Device for detection and prevention of an attack on a vehicle

US 10,356,122 B2
Filed: 01/10/2017
Issued: 07/16/2019
Est. Priority Date: 10/17/2012
Status: Active Grant

First Claim

Patent Images

1. A device executing instructions for attack detection and prevention in a vehicle, comprising:

at least one hardware processor for executing the following;

code instructions to collect real-time data from one or more data sources of said vehicle;

code instructions to analyze said real-time data for detecting at least two irregularities, the at least two irregularities selected from the group consisting of;

an irregularity between data received from a vehicle sensor and action held by one of a plurality of subsystems of said vehicle,an irregularity in a relationship between one action held by one of said plurality of subsystems and another action held by another of said plurality of subsystems, andan irregular cellular provider signal of a source of said real-time data or an irregular change of a cellular provider signal;

code instructions to send an alert and/or prevent at least one attack when the at least two irregularities are detected;

wherein the code instructions are stored in a non-transitory computer readable medium.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A new device for detection and prevention of an attack on a vehicle via its communication channels, having: an input-unit configured to collect real-time and/or offline data from various sources such as sensors, network based services, navigation applications, the vehicles electronic control units, the vehicle'"'"'s bus-networks, the vehicle'"'"'s subsystems, and on board diagnostics; a database, for storing the data; a detection-unit in communication with the input-unit; and an action-unit, in communication with the detection unit, configured for sending an alert via the communication channels and/or prevent the attack, by breaking or changing the attacked communication channels. The detection-unit is configured to simultaneously monitor the content, the meta-data and the physical-data of the data and detect the attack.

20 Citations

View as Search Results

17 Claims

1. A device executing instructions for attack detection and prevention in a vehicle, comprising:
- at least one hardware processor for executing the following;
  
  code instructions to collect real-time data from one or more data sources of said vehicle;
  
  code instructions to analyze said real-time data for detecting at least two irregularities, the at least two irregularities selected from the group consisting of;
  
  an irregularity between data received from a vehicle sensor and action held by one of a plurality of subsystems of said vehicle,an irregularity in a relationship between one action held by one of said plurality of subsystems and another action held by another of said plurality of subsystems, andan irregular cellular provider signal of a source of said real-time data or an irregular change of a cellular provider signal;
  
  code instructions to send an alert and/or prevent at least one attack when the at least two irregularities are detected;
  
