Flash Bootloader: Option “Security (Crypto)” Data encryption, validation and authentication during flash programming Functions Option Security for the Vector Flash Bootloader meets the require-ments Overview of Advantages > Protection against unauthorized ECU access > Secure downloads > Efficient program execution monitoring by signature checking of HIS “Security Module Specification, Version 1.1.” The following modules are available: > Symmetrical data encryption based on the Advanced Encryption Standard (AES), class AAA > Computation of Hash codes with Hash function SHA-1 (alternatively: RIPEMD-160, SHA-256, MD5). > Validation and authentication of the download process by signatures per security classes C and CCC. Class C: The signature is generated in the flash tool by the H-MAC method with a confidential, symmetrical key, and it is verified in the ECU. Class CCC: The signature is generated externally by the RSA meth-od The Vector Flash Bootloader lets you program ECUs over a bus sys-tem without having to remove the ECU. To prevent unauthorized access during this process, the Flash Bootloader may use simple or OEM-specific Seed/Key methods. This is sufficient for most ECUs today. However, in the case of ECUs containing sensitive vehicle data such as an engine immobilizer function or odometer, the Option Security (Crypto) modules are needed to implement extended security measures. The Hersteller Initiative Software (HIS; “Manufacturers Software Initiative”) has specified crypto-graphic with a confidential private key. In the ECU, the signature is opened with a public key and is verified. During ECU development, it is convenient to use the supplied HexView tool for signature computation. In production usage, the CANdelaFlash tool would be used to generate the entire ODX-F container. routines with standardized interfaces in scalable security classes for this purpose. Application Areas Option Security for the Vector Flash Bootloader lets you efficient-ly prevent flashing and unauthorized execution of protected soft-ware 5/4 Scope of Delivery > Configurable C source code; integrated in the Bootloader > Tool HexView for efficient computation of the signatures > Documentation in the ECU. The option contains secure, qualitatively high-end cryptographic functions from the company Cryptovision. Upon request, you can also obtain extended Seed/Key methods for ECU access protection. ◆ Generating, transmitting and verifying a digital signature