Methods and systems for bypassing authenticity checks for secure control modules

US 10,038,565 B2
Filed: 12/20/2012
Issued: 07/31/2018
Est. Priority Date: 12/20/2012
Status: Active Grant

First Claim

Patent Images

1. A method of bypassing an authenticity check for a secure control module, comprising:

receiving authenticity data from a secure source, wherein the authenticity data includes a signature and an identifier (ID) that is unique to the control module;

programming the control module with the authenticity data; and

selectively bypassing the authenticity check of a control program of the control module when the signature of the authenticity data is valid and when the ID of the authenticity data matches an identifier of the control module, wherein the control program includes instructions that when executed by a processor control one or more components of a vehicle,wherein the authenticity check authenticates a digital signature of the control program.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems are provided for bypassing an authenticity check for a secure control module. In one embodiment, a method includes: receiving authenticity data from a secure source, wherein the authenticity data includes a signature and an identifier that is unique to the control module; programming the control module with the authenticity data; and bypassing the authenticity check of a control program of the control module based on the authenticity data.

14 Citations

View as Search Results

16 Claims

1. A method of bypassing an authenticity check for a secure control module, comprising:
- receiving authenticity data from a secure source, wherein the authenticity data includes a signature and an identifier (ID) that is unique to the control module;
  
  programming the control module with the authenticity data; and
  
  selectively bypassing the authenticity check of a control program of the control module when the signature of the authenticity data is valid and when the ID of the authenticity data matches an identifier of the control module, wherein the control program includes instructions that when executed by a processor control one or more components of a vehicle,wherein the authenticity check authenticates a digital signature of the control program.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, further comprising combining the authenticity data with at least one file of the control program, and wherein the programming the control module with the authenticity data comprises programming the control module with the at least one file and the authenticity data.
  - 3. The method of claim 1, wherein the programming the control module with the authenticity data comprises storing the authenticity data as an authenticity application program in application memory.
  - 4. The method of claim 3, further comprising running the authenticity application program to erase a production boot program from boot memory and write a development boot program to boot memory.
  - 5. The method of claim 4, wherein the bypassing the authenticity check of the control program is performed by the development boot program.
  - 6. The method of claim 1, wherein the programming the control module with the authenticity data comprises storing the authenticity data in a designated memory location.
  - 7. The method of claim 6, wherein the bypassing the authenticity check of the control program comprises selectively bypassing the authenticity check of the control program when the authenticity data is stored in the designated memory location.
  - 8. The method of claim 6, wherein the designated memory location is in calibration memory.
  - 9. The method of claim 6, wherein the designated memory location is in a memory location that is not part of application memory and calibration memory.
  - 10. The method of claim 1 wherein the authenticity data is programmed to the control module in the form of a file header.
  - 11. The method of claim 1 wherein the authenticity data is programmed to the control module in the form of an application program.
  - 12. The method of claim 1 wherein the authenticity data is programmed to the control module in the form of a security ticket.

13. A system for bypassing an authenticity check, comprising:
- a secure control module that includes non-volatile memory and a processor; and
  
  a control program that includes instructions that when executed by the processor control one or more components of a vehicle, and that includes authenticity data that is received from a secure source, that stores the authenticity data in the non-volatile memory, and that selectively bypasses the authenticity check of the control program when a signature of the authenticity data is valid and when an identifier (ID) of the authenticity data matches a unique identifier of the control module, wherein the authenticity check authenticates a digital signature of the control program.
- View Dependent Claims (14, 15, 16)
- - 14. The system of claim 13, wherein the non-volatile memory is partitioned into at least boot memory, application memory, and calibration memory, and wherein the authenticity data is stored in application memory.
  - 15. The system of claim 13, wherein the non-volatile memory is partitioned into at least boot memory, application memory, and calibration memory, and wherein the authenticity data is stored in calibration memory.
  - 16. The system of claim 13, wherein the non-volatile memory is partitioned into at least boot memory, application memory, calibration memory, and authenticity memory, and wherein the authenticity data is stored in the authenticity memory.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
GM Global Technology Operations LLC (General Motors Company)
Original Assignee
GM Global Technology Operations LLC (General Motors Company)
Inventors
Alrabady, Ansaf I., Baltes, Kevin M., Rosa, J. David, Forest, Thomas M., Wist, Alan D.
Primary Examiner(s)
Simitoski, Michael

Application Number

US13/722,810
Publication Number

US 20140181526A1
Time in Patent Office

2,049 Days
Field of Search

713155, 713161, 713168, 713169, 713170, 713176, 726 2, 726 9, 726 20, 380229, 380232, 380247, 380258
US Class Current
CPC Class Codes

G06F 21/572   Secure firmware programming...

H04L 2209/84   Vehicles

H04L 9/3247   involving digital signatures

H04L 9/3249   using RSA or related signat...

Methods and systems for bypassing authenticity checks for secure control modules

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

14 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for bypassing authenticity checks for secure control modules

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

14 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links