Does Your ECU Need SSL/TLS?
The wolfSSL embedded TLS library is a lightweight, portable, C-language-based SSL/TLS library targeted at embedded and RTOS environments primarily because of its size, speed, and feature set. wolfSSL supports industry standards up to the current TLS 1.3 and DTLS 1.3, is up to 20 times smaller than OpenSSL, offers a simple API, an OpenSSL compatibility layer, TLS over CAN, static memory build, is backed by the robust wolfCrypt cryptography library, and much more.
Does Your ECU Need Secure Boot?
wolfBoot is a portable secure bootloader solution designed for bare-metal bootloaders and equipped with failsafe NVM controls. It offers comprehensive firmware authentication and update mechanisms, leveraging a minimalistic design and a tiny HAL API, which makes it fully independent from any operating system or bare-metal application. wolfBoot manages the flash interface and pre-boot environment, accurately measures and authenticates applications, and utilizes low-level hardware cryptography as needed. wolfBoot can use the wolfHSM client to support HSM-assisted application core secure boot. Additionally, wolfBoot can run on the HSM core to ensure the HSM server is intact, offering a secondary layer protection. This setup ensures a secure boot sequence, aligning well with the booting processes of HSM cores that rely on NVM support.
Hardware encryption support, TPM support, HSM support, and comprehensive professional support available worldwide, up to 24/7 level.
Supported HSM’s
- Infineon Aurix TC3xx
- Infineon Aurix TC4x (Coming soon)
- Infineon Traveo T2G (Coming soon)
- ST SPC58NN
- Renesas RH850 (Coming soon)
- Renesas RL78 (Coming soon)
Supported Chipmakers and Operating Environments
wolfHSM operates wherever wolfSSL is supported.
wolfHSM Features
- Extensibility of cryptographic algorithms
- Consistency with security functions
- Integration with AUTOSAR
- Integration with SHE+
- Direct usage of HSM from wolfCrypt’s externalized API’s
- PKCS11 interface available
- TPM 2.0 interface available
- Secure OnBoard Communication (SecOC) module integration available
- Certificate handling available
- Symmetric and Asymmetric keys and cryptography
- Customization available
- FIPS 140-3 available
wolfHSM Design for Automotive HSMs
Automotive Security Webinar
Talk to us at these upcoming events:
CES Booth: #4170 Las Vegas, NV, USA Jan 7th to the 10th |
WEST 25 Booth #2111 San Diego, CA, USA Jan 28th to the 30th |
AMD Xilinx Security Working Group Munich, Germany Dec 10th to the 11th |
XPONENTIAL Europe 2025 Booth: 1D14 Hall 01 Dusseldorf, Germany Feb 18th to the 20th |
Automotive Software Frontier 2025 Online Feb 18th to the 20th |
MWC Barcelona Booth: 6D26-hall 6 Barcelona, Spain Mar 3rd to 6th |
OUR PRODUCTS
wolfSSL focuses on creating high-quality, portable, embedded security software. Our current products include the wolfSSL embedded TLS library, wolfCrypt embedded crypto engine, wolfMQTT, wolfSSH, and the wolfSSL JNI wrapper. As strong believers in open source, the majority of wolfSSL’s products are dual-licensed under both the GPLv2 and standard commercial licensing.
wolfSSL now supports TLS 1.3! Try it out today by downloading wolfSSL!
To learn more about wolfSSL and the wolfSSL embedded SSL/TLS library, we invite you to read our About Us page or visit the respective Product Page.
WHERE ARE WE USED?
Are you curious about where wolfSSL products are used? wolfSSL is actively being used in a wide range of markets and products including the smart grid, IoT, industrial automation, connected home, M2M, auto industry, games, applications, databases, sensors, VoIP, routers, appliances, cloud services, and more.
Over 2 Billion applications and devices are secured with wolfSSL products.
To learn more about specific markets which are currently using wolfSSL products, please visit our Case Studies page.
Securing the connected world with wolfSSL seamless TPM 2.0 integration
Infineon