Status: Final Published
Date: April 2009 Public Release
The HIS consortium was founded in 2004 and consists of members from Audi, BMW, Daimler, Porsche, and Volkswagen to address activities and develop common standards related to automotive manufacturing. In 2006, HIS published a document describing the requirements for an HIS Security Module standard that incorporated mechanisms for error detection, authorization, and authenticity. This was further developed by ESCRYPT in partnership with OEMs Audi and BMW, and semiconductor vendors, such as Freescale (now NXP) into an open standard, publicly released in April 2009.
The resulting SHE specification outlines how a secure zone can be created within any ECU via an on-chip extension within a Microcontroller Unit (MCU), providing cryptographic services at the application layer, and isolating the storage of secret keys from the remainder of the MCU’s resources. Although the standard originated within the German automotive industry at the OEM level, it has since become an open standard accepted at the global level.
The specification defines a set of functions and an API model that allows a secure zone to coexist within any ECU. The secure zone’s most significant features are the storage and management of security keys, plus the encapsulation of authentication, encryption, and decryption algorithms that can be accessed through an API.
The building blocks of SHE include an MCU with a secure zone, data storage (volatile and non-volatile for keys and MAC), and access control via a defined command interface. The specification requires the use of Advanced Encryption Standard (AES) 128 as the encryption and decryption algorithm, a Cipher-based Message Authentication Code (CMAC) generator, and a one-way compression function (Miyaguchi-Preneel, where the compressed data cannot be recovered). All SHE-equipped nodes are also required to perform a secure boot process.
Certificates and secret keys are stored in dedicated Non-Volatile Memory (NMV) that cannot be accessed by the application itself. The master ECU key (setup by the OEM which enables the change of other keys), boot MAC key (enables particular boot requests and establishes secure boot), boot MAC (for the authentication of boot code), and PRNG seed (the starting value for the PRNG) are stored in the NMV. General purposes keys can also be stored for arbitrary functions. An irreversible write protection of keys protects the NVM.
ROM is used for secret key storage (a unique key used for import/export of all other keys, which has to be created with an off-chip TRNG at production) and unique key storage (UID – a unique identifier which authenticates the MCU). Both have to be fixed during production.
The RAM is used to store the RAM key (temporary key used for arbitrary operations), PRNG key and PRNG state (keeps the status of the PRNG).
The use of the AES 128 encryption and decryption prevents attackers from snooping the update process.
Combined, these features allow for secure boot at start-up and authentication of flash contents are power-up.
SHE is one of the earliest examples of automotive-grade connected module hardening and quickly grew to become a standard requirement by OEMs on a global basis. It was primarily built for securing cryptographic key material against software attacks, but cannot really be used to protect communications (such as V2X). As such, it has served as a basis for later HSM standards (such as EVITA). Today, modern automotive HSMs leverage functionalities from SHE, TPM and smartcards.