Glossary · Security Controls

Hardware Security Module (HSM)

Also known as: HSM

Tamper-resistant in-ECU module that stores keys and runs cryptographic operations.

An automotive HSM (typically EVITA-aligned: full / medium / light) holds private keys in a protected boundary and performs symmetric / asymmetric crypto, secure key management, and acceleration for AUTOSAR Crypto Stack callers. It is the trust anchor that secure boot, secure flashing, and SecOC build on.

Why it matters

The HSM is the hardware root of trust the entire ECU security stack depends on — secure boot, secure flashing, SecOC, and key storage all assume it. Choosing the right EVITA profile (full, medium, or light) early shapes which cybersecurity controls a programme can realistically claim in its TARA and evidence.

Related terms

EVITA
European-funded research framework that defined the EVITA full / medium / light HSM profiles.
SHE
Secure Hardware Extension — a lightweight HSM-style specification predating EVITA Light.
Secure Boot
Boot-time integrity check that an ECU only runs authenticated firmware.
SecOC
AUTOSAR Secure Onboard Communication — message authentication for in-vehicle communication.
CSM (Crypto Service Manager)
AUTOSAR module that exposes cryptographic services to upper layers.

HSM integration on automotive ECUs (EVITA)

Need help applying Hardware Security Module (HSM) on a programme? Use the contact form or request a KAVACH demo.

Hardware Security Module (HSM)

EVITA

SHE

Secure Boot

SecOC

CSM (Crypto Service Manager)