Automated security policy generation for controllers
First Claim
Patent Images
1. A method for automatically generating a security policy for an automobile, the method comprising:
- receiving, by a security policy generation system and from an electronic control unit (ECU) development environment, code for an ECU;
selecting middleware that enforces a security policy;
analyzing the code for the ECU;
determining a set of behaviors expected during execution of the code on the ECU;
based at least in part on the analyzing and the determining, automatically generating the security policy; and
providing the selected middleware along with the generated security policy to the ECU such that the ECU operates using the selected middleware and the generated security policy.
1 Assignment
0 Petitions
Accused Products
Abstract
In one implementation, a method for automatically generating a security policy for a controller includes receiving, by a security policy generation system and from a controller development environment, code for a device controller; selecting middleware that enforces a security policy; analyzing the code for the device controller; based at least in part on the analyzing, automatically generating the security policy; and providing the selected middleware along with the generated security policy.
-
Citations
20 Claims
-
1. A method for automatically generating a security policy for an automobile, the method comprising:
-
receiving, by a security policy generation system and from an electronic control unit (ECU) development environment, code for an ECU; selecting middleware that enforces a security policy; analyzing the code for the ECU; determining a set of behaviors expected during execution of the code on the ECU; based at least in part on the analyzing and the determining, automatically generating the security policy; and providing the selected middleware along with the generated security policy to the ECU such that the ECU operates using the selected middleware and the generated security policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for data communication for operation of one or more functions within an automobile, the system comprising:
-
a security policy generation device comprising a processor and memory storing computer-readable code that, when executed by the processor, causes the security policy generation device to perform device operations comprising; receiving, from an ECU development environment, code for an ECU; selecting middleware that enforces a security policy; analyzing the code for the ECU; determining a set of behaviors expected during execution of the code on the ECU; based at least in part on the analyzing and the determining, automatically generating the security policy; and providing the selected middleware along with the generated security policy; and the automobile, the automobile comprising; the ECU, the ECU storing computer-readable code that, when executed by the ECU, causes the ECU to perform ECU operations comprising; receive the selected middleware along with the generated security policy; and operate using the selected middleware and using the generated security policy. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification