Infineon’s TPMs to secure Volkswagen’s connected vehicles
Volkswagen has become one of the first car makers to deploy the OPTIGA Trusted Platform Module (TPM) 2.0 from Infineon Technologies AG as a security solution for the connected car.
The chip is designed to protect the vehicle’s communication with the outside world. For example, when car-sharing users or third-party services such as parcel delivery into a car’s trunk require access. Furthermore, the TPM is suited to secure software updates over the air by the car manufacturer.
TPMs have proven themselves in the computer industry for many years and are now increasingly being used in connected devices in the Internet of Things. Infineon is the first semiconductor manufacturer to offer an automotive-qualified TPM for the connected car. The chip meets international security standards and is certified by independent authorities.
Like a doorkeeper, the TPM particularly protects the vehicle’s external interfaces, for example in the infotainment system or the telematics unit. It checks the identities of senders and recipients of digital data, such as the manufacturer’s backend server. It encrypts and decrypts the data and helps make sure that only data the driver or manufacturer actually wants makes its way into the car.
The cryptographic keys needed for these security functions are stored within the TPM as in a safe. Infineon imports the initial keys in a specially certified security environment. Since all other keys can be generated, used and stored within the TPM itself, they never have to leave it and are protected against being spied on via the network. The TPM is also hardened against physical attacks. Even if someone removes the chip from the vehicle, the keys are well protected from being read.
The OPTIGA TPM 2.0 is also designed to accommodate the long product life cycles of cars. Its firmware, including cryptographic mechanisms, can be updated remotely making sure that its security technology is always state-of-the-art.