NXP Leverages AI Acceleration in Dev Kit for Automotive Security

NXP recently released OrangeBox 2.0: a second-generation automotive connectivity domain controller development platform. Designed to centralize and secure the data flow between a vehicle’s gateway and its wired and wireless interfaces, OrangeBox 2.0 introduces new AI and post-quantum cryptography features to facilitate secure communications within the vehicle. 

OrangeBox 2.0 connectivity domain controller.

OrangeBox 2.0 Simplifies Automotive Security

OrangeBox 2.0 leverages the i.MX 94 applications processor that integrates four Cortex-A55 cores, two Cortex-M7 cores, and two Cortex-M33 cores. It also includes an eIQ Neutron neural processing unit to accelerate AI-driven anomaly detection and firewall operations. With this architecture, NXP claims that the platform features a fourfold increase in CPU performance over its predecessor.

OrangeBox 2.0 technology. 

For memory, OrangeBox 2.0 integrates 6 GB of LPDDR5 memory, 32 GB of eMMC storage, and 64 MB of serial NOR flash. It connects to peripherals through high-speed interfaces including PCIe, USB 3.0, SDIO, and M.2, and supports over-the-air software updates and region-specific adaptations. The system also consolidates multiple connectivity technologies, such as dual-band Wi-Fi 6E, Bluetooth 5.4, BLE/UWB secure access, GNSS, DSRC V2X, and optional 5G cellular, into a single modular controller. Its networking stack includes two 2.5-Gbps and three 1-Gbps Ethernet ports, as well as dual CAN-FD interfaces.

To fortify its post-quantum resilience, OrangeBox 2.0 incorporates NXP’s EdgeLock Secure Enclave and Prime cryptography accelerator, which together support real-time message authentication and cryptographic operations hardened against quantum attacks. A dedicated ASIL B safety island conforms the platform to ISO 26262 requirements for automotive functional safety. 

New Security Models in Automotive Networks

The automotive trend toward software-defined vehicles (SDVs) has, in some ways, rendered traditional, static security models insufficient. Modern vehicles incorporate complex, high-bandwidth, bidirectional data flows through interfaces like Wi-Fi 6E, Bluetooth, cellular V2X, and UWB. With these heterogeneous pathways comes an increased attack surface and a need for more dynamic security schemes.

As such, new automotive security models emphasize in-vehicle threat detection, zero-trust architectures, and secure domain-based segmentation. This approach is built around in-vehicle machine learning that can classify anomalous communication patterns in real time and adapt to emerging threats without prior signature-based training. AI-enhanced intrusion detection systems (IDS) now reside on connectivity domain controllers, where they analyze packet behavior at the edge to identify low-rate attacks and protocol misuse that static models miss.

Software-defined networking (SDN) further modernizes internal communications by decoupling data and control planes. SDN-capable automotive controllers can dynamically reconfigure traffic flow to isolate compromised components or prioritize safety-critical packets. In this way, these models unlock the ability to actively monitor, adapt, and respond within milliseconds.

Adaptive Security for Vehicles

The shift from static defense mechanisms to responsive security infrastructures often entails integrating embedded AI, cryptographic agility, and SDN into connectivity domain controllers like OrangeBox 2.0. Rather than treating security as an afterthought layered onto communication protocols, OrangeBox 2.0 suggests a design philosophy where each compute and communication node participates in system-level threat awareness. Following its successful demonstrations of OrangeBox 2.0 at Computex, NXP expects to release the development kit in the second half of 2025.

All images used courtesy of NXP Semiconductors.