Cyber Security forms the basis for protection against multi-layer intrusion attempts. From the protection of the running application against attacks in real-time via CAN or Ethernet to the protection of the code base in the flash memory from being read or data manipulation. To provide sufficient security, modern applications must be secured at multiple levels.
Cryptographic keys are an important part of this. These represent information, usually character strings, which are stored in files. Such keys are used in encryption algorithms to modify data so that it appears random. Depending on the method, it differs how exactly the keys are applied. In general, however, only authorized persons have access to the keys. In this way, just a selected group of people can decrypt data and then encrypt it again.
In production, securing data is becoming increasingly important. For this, ProMik offers expertise and solutions to support the implementation of cyber security standards. Key Lifecycle Management is an essential part of secure key handling.
Key Lifecycle Managament - the Cycle of Secure Key HandlingKey Lifecycle Management describes the creation, maintenance, protection and deletion of cryptographic keys. The process is to be divided into individual components, which together enable secure deployment of the keys. In the first step of Key Generation, the cryptographic keys are created. In the following, the keys are securely transferred to the development environment (Key Provisioning). To ensure that the keys are available on demand, they must be saved securely. This is called Key Storage. One storage location can be the hardware security module (HSM) of the MCU, for example. Depending on the encryption method applied, the keys are used in different ways (Key Usage). To make usage secure this involves using algorithms and protocols, implementing access controls, and regularly monitoring key usage. Over time, keys can become obsolete or compromised. Therefore, regular Key Rotation must be performed by generating new keys and replacing old ones. To replace old keys, they are first revoked during Key Revocation and then deleted (Key Destruction). With the generation of new keys, the cycle begins anew. |
ProMik assists with essential tasks of the Key Lifecycle Management.
For one thing, the generation of cryptographic keys belongs to the expertise of the flash and test expert. The process of encrypting and decrypting can be covered by various methods such as PGP, AES, RSA and elliptic curve algorithms.
Secondly, also Key Provisioning is part of ProMik's service portfolio. Key Storage is enabled additionally by writing the keys into the SHE(+) or HSM using the ProMik bootloader. The system supplier can connect a Key Management Server (KMS), too. After flash programming into the SHE(+) or HSM, the current status is transferred to the programming station via the bootloader.
During the entire process, ProMik guarantees secure file handling and constant support for questions and solutions. In addition, customers can also use just parts of the cyber security portfolio. This allows full flexibility during the implementation of ProMik's solutions.
Balluff GmbH / BCS Automotive Interface Solutions / Bosch / Brose Fahrzeugteile GmbH & Co. KG / Continental /
Freetech Intelligent Systems / Helbako / Hyundai MOBIS / Jabil Circuit, Inc. / Kimball Electronics / Kostal Automobil
Elektrik / Küster Automotive / Kyungshin Corporation / Lear / LG Innotek / Magneti Marelli / Mando Hella /
Marquardt / Mekra Lang / Melecs EWS / PIA Automation / Preh / Preh Joyson Automotive / S&T Motiv Electronics /
SL Corporation / TRW Automotive / Valeo / Veoneer / Visteon / Yura Corporation / ZF Group / Zollner Elektronik AG