Assembling data deltas in vehicle ECUs and managing interdependencies between software versions in vehicle ECUs using tool chain

US 10,394,548 B2
Filed: 07/24/2018
Issued: 08/27/2019
Est. Priority Date: 07/25/2017
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer readable medium including instructions that, when executed by at least one processor in a dependency management system, cause the at least one processor to perform operations for receiving and integrating a delta file in a vehicle to address a security vulnerability, comprising:

receiving, at a first Electronic Control Unit (ECU) in the vehicle, at least one memory position-independent code segment for addressing a security vulnerability of the first ECU, the at least one memory position-independent code segment comprising at least one executable delta file, the delta file comprising a plurality of deltas corresponding to a software update for software on the first ECU and startup code for executing the delta file in the first ECU;

executing the delta file at a first memory location of the first ECU, based on the startup code, in the first ECU;

checking to determine if the delta file is associated with a second ECU in the vehicle that is interdependent with the first ECU, the dependency management system maintaining mappings of interdependencies prior to the software update; and

updating memory addresses in the first ECU to correspond to the plurality of deltas from the delta file while allowing the first ECU to execute operations at a second memory location of the first ECU.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed embodiments relate to perform operations for receiving and integrating a delta file in a vehicle. Operations may include receiving, at an Electronic Control Unit (ECU) in the vehicle, a delta file, the delta file comprising a plurality of deltas corresponding to a software update for software on the ECU and startup code for executing the delta file in the ECU; executing the delta file, based on the startup code, in the ECU; and updating memory addresses in the ECU to correspond to the plurality of deltas from the delta file.

Citations

18 Claims

1. A non-transitory computer readable medium including instructions that, when executed by at least one processor in a dependency management system, cause the at least one processor to perform operations for receiving and integrating a delta file in a vehicle to address a security vulnerability, comprising:
- receiving, at a first Electronic Control Unit (ECU) in the vehicle, at least one memory position-independent code segment for addressing a security vulnerability of the first ECU, the at least one memory position-independent code segment comprising at least one executable delta file, the delta file comprising a plurality of deltas corresponding to a software update for software on the first ECU and startup code for executing the delta file in the first ECU;
  
  executing the delta file at a first memory location of the first ECU, based on the startup code, in the first ECU;
  
  checking to determine if the delta file is associated with a second ECU in the vehicle that is interdependent with the first ECU, the dependency management system maintaining mappings of interdependencies prior to the software update; and
  
  updating memory addresses in the first ECU to correspond to the plurality of deltas from the delta file while allowing the first ECU to execute operations at a second memory location of the first ECU.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The non-transitory computer readable medium of claim 1, wherein the startup code is configured to initialize a runtime library of the at least one executable delta file.
  - 3. The non-transitory computer readable medium of claim 1, wherein the startup code is configured to update a program counter of the first ECU to execute an instruction contained in the at least one executable delta file.
  - 4. The non-transitory computer readable medium of claim 1, wherein the startup code is configured to extract data from the at least one executable delta file for storage on the first ECU.
  - 5. The non-transitory computer readable medium of claim 1, wherein the startup code is configured to link the at least one executable delta file to a specific function in a virtual file system associated with the at least one executable delta file.
  - 6. The non-transitory computer readable medium of claim 1, wherein the at least one executable delta file comprises code for updating memory addresses in the first ECU.
  - 7. The non-transitory computer readable medium of claim 6, wherein the startup code is configured to extract the code for updating memory addresses and update the memory addresses in the first ECU.
  - 8. The non-transitory computer readable medium of claim 1, wherein the at least one executable delta file is written to flash memory associated with the first ECU.
  - 9. The non-transitory computer readable medium of claim 8, wherein the at least one executable delta file is bootstrapped from the flash memory to random access memory associated with the first ECU.
  - 10. The non-transitory computer readable medium of claim 1, wherein the at least one executable delta file is executable by the first ECU without affecting continued operations of the first ECU.
  - 11. The non-transitory computer readable medium of claim 1, wherein the at least one executable delta file is executable without rebooting the first ECU.

