Vehicle security module system
First Claim
1. A vehicle security system for a vehicle, the system comprising:
- one or more controller area network (CAN) buses;
one or more electronic control units (ECUs) connected to the one or more CAN buses;
a vehicle security module (VSM) connected to the one or more CAN buses; and
an on board diagnostics (OBD) connector connected to the vehicle security module; and
wherein;
the vehicle security module discriminates between authorized and unauthorized signals that are input to the on board diagnostics connector; and
the VSM has a security policy;
the security policy specifies the types of messages that are allowed to flow to and/or from the vehicle to a device plugged into the OBD connector;
the VSM is configured to verify a token in the device plugged into the OBD connector and modify the security policy according to a change specified in the verified token to allow the VSM to classify a signal as an authorized signal when the VSM would otherwise classify the signal as an unauthorized signal and facilitate performing a service on the vehicle that would not otherwise be permitted by the security policy;
authorized signals are forwarded by the vehicle security module to the one or more CAN busses; and
the unauthorized signals are refused entry to the one or more CAN busses.
8 Assignments
0 Petitions
Accused Products
Abstract
A vehicle security system having controller area network buses, electronic control units connected to the controller area network buses, a vehicle security module connected to the controller area network buses, and an on board diagnostics connector connected to the vehicle security module. The vehicle security module may according to a policy discriminate between authorized and unauthorized signals that are input to the on board diagnostics connector. Authorized signals may be forwarded by the vehicle security module to the controller area network busses. Authorized signals may affect operation of one or more of the components of the vehicle via the electronic control units. Authorized signals may change the policy used by the vehicle security module. Unauthorized signals may be refused entry to the controller area network busses. The on board diagnostics connector may receive the signals from diagnostic instrumentation, control instrumentation, tracking instrumentation, a dongle, and so forth.
542 Citations
19 Claims
-
1. A vehicle security system for a vehicle, the system comprising:
-
one or more controller area network (CAN) buses; one or more electronic control units (ECUs) connected to the one or more CAN buses; a vehicle security module (VSM) connected to the one or more CAN buses; and an on board diagnostics (OBD) connector connected to the vehicle security module; and wherein; the vehicle security module discriminates between authorized and unauthorized signals that are input to the on board diagnostics connector; and the VSM has a security policy; the security policy specifies the types of messages that are allowed to flow to and/or from the vehicle to a device plugged into the OBD connector; the VSM is configured to verify a token in the device plugged into the OBD connector and modify the security policy according to a change specified in the verified token to allow the VSM to classify a signal as an authorized signal when the VSM would otherwise classify the signal as an unauthorized signal and facilitate performing a service on the vehicle that would not otherwise be permitted by the security policy; authorized signals are forwarded by the vehicle security module to the one or more CAN busses; and the unauthorized signals are refused entry to the one or more CAN busses. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for authorizing a policy change in a vehicle security module, comprising:
-
plugging a device selected from a group comprising diagnostic instrumentation, control instrumentation, tracking instrumentation, and dongles, into an on board diagnostics connector connected to a vehicle security module that is in turn connected to one or more controller area network (CAN) buses, the vehicle security module having a default security policy that specifies the types of messages that are allowed to flow to and/or from the vehicle to the device plugged into the onboard diagnostics connector; verifying an authentication token in the device plugged into the on board diagnostics connector; modifying the default security policy of the vehicle security module according to a change specified in the verified authentication token; and classifying a signal as authorized under the modified security policy that would otherwise be classified as unauthorized under the default security policy to facilitate performing a service on the vehicle that would not otherwise be permitted by the default security policy; and wherein; the one or more CAN buses are connected to one or more electronic control units (ECUs); the vehicle security module blocks unauthorized signals and allows authorized signals to the CAN buses. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
-
16. A mechanism for providing authorized changes of policy to the vehicle security module, comprising:
-
a vehicle security module having a security policy; an on board diagnostics port connected to the vehicle security module; one or more controller area network (CAN) buses connected to the vehicle security module; and one or more electronic control units (ECUs) connected to the one or more CAN buses; and wherein; the one or more ECUs are associated with one or more components, respectively, of a vehicle; the security policy specifies the types of messages that are allowed to flow to and/or from a vehicle to a device plugged into the on board diagnostics port; the vehicle security module verifies an authorization token in the device plugged into the on board diagnostics port and modifies the security policy according to a change specified in the verified authorization token to allow the vehicle security module to classify a signal as an authorized signal when the vehicle security module would otherwise classify the signal as an unauthorized signal and facilitate performing a service on the vehicle that would not otherwise be permitted by the security policy; the vehicle security module is configured to forward authorized signals to the one or more CAN buses and refuse entry to the one or more CAN buses to the unauthorized signals. - View Dependent Claims (17, 18, 19)
-
Specification