  wherein the code instructions are stored in a non-transitory computer readable medium.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The device according to claim 1, further comprising a database having parameters of at least one known-attack, previously detected as said attack;
    - wherein said detecting is performed according to said parameters.
  - 3. The device according to claim 2, wherein said device further comprises an interface for communicating with a remote-server for delivering and/or receiving said parameters of said known-attack.
  - 4. The device according to claim 1, wherein said at least one ha a e processor is at least partially embedded within a hardware card of said vehicle.
  - 5. The device according to claim 2, wherein said at least one hardware processor executes a machine-learning engine configured to calculate unfamiliar behavior of said vehicle based on an analysis of said real-time data;
    - wherein said parameters are updated or calculated according to said unfamiliar behavior.
  - 6. The device according to claim 1, wherein said one of said plurality of subsystems is selected from the group consisting of:
    - i. tire pressure monitoring,ii. stability control,iii. cruise control,iv. airbag control,v. powertrain control module (PCM),vi. transmission control module (TCM),vii. brake control module (BCM),viii. central control module (CCM),ix. central timing module (CTM),x. general electronic module (GEM),xi. body control module (BCM),xii. suspension control module (SCM),xiii. convenience control unit (CCU),xiv. engine control unit (ECU),xv. electric power steering control unit (PSCU),xvi. human machine interface (HMI),xvii. seat control unit,xviii. speed control unit,xix. telephone control unit (TCU),xx. transmission control unit (TCU),xxi. brake control module (ABS or ESC),xxii. crash sensors,xxiii. airbags,xxiv. seatbelts,xxv. tire pressure monitoring system (TPMS),xxvi. electronic stability control system (ESC),xxvii. traction control system (TCS),xxviii. anti lock braking system (ABS),xxix. electronic brake assistance system (EBA),xxx. electronic brake force distribution,xxxi. electronic brake-force distribution (EBD) system,xxxii. emergency shutdown,xxxiii. driven notifications and alerts,xxxiv. pedestrian object recognition,xxxv. lane keeping assistance,xxxvi. collation avoidance,xxxvii. adaptive headlamps control,xxxviii. reverse backup sensors,xxxix. adaptive cruise control,xl. active cruise control (ACC),xli. traction control systems,xlii. electronic stability control,xliii. automated parking system,xliv. multimedia,xlv. active noise cancellation (ANC),xlvi. radio,xlvii. radio data system (RDS),xlviii. driver information functions,xlix. AM/FM or satellite radio,l. DC/DVD player,li. payment systems,lii. in vehicle Wi-Fi router,liii. internal lights,liv. climate control,lv. chairs adjustment,lvi. electric windows,lvii. mirror adjustment,lviii. central locking,lix. battery management,lx. charging management,lxi. vehicle-grid system,lxii. active cruise control (ACC),lxiii. remote control keys,lxiv. theft deterrent systems,lxv. immobilizer system,lxvi. security systems,lxvii. digital cameras,lxviii. night vision,lxix. lasers,lxx. radar,lxxi. RF sensors,lxxii. infotainment system,lxxiii. robotic gear-shaft, andlxxiv. any combination thereof.
  - 7. The device according to claim 1, wherein said vehicle sensor is selected from the group consisting of:
    - a. distance sensor,b. velocity sensor,c. temperature sensor,d. satellite transmission sensor,e. cellular transmission sensors,f. video image,g. air-fuel ratio meter,h. blind spot monitor,i. crankshaft position sensor,j. curb feeler, used to warn driver of curbs,k. defect detector, used on railroads to detect axle and signal problems in passing trains,l. engine coolant temperature (ECT) sensor, used to measure the engine temperature,m. hall effect sensor, used to time the speed of wheels and shafts,n. manifold absolute pressure (MAP) sensor, used in regulating fuel metering,o. mass flow sensor, or mass airflow (MAF) sensor, used to tell the mass of air entering an engine,p. oxygen sensor, used to monitor the amount of oxygen in an exhaust of said vehicle,q. parking sensors, used to alert a driver of unseen obstacles during parking maneuvers,r. radar gun, used to detect the speed of other objects,s. speedometer, used to measure the instantaneous speed of a land vehicle,t. speed sensor, used to detect the speed of an object,u. throttle position sensor, used to monitor the position of a throttle in an internal combustion engine,v. tire-pressure monitoring sensor, used to monitor the air pressure inside the tires,w. torque sensor, or torque transducer or torque-meter, used to measure torque (twisting force) on a rotating system,x. transmission fluid temperature sensor, used to measure the temperature of the transmission fluid,y. turbine speed sensor (TSS), or input speed sensor (ISS), used to measure the rotational speed of an input shaft or torque converter,z. variable reluctance sensor, used to measure position and speed of moving metal components,aa. vehicle speed sensor (VSS), used to measure the speed of the vehicle,bb. water sensor or water-in-fuel sensor, used to indicate the presence of water in fuel,cc. wheel speed sensor, used for reading the speed of a vehicle'"'"'s wheel rotation,dd. comfort sensors including;
      
