15
www.imgtec.com Security for Connected Cars Volker Politz September 2015

Security for Connected Cars - SEMICON Taiwan...Imagination can enable next generation autonomous connected cars with existing IP blocks for video, vision, GPU, CPU, wireless connectivity

  • Upload
    others

  • View
    5

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Security for Connected Cars - SEMICON Taiwan...Imagination can enable next generation autonomous connected cars with existing IP blocks for video, vision, GPU, CPU, wireless connectivity

www.imgtec.com

Security for Connected Cars

Volker Politz

September 2015

Page 2: Security for Connected Cars - SEMICON Taiwan...Imagination can enable next generation autonomous connected cars with existing IP blocks for video, vision, GPU, CPU, wireless connectivity

© Imagination Technologies Taiwan September 2015 2

A global technology leader

Driving IP innovation with unrivalled portfolio

Recognised leader in graphics, GPU compute and video IP

Leading alternative mainstream CPU processor IP

Leader in emerging RPU communications IP market

#3 design IP company world-wide*

Enabling unique IP platforms Transforming TTM (time to market)

Leveraging customer IP to maximise differentiation

Supporting and driving major markets

Helping our partners to create successful solutions

Influencing new and emerging opportunities

Showcasing and proving our technology with real products

A technology powerhouse for multimedia, processors, communications and cloud IP

* source: Gartner

Page 3: Security for Connected Cars - SEMICON Taiwan...Imagination can enable next generation autonomous connected cars with existing IP blocks for video, vision, GPU, CPU, wireless connectivity

© Imagination Technologies Taiwan September 2015 3

Quick facts One of the world’s top 3 electronics IP providers

More than 8bn units shipped

- Over 3.5m per day

- Around 1.4bn in past year

Products

>1,700 people world-wide

- 23 offices; HQ in UK

- >80% of staff are engineers

People

FY15: £177m (US$ 277m)

- Profit: £21m (US$33m)

Revenues

£m

£50m

£100m

£150m

£200m

FY11 FY12 FY13 FY14 FY15

Royalties Licensing

Page 4: Security for Connected Cars - SEMICON Taiwan...Imagination can enable next generation autonomous connected cars with existing IP blocks for video, vision, GPU, CPU, wireless connectivity

© Imagination Technologies Taiwan September 2015 4

Imagination’s IP portfolio

Comprehensive range to create connected SoC solutions

Unified

Memory

FlowCloud Connectivity

Each IP core is a class leader

Lowest power; smallest silicon area

Open and customer-centric business model

PowerVR Graphics & GPU Compute

Processors

Ensigma Communications

Processors

PowerVR Vision

Processors

MIPS General

Processors

SoC

fabric

PowerVR Video

Processors

Page 5: Security for Connected Cars - SEMICON Taiwan...Imagination can enable next generation autonomous connected cars with existing IP blocks for video, vision, GPU, CPU, wireless connectivity

© Imagination Technologies Taiwan September 2015 5

MIPS CPUs in ADAS

Mobileye – Israel based company

Targeted aftermarket as an add-on ADAS unit

on dashboard

Integrated into ~4m cars (e/o 2014)

Will be in over 230 models (20 OEMs) in 2016

Working with a range of tier-1 suppliers

(Autoliv, Delphi, TRW, Magna, Gentex,

Calsonic…)

Deployed in BMW, Audi, Ford, PSA, JLR, GM,

Honda, Kia, Hyundai, Volvo, Scania…

MIPS CPUs in EyeQ processor gens 2 to 4

Page 6: Security for Connected Cars - SEMICON Taiwan...Imagination can enable next generation autonomous connected cars with existing IP blocks for video, vision, GPU, CPU, wireless connectivity

