Automotive ecu controller and data network having security features for protection from malware transmission
Abstract
In one implementation, a method for providing security on controllers includes detecting, by a given controller, an attempted security attack on the given controller; in response to detecting the attempted attack, entering a safe mode of operation for the given controller in which at least one process performed by the given controller is restricted such that the at least one process is performed only when a current context of the controller matches a permitted context that is associated with the given controller; in response to detecting the attempted attack, transmitting a safe mode alert to one or more other controllers; and for at least one of the one or more other controllers, in response to receiving the safe mode alert, entering a safe mode of operation for the other controller.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 - 19 . (canceled)
20 . A security-enabled, self-aware ECU in a vehicle, comprising:
at least one processor configured to execute ECU software and security software; and at least one memory storing the ECU software and the security software, wherein the security software includes instructions for performing operations including:
determining a current context of the ECU;
analyzing data communications received at the ECU, the analyzing including a determination of whether the data communications are permitted within the current context;
determining, based on the analyzed data communications, whether the ECU software is experiencing an external-based attack; and
reporting, to a resource external to the ECU, an indication that the ECU is experiencing the external-based attack.
21 . The security-enabled, self-aware ECU of claim 20 , wherein the external-based attack is associated with a buffer space overflow event.
22 . The security-enabled, self-aware ECU of claim 20 , wherein the external-based attack is associated with malware.
23 . The security-enabled, self-aware ECU of claim 20 , wherein the reporting includes providing trace information associated with the external-based attack.
24 . The security-enabled, self-aware ECU of claim 20 , wherein the reporting includes providing information identifying a code portion associated with the external-based attack.
25 . The security-enabled, self-aware ECU of claim 20 , wherein the reporting includes providing a copy of malware associated with the external-based attack.
26 . The security-enabled, self-aware ECU of claim 20 , wherein the reporting includes providing information identifying the current context of the ECU.
27 . The security-enabled, self-aware ECU of claim 26 , wherein the current context of the ECU includes geographical location data.
28 . The security-enabled, self-aware ECU of claim 26 , wherein the current context of the ECU includes data indicating a current operational state of the ECU.
29 . The security-enabled, self-aware ECU of claim 20 , wherein the ECU is configured to perform the reporting to a reporting queue associated with the resource external to the ECU.
30 . A computer-implemented method for a security-enabled, self-aware ECU in a vehicle to determine and report its own security status, the method comprising:
executing ECU software locally on the ECU; and executing security software locally on the ECU, the security software being configured to perform operations including:
determining a current context of the ECU;
analyzing data communications received at the ECU, the analyzing including a determination of whether the data communications are permitted within the current context;
determining, based on the analyzed data communications, whether the ECU software is experiencing an external-based attack; and
reporting, to a resource external to the ECU, an indication that the ECU is experiencing the external-based attack.
31 . The computer-implemented method of claim 30 , wherein the external-based attack is associated with a buffer space overflow event.
32 . The computer-implemented method of claim 30 , wherein the external-based attack is associated with malware.
33 . The computer-implemented method of claim 30 , wherein the reporting includes providing trace information associated with the external-based attack.
34 . The computer-implemented method of claim 30 , wherein the reporting includes providing information identifying a code portion associated with the external-based attack.
35 . The computer-implemented method of claim 30 , wherein the reporting includes providing a copy of malware associated with the external-based attack.
36 . The computer-implemented method of claim 30 , wherein the reporting includes providing information identifying the current context of the ECU.
37 . The computer-implemented method of claim 36 , wherein the current context of the ECU includes geographical location data.
38 . The computer-implemented method of claim 36 , wherein the current context of the ECU includes data indicating a current operational state of the ECU.
39 . The computer-implemented method of claim 30 , wherein the ECU is configured to perform the reporting to a reporting queue associated with the resource external to the ECU.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.