Aurix TriCore Debugging Solution
Furthermore we have been developing an Aurix TriCore debugger based on the TCF protocol.
The project attracted the interest of bug chip vendors and we are happy to see CTO of HighTec EDV-Systeme GmbH announcing their IDE to contain a new integrated debugger in future. So let us wait for Infineon Aurix Development Studio with TC4 support and be excited which debugging solution will be integrated, if it may be the same Tasking debugger from privious version or if they as well may do the switch towards an open source technology based debug agent.
Currently our project is closed source, but open sourcing is under consideration, so stay tuned.
Security
In 2023 and 2024 we were lucky to aquire some very interesting projects! One of our key projects has been the implementation of an application allowing the customers to regain debug access for in field devices with completely locked down debugging availability. This project was challanging as it needed to combine both:
- Allow debugging for authorized parties
- Secure the interfaces in a way to minimize the risk of exploitation
We created various security concepts in order to create a secure, device specific debug image which can be flashed to the device using an authorized way of low level flashing. A service, verifying the integrity of the image mounted it and started specific services. In order to protect the services even after successfully flashing and launching the services we elaborated on secure ways of authentication and investigated the ssh agent based authentication method in order to not even hand out private keys to debug engineers, but enforce their authentication at an internal server which maintains the access keys per user and handles the authentication requests. In my opinion this is a very nice way of securing ssh applications.
Our work did not end here, because the services which create the secure images, the processes where engineers request them as well as the life time of the images itself could be target of internal and external attackers. It was a huge playground for security enthuisiasts to create and implement concepts and processes which provide security in this huge customer environment and we are happy that in the end we could successfully complete this project which nowadays enables our customers to analyze broken end-customer devices.