Automated security policy generation for controllers

US 10,270,786 B2
Filed: 06/19/2018
Issued: 04/23/2019
Est. Priority Date: 04/06/2016
Status: Active Grant

First Claim

Patent Images

1. A method for automatically generating a security policy for an automobile, the method comprising:

receiving, by a security policy generation system and from an electronic control unit (ECU) development environment, code for an ECU;

selecting middleware that enforces a security policy;

analyzing the code for the ECU;

determining a set of behaviors expected during execution of the code on the ECU;

based at least in part on the analyzing and the determining, automatically generating the security policy; and

providing the selected middleware along with the generated security policy to the ECU such that the ECU operates using the selected middleware and the generated security policy.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one implementation, a method for automatically generating a security policy for a controller includes receiving, by a security policy generation system and from a controller development environment, code for a device controller; selecting middleware that enforces a security policy; analyzing the code for the device controller; based at least in part on the analyzing, automatically generating the security policy; and providing the selected middleware along with the generated security policy.

Citations

20 Claims

1. A method for automatically generating a security policy for an automobile, the method comprising:
- receiving, by a security policy generation system and from an electronic control unit (ECU) development environment, code for an ECU;
  
  selecting middleware that enforces a security policy;
  
  analyzing the code for the ECU;
  
  determining a set of behaviors expected during execution of the code on the ECU;
  
  based at least in part on the analyzing and the determining, automatically generating the security policy; and
  
  providing the selected middleware along with the generated security policy to the ECU such that the ECU operates using the selected middleware and the generated security policy.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising identifying an operating system kernel configured to execute the code for the ECU, wherein the middleware for enforcing the security policy is selected based on its compatibility with the identified operating system kernel.
  - 3. The method of claim 1, wherein the middleware for enforcing the security policy includes a process verification service, a watchdog service, and at least one anti-tampering agent configured to monitor the security policy and the watchdog service.
  - 4. The method of claim 1, wherein analyzing the code for the ECU includes static analysis.
  - 5. The method of claim 1, wherein the security policy is included in an encrypted, read-only file.
  - 6. The method of claim 1, wherein automatically generating the security policy includes generating a signature for each process of the code for the ECU, and adding the signature to a whitelist portion of the security policy.
  - 7. The method of claim 1, wherein automatically generating the security policy includes generating a process graph that identifies valid execution paths within the code for the ECU, and adding the process graph to the security policy.
  - 8. The method of claim 1, wherein automatically generating the security policy includes adding to the security policy, context information for at least one process of the code for the ECU.
  - 9. The method of claim 1, wherein the code for the ECU remains unmodified, and remains distinct from the security policy and the middleware that enforces the security policy.
  - 10. The method of claim 1, further comprising generating a secured device ECU that includes the code for the ECU, the security policy, and the middleware that enforces the security policy.

11. A system for data communication for operation of one or more functions within an automobile, the system comprising:
- a security policy generation device comprising a processor and memory storing computer-readable code that, when executed by the processor, causes the security policy generation device to perform device operations comprising;
  
  receiving, from an ECU development environment, code for an ECU;
  
  selecting middleware that enforces a security policy;
  
  analyzing the code for the ECU;
  
  determining a set of behaviors expected during execution of the code on the ECU;
  
  based at least in part on the analyzing and the determining, automatically generating the security policy; and
  
  providing the selected middleware along with the generated security policy; and
  
  the automobile, the automobile comprising;
  
  the ECU, the ECU storing computer-readable code that, when executed by the ECU, causes the ECU to perform ECU operations comprising;
  
  receive the selected middleware along with the generated security policy; and
  
  operate using the selected middleware and using the generated security policy.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The system of claim 11, wherein the device operations further comprise identifying an operating system kernel configured to execute the code for the ECU, wherein the middleware for enforcing the security policy is selected based on its compatibility with the identified operating system kernel.
  - 13. The system of claim 11, wherein the middleware for enforcing the security policy includes a process verification service, a watchdog service, and at least one anti-tampering agent configured to monitor the security policy and the watchdog service.
  - 14. The system of claim 11, wherein analyzing the code for the ECU includes static analysis.
  - 15. The system of claim 11, wherein the security policy is included in an encrypted, read-only file.
  - 16. The system of claim 11, wherein automatically generating the security policy includes generating a signature for each process of the code for the ECU, and adding the signature to a whitelist portion of the security policy.
  - 17. The system of claim 11, wherein automatically generating the security policy includes generating a process graph that identifies valid execution paths within the code for the ECU, and adding the process graph to the security policy.
  - 18. The system of claim 11, wherein automatically generating the security policy includes adding to the security policy, context information for at least one process of the code for the ECU.
  - 19. The system of claim 11, wherein the code for the ECU remains unmodified, and remains distinct from the security policy and the middleware that enforces the security policy.
  - 20. The system of claim 11, further comprising generating a secured device ECU that includes the code for the ECU, the security policy, and the middleware that enforces the security policy.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Karamba Security Ltd.
Original Assignee
Karamba Security Ltd.
Inventors
David, Tal Efraim Ben, Harel, Assaf, Dotan, Amiram, Barzilai, David
Primary Examiner(s)
Mehedi, Morshed

Application Number

US16/012,506
Publication Number

US 20180316692A1
Time in Patent Office

308 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/125   by manipulating the program...

G06F 21/54   by adding security routines...

G06F 8/30   Creation or generation of s...

G06F 8/40   Transformation of program code

H04L 2209/84   Vehicles

H04L 63/0428   wherein the data content is...

H04L 63/101   Access control lists [ACL]

H04L 63/1408   by monitoring network traff...

H04L 63/20   for managing network securi...

H04L 9/00   Cryptographic mechanisms or...

H04L 9/3239   involving non-keyed hash fu...

Automated security policy generation for controllers

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Automated security policy generation for controllers

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links