Success Stories

Tier-1 automotive supplier

Tier-1 automotive supplier

Trusted Application Development: Enabling secure ECU communication and authenticated hardware access 

For a leading Tier-1 supplier aiming to secure UART communication, Diconium developed a robust solution that protects critical in-vehicle communication between the SoC and I/O Controller. Leveraging the Kinibi Trusted Execution Environment (TEE), we created a custom Trusted Application that implements a secure handshake protocol that ensures only authorised hardware can interact with sensitive vehicle functions, eliminating the risk of unauthorized access. 

Cybersecurity

Our story

01

Task

The customer was involved in the development of next-generation ECUs for a premium OEM that had strict automotive cybersecurity requirements. 

The goal was to ensure that only authorized, OEM-approved hardware could issue commands to perform vehicle functions without relying on a Hardware Security Module. Additionally, the solution required integration with existing production hardware while aligning with platform constraints. 

02

Challenge

The challenge was to deliver a solution that provided secure credential storage and isolated cryptographic processing. 

Moreover, the situation was complex, as the customer’s original security vendor withdrew support, leaving them without a mechanism to validate hardware authenticity. This exposed their UART (an inherently vulnerable interface) to spoofing, replay attacks, and physical tampering. 

03

Solution

To fulfill these requirements our specialised team for Trusted Application (TA) development at Diconium Germany created a custom solution built on Kinibi TEE. 

It used a three-step handshake protocol (Request - Response - Confirmation) that established a secure session between the SoC and IOC. The session was provisioned with pre-shared keys burned in during manufacturing and secured by the TA. All cryptographic operations and validations were executed inside the TEE, isolated from the normal OS environment. 

Post-handshake, the session keys were generated, and commands were transmitted, including random numbers and counters to prevent spoofing or replay attacks. Furthermore, the communication was denied unless the connected hardware could demonstrate possession of the shared key, thereby verifying it as OEM-approved. 

04

Successes

Our solution enabled the client to pivot away from the older HSM-based solution by leveraging the security capabilities of the SoC. The result was a production-grade security solution that met the stringent standards for automotive compliance. Under simulated attack conditions during pentesting, it successfully defended against unauthorised command injection attempts and the customer was able to launch a secure product. 

abstract glassy elements connecion 2

Tier-1 automotive supplier

Industry: Automotive

Business Area: B2B 

Technologies: Kinibi TEE, OP-TEE + QEMU for testing, C, C++ and GlobalPlatform APIs

abstract data cubes abstract glassy elements connecion 2

READY TO UPDATE YOUR BUSINESS?

Let's talk!

Jürgen Wohler

director business development

J%C3%BCrgen+Wohler

More success stories

Learn how we have empowered our customers and get to know our solutions

+A+leading+automotive+software+division

A leading automotive software division

Secure IDS Logging Using Trusted Applications in Vehicle Infotainment Systems.

Read our story
A+leading+automotive+OEM

A leading automotive OEM

PKI Solution for Secure & Efficient ECU Token Management.

Read our story
Tier-1+automotive+supplier

Tier-1 automotive supplier

Trusted Application Development: Enabling secure ECU communication and authenticated hardware access.

Read our story
%E2%80%8BFERNRIDE

​FERNRIDE

diconium performed comprehensive security testing for ​FERNRIDE​​ to secure their autonomous vehicle systems against cyber threats.

Read our story
Automotive

Automotive

Connectivity Services: Increasing business value through optimized mobile applications

Read our story
KiK

KiK

For our client KiK, we developed a high-performance e-commerce solution that stands out in the European market with its state-of-the-art architecture.

Read our story