Last week we announced the availability of our Trusted Execution Environment (TEE) Kinibi K510 for the Renesas R-CAR3 platform. This is more than a typical PR announcement. It is a commitment to play a leading role in the R-CAR ecosystem and to work with other partners to help deliver innovative solutions to Tier 1s and OEMs that leverage the platform. In addition, we announced that we have joined the R-Car Consortium and been selected as a Renesas Proactive Partner.
The automotive ecosystem collaboration will become increasingly important as the industry relies more and more on software-based solutions. Having an environment where you can work with other partners to pre-integrate and innovate to then offer customers complete solutions is likely to become the new normal as the industry develops. We are already starting to work with other R-CAR partners on some very exciting innovations that we will be revealed in due course.
So, what does it mean that Kinibi K510 is now available for R-CAR customers? Firstly, it means that R-CAR customers get access to our latest secure world operating system, which is designed to provide the advanced security and protection needed by vehicles launching in 2024 and beyond.
Some examples of these include our optimized cryptography enhancements that reduce time and CPU load, support for hypervisors (enabling Kinibi to work with multiple guest operating systems such as Linux, Android, QNX etc) and secure file system (supporting the ability to work with both the Normal World and the RPMB block). In addition, we support anti-rollback protection (ensuring that hackers cannot load earlier versions of software onto the device) as well as device attestation (ensuring that the server or infrastructure the vehicle is connected to is a trusted entity). Of course, as you’d expect, a wide range of counter measures to ensure that vehicle secrets remain just that – secret.
It is also worth highlighting that unlike most other TEE’s Kinibi, is built on microkernel-based architecture providing great levels of control and protection against attack.
With new UNECE WP.29 regulations coming into force in this time frame, we believe that OEMs will need a lot more in terms of support and evidence of mitigations from their security partners. Kinibi K510 is also fully Global Platform compliant, which means that it is based on industry standards using common APIs which enable simpler configuration for Tier 1s & OEMs. It also creates a standards-based development environment of Trusted Applications.
We also provide the latest security solutions required to pass Android CTS testing. These solutions include support for features such as Android secure boot, hardware-backed keystore (for features such as key attestation and version binding), file-based encryption, the latest version of Keymaster v4.1 and Gatekeeper (supporting Biometric authentication and hardware backed authentication tokens). With this comprehensive set of capabilities, OEMs can not only build for the latest version of Android, but they can also have the confidence that they can upgrade to future versions of Android and retain the same level of protection.
Another key solution we are implementing is support for HD content streaming services. With the automotive industry moving from Level 3 to Level 1 DRM solutions to support services from Netflix, Amazon Prime, Disney+ and others, it is important to have the highest level of DRM content protection. This includes integration with the Secure Video Path (SVP) architecture, available within the R-CAR3 platform, so that a fully secure content playback environment can be provided for both front and rear screen systems. With more and more OEMs planning for digital content services to be a meaningful revenue stream in the next 3-5 years, we believe a robust DRM environment will be critical for success.
Moving forwards, Trustonic is committed to support the future platform releases of R-CAR ensuring that Tier 1s and OEMs can engage with confidence. We believe that the combination of the R-CAR platform and Kinibi provides a robust platform for meeting the needs of next generation vehicles.
