Centralized compute platforms and OTA updates change a vehicle’s risk profile in fundamental ways.
The automotive industry is being rebuilt around software. Architectures built on dozens of distributed ECUs are giving way to centralized and zonal compute platforms. Functions that once ran on dedicated hardware now share the same SoC. Software updates are no longer occasional events tied to recalls. They happen continuously, over the air, across the vehicle’s lifetime.
This is what the software-defined vehicle looks like in practice. Fewer chips, more consolidation, and far more dependence on software. That shift improves efficiency, but it also changes the risk profile in fundamental ways. A vulnerability is no longer isolated. In a centralized system, it can affect multiple domains. A compromised firmware image is no longer a localized defect. It becomes a system-level entry point.
Traditional approaches to security struggle to keep up with this model.
Four key trends are driving a step-function increase in security requirements:
Taken together, these pressures point to a clear conclusion. Security cannot be fragmented or deferred. It has to be designed into the system architecture from the beginning.
A hardware Root of Trust is well understood, but its role is changing. Earlier designs often treated it as a functional block for secure boot and key storage. In centralized automotive SoCs, that is no longer enough.
The Root of Trust now has to establish trust across multiple workloads on shared silicon, enforce isolation between domains, protect keys, validate software, and support trusted communication throughout the vehicle’s lifecycle. It has moved from a supporting feature to a system-level anchor. If that anchor is weak or inconsistent, the entire platform inherits the risk.
This means security must be treated as a subsystem. Integrated security subsystems combine secure processing, memory, and cryptographic services inside a defined boundary, creating a single place where trust is established and enforced. This reduces ambiguity and supports flexible, software-driven development.
At the same time, SoC design itself is shifting toward platform-based approaches. Fully custom designs are becoming harder to justify due to cost and complexity. Pre-integrated subsystems are gaining traction because they shorten development cycles and reduce risk.
Arm Compute Subsystems (CSS), including Zena CSS for automotive, reflect this direction. They provide pre-validated combinations of compute, interconnect, system IP, and software. For engineering teams, that means less integration work and faster time to first silicon.
But adopting a platform approach like CSS also changes the game for security. A hardware Root of Trust has to fit naturally into Arm-based SoC design environments and work alongside Arm CSS-based platforms, not sit apart from them. That alignment makes security easier to integrate, easier to validate, and better suited to modern automotive architectures.
This is where the new Rambus CryptoManager RT-648 Root of Trust comes into play. It is the first Rambus Root of Trust solution with an Arm core, bringing Rambus hardware security into closer alignment with Arm-based SoC design environments, Arm toolchains, and CSS. For automotive SoC developers building around Arm platforms, that reduces friction and makes hardware-based trust easier to embed into subsystem-based designs.
At the feature level, RT-648 combines an Arm Cortex-M33 processor, secure memory, and crypto accelerators in an integrated eHSM enclave. It provides ASIL-B readiness for automotive safety requirements, quantum-safe cryptography for long vehicle lifecycles, and SM2, SM3, and SM4 algorithm support for China-market designs. It also supports full lifecycle security aligned with provisioning and key management.
A concrete example of the benefits of RT-648 can be found in its deployment in Telechips automotive platforms. By integrating RT-648 into its SoCs, Telechips applies the same hardware-based security architecture across different chips in its product line, spanning applications such as infotainment, digital cockpit, ADAS, and domain controllers. That consistency supports secure boot, key management, and workload isolation while reducing the need to recreate security architecture for each new device, vehicle program, or product generation.
Automotive architectures are becoming more centralized. Software is becoming the primary differentiator. Platform-based design is accelerating. Security has to evolve along the same lines.
That means fewer disconnected features and more system-level thinking. It means aligning security with the compute platform instead of adapting it afterward. And it means treating the Root of Trust as a foundational control point.
Vehicles will continue to change after they leave the factory. Security has to support that reality from day one. If trust cannot scale, the platform becomes the constraint. That is why the RT-648 provides a hardware-based trust that aligns with Arm-based platforms, supports long automotive lifecycles, and scales across product families.
Leave a Reply