Privileged, diagnostic link connector based network monitoring capabilities within a vehicle employing a gateway module used to isolate and secure vehicle networks

US 10,412,094 B2
Filed: 05/25/2017
Issued: 09/10/2019
Est. Priority Date: 05/25/2017
Status: Active Grant

First Claim

Patent Images

1. Method of providing privileged access to an internal vehicle communication network, the method comprising:

providing a presentation network bus capable of providing listen-only access to a subset of in-vehicle networks, the presentation network bus connected to circuitry configured to selectively transmit network traffic from one of a plurality of the in-vehicle networks to the presentation network bus and permanently configured to permanently prevent data from the presentation network bus from being received by any of the plurality of in-vehicle networks;

verifying access credentials in a security system configured to control access to the presentation network bus by using a combination of symmetric and asymmetric cryptographic systems;

receiving a diagnostic service request after the access credentials have been verified to enable the presentation network bus for listen-only access to the subset of in-vehicle networks;

enabling the presentation network bus for the listen-only access in response to receipt of the diagnostic service request by enabling the circuitry to selectively transmit network traffic from one of the plurality of in-vehicle networks to the presentation network bus;

enabling a persistence mode after the access credentials have been verified wherein the presentation network bus will be enabled for listen-only access after a power-down and power-up cycle without re-verifying access credentials in the security system after the power-down; and

providing one of a plurality of different listen-only access levels to the in-vehicle networks based on the received access credentials.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for providing privileged access to an internal vehicle communication network is provided. The system includes a presentation network bus configured to provide listen-only access to a subset of in-vehicle networks, a security system configured to enable access to the presentation network bus by verifying access credentials, and a diagnostic service system configured to control access to the presentation network bus. The diagnostic service system is configured to receive a diagnostic service request after the access credentials have been verified to enable the presentation network busses for listen-only access to the subset of the in-vehicle networks. The presentation network busses may be enabled for the listen-only access after credential verification by the security system and in response to receipt of a diagnostic service request from the diagnostic service system requesting that the presentation network busses be enabled.

13 Citations

20 Claims

1. Method of providing privileged access to an internal vehicle communication network, the method comprising:
- providing a presentation network bus capable of providing listen-only access to a subset of in-vehicle networks, the presentation network bus connected to circuitry configured to selectively transmit network traffic from one of a plurality of the in-vehicle networks to the presentation network bus and permanently configured to permanently prevent data from the presentation network bus from being received by any of the plurality of in-vehicle networks;
  
  verifying access credentials in a security system configured to control access to the presentation network bus by using a combination of symmetric and asymmetric cryptographic systems;
  
  receiving a diagnostic service request after the access credentials have been verified to enable the presentation network bus for listen-only access to the subset of in-vehicle networks;
  
  enabling the presentation network bus for the listen-only access in response to receipt of the diagnostic service request by enabling the circuitry to selectively transmit network traffic from one of the plurality of in-vehicle networks to the presentation network bus;
  
  enabling a persistence mode after the access credentials have been verified wherein the presentation network bus will be enabled for listen-only access after a power-down and power-up cycle without re-verifying access credentials in the security system after the power-down; and
  
  providing one of a plurality of different listen-only access levels to the in-vehicle networks based on the received access credentials.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising receiving a second diagnostic service request after the presentation network bus has been enabled that identifies a different network for listen-only access.
  - 3. The method of claim 1, wherein enabling a persistence mode comprises receiving a diagnostic service request that requests that the persistence mode be enabled and includes a persistence count value that identifies the number of power-down and power-up cycles during which the presentation network bus will be enabled for listen-only access without re-verifying access credentials.
  - 4. The method of claim 3, wherein the persistence count value automatically decrements after each power-down and power-up cycle.
  - 5. The method of claim 3, further comprising disabling the persistence mode after receiving a diagnostic service request to disable the persistence mode regardless of the persistence count value.
  - 6. The method of claim 5, wherein disabling the persistence mode comprises resetting the persistence count value to zero.
  - 7. The method of claim 3, wherein the persistence count value may only be set to a value greater than zero during an operating cycle in which the access credentials have been verified in the security system.

