US2023418928A1PendingUtilityA1

Context-based secure controller operation and malware prevention

80
Assignee: KARAMBA SECURITY LTDPriority: Sep 7, 2015Filed: Sep 12, 2023Published: Dec 28, 2023
Est. expirySep 7, 2035(~9.2 yrs left)· nominal 20-yr term from priority
G06F 21/44G06F 21/121H04L 63/123H04L 63/20H04L 67/12G06F 2221/2101H04L 2209/84G06F 21/51G06F 21/52G06F 21/554G06F 21/566G06F 21/564G06F 21/565
80
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

In one implementation, a method for providing security on an externally connected controller includes launching, by the controller, a security layer that includes a whitelist of permitted processes on the controller, the whitelist including (i) signatures for processes that are authorized to be executed and (ii) context information identifying permitted controller contexts within which the processes are authorized to be executed; determining, by the security layer, whether the particular process is permitted to be run on the controller based on a comparison of the determined signature with a verified signature for the particular process from the whitelist; identifying, by the security layer, a current context for the controller; determining, by the security layer, whether the particular process is permitted to be run on the controller based on a comparison of the current context with one or more permitted controller contexts for the particular process from the whitelist.

Claims

exact text as granted — not AI-modified
1 - 12 . (canceled) 
     
     
         13 . A method for providing security on a network-connected data processing controller, the method comprising:
 identifying a request to run a particular application;   determining a digital signature for the particular application;   accessing a whitelist of reference digital signatures for approved applications, the whitelist associating approved application names with respective reference digital signatures;   determining whether to run the particular application based on:
 a first comparison of the determined digital signature with at least one reference digital signature from the whitelist; and 
 a second comparison of a current real-time controller operating context to a reference real-time controller operating context of the network-connected data processing controller; and 
   based on at least one of the first comparison or the second comparison, performing at least one of:
 blocking the particular application from running on the network-connected data processing controller; or 
 allowing the particular application to run on the network-connected data processing controller. 
   
     
     
         14 . The method of  claim 13 , further comprising determining, based on the first comparison, that the determined digital signature does not exist within the whitelist. 
     
     
         15 . The method of  claim 13 , wherein at least one of the approved applications in the whitelist is associated with at least one of a binary file, a binary library, a script file, a configuration file, or a hardware resource. 
     
     
         16 . The method of  claim 13 , wherein the whitelist is stored in a database. 
     
     
         17 . The method of  claim 13 , further comprising determining, based on the second comparison, whether operations of the network-connected data processing controller are within expected parameters. 
     
     
         18 . The method of  claim 13 , wherein the whitelist further associates the approved application names with respective contexts. 
     
     
         19 . The method of  claim 13 , wherein the network-connected data processing controller is an electronic control unit (ECU) of a vehicle. 
     
     
         20 . The method of  claim 13 , wherein the reference real-time controller operating context of the network-connected data processing controller comprises at least one of: a state of a device of which the network-connected data processing controller is a part or a state of a surrounding of the device. 
     
     
         21 . The method of  claim 13 , wherein the whitelist is stored as read-only or is encrypted. 
     
     
         22 . The method of  claim 13 , wherein:
 the particular application is a binary application;   the approved applications include binary applications; and   the reference real-time controller operating context of the network-connected data processing controller is a context within which binary application operation is permitted.   
     
     
         23 . The method of  claim 13 , wherein the reference real-time controller operating context of the network-connected data processing controller is defined in a security policy for the network-connected data processing controller. 
     
     
         24 . The method of  claim 23 , wherein the security policy for the network-connected data processing controller is determined externally from the network-connected data processing controller. 
     
     
         25 . The method of  claim 23 , wherein the security policy for the network-connected data processing controller is stored on the network-connected data processing controller after the network-connected data processing controller receives the security policy from an external system. 
     
     
         26 . A non-transitory computer-readable medium including instructions that, when executed by at least one processor, cause the at least one processor to perform operations for providing security on a network-connected data processing controller, comprising:
 identifying a request to run a particular application;   determining a digital signature for the particular application;   accessing a whitelist of reference digital signatures for approved applications, the whitelist associating approved application names with respective reference digital signatures;   determining whether to run the particular application based on:
 a first comparison of the determined digital signature with at least one reference digital signature from the whitelist; and 
 a second comparison of a current real-time controller operating context to a reference real-time controller operating context of the network-connected data processing controller; and 
   based on at least one of the first comparison or the second comparison, performing at least one of:
 blocking the particular application from running on the network-connected data processing controller; or 
 allowing the particular application to run on the network-connected data processing controller. 
   
     
     
         27 . The non-transitory computer-readable medium of  claim 26 , wherein at least one of the approved applications in the whitelist is associated with at least one of a binary file, a binary library, a script file, a configuration file, or a hardware resource 
     
     
         28 . The non-transitory computer-readable medium of  claim 26 , wherein the whitelist further associates the approved application names with respective contexts. 
     
     
         29 . The non-transitory computer-readable medium of  claim 26 , wherein the network-connected data processing controller is an electronic control unit (ECU) of a vehicle. 
     
     
         30 . The non-transitory computer-readable medium of  claim 26 , wherein the reference real-time controller operating context of the network-connected data processing controller comprises at least one of: a state of a device of which the network-connected data processing controller is a part or a state of a surrounding of the device. 
     
     
         31 . The non-transitory computer-readable medium of  claim 26 , wherein:
 the particular application is a binary application;   the approved applications include binary applications; and   the reference real-time controller operating context of the network-connected data processing controller is a context within which binary application operation is permitted.   
     
     
         32 . The non-transitory computer-readable medium of  claim 26 , wherein the reference real-time controller operating context of the network-connected data processing controller is defined in a security policy for the network-connected data processing controller.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.