US2019245867A1PendingUtilityA1

Automotive ecu controller and data network having security features for protection from malware transmission

57
Assignee: KARAMBA SECURITY LTDPriority: Jan 3, 2017Filed: Apr 16, 2019Published: Aug 8, 2019
Est. expiryJan 3, 2037(~10.5 yrs left)· nominal 20-yr term from priority
H04L 63/14H04L 63/105G06F 21/55H04L 2012/40215H04L 67/12H04L 63/145H04L 2012/40273H04W 4/70H04L 63/20H04W 12/12H04L 63/101H04W 12/1208H04W 12/128
57
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

In one implementation, a method for providing security on controllers includes detecting, by a given controller, an attempted security attack on the given controller; in response to detecting the attempted attack, entering a safe mode of operation for the given controller in which at least one process performed by the given controller is restricted such that the at least one process is performed only when a current context of the controller matches a permitted context that is associated with the given controller; in response to detecting the attempted attack, transmitting a safe mode alert to one or more other controllers; and for at least one of the one or more other controllers, in response to receiving the safe mode alert, entering a safe mode of operation for the other controller.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
         1 - 19 . (canceled) 
     
     
         20 . A security-enabled, self-aware ECU in a vehicle, comprising:
 at least one processor configured to execute ECU software and security software; and   at least one memory storing the ECU software and the security software, wherein the security software includes instructions for performing operations including:
 determining a current context of the ECU; 
 analyzing data communications received at the ECU, the analyzing including a determination of whether the data communications are permitted within the current context; 
 determining, based on the analyzed data communications, whether the ECU software is experiencing an external-based attack; and 
 reporting, to a resource external to the ECU, an indication that the ECU is experiencing the external-based attack. 
   
     
     
         21 . The security-enabled, self-aware ECU of  claim 20 , wherein the external-based attack is associated with a buffer space overflow event. 
     
     
         22 . The security-enabled, self-aware ECU of  claim 20 , wherein the external-based attack is associated with malware. 
     
     
         23 . The security-enabled, self-aware ECU of  claim 20 , wherein the reporting includes providing trace information associated with the external-based attack. 
     
     
         24 . The security-enabled, self-aware ECU of  claim 20 , wherein the reporting includes providing information identifying a code portion associated with the external-based attack. 
     
     
         25 . The security-enabled, self-aware ECU of  claim 20 , wherein the reporting includes providing a copy of malware associated with the external-based attack. 
     
     
         26 . The security-enabled, self-aware ECU of  claim 20 , wherein the reporting includes providing information identifying the current context of the ECU. 
     
     
         27 . The security-enabled, self-aware ECU of  claim 26 , wherein the current context of the ECU includes geographical location data. 
     
     
         28 . The security-enabled, self-aware ECU of  claim 26 , wherein the current context of the ECU includes data indicating a current operational state of the ECU. 
     
     
         29 . The security-enabled, self-aware ECU of  claim 20 , wherein the ECU is configured to perform the reporting to a reporting queue associated with the resource external to the ECU. 
     
     
         30 . A computer-implemented method for a security-enabled, self-aware ECU in a vehicle to determine and report its own security status, the method comprising:
 executing ECU software locally on the ECU; and   executing security software locally on the ECU, the security software being configured to perform operations including:
 determining a current context of the ECU; 
 analyzing data communications received at the ECU, the analyzing including a determination of whether the data communications are permitted within the current context; 
 determining, based on the analyzed data communications, whether the ECU software is experiencing an external-based attack; and 
 reporting, to a resource external to the ECU, an indication that the ECU is experiencing the external-based attack. 
   
     
     
         31 . The computer-implemented method of  claim 30 , wherein the external-based attack is associated with a buffer space overflow event. 
     
     
         32 . The computer-implemented method of  claim 30 , wherein the external-based attack is associated with malware. 
     
     
         33 . The computer-implemented method of  claim 30 , wherein the reporting includes providing trace information associated with the external-based attack. 
     
     
         34 . The computer-implemented method of  claim 30 , wherein the reporting includes providing information identifying a code portion associated with the external-based attack. 
     
     
         35 . The computer-implemented method of  claim 30 , wherein the reporting includes providing a copy of malware associated with the external-based attack. 
     
     
         36 . The computer-implemented method of  claim 30 , wherein the reporting includes providing information identifying the current context of the ECU. 
     
     
         37 . The computer-implemented method of  claim 36 , wherein the current context of the ECU includes geographical location data. 
     
     
         38 . The computer-implemented method of  claim 36 , wherein the current context of the ECU includes data indicating a current operational state of the ECU. 
     
     
         39 . The computer-implemented method of  claim 30 , wherein the ECU is configured to perform the reporting to a reporting queue associated with the resource external to the ECU.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.