© Imagination Technologies Taiwan September 2015 6

PowerVR GPUs in infotainment/consoles

Renesas: RCar H1/2

RCAR V2H ‘Product of the year 2014’ Electronics Products. ADAS

Licensee since 2004

Texas Instruments: DRA65X/74X - Jacinto 5 and 6

High profile wins with Ford Sync3

Long term partner of Imagination in mobile

and automotive; licensing PowerVR GPUs since 2004

Page 7: Security for Connected Cars - SEMICON Taiwan...Imagination can enable next generation autonomous connected cars with existing IP blocks for video, vision, GPU, CPU, wireless connectivity

© Imagination Technologies Taiwan September 2015 7

Autonomous connected car

The connected car market is growing

at a CAGR of 45% — 10x faster than

overall car market

The connected car is morphing into a

mobile device

Market needs complex computing

solutions based on video, vision,

GPU, CPU, wireless connectivity and

cloud services

Imagination’s broad IP portfolio can help

members in the automotive value chain

deliver leading edge, secure, safe solutions

Imagination’s IP helps to build differentiated, secure and safety critical solutions

Ensigma Omni

Shield

PowerVR

GPU

PowerVR

Video

PowerVR

RayTracing

PowerVR

Vision Flow

Cloud

Page 8: Security for Connected Cars - SEMICON Taiwan...Imagination can enable next generation autonomous connected cars with existing IP blocks for video, vision, GPU, CPU, wireless connectivity

© Imagination Technologies Taiwan September 2015 8

We are now connected – but how about security?

There are many security components – from

authentication in the cloud to hardware security in the

SoC

The main SoC has a central control and management

function and must ensure that connected devices can

connect to only where they are allowed to connect!

This can be achieved by a rigorous approach to SoC

virtualization augmented by secure, authenticated boot

In Imagination we call this

We need to enable secure connected cars

Page 9: Security for Connected Cars - SEMICON Taiwan...Imagination can enable next generation autonomous connected cars with existing IP blocks for video, vision, GPU, CPU, wireless connectivity

© Imagination Technologies Taiwan September 2015 9

OmniShield

Hardware supported virtualized CPU

+Hardware supported virtualized GPU

+Secure fabric

+Trusted hypervisor

+Virtualized or para-virtualized

connectivity and offloads

+Root of Trust

=

Deployment of multiple containers fully

isolated and protected

How to secure a platform?

Trusted Hypervisor

Memory

Ensigma RPU

Ensigma NPU

PowerVR Virtualized GPU Cores

MIPS Virtualized CPU Cores

Se

cu

re F

ab

ric

Root of Trust

Main

Car Body comms

Blutooth/ LTE

Service

Main Functionality Entertain/Navi

Page 10: Security for Connected Cars - SEMICON Taiwan...Imagination can enable next generation autonomous connected cars with existing IP blocks for video, vision, GPU, CPU, wireless connectivity

© Imagination Technologies Taiwan September 2015 10

Offloads

Network Interface Network Interface

DRAM

Automotive AP - true isolation

Mature and proven technology

H/W firewall high level of security

Secure services can only affect their

container

Highest flexibility and performance

IP protection provided through

system partitioning

Virtualization benefits

Trusted Hypervisor

MIPS Heterogeneous Platform

IPC

Kernel

Comms To Main Body

Controller

Entertainment/ Navigation Software

Handsfree Wi-Fi LTE

In Car Comms External comms

WAN

So

ftw

are

H

ard

wa

re

RoT

Secure Fabric

CAN

Page 11: Security for Connected Cars - SEMICON Taiwan...Imagination can enable next generation autonomous connected cars with existing IP blocks for video, vision, GPU, CPU, wireless connectivity

© Imagination Technologies Taiwan September 2015 11

T3

T2

T1

T0 Single Core

Quad Thread

Time(t)

OS

RTOS

RTOS

OS

t0 t5

Concurrent

Multi-Threading

OS OS RTOS RTOS

H/W

Th

read

100%

CPU

Concurrency

Virtualization vs Realtime Intersection of isolation and concurrency

Single Core Single Thread

H/W VZ

Hypervisor

OS OS

RTOS

RTOS

Time(t)

OS OS RTOS RTOS OS RTOS

t0 t1 t2 t3 t4 t5

Context Switch

Virtualization

CPU

100%

Gu

est

Ro

ot

Hypervisor

Hypervisor switches context

enforcing CoS, QoS and

isolation.

