Abstract: Some embodiments relate to a control unit including a Controller Area Network (CAN) interface including a plurality of serial communication ports and an Ethernet interface. A first plurality of CAN-to-Stream-identifier (ID) logic circuits are coupled to the plurality of serial communication ports, respectively. A routing table is coupled to the first plurality of CAN-to-Stream-ID logic circuits. The routing table stores a first plurality of CAN IDs and a first plurality of Stream IDs, respectively. A Stream-ID-frame-to-Ethernet-frame-generation logic has a plurality of inputs coupled to respective outputs of the first plurality of CAN-to-Stream-ID logic circuits, respectively, and has respective outputs coupled to the Ethernet interface. The first plurality of CAN-to-Stream-ID logic circuits are instantiated in a first plurality of hardware circuits, respectively.

Abstract: A device includes a safety domain having a processing unit and a memory and is configured to provide at least one functionality and to implement one more safety measures for detecting faults. The safety domain is configured to transmit at least one alarm signal indicating one or more detected errors in response to detecting the faults. The device further includes a security domain having a processing unit and a memory and is configured to provide cryptographic services and to obtain alarm signals. The security domain is configured to perform security-related operations in a secure state in response to obtaining an alarm signal from the safety domain.

Abstract: A security hardware device is configured to secure a control apparatus. The security hardware device includes a data security domain; a functional safety domain; a data security processor provided in the data security domain and is configured to secure data from unauthorized access or manipulation; a functional safety processor provided in the functional safety domain and is configured to detect functional errors and generate respective safety alerts in response to detecting the functional errors; and a monitoring processor configured to analyze the respective safety alerts provided by the functional safety processor for at least one pattern of safety alerts indicative of a security attack and generate a response signal in response to the respective safety alerts having at least one of the at least one pattern of safety alerts.

Abstract: A system may include a cryptographic accelerator to generate a first check value based on a payload received in a message, and provide the first check value to a first comparator and to a second comparator. The system may include the first comparator to receive the first check value from the cryptographic accelerator, determine whether the first check value matches a second check value, the second check value being a check value received in the message, and provide a first output indicating whether the first check value matches the second check value. The system may include the second comparator to receive the first check value from the cryptographic accelerator, determine whether the first check value matches the second check value, and provide a second output indicating whether the first check value matches the second check value.

Abstract: In different example embodiments, a system-on-chip is provided.

Abstract: A message processing component may include an execution unit configurable to execute a set of tasks associated with one or more communication network messages. The set of tasks may include at least one of a message evaluation task or a cryptography task. The execution unit may be configured to provide functional safety in association with executing the set of tasks. The execution unit includes a set of time-multiplexed partitions. Each partition in the set of time-multiplexed partitions may be configurable to execute only one task included in the set of tasks. The message processing component may include an interface to one or more hardware accelerators available for use in association with the execution of the set of tasks. Only one partition, of the set of time-multiplexed partitions, may have access to the one or more hardware accelerators at a time.

Abstract: A system may include a cryptographic accelerator to generate a first check value based on a payload received in a message, and provide the first check value to a first comparator and to a second comparator. The system may include the first comparator to receive the first check value from the cryptographic accelerator, determine whether the first check value matches a second check value, the second check value being a check value received in the message, and provide a first output indicating whether the first check value matches the second check value. The system may include the second comparator to receive the first check value from the cryptographic accelerator, determine whether the first check value matches the second check value, and provide a second output indicating whether the first check value matches the second check value.

Abstract: A device includes a safety domain having a processing unit and a memory and is configured to provide at least one functionality and to implement one more safety measures for detecting faults. The safety domain is configured to transmit at least one alarm signal indicating one or more detected errors in response to detecting the faults. The device further includes a security domain having a processing unit and a memory and is configured to provide cryptographic services and to obtain alarm signals. The security domain is configured to perform security-related operations in a secure state in response to obtaining an alarm signal from the safety domain.

Abstract: A device is provided comprising a first memory for storing a first key, a second memory for storing a second key, the device being capable of conducting a first cryptographic algorithm, wherein the first cryptographic algorithm uses the first key, the device being capable of conducting a second cryptographic algorithm, wherein the second cryptographic algorithm uses the second key, and a selection unit, which is programmable to use either the first cryptographic algorithm or the second cryptographic algorithm. Also, a method for operating such device is provided.

Abstract: A method for cryptographic data processing by means of a circuit comprises using a first circuit section to perform a first cryptographic operation in order to obtain first cryptographic data. The method further includes transmitting the first cryptographic data to a second circuit section via a transmission area of the circuit that physically separates the second circuit section from the first circuit section and whose resistance to attacks is at most as high as the resistance of the first circuit section. The method includes using the second circuit section to perform a second cryptographic operation using the first cryptographic data in order to obtain second cryptographic data.

