Protecting Vehicle Networks: The Role of MACSec and TA101 TrustAnchor in Automotive Ethernet Security

Introduction

As vehicles evolve into sophisticated, connected systems, the security of in-vehicle networks becomes a top priority. Automotive Ethernet is rapidly becoming the backbone for high-speed data communication in modern vehicles, and with it comes the need for robust security solutions. Media Access Control Security (MACSec) is emerging as a key technology to protect automotive Ethernet networks against threats such as unauthorized access, data tampering and eavesdropping.

How Do You Protect Data in Motion?

Protecting data as it moves across networks is essential for maintaining privacy and integrity. This is achieved through the use of network security protocols, which operate at different layers of the OSI model:

• Application Layer (Layer 7):
  At the highest level, Transport Layer Security (TLS) creates secure communication for applications such as web browsers, client software and cloud services. TLS is the successor to SSL (Secure Sockets Layer) and is widely used to safeguard data exchanged between applications and remote servers.
• Network Layer (Layer 3):
  IP Security (IPsec) provides protection for data at the network layer. IPsec is commonly used for securing connections between networks, such as when accessing a corporate network through a VPN. It confirms that data packets are encrypted and authenticated as they traverse different network segments.
• Data Link Layer (Layer 2):
  MACSec operates at the data link layer, securing direct device-to-device or network-to-network communications. MACSec is particularly effective for environments like automotive Ethernet, where it protects data frames as they move between electronic control units (ECUs) and other networked devices within the vehicle.

Why MACsec Is Important

MACsec secures data against multiple attacks, including:

Spoofing: pretending to be a node in the network

• Secret keys are used to verify each packet with an integrity check
• Frames will be rejected, because the spoofer won’t have the secret keys to create a valid integrity check value (ICV)

Man-In-The-Middle (MITM): Intercepting, modifying, and resending data

• MACsec authenticates every byte of data
• Authenticated data cannot be altered because the integrity check will fail

Sniffing: Reading unprotected data (Passive Attack)

• Encrypted data cannot be viewed
• Prevents eavesdropping of sensitive data

Replay: Capturing and retransmitting authentic packets

• MACsec detects duplicated frames with incrementing Packets Numbers
• Duplicate frames are rejected even if authentic in every other way
• Out-of-order frames can be supported within a limited “window”

How MACSec Works

MACSec is an IEEE standard (IEEE 802.1AE) designed to secure Ethernet communications at the data link layer. Here’s how it works:

• Frame-by-Frame Protection: MACSec encrypts and authenticates each Ethernet frame as it travels across the network, verifying that data cannot be read or altered by unauthorized parties.
• Secure Associations: Devices on the network establish secure associations using cryptographic keys, defining which devices can communicate securely.
• Key Management: MACSec uses a set of symmetric keys to encrypt and authenticate data, managed and distributed using the MACSec Key Agreement (MKA) protocol.
• Integrity and Confidentiality: By combining encryption and authentication, MACSec protects both the integrity and confidentiality of data, preventing attacks such as eavesdropping, replay and tampering.
• Scalability: MACSec can be deployed in point-to-point links or across complex network topologies, making it suitable for automotive environments where multiple ECUs communicate over Ethernet.

How MACSec Key Management Works

Effective key management is at the heart of MACSec’s security:

• Connectivity Association Key (CAK):
  The CAK is a long-term symmetric key shared between trusted devices, serving as the root key for establishing secure communications.
• MACSec Key Agreement (MKA) Protocol:
  The MKA protocol manages and distributes keys among devices, authenticating them and establishing secure channels for further key exchange.
• Generation of Secure Association Keys (SAKs):
  After authentication, the MKA protocol derives SAKs from the CAK, which are used to encrypt and authenticate individual Ethernet frames.
• Key Rotation and Rekeying:
  SAKs are periodically refreshed to maintain security, with the MKA protocol handling this process automatically.

Advantages of MACSec in Automotive Applications

MACSec delivers foundational network security at the data link layer, but its benefits extend far beyond basic protection. Here’s why MACSec stands out for automotive Ethernet networks:

1. Scalability and High Performance:
   MACSec is highly scalable and can be deployed in a variety of network topologies, from simple point-to-point links to complex multi-node environments. Its cryptographic algorithm is optimized for high network speeds and low latency, allowing the processing of packet headers to begin before the entire packet is received. This makes MACSec ideal for real-time automotive applications.
2. Hardware-Based Implementation:
   Unlike protocols such as IPsec or TLS, which require software interaction, MACSec can be fully implemented in hardware. This eliminates the need for software intervention, reducing complexity and potential vulnerabilities as well as “de-risking” software development and maintenance.
3. Full Line-Rate Operation:
   MACSec operates at the full speed of the network (line rate), certifying that robust Layer 2 security does not come at the expense of performance. This is especially important as automotive networks handle increasing volumes of data and require maximum bandwidth.
4. Comprehensive Security Features:
   • Device-to-Device Security: MACSec secures data transfer directly between devices, regardless of the intervening network infrastructure. This makes it suitable for use in LANs, MANs and WANs.
   • Connectionless Data Integrity: Each MAC frame includes its own integrity verification code, enabling unauthorized changes to data to be detected immediately.
   • Data Origin Authenticity: Every received MAC frame is certified to have originated from an authenticated device.
   • Confidentiality: The payload of each MAC frame is encrypted, protecting sensitive information from eavesdropping.
   • Replay Protection: MACSec detects and blocks attempts to resend captured frames, thwarting replay attacks. In special configurations, limited replay can be permitted to accommodate frame reordering.
   • Bounded Receive Delay: MACSec can detect if frames are delayed by a man-in-the-middle attack, verifying that such delays cannot go unnoticed for more than a few seconds.
5. Prevention of Unauthorized Access:
   Only authenticated devices can participate in network communications, reducing the risk of rogue ECUs or malicious actors gaining access to critical vehicle systems.
6. Compliance with Industry Standards:
   As an IEEE standard, MACSec helps manufacturers meet regulatory and industry requirements for in-vehicle network security.