      seats position, seat heat, air condition and passengers location, andee. any combination thereof.
  - 8. The device according to claim 1, wherein an irregular source and/or an irregular destination of said real-time data is an Electronic control unit (ECU) selected from the group consisting of:
    - a. electronic/engine control module (ECM),b. powertrain control module (PCM),c. transmission control module (TCM),d. brake control module (BCM),e. central control module (CCM),f. central timing module (CTM),g. general electronic module (GEM),h. body control module (BCM),i. suspension control module (SCM),j. airbag control unit (ACU),k. body control module (BCU), controls door locks, electric windows, and courtesy lights,l. convenience control unit (CCU),m. door control unit (DCU),n. engine control unit,o. electric power steering control unit (PSCU), integrated into an electric power steering (EPS) power-pack,p. human-machine interface (HMI),q. powertrain control module (PCM),r. seat control unit,s. speed control unit (SCU),t. telephone control unit (TCU),u. telematic control unit (TCU),v. transmission control unit (TCU),w. brake control module (BCM),x. on board or integrated ECU processing remote services, andy. any combination thereof.
  - 9. The device according to claim 1, wherein said at least one hardware processor executes at least one:
    - commercialized anti-virus, malware-application, firewall or other malicious code database, at least partially autonomous driving system, remote control system, or full autonomous driving system.
  - 10. The device according to claim 1, wherein said vehicle is driven by a robotic platform.
  - 11. The device according to claim 1, wherein said vehicle travels via land, water, or air.
  - 12. The device according to claim 1, further comprising an assessment engine configured to evaluate risk-level of said attack to said vehicle and its passengers and prioritize said attack.
  - 13. The device according to claim 1, wherein said code instructions to send the alert and/or prevent at least one attack include code instructions to change and/or to break one or more communication channels which are connected to one or more network based services selected from the group consisting of:
    - web, physical cable, Wi-Fi, cellular, BLUETOOTH, RF, GPS, vehicle to vehicle communication, vehicle to passenger infrastructure, and environment to vehicle infrastructure.
  - 14. The device according to claim 1, wherein an irregular source and/or an irregular destination of said real-time data comprise one or more navigation applications or devices selected from the group consisting of:
    - satellite navigator, cellular navigator, and inertial dedicated navigator.
  - 15. The device according to claim 1, wherein said one or more data sources are selected from the group consisting of:
    - one or more sensors,one or more network based services,one or more navigation applications or navigation devices,one or more electronic control units (ECU) of said vehicle,one or more bus-networks of said vehicle,one or more subsystems of said vehicle, andone or more on board diagnostics (OBD).

16. A computer implemented method, by at least one hardware processor, for attack detection and prevention in a vehicle, comprising:
- collecting real-time data from one or more data sources of said vehicle;
  
  analyzing, by the at least one hardware processor, said real-time data for detecting at least two irregularities, the at least two irregularity selected from the group consisting of;
  
  an irregularity between an action held by one of a plurality of subsystems of said vehicle and a current vehicle operation,an irregularity in a relationship between one action held by one of said plurality of subsystems and another action held by another of said plurality of subsystems,an irregularity in a relationship between a current output of at least one sensor of said vehicle and the real-time data, andan irregular cellular provider signal of a source of instructions found in said real-time data or an irregular change of a cellular provider signal; and
  
  sending an alert and/or preventing at least one attack when the at least two irregularities are detected.

17. A computer program product for attack detection and prevention in a vehicle, the computer program product comprising a non-transitory computer readable storage medium having program instructions embodied therewith, the program instructions executable by a hardware processor of a vehicle for:
- collecting real-time data from one or more data sources of said vehicle;
  
  analyzing said real-time data for detecting at least two irregularities, the at least two irregularities selected from the group consisting of;
  
  an irregularity between an action held by one of a plurality of subsystems of said vehicle and a current vehicle operation,an irregularity between a relationship between one action held by one of said plurality of subsystems and another action held by another of said plurality of subsystems,an irregularity in a relationship between a current output of at least one sensor of said vehicle and the real-time data, andan irregular cellular provider signal of a source of instructions found in said real-time data or an irregular change of a cellular provider signal; and
  
  sending an alert and/or preventing at least one attack when the at least two irregularities are detected.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Tower-Sec Ltd.
Original Assignee
Tower-Sec Ltd.
Inventors
Ruvio, Guy, Dickman, Saar, Weisglass, Yuval
Primary Examiner(s)
Lemma, Samson B

Application Number

US15/402,923
Publication Number

US 20170149820A1
Time in Patent Office

917 Days
Field of Search

726 23
US Class Current
CPC Class Codes

B60R 16/023   for transmission of signals...

B60R 16/0231   Circuits relating to the dr...

G06N 20/00   Machine learning

H04L 63/1408   by monitoring network traff...

H04L 63/1441   Countermeasures against mal...

H04L 63/1466   Active attacks involving in...

H04L 67/12   specially adapted for propr...

Device for detection and prevention of an attack on a vehicle

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

20 Citations

17 Claims

Specification

Use Cases

Quick Links

Others

Device for detection and prevention of an attack on a vehicle

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

20 Citations

17 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others