ZC.QingLong BootLoader is a self-developed program flashing software (BootLoader) by ZC. Controllers using ZC.QingLong BootLoader can achieve application update functionality through communication methods such as CAN, LIN, SPI, and UART. Currently, ZC.QingLong BootLoader has supported chips from NXP, Infineon, Renesas, ST, and more, and complies with the program flashing specifications of various vehicle manufacturers, offering customized development services.

ZC.QingLong SecureBoot is based on the IFX TC3xx platform and implements the Security features of the BootLoader. By implementing SecureBoot, the controller can recognize whether the BootLoader program and the application have been tampered with, especially during the FOTA process, ensuring the security of the program update. By implementing SecureUpdate, the controller can encrypt the interactive data during the flashing process, ensuring the security and effectiveness of the data. Through SecureDiagnostic, the controller ensures that the data within the ECU is not stolen by interacting with the upper computer through an authentication process, thus ensuring the data security of the controller.

ZC.QingLong SecureBoot can be applied to the controller program flashing function using the TC3xx series chips. The supported controllers include:

Ø  Body Controller

Ø  Gateway Controller

Ø  In-Vehicle Infotainment System Controller

Ø  Electronic Parking Brake System

Ø  Tire Pressure Monitoring System

Ø  Battery Management System

Ø  Air Conditioning Control System

Ø  Window Control System

Ø  Door Control System

Currently, the electronic and electrical architecture of vehicles is becoming increasingly complex. Along with the electrification, intelligence, connectivity, and sharing of automobiles, the proportion of software development in vehicles is growing larger. The frequency of software updates is also increasing. Moreover, throughout the entire lifecycle of a vehicle, including the research and development phase, production phase, and after-sales phase, software update functionality is required in each stage. Therefore, the requirements from customers for software program updates is becoming more urgent.

With the implementation of the Internet of Vehicles, Cybersecurity is gaining more attention. As chips serve as carriers of information, the protection of data within chips is particularly important. ZC.QingLong SecureBoot is based on the Infineon TC3xx platform and implements the security features of the BootLoader. By implementing SecureBoot, the controller can recognize whether the BootLoader program and the application have been tampered with, especially during the FOTA process, which ensures the security of program updates.

ZC.XuanWu—Program Update Tool

Ø  Applicable to the program update specifications of up to more than ten vehicle manufacturers

Ø  Supports update functions for applications and data.

Ø  Support BootLoader self-update function

Ø  Compliant with HIS standards

Ø  Support for CAN/LIN/SPI/UART communication

Ø  Compatible with ZC.XuanWu program update tool, providing a complete program update solution

Ø  Support for symmetric encryption algorithms SHA256 and AES128

Ø  Support for asymmetric encryption algorithms ECDSA and ED25519

Ø  Support for 0x29 and 0x84 services

Ø  Support for certificate parsing and signature verification

The ECU's memory is divided into PFLASH and RAM. PFLASH is further divided into Application & Data, BootLoader, and Hsm areas. RAM is divided into FLASH Driver and Data areas.

The ZC.QingLong SecureBoot supports secure flashing and secure boot functions.

Ø  Secure Flashing

The ZC.QingLong SecureBoot verifies the authenticity of the data using the Root Public Key stored in non-volatile memory and employs asymmetric encryption algorithms ECC or ED25519. The authentication process supports the 0x29 service, which validates the Client Certificate sent by the host machine using the certificate stored in the ECU. If the validation is successful, the subsequent flashing process is allowed. During the flashing process, data is encrypted using the symmetric encryption algorithm AES128 and its integrity is verified using SHA256, ensuring the security of the flashing process.

Ø  Secure Diagnostics

When performing the diagnostic process, the ZC.QingLong SecureBoot supports the 0x29 service to ensure the authenticity and validity of the host machine through certificate chain verification. After the authentication process, data communication can be encrypted using symmetric encryption, with the encryption key generated through a key derivation algorithm to prevent key interception and theft by man-in-the-middle attacks.

Ø  Secure Boot

From the moment the chip is powered on and starts up until it jumps to the Application, the ZC.QingLong SecureBoot supports the secure boot function. It performs security verification on the Boot and Application programs using symmetric encryption algorithms SHA256 or AES128 to ensure the safe startup of the programs.

The ZC.QingLong SecureBoot supports the 0x29 service, which is based on the ISO14229-1:2020 standard. It supports the following two security concepts:

ü  Public Key Infrastructure (PKI) Certificate Exchange Process using Asymmetric Cryptography

ü Challenge-Response Process without PKI Certificates: This involves using asymmetric cryptographic algorithms combined with software authentication tokens or symmetric keys, without the use of PKI certificates.

ZC.QingLong SecureBoot supports the 0x29 sub-service list:

ZC.QingLong SecureBoot supports the 0x84 service, based on the ISO14229-1:2020 standard; it supports the following features:

ü  Anti-replay Counter: Prevents replay attacks.

ü  Signature/MAC Byte: Calculates in advance for diagnostic services to prevent data from being modified by a man-in-the-middle.

ü Encryption Calculation: Uses symmetric encryption to ensure end-to-end data security, preventing interaction data from being intercepted by a man-in-the-middle.

ü HKDF: Supports key derivation algorithms. Using key derivation algorithms to interactively generate symmetric encryption keys effectively enhances key security.

The ZC.QingLong BootLoader software adopts a layered architecture, which consists of the Boot Management Layer (BootManager), System Service Layer (Sys Layer), Hardware Driver Layer (MCAL Layer), and Hsm Core. The entire software is modularized, with each module defined as follows:

Ø  BootManager

The Boot Management Layer is responsible for scheduling and managing the entire BootLoader software module and implements interface management with the application program.

Ø  SysSer

The System Service Layer provides functionalities such as communication, diagnostics, memory management, watchdog management, and security management.

Ø  MCAL Layer

The Hardware Driver Layer implements the hardware module drivers for the chip. It is dependent on the specific chip, and the drivers in this layer need to be replaced for different chips.

Ø  Hsm Core

When paired with the ZC’s CryptoLibrary, the Hsm Core can achieve hardware-accelerated cryptographic calculations, secure storage, and secure boot functionalities.

QINGLONG SOFTWARE COPYRIGHT REGISTRATION CERTIFICATE

QINGLONG SOFTWARE PRODUCT REGISTRATION CERTIFICATE

Click to download the product manual