The MACsec Paradox: Reliance on Keys but No Protection

As we see so far, MACsec relies on three symmetric keys: CAK, MKA, SAK. If mixed with the MCU firmware, keys are open to numerous vulnerabilities as their protection relies on how well the firmware is developed to protect them.. In other words, firmware will always have bugs and will never correctly protect cryptographic keys adequately. Keys need to be isolated or “air gapped” from the firmware and provisioned into secure authentication ICs like the TA101 TrustAnchor device. Secure authentication is now achieved with secure key protection by the TA101.

The Role of Secure Key Storage: TA101 TrustAnchor CryptoAuthentication™ IC

A cornerstone of effective MACSec implementation is the secure management of cryptographic keys. The TA101 TrustAnchor CryptoAutomotive IC is designed specifically for this purpose, acting as a secure authentication IC to protect the three main symmetric keys used in MACSec transactions:

• Connectivity Association Key (CAK):
  Secure storage for the lifetime of the vehicle.
• MACSec Key Agreement (MKA):
  Secure key agreement processes.
• Secure Association Key (SAK):
  Real-time message authentication and encryption.
• Enhancing Authentication with X.509 Certificates
  X.509 certificate-based authentication adds an extra layer of trust, allowing only verified ECUs to participate in secure communications. This prevents unauthorized devices from gaining access and helps maintain the integrity of the vehicle’s network.
  
  The usage of X509 certificates improve security by cryptographically verifying peer members before distributing Secure Association Keys (SAK) with the use of X.509 certificates rooted to a trusted certificate authority.

By leveraging the TA101 TrustAnchor, automotive systems can achieve hardware-based protection for cryptographic keys, meeting the expectations of leading OEMs for secure key storage. As the key remain protected and stored in the TA101, they are physically isolated or “air gapped” from the firmware that would have otherwise contained the keys. This type of architecture helps to re-risk the software development and maintenance but also confirm that proper secure authentication takes place. If the keys are in the code, it becomes the obvious vulnerability in the system.

The TA101 TrustAnchor CryptoAutomotive IC is engineered for robust secure key storage and cryptographic operations in automotive and embedded applications. It is certified to Common Criteria JIL High, demonstrating its strong resistance to sophisticated attacks and ensuring a high level of trust for key storage. Additionally, the TA101 has achieved Cryptography Module Validation Program (CMVP) certification from NIST, further validating its compliance with rigorous industry standards for cryptographic modules.

Integrating Security and Performance

Automotive networks demand both high security and high performance. While CryptoAutomotive ICs like the TA101 are suitable for long-term key storage and real-time cryptographic operations, MACsec protocol operations are typically handled by microcontrollers (MCUs) to keep up with the high-speed requirements of automotive Ethernet. This shared security model ensures that security does not come at the expense of performance.

Security During Manufacturing

Microchip secure key provisioning service offers customers the ability to leverage an HSM infrastructure location where the TA101 are manufactured. The service will load and/or create cryptographic keys on the behalf of the customer. Following this procedure ensure that secrets during manufacturing are never exposed to contract manufacturers, operators, distributors or even end users.

Looking Ahead at the MACsec Ecosystem

The combination of MACSec and the TA101 TrustAnchor CryptoAuthentication IC sets a new standard for automotive Ethernet security. By providing robust key management and advanced authentication mechanisms, this solution helps manufacturers build vehicles that are resilient against cyber threats and ready for the future of connected mobility.

Microchip partners with Simma software and ETAS to provide full stacks solutions and serve the different architecture needs. 

	Simma software provides integration of the CryptoAuthLib and TA101 with their MACsec stack.
	ETAS offer an integrated MACsec stack with Autosar leveraging MCAL. CryptoAuthlib has the necessary API to MCAL to operate the TA101. The complete package is offered by ETAS.

Getting Started With Secure Automotive Ethernet

Ready to implement robust security in your automotive Ethernet networks? Here’s how to get started.

1. Watch our webinar about MACSec
   This class covers key concepts of MACsec and MKA specifications and how they can be utilized for communications in automotive applications.
2. Download the Microchip Trust Platform Design Suite:
   Access the tools you need to integrate the TA101 TrustAnchor CryptoAuthentication IC into your design. Download here.
3. Enable your secure document exchange (SDE) within your mymicrochip account
   Follow the procedure documented HERE
4. Request the TA101 Configurator
   Follow the Secure Exchange Document (SDE) process to request the TA101 configurator and provide secure key provisioning for your application. Learn more and request here.
5. Request the MACsec configuration file
   Follow the Secure Exchange Document (SDE) process to request the TA101 MACsec configuration file. The file contains the necessary policies pre-set for the TA101 and the MACsec configuration.

By leveraging these resources, you can accelerate your development of secure, MACSec-enabled automotive Ethernet solutions and stay ahead in the rapidly evolving world of connected vehicles.