Hosted watchman
First Claim
1. An in-vehicle communication network comprising:
- an operating system (OS);
a bus;
a node having at least one communication port connected to the bus; and
a module comprising;
a memory having software comprising executable instructions, data characterizing messages that pass through the at least one communication port during normal operation of the node, and data providing measures of vehicle health during a period when the in-vehicle communication network is free of damage from a cyber-attack; and
a processor configured to process messages that the node receives or messages that the node operates to transmit via the at least one communication port based on the software to;
detect an electronic or mechanical malfunction of the vehicle;
identify an anomalous message indicative of a cyber-attack, responsive to the data characterizing the messages, the detection of the malfunction, and a measure of vehicle health based on the data providing measures of vehicle health; and
determine and undertake an action that affects the anomalous message in real time.
1 Assignment
0 Petitions
Accused Products
Abstract
An in-vehicle communication network comprising: a bus and at least one node connected to the bus; an in-vehicle network operating system (OS) that manages OS processes, a secondary memory in which process codes for the processes are stored, and a primary memory, into which the OS loads a copy of a process code of a process to enable a processor to run the process and execute the process code; and a module hosted in the OS and having a hook in at least one position of the OS that provides information to the module responsive to operation of the OS that the module processes in accordance with executable instructions that the module comprises to determine if the in-vehicle OS is operating properly.
-
Citations
21 Claims
-
1. An in-vehicle communication network comprising:
-
an operating system (OS); a bus; a node having at least one communication port connected to the bus; and a module comprising; a memory having software comprising executable instructions, data characterizing messages that pass through the at least one communication port during normal operation of the node, and data providing measures of vehicle health during a period when the in-vehicle communication network is free of damage from a cyber-attack; and a processor configured to process messages that the node receives or messages that the node operates to transmit via the at least one communication port based on the software to; detect an electronic or mechanical malfunction of the vehicle; identify an anomalous message indicative of a cyber-attack, responsive to the data characterizing the messages, the detection of the malfunction, and a measure of vehicle health based on the data providing measures of vehicle health; and determine and undertake an action that affects the anomalous message in real time. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
Specification