12. A system for receiving and integrating a delta file into a first Electronic Control Unit (ECU) in the vehicle to address a security vulnerability, the system comprising:
- one or more processors; and
  
  one or more memories having instructions that, when executed by the one or more processors, cause the one or more processors to perform the operations of;
  
  receiving, at the first ECU in the vehicle, at least one memory position-independent code segment for addressing a security vulnerability of the first ECU, the at least one memory position-independent code segment comprising at least one executable delta file, the delta file comprising a plurality of deltas corresponding to a software update for software on the first ECU and startup code for executing the delta file in the first ECU;
  
  executing the delta file at a first memory location of the first ECU, based on the startup code, in the first ECU;
  
  checking to determine if the delta file is associated with a second ECU in the vehicle that is interdependent with the first ECU, a dependency management system maintaining mappings of interdependencies prior to the software update; and
  
  updating memory addresses in the first ECU to correspond to the plurality of deltas from the delta file while allowing the first ECU to execute operations at a second memory location of the first ECU.
- View Dependent Claims (13, 14, 15, 16, 17)
- - 13. The system of claim 12, wherein the startup code is configured to initialize a runtime library of the at least one executable delta file.
  - 14. The system of claim 12, wherein the at least one executable delta file comprises code for determining whether to delete contents of memory in the first ECU.
  - 15. The system of claim 14, wherein the startup code is configured to instruct the first ECU to delete particular contents of the memory in the first ECU.
  - 16. The system of claim 12, wherein the software on the first ECU is mapped to a plurality of functional units, and the first ECU is configured to utilize a virtual file system (VFS) to manage and track one or more versions of each of the plurality of functional units.
  - 17. The system of claim 12, wherein the at least one executable delta file is executable without affecting continued operations of the first ECU.

18. A computer-implemented method for receiving and integrating a delta file into a first Electronic Control Unit (ECU) in the vehicle to address a security vulnerability, the method comprising:
- receiving, at the first ECU in the vehicle, at least one memory position-independent code segment for addressing a security vulnerability of the first ECU, the at least one memory position-independent code segment comprising at least one executable delta file comprising a plurality of deltas corresponding to a software update for software on the first ECU and startup code for executing the delta file in the first ECU;
  
  executing the delta file at a first memory location of the first ECU, based on the startup code, in the first ECU;
  
  checking to determine if the delta file is associated with a second ECU in the vehicle that is interdependent with the first ECU, a dependency management system maintaining mappings of interdependencies prior to the software update; and
  
  updating memory addresses in the first ECU to correspond to the plurality of deltas from the delta file while allowing the first ECU to execute operations at a second memory location of the first ECU.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Aurora Labs Limited
Original Assignee
Aurora Labs Limited
Inventors
Fox, Zohar
Primary Examiner(s)
Rampuria, Satish

Application Number

US16/044,157
Publication Number

US 20190034191A1
Time in Patent Office

399 Days
Field of Search

717168-178
US Class Current
CPC Class Codes

B60W 2050/021   Means for detecting failure...

B60W 50/02   Ensuring safety in case of ...

B60W 50/0205   Diagnosing or detecting fai...

B60W 50/0225   Failure correction strategy

B60W 50/04   Monitoring the functioning ...

B60W 50/045   Monitoring control system p...

G06F 11/0721   within a central processing...

G06F 11/0751   Error or fault detection no...

G06F 11/079   Root cause analysis, i.e. e...

G06F 11/0793   Remedial or corrective acti...

G06F 11/1433   during software upgrading

G06F 11/1629   Error detection by comparin...

G06F 11/3612   by runtime analysis perform...

G06F 12/0284   Multiple user address space...

G06F 12/0646   Configuration or reconfigur...

G06F 16/188   Virtual file systems

G06F 21/57   Certifying or maintaining t...

G06F 21/572   Secure firmware programming...

G06F 21/577   Assessing vulnerabilities a...

G06F 2212/1008   Correctness of operation, e...

G06F 2212/1044 : Space efficiency improvement

G06F 2212/1056 : Simplification

G06F 2221/033 : Test or assess software

G06F 8/60 : Software deployment

G06F 8/65 : Updates security arrangemen...

G06F 8/654 : using techniques specially ...

G06F 8/656 : while running

G06F 8/658 : Incremental updates; Differ...

G06F 8/66 : of program code stored in r...

G06F 8/71 : Version control security ar...

G06F 9/4401 : Bootstrapping security arra...

G06F 9/445 : Program loading or initiati...

G06F 9/44521 : Dynamic linking or loading;...

G06N 20/00 : Machine learning

Y02D 10/00 : Energy efficient computing,...

View All

Assembling data deltas in vehicle ECUs and managing interdependencies between software versions in vehicle ECUs using tool chain

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Assembling data deltas in vehicle ECUs and managing interdependencies between software versions in vehicle ECUs using tool chain

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links