Secure controller operation and malware prevention
Abstract
In one implementation, a method for providing security on an externally connected controller includes launching, by the controller, a kernel level security layer that includes a whitelist of permitted processes on the controller, the whitelist being part of a custom security policy for the controller; receiving, at the security layer, a request to run a particular process; determining, by the security layer, a signature for the particular process; identifying, by the security layer, a verified signature for the process from the whitelist; determining, by the security layer, whether the particular process is permitted to he run on the controller based on a comparison of the determined signature with the verified signature from the whitelist; and blocking, by the security layer, the particular process from running on the automotive controller based on the determined signature not matching the verified signature for the process.
Claims
exact text as granted — not AI-modified1 - 22 . (canceled)
23 . A non-transitory computer readable medium including instructions that, when executed by at least one processor, cause the at least one processor to perform operations for customized code execution flow integrity for a controller, comprising:
embedding, in a controller, customized and controller-specific code execution flow inspection code, the controller-specific code execution flow inspection code being configured to:
monitor local processing activity of the controller;
compare code execution requests of the controller to a map of permitted code execution for the controller;
determine whether the code execution requests conflict with the map of permitted code execution for the controller; and
implement, based on the determination, control actions to prevent the code execution requests that conflict with the map of permitted code execution from being executed on the controller.
24 . The non-transitory computer readable medium of claim 23 , wherein the map of permitted code execution for the controller defines a plurality of valid function call sequences for the controller.
25 . The non-transitory computer readable medium of claim 23 , wherein the map of permitted code execution for the controller is based on a build process for the controller.
26 . The non-transitory computer readable medium of claim 23 , wherein the map of permitted code execution for the controller is based on a static analysis of binaries associated with code installed on the controller.
27 . The non-transitory computer readable medium of claim 23 , wherein the embedding includes integrating the controller-specific code execution flow inspection code into executable code installed on the controller.
28 . The non-transitory computer readable medium of claim 23 , wherein the operations further comprise accessing signatures associated with the code execution requests.
29 . The non-transitory computer readable medium of claim 28 , wherein the operations further comprise comparing the signatures with a database of approved signatures.
30 . The non-transitory computer readable medium of claim 23 , wherein a hook registered with a kernel of the controller is configured to redirect processing of the controller to a process verification function.
31 . The non-transitory computer readable medium of claim 30 , wherein the process verification function is configured to return processing of the controller following the process verification function.
32 . The non-transitory computer readable medium of claim 30 , wherein the process verification function is configured to determine signatures associated with the code execution requests.
33 . A computer-implemented method for customized code execution flow integrity for a controller, the method comprising:
embedding, in a controller, customized and controller-specific code execution flow inspection code, the controller-specific code execution flow inspection code being configured to:
monitor local processing activity of the controller;
compare code execution requests of the controller to a map of permitted code execution for the controller;
determine whether the code execution requests conflict with the map of permitted code execution for the controller; and
implement, based on the determination, control actions to prevent the code execution requests that conflict with the map of permitted code execution from being executed on the controller.
34 . The computer-implemented method of claim 33 , wherein the map of permitted code execution for the controller defines a plurality of valid function call sequences for the controller.
35 . The computer-implemented method of claim 33 , wherein the map of permitted code execution for the controller is based on a build process for the controller.
36 . The computer-implemented method of claim 33 , wherein the map of permitted code execution for the controller is based on a static analysis of binaries associated with code installed on the controller.
37 . The computer-implemented method of claim 33 , wherein the embedding includes integrating the controller-specific code execution flow inspection code into executable code installed on the controller.
38 . The computer-implemented method of claim 33 , further comprising accessing signatures associated with the code execution requests.
39 . The computer-implemented method of claim 38 , further comprising comparing the signatures with a database of approved signatures.
40 . The computer-implemented method of claim 33 , wherein a hook registered with a kernel of the controller is configured to redirect processing activity of the controller to a process verification function.
41 . The computer-implemented method of claim 40 , wherein the process verification function is configured to return processing of the controller following the process verification function.
42 . The computer-implemented method of claim 40 , wherein the process verification function is configured to determine signatures associated with the code execution requests.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.