Automotive Cyber Security,
Cryptographic Key Management System
NeoKeyManager-AUTO
Integrated cryptographic key management solution to meet automotive OEM security requirements
NeoKeyManager-AUTO
A cryptographic key, certificate management, and digital signature solution for automotive cybersecurity readiness
NeoKeyManager-AUTO is a cryptographic key, certificate management, and digital signature solution for automotive cybersecurity readiness.
OEM–Tier KMS integration is a 핵심 element of automotive cybersecurity compliance. By securely storing cryptographic keys in the ECU’s HSM, it helps protect all ECU software from hacking attacks.
Key Features
1
Interoperable KMIP
· OASIS is the organization that establishes international standards for key management and evaluates device interoperability (KMIP).
· NeoKeyManager has obtained interoperability certification for KMIP version 3.0 and participates in defining various features, including management functions between automotive OEM and Tier groups.
· OASIS TC Members: MDS Intelligence, IBM, HP Enterprise, Microsoft, Oracle
· NeoKeyManager has obtained interoperability certification for KMIP version 3.0 and participates in defining various features, including management functions between automotive OEM and Tier groups.
· OASIS TC Members: MDS Intelligence, IBM, HP Enterprise, Microsoft, Oracle
2
Intuitive administrator console
NeoKeyManager-AUTO manages the secure lifecycle of cryptographic keys and provides secure channels with external systems, along with administrator privilege configuration.
3
HSM certification status
· International CC certification
· FIPS 140-2 Level 3 certification
▷ HSM assurance levels
· Level 1
- Products evaluated against basic security requirements
- No specific physical security requirements; primarily evaluates software cryptographic modules
· Level 2
- Security conformance evaluation for cryptographic modules and hardware components
- Requires measures to prevent physical tampering/disassembly
· Level 3
- Evaluates whether measures exist to prevent product disassembly, including proactive countermeasures
- If unauthorized access or improper modifications/misuse are detected, the device deletes critical security variables
· Level 4
- Evaluated with consideration for environments where physical protection is difficult
- A level intended for emerging key management services/products such as cloud-based offerings
· FIPS 140-2 Level 3 certification
▷ HSM assurance levels
· Level 1
- Products evaluated against basic security requirements
- No specific physical security requirements; primarily evaluates software cryptographic modules
· Level 2
- Security conformance evaluation for cryptographic modules and hardware components
- Requires measures to prevent physical tampering/disassembly
· Level 3
- Evaluates whether measures exist to prevent product disassembly, including proactive countermeasures
- If unauthorized access or improper modifications/misuse are detected, the device deletes critical security variables
· Level 4
- Evaluated with consideration for environments where physical protection is difficult
- A level intended for emerging key management services/products such as cloud-based offerings
Key Capabilities
1
Cryptographic key lifecycle management
· Key generation · distribution · storage · backup · recovery · rotation · revocation
· Assign a UUID per key to prevent direct exposure and leakage
· Assign a UUID per key to prevent direct exposure and leakage
2
Certificate lifecycle management
· Certificate issuance/re-issuance/revocation/validation
· Assign a UUID per certificate to prevent direct exposure and leakage
· Assign a UUID per certificate to prevent direct exposure and leakage
3
Interoperability
· Support standard protocols such as KMIP and PKCS#11
· Provide a KMIP-compatible SDK (C, C++, C#, Java, Python, etc.)
· Support integration with various cryptographic solutions and DB TDE (Oracle, MongoDB, etc.)
· Provide a KMIP-compatible SDK (C, C++, C#, Java, Python, etc.)
· Support integration with various cryptographic solutions and DB TDE (Oracle, MongoDB, etc.)
4
Physical security
· Built-in HSM (Hardware Security Module)
· Securely store generated keys and prevent leakage
· Built-in HSM certified to U.S. federal standard FIPS 140-2 Level 3
· Equipped with a cryptographic module verified by the National Intelligence Service (KCMVP)
· Securely store generated keys and prevent leakage
· Built-in HSM certified to U.S. federal standard FIPS 140-2 Level 3
· Equipped with a cryptographic module verified by the National Intelligence Service (KCMVP)
5
Monitoring
· Access control, approval workflows, expiration alerts, auto-renewal, automated security audit logs, and automatic generation of audit/management/approval reports
· Web-based management console
· Web-based management console
6
Collaborative organization management
· Integrate with external key management solutions (KMS) and manage approvals
· Configure groups and permissions reflecting corporate hierarchies
· Control key access by tier, vehicle model, and ECU
· Configure groups and permissions reflecting corporate hierarchies
· Control key access by tier, vehicle model, and ECU
Industries
Use Cases
1
Automaker use case for NKM
1) Comply with key generation policies based on OEM requirements
2) Deploy a KMS (Key Management System) on an internal network isolated from external networks
2) Deploy a KMS (Key Management System) on an internal network isolated from external networks
Key Clients
Automotive & Railways
Software & IT Services
Share MDS Intelligence content on your SNS!
Automotive Cyber Security Expert
Contact Us Directly
An MDS Intelligence Automotive Cyber Security expert will assist you accurately and promptly.
+82 31-601-4303
nkm_biz@mdsit.co.kr
Inquire About NeoKeyManager-AUTO
