Arm Community
Arm Community
  • Site
  • User
  • Site
  • Search
  • User
  • Groups
    • Arm Research
    • DesignStart
    • Education Hub
    • Graphics and Gaming
    • High Performance Computing
    • Innovation
    • Multimedia
    • Open Source Software and Platforms
    • Physical
    • Processors
    • Security
    • System
    • Software Tools
    • TrustZone for Armv8-M
    • 中文社区
  • Blog
    • Announcements
    • Artificial Intelligence
    • Automotive
    • Healthcare
    • HPC
    • Infrastructure
    • Innovation
    • Internet of Things
    • Machine Learning
    • Mobile
    • Smart Homes
    • Wearables
  • Forums
    • All developer forums
    • IP Product forums
    • Tool & Software forums
  • Support
    • Open a support case
    • Documentation
    • Downloads
    • Training
    • Arm Approved program
    • Arm Design Reviews
  • Community Help
  • More
  • Cancel
System
  • Developer Community
  • IP Products
  • System
  • Jump...
  • Cancel
System
Embedded blog Fast, secure file systems for autonomous vehicles from Tuxera
  • Blogs
  • Forums
  • Videos & Files
  • Mentions
  • Sub-Groups
  • Tags
  • Jump...
  • Cancel
  • New
More blogs in System
  • Embedded blog

  • SoC Design blog

Tags
  • automotive
  • Tuxera
  • Guest blogger
  • partner
  • Security
  • Autonomous Car
Actions
  • RSS
  • More
  • Cancel
Related blog posts
Related forum threads

Fast, secure file systems for autonomous vehicles from Tuxera

Tiffiny Rossi
Tiffiny Rossi
January 3, 2019

The amount of data generated by connected cars is rapidly growing to over 300 TB per year. At the same time, automotive systems are increasingly exposed to the connectivity needed to make cars smarter and more autonomous. And where there’s connectivity, there’s generally a way to gain access to all that data.

Whenever private, potentially sensitive data is handled, security measures must be in place to protect it from malicious attacks. Especially when several people use the same car—think car sharing, lending, or rentals—securing information such as your contacts, web browsing history, or credit card information is essential. So it makes sense that the software and hardware handling the storage of this information should have features that allow only authorized access to that data. 

How is data inside cars handled and stored?

File systems manage the data that goes to various storage devices inside connected cars. Just like what happens in your computer, file systems organize data into files, making it easy for applications to find stored data. But they also play an important role in storage read and write performance, flash endurance, data and storage interoperability, and especially data integrity, which includes security. For a file system, security means ensuring that the data it handles is not misused and/or altered by unwanted parties. One security measure that can be implemented at the file-system level is encryption.

What is file system encryption?

Encryption is commonly used to prevent unintended access to information. Generally speaking, encryption works by encoding information in a way that only authorized parties with the right “key” can gain access to it. The file system can implement encryption in different ways, each having some effect on CPU performance and processing speed. During the encryption process, factors that play a role in CPU usage and efficiency are 1) the cryptographic algorithm, and 2) the encryption implementation itself.

  1. Cryptographic algorithms can be categorized into symmetric or asymmetric. Symmetric algorithms, as opposed to asymmetric ones, use the same secret key for both encryption and decryption. Symmetric algorithms have the primary advantage of efficiency and fast execution speed.
  2.  Encryption implementations include stream and block ciphers. Stream ciphers work on encrypting small bits of data at a time, so they are generally faster than block ciphers, which encrypt large chunks of data.

How do file systems handle encryption?

Encryption can be run through software, hardware, or a combination of both. In any case, some sort of software execution is needed. A file system can perform software-based encryption on files or directories. As an example, Tuxera Flash File System encrypts file data, file names, and symbolic links (a type of file that contains references to other files or directories). We chose the AES-256 encryption algorithm for Tuxera Flash File System—or Advanced Encryption Standard (AES) with a 256-bit key. This option has several advantages: 

  1. AES in general is one of the most accepted encryption standards, meaning it is a fitting choice for use in automotive software.
  2. AES is a symmetric cryptographic algorithm, so that generally entails less CPU to execute.
  3. The mathematical strength of a 256-bit key makes it virtually impossible to hack by attacking the algorithm itself. This means it’s a great choice for very sensitive files stored in today’s smart cars. 

However, there is a potential cost for using such a strong encryption method. The AES algorithm is very fast and efficient, despite its status as a block cipher. But choosing such a strong cipher key (256-bit) requires more computational power. This could potentially drag down the CPU running the encryption algorithm.

How can hardware-accelerated encryption increase performance?

In cases where performance is a concern, or when a customer would have a specific requirement, the hardware can instead be used to accelerate the cryptographic algorithms. Benchmarks show that hardware-based encryption acceleration could be anywhere from a couple to several orders of magnitude faster than a purely software-based equivalent. Not to mention, research indicates that hardware-accelerated encryption makes it even more improbable an attacker can access the data.

That’s where Arm fits nicely into the picture. When our customers use processors with Armv8 architecture, we can configure our file system to use the Armv8 Cryptography Extensions. The Cryptography Extensions are special CPU instructions that give the software a sizable performance boost from the hardware to execute the process. In this way, the file system can keep the required level of read-write performance and provide rock-solid security measures to protect the data saved to the storage.

Although we’re unable to disclose any specific information about customer benchmarks, this is something we’re testing in our own R&D lab. However, some informal results online suggest that the Armv8 Cryptography Extensions do make an impact. One developer reports a speed boost of nearly 18 times with the hardware extensions enabled. When performance and safety are both critical requirements—which is increasingly the case in automotive applications—using hardware-based encryption acceleration may be worth the effort in implementation.

As we reach new levels of autonomy, the amount of data being generated, stored, and transmitted over wireless connections will only increase. At the same time, more critical systems within the car are becoming connected with each other and the outside world, bringing new challenges on how we keep data protected and vehicles secure. Tuxera’s file system encryption technology provides an effective solution to these security challenges, helping to enable the next generation of autonomous vehicles.

Visit Tuxera’s website to learn more about their file system software: Tuxera website.

To see the full list of our automotive ecosystem partners, please visit our Arm Automotive Developer Community (AADC) page below.

Visit AADC

Anonymous
Embedded blog
  • Arm and ETAS partner to optimize model-based development for Arm devices

    Guilherme Marshall
    Guilherme Marshall
    Arm and ETAS bring optimum runtime performance and simplified development flow for model-based development and automated code generation in safety applications
    • January 7, 2021
  • The Flexible Approach to Adding Functional Safety to a CPU

    Naresh Menon
    Naresh Menon
    Find out more about Functional Safety with SoC designs and Software Test Libraries.
    • October 22, 2020
  • The Future of Safety in the Digital Cockpit

    Daniel Bernal
    Daniel Bernal
    Developed with support from Arm, CoreAVI brings to market a comprehensive suite of graphics and compute drivers and libraries that will be certifiable for use in ISO 26262 ASIL D applications, for Arm…
    • September 30, 2020