Abstract: The present disclosure relates to a security device, a system, and a method for securing a control apparatus. The security device includes a data security unit which is configured to secure data, data communication and information, and includes a first security component inside the data security unit to operate in a first operating mode, and at least one first monitoring unit to operate in a high-availability mode which, said first monitoring unit being configured to detect a fault present in the first security component. The high-availability mode is different from the first operating mode. The security device further includes a second security component which is configured to operate in the high-availability mode and to output a first response signal if a fault is detected by the first monitoring, where the high-availability mode is available independently from the first operating mode.

Abstract: A message processing component may include an execution unit configurable to execute a set of tasks associated with one or more communication network messages. The set of tasks may include at least one of a message evaluation task or a cryptography task. The execution unit may be configured to provide functional safety in association with executing the set of tasks. The execution unit includes a set of time-multiplexed partitions. Each partition in the set of time-multiplexed partitions may be configurable to execute only one task included in the set of tasks. The message processing component may include an interface to one or more hardware accelerators available for use in association with the execution of the set of tasks. Only one partition, of the set of time-multiplexed partitions, may have access to the one or more hardware accelerators at a time.

Abstract: A security hardware device is configured to secure a control apparatus. The security hardware device includes a data security domain; a functional safety domain; a data security processor provided in the data security domain and is configured to secure data from unauthorized access or manipulation; a functional safety processor provided in the functional safety domain and is configured to detect functional errors and generate respective safety alerts in response to detecting the functional errors; and a monitoring processor configured to analyze the respective safety alerts provided by the functional safety processor for at least one pattern of safety alerts indicative of a security attack and generate a response signal in response to the respective safety alerts having at least one of the at least one pattern of safety alerts.

Abstract: A method for processing data in a plurality of processing acts includes: configuring a plurality of processing circuits in a first configuration, in such a way that both a first and a second of the plurality of processing circuits execute a first of the plurality of processing acts; and configuring the plurality of processing circuits in a second configuration, in such a way that the first processing circuit executes a second processing act and the second processing circuit executes a third processing act, which is different than the second processing act. An apparatus is designed for carrying out the method.

Abstract: A Cryptographic Unit (CU) of a microcontroller, the CU including a first accelerator configured to generate first encrypted output data based on input data; and a second accelerator which is configured to be diversely implemented with respect to the first accelerator, and is configured to generate second encrypted output data based on the input data; and a comparator configured to compare a first comparator data obtained from the generation of the first encrypted output data with a second comparator data obtained from the generation of the second encrypted output data, and if the comparison indicates that the first and second comparator data differ, output an event signal pertaining to an event in a safety domain or a security domain.

Abstract: A device is provided comprising a first memory for storing a first key, a second memory for storing a second key, the device being capable of conducting a first cryptographic algorithm, wherein the first cryptographic algorithm uses the first key, the device being capable of conducting a second cryptographic algorithm, wherein the second cryptographic algorithm uses the second key, and a selection unit, which is programmable to use either the first cryptographic algorithm or the second cryptographic algorithm. Also, a method for operating such device is provided.

Abstract: In different example embodiments, a system-on-chip is provided.

Abstract: A Cryptographic Unit (CU) of a microcontroller, the CU including a first accelerator configured to generate first encrypted output data based on input data; and a second accelerator which is configured to be diversely implemented with respect to the first accelerator, and is configured to generate second encrypted output data based on the input data; and a comparator configured to compare a first comparator data obtained from the generation of the first encrypted output data with a second comparator data obtained from the generation of the second encrypted output data, and if the comparison indicates that the first and second comparator data differ, output an event signal pertaining to an event in a safety domain or a security domain.

Abstract: A method for processing data in a plurality of processing acts includes: configuring a plurality of processing circuits in a first configuration, in such a way that both a first and a second of the plurality of processing circuits execute a first of the plurality of processing acts; and configuring the plurality of processing circuits in a second configuration, in such a way that the first processing circuit executes a second processing act and the second processing circuit executes a third processing act, which is different than the second processing act. An apparatus is designed for carrying out the method.

Abstract: The present disclosure relates to a security device, a system, and a method for securing a control apparatus. The security device includes a data security unit which is configured to secure data, data communication and information, and includes a first security component inside the data security unit to operate in a first operating mode, and at least one first monitoring unit to operate in a high-availability mode which, said first monitoring unit being configured to detect a fault present in the first security component. The high-availability mode is different from the first operating mode. The security device further includes a second security component which is configured to operate in the high-availability mode and to output a first response signal if a fault is detected by the first monitoring, where the high-availability mode is available independently from the first operating mode.