Response time adequate for

many applications.

H/W multi-threading enables

concurrent operation of

applications.

Context switch at rate of

CPU clock.

Isolation

Page 12: Security for Connected Cars - SEMICON Taiwan...Imagination can enable next generation autonomous connected cars with existing IP blocks for video, vision, GPU, CPU, wireless connectivity

© Imagination Technologies Taiwan September 2015 12

Isolation Concurrency

Real time secure operation in virtual environment

T3

T2

T1

T0 Single Core

Single Thread H/W VZ

Hypervisor

OS OS

RTOS

RTOS

Single Core Quad Thread

Time(t) Time(t)

OS OS RTOS RTOS OS RTOS

OS

RTOS

RTOS

OS

t0 t1 t2 t3 t4 t5

t0 t5

Context Switch Concurrent

Multi-Threading Virtualization

CPU

100%

Gu

est

OS OS RTOS RTOS

Ro

ot H

/W T

hre

ad

100%

CPU

Hypervisor Time(t)

OS

RTOS

RTOS

OS

t0

100%

CPU

Gu

est

Ro

ot

OS

RTOS

RTOS

OS

t3 t7

T3

T2

T1

T0 Single Core

Quad Thread

Virtualized Multi-Threading

OS

OS

RTOS RTOS

Hypervisor

Concurrent multi-domain execution environment

Zero overhead & real-time

Page 13: Security for Connected Cars - SEMICON Taiwan...Imagination can enable next generation autonomous connected cars with existing IP blocks for video, vision, GPU, CPU, wireless connectivity

© Imagination Technologies Taiwan September 2015 13

Real time secure operation in virtual environment

T3

T2

T1

T0 Single Core

Single Thread H/W VZ

Hypervisor

OS OS

RTOS

RTOS

Single Core Quad Thread

Time(t) Time(t)

OS OS RTOS RTOS OS RTOS

OS

RTOS

RTOS

OS

t0 t1 t2 t3 t4 t5

t0 t5

Context Switch Concurrent

Multi-Threading Virtualization

CPU

100%

Gu

est

OS OS RTOS RTOS

Ro

ot H

/W T

hre

ad

100%

CPU

Hypervisor

OS

OS

RTOS

OS

t0

100%

CPU

Gu

est

Ro

ot

OS

OS

RTOS

OS

t3 t7

T3

T2

T1

T0 Single Core

Quad Thread

OS

OS

RTOS OS

Hypervisor

Automotive system use case

Cluster Secure RTOS High Priority 60 FPS

ADAS Linux Variable Priority GPU Compute

Navigation Linux Lower Priority / Framerate

Infotainment Linux/Android Medium Priority / Framerate

OS OS

RTOS

OS

Time(t)

RTOS

Page 14: Security for Connected Cars - SEMICON Taiwan...Imagination can enable next generation autonomous connected cars with existing IP blocks for video, vision, GPU, CPU, wireless connectivity

© Imagination Technologies Taiwan September 2015 14

Conclusions

Imagination’s IP is already widely used in automotive: ADAS, infotainment,

consoles, and more – with numerous tier-one players

Imagination can enable next generation autonomous connected cars with

existing IP blocks for video, vision, GPU, CPU, wireless connectivity and

cloud services

OmniShield is enabling a new levels of advanced security for connected cars

Imagination’s automotive advantage – security for connected cars

Page 15: Security for Connected Cars - SEMICON Taiwan...Imagination can enable next generation autonomous connected cars with existing IP blocks for video, vision, GPU, CPU, wireless connectivity

www.imgtec.com

Thank You