Glossary · Security Controls

SecOC

AUTOSAR Secure Onboard Communication — message authentication for in-vehicle communication.

SecOC adds a message authentication code (and a freshness value) to specified PDUs on CAN, CAN-FD, FlexRay, or Ethernet so that receivers can verify origin and freshness. It is the AUTOSAR-standard answer to spoofing and replay on in-vehicle networks; key material typically lives in an HSM.

Why it matters

SecOC is the AUTOSAR-standard defence against spoofing and replay on in-vehicle networks, and assessors increasingly expect it on safety-relevant signals. Specifying SecOC, its freshness scheme, and HSM-backed keys during the cybersecurity concept — not after integration — is what keeps the resulting evidence coherent under review.

Related terms

Message Authentication Code (MAC)
Short cryptographic tag that proves a message's origin and integrity to a receiver sharing a key.
Hardware Security Module (HSM)
Tamper-resistant in-ECU module that stores keys and runs cryptographic operations.
CSM (Crypto Service Manager)
AUTOSAR module that exposes cryptographic services to upper layers.
AUTOSAR Classic
AUTOSAR's layered architecture for deeply embedded ECUs running on real-time microcontrollers.

SecOC on AUTOSAR Classic

Need help applying SecOC on a programme? Use the contact form or request a KAVACH demo.

SecOC

Message Authentication Code (MAC)

Hardware Security Module (HSM)

CSM (Crypto Service Manager)

AUTOSAR Classic