Software-Defined Vehicle

AutoCrypt TEE

Trusted execution environment for in-vehicle applications
Consult With Us
autocrypt ivs tee main

Enhanced security platform for software-defined vehicles.

AutoCrypt® TEE is an ASPICE CL2-certified in-vehicle systems security solution dedicated to system-on-chip (SoC) platforms like Advanced Driver-Assistance Systems (ADAS), in-vehicle infotainment (IVI), and the central communication unit (CCU).

By establishing a trusted execution environment (TEE) within each application processor, AutoCrypt® TEE provides an isolated and secure platform of only trusted applications (TA), guaranteeing robust security.

AutoCrypt TEE ensures compliance with UN R155 and ISO/SAE 21434, and can be deployed in various environments, including AUTOSAR and legacy environments.

How It Works

What Is a Trusted Execution Environment (TEE)?

A trusted execution environment (TEE) is an independent environment for code execution, so that every application within the environment is safely protected from the rest of the device. 

The TEE is separate from the Rich Execution Environment (REE), and only verified applications can run on the TEE (called trusted applications or TAs). The data inside TEE is completely isolated from other applications or devices. 

AutoCrypt TEE utilizes this environment to maximize in-vehicle systems security, providing data protection in a highly reliable environment. 

autocrypt tee architecture

Components and Features

AutoCrypt TEE Components

AutoCrypt® TEE provides a secure and reliable execution environment for each component of the application processor, based on a specialized configuration within the automotive software architecture. 

Optimized for the vehicular software environment, AutoCrypt® TEE consists of:

  • Components for implementing crypto libraries
  • Encrypted storage for transmitting trusted applications (TA)
  • TEE applications based on the Global Platform standard
  • Other security functions

Highlights

adaptive icon
Adaptiveness and Compliance
  • Compatible with Adaptive AUTOSAR R20-11
  • Implementable in both AUTOSAR and legacy environments
  • GlobalPlatform™ API compliance
  • ASPICE-CL2 certified
  • TrustZone for ARM-A technical specs supported
  • MISRA-C/C++ validated
add-on icon
Add-On Security Packages
  • Add-on security services available
  • Connects to AutoCrypt® ASL, an add-on security cryptographer for easy implementation of Adaptive AUTOSAR
  • Management and maintenance via OTA

Use Cases

secure boot icon

Secure Boot

Guarantees software integrity by allowing the execution of only safe and verified software

secure flash icon

Secure Flash

Protects sensitive data from unauthorized access by granting access to validated users only

secure ota icon

Secure OTA

Ensures only validated packets are received and installed during OTA updates

CCU icon

CCU

Protects both the central communication unit and ECUs by two-way authentication

adas icon

ADAS

Protects ADAS from malicious code execution by implementing robust access control

ivi icon

IVI

Protects personal data by encrypting them and keeping them in an isolated environment

Related Resources

WP.29 Regulations

Learn More

Brochure

Download Brochure
highway image