With the rapid development of automotive electronics technology, vehicles have transformed from traditional mechanical devices into highly intelligent, electronic, and networked complex systems. The introduction of these technologies has brought great convenience to drivers, but at the same time, it has also presented new safety challenges. The electronic control systems of vehicles not only have to deal with the threat of functional failures but also must guard against potential cyberattacks. Therefore, Cybersecurity, like Functional Safety, has become an essential and crucial element in modern vehicle design.

      To address this challenge, the International Organization for Standardization (ISO) introduced the ISO 21434 standard in 2021, which specifically provides guidance and a framework for the cybersecurity of road vehicles. With the official launch of the "Technical Requirements for Vehicle Information Security" standard in China in the second half of 2024, the technical specifications and implementation standards in the field of automotive information security have been further refined, marking that the automotive safety field will enter an era of truly strict supervision.

ZC Technology has developed the MuNiu CryptoLibrary for Renesas RH850 U2A. It includes the kernel firmware (zICUM CORE) of the Hardware Encryption Module (ICUM), the Cybersecurity Protocol Stack CryptoStack (CSM, CRYIF, CRYPTO, KEYM) of the main core, and ICUM CDD (zICUM COM, zICUM CRY). The kernel firmware not only meets the mainstream international cryptographic algorithms of NIST, such as AES, HASH, ECC and TRNG/DRNG, etc., but also contains the domestic cryptographic algorithms SM2/3/4. It can also extend a variety of algorithm-based functions: symmetric encryption and decryption, asymmetric signature generation and verification, secure boot, secure flashing and SecOC, etc. Besides meeting the version requirements supporting AUTOSAR 4.4.0, CryptoStack and ICUM CDD can also be used as a separate complex driver for integration in a non-AUTOSAR environment.

ZC, based on RH850 U2A, provides the MuNiu CryptoLibrary and adds the ZC MuNiu Cybersecurity Protocol Stack (CryptoStack), which includes: Csm module, CryIf module, Crypto module and KeyM module, making it compatible with the RH850 U2A kernel driver.

Ø  Csm module: Located at the service layer, it is used to handle the configuration management and scheduling of user information security tasks.

Ø  CryIf module: Located at the ECU abstract layer, it is used to achieve secure communication between the Csm module and the Crypto module.

Ø  Crypto module: Located at the Hardware Abstract Layer, its function is to achieve data transfer between the Host side and the Icum kernel, access relevant components, and perform encryption and decryption operations.

Ø  KeyM module: Responsible for key management and certificate management, it is used to achieve the interaction between keys, certificates and the underlying storage.

In short, the MuNiu CryptoLibrary can be flexibly applied to Renesas RH850 U2A products and has high extensibility. It can be upgraded, configured and redeveloped according to the requirements of different customer projects, ultimately meeting the information security needs of different customers.

Encryption Protocol Stack

ZC.MuNiu Encryption Protocol Stack is mainly composed of four modules: Csm, CryIf, Crypto, and KeyM. The Csm module realizes users' Cybersecurity encryption algorithm requirements such as AES - 128, CMAC, HASH, ECC, TRNG, etc. by configuring CsmJob, and provides interfaces for users to call. The function of the CryIf module is to connect the service - layer Csm module and the hardware - abstraction - layer Crypto module. Through security functions such as encryption, decryption, verification, and authentication, it protects the integrity and confidentiality of data. The Crypto module realizes the transmission of information data between the main core of RH850 U2A and the Icum encryption kernel. The KeyM module realizes the management of keys and certificates. It includes functions such as parsing and verifying the keys and certificates downloaded into the ECU, and connecting to the ICMU kernel driver to store the keys in the protected area of the ICMU.

MuNiu CryptoLibrary of ZC

The software of ZC.MuNiu CryptoLibrary is mainly divided into two parts:

1)Firmware of ICUM Hardware Encryption Module (zICUM CORE)

2) CryptoStack (CSM, CRYIF, CRYPTO, CRYPTO(SW)) on the RH850 G4MH main core, and ICUM CDD (zICUM COM, zICUM CRY)

The ICUM CDD consists of two sub - modules: the zICUM CRY module which contains the call interface for the Crypto layer, and the zICUM COM module for ICUM communication. The functional descriptions of each module are shown in Table 1.

ZC.MuNiu CryptoLibrary is mainly applied to the controllers with Cybersecurity requirements. This product is suitable for the following components in the automotive electronic and electrical architecture: Powertrain Domain Controller, Body Domain Controller, Safety Domain Controller, and Information Domain Controller.

By integrating ZC.MuNiu CryptoLibrary into the automotive electronic control unit based on RH850 U2A, users can meet the Cybersecurity functions required for automotive electronic control units as specified in the AUTOSAR standard.

Certificate of Registration of MuNiu Software Copyright

Click to download the product manual