Authenticating messages sent over a vehicle bus that include message authentication codes
First Claim
1. A method of transmitting data within a vehicle over a vehicle bus, comprising the steps of:
- (a) storing a first copy of a data message in a first memory installed to the vehicle, and a second copy of the data message in a second memory installed to the vehicle, the second memory physically separated from the first memory;
(b) constructing at an electronic control unit (ECU) a serial bus message that includes;
(1) the first copy of the data message as retrieved from the first memory; and
(2)a message authentication code (MAC), wherein the MAC is created using a secret key stored at the ECU, a MAC algorithm, and the second copy of the data message as retrieved from the second memory;
(c) transmitting the serial bus message to a receiving ECU over the vehicle bus; and
(d) authenticating the serial bus message at the receiving ECU using a copy of the secret key stored at the receiving ECU by;
(d1) creating a copy of the MAC from the first copy of the data message included in the serial bus message, the copy of the secret key, and the MAC algorithm;
(d2) comparing the MAC included in the serial bus message with the copy of the MAC created at the receiving ECU; and
(d3) rejecting or accepting the data message based on the comparison in step (d2).
2 Assignments
0 Petitions
Accused Products
Abstract
A method of transmitting data within a vehicle includes: storing two copies of a data message; constructing at an electronic control unit (ECU) a serial bus message that includes one copy of the data message and a message authentication code (MAC) created using a secret key stored at the ECU, a MAC algorithm, and a different copy of the data message; transmitting the serial bus message to a receiving ECU over a vehicle bus; authenticating the serial bus message at the receiving ECU using a copy of the key stored at the receiving ECU by creating a copy of the MAC from the data message included in the serial bus message and the copy of the key; comparing the MAC from the serial bus message with the copy of the MAC created at the receiving ECU; and rejecting or accepting the data message based on the comparison.
15 Citations
17 Claims
-
1. A method of transmitting data within a vehicle over a vehicle bus, comprising the steps of:
-
(a) storing a first copy of a data message in a first memory installed to the vehicle, and a second copy of the data message in a second memory installed to the vehicle, the second memory physically separated from the first memory; (b) constructing at an electronic control unit (ECU) a serial bus message that includes; (1) the first copy of the data message as retrieved from the first memory; and (2)a message authentication code (MAC), wherein the MAC is created using a secret key stored at the ECU, a MAC algorithm, and the second copy of the data message as retrieved from the second memory; (c) transmitting the serial bus message to a receiving ECU over the vehicle bus; and (d) authenticating the serial bus message at the receiving ECU using a copy of the secret key stored at the receiving ECU by; (d1) creating a copy of the MAC from the first copy of the data message included in the serial bus message, the copy of the secret key, and the MAC algorithm; (d2) comparing the MAC included in the serial bus message with the copy of the MAC created at the receiving ECU; and (d3) rejecting or accepting the data message based on the comparison in step (d2). - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of transmitting data within a vehicle over a vehicle bus, comprising the steps of:
-
(a) storing a first copy of a data message in a first memory installed to the vehicle, and a second copy of the data message in a second memory installed to the vehicle, the second memory physically separated from the first memory, wherein at least one of the first and second copies of the data message is stored in a volatile memory of the sending ECU; (b) after step (a), constructing at an electronic control unit (ECU) a serial bus message that includes; (1) the first copy of the data message as retrieved from the first memory; and (2) a message authentication code (MAC), wherein the MAC is created using a secret key stored at the ECU, a MAC algorithm, and the second copy of the data message as retrieved from the second memory; (c) transmitting the serial bus message to a receiving ECU over the vehicle bus; (d) authenticating the serial bus message at the receiving ECU using a copy of the secret key stored at the receiving ECU by; (d1) creating a copy of the MAC from the first copy of the data message included in the serial bus message, the copy of the secret key, and the MAC algorithm; (d2) comparing the MAC included in the serial bus message with the copy of the MAC created at the receiving ECU; and (d3) rejecting or accepting the data message based on the comparison in step (d2).
-
-
11. A electronic control unit (ECU) for transmitting data within a vehicle over a vehicle bus, comprising:
-
a microprocessor that executes one or more computer-readable instructions; first and second memory devices communicatively coupled with the microprocessor such that the memory devices can receive requests from the microprocessor for data stored at the memory devices, the first and second memory devices configured to store first and second copies of a data message, respectively, the second memory device physically separated from the first memory device; an input/output port for sending and receiving data over a vehicle bus; a secret key stored in the memory device; and a message authentication code (MAC) algorithm stored at the memory device, wherein the microprocessor creates a serial bus message, the serial bus message including a data message comprising the first copy of the data message as retrieved from the first memory, the serial bus message including a message authentication code (MAC) that is created using the second copy of the data message as retrieved from the second memory, the secret key, and the MAC algorithm. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
Specification