8. A system for providing privileged access to an internal vehicle communication network, the system comprising:
- a presentation network bus configured to provide listen-only access to a subset of in-vehicle networks;
  
  a presentation circuit connected to the presentation network bus, the presentation circuit is configured to selectively transmit network traffic from one of a plurality of the in-vehicle networks to the presentation network bus and permanently configured to permanently prevent data from the presentation network bus from being received by any of the plurality of in-vehicle networks;
  
  a security system comprising one or more processors configured by programming instructions on non-transient computer readable media to enable access to the presentation network bus by verifying access credentials using a combination of symmetric and asymmetric cryptographic systems; and
  
  a diagnostic service system comprising one or more processors configured by programming instructions on non-transient computer readable media to control access to the presentation network bus, the diagnostic service system configured to receive a diagnostic service request after the access credentials have been verified and to enable the presentation network bus for listen-only access to the subset of networks by enabling the presentation circuit to selectively transmit network traffic from one of the plurality of in-vehicle networks to the presentation network bus;
  
  wherein the presentation network bus may be enabled for the listen-only access after credential verification by the security system and in response to receipt of a diagnostic service request from the diagnostic service system requesting that the presentation network bus be enabled;
  
  wherein the diagnostic service system is further configured to enable a persistence mode after the access credentials have been verified wherein the presentation network bus will be enabled for listen-only access after a power-down and power-up cycle for a limited number of cycles without re-verifying access credentials in the security system after the power-down; and
  
  wherein the diagnostic service system is further configured to provide one of a plurality of different listen-only access levels to the in-vehicle networks based on the received access credentials.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein the presentation network bus is configured to provide a listen-only connection to one of the in-vehicle serial networks on a first pin of a diagnostic link connector (DLC) and a listen-only connection to a second one of the in-vehicle serial networks on a second pin of the DLC.
  - 10. The system of claim 8, wherein the presentation circuit comprises selection circuitry and a network transceiver coupled between the presentation network bus and the subset of in-vehicle networks, the selection circuitry configured to selectively output network traffic from one of the plurality of in-vehicle networks to the network transceiver, the network transceiver configured transmit network traffic received from the selection circuitry to the presentation network bus and permanently configured to permanently prevent data from the presentation network bus from being received by the selection circuitry.
  - 11. The system of claim 8, wherein the presentation circuit comprises a network transceiver that is configured to transmit data onto the presentation network bus from one of the in-vehicle networks for listen-only access to the in-vehicle network but not capable of receiving data from the presentation network bus to transmit onto the in-vehicle network.
  - 12. The system of claim 8, wherein the presentation circuit comprises selection circuitry configured to selectively output one of a plurality of network receive lines of the in-vehicle serial networks to the presentation network bus.
  - 13. The system of claim 8, wherein the diagnostic service system is further configured to receive a diagnostic service request that requests that the persistence mode be enabled and includes a persistence count value that identifies the number of power-down and power-up cycles during which the presentation network bus will be enabled for listen-only access without re-verifying access credentials.
  - 14. The system of claim 13, wherein the persistence count value may only be set to a value greater than zero during an operating cycle in which the access credentials have been verified in the security system.

15. A gateway module in a vehicle comprising:
- presentation circuitry configured to mirror a selected in-vehicle network onto a presentation network bus, the presentation circuitry comprising selection circuitry and transceiver circuitry coupled between the presentation network bus and the selected in-vehicle network;
  
  the selection circuitry is configured to selectively output network traffic from the selected in-vehicle network to the transceiver circuitry; and
  
  the transceiver circuitry is configured to transmit network traffic received from the selection circuitry to the presentation network bus for listen-only access to the selected in-vehicle network and permanently configured to permanently prevent data from the presentation network bus from being received by the selection circuitry and transmitted onto the selected in-vehicle network;
  
  a security interface configured to enable access to the presentation network bus by verifying access credentials using a combination of symmetric and asymmetric cryptographic systems; and
  
  a diagnostic service interface configured to control access to the presentation network bus, the diagnostic service interface configured to receive a diagnostic service request after the access credentials have been verified to enable the presentation network bus for listen-only access to the selected in-vehicle network by enabling the presentation circuitry to selectively transmit network traffic from the selected in-vehicle network to the presentation network bus;
  
  wherein the diagnostic service interface is further configured to enable a persistence mode after the access credentials have been verified wherein the presentation network bus will be enabled for listen-only access after a power-down and power-up cycle for a limited number of cycles without re-verifying access credentials in the security system after the power-down; and
  
  wherein the diagnostic service interface is further configured to provide one of a plurality of different listen-only access levels to the in-vehicle networks based on the received access credentials.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The gateway module of claim 15, wherein the diagnostic service interface is further configured to receive a diagnostic service request that requests that the persistence mode be enabled and includes a persistence count value that identifies the number of power-down and power-up cycles during which the presentation network bus will be enabled for listen-only access without re-verifying access credentials.
  - 17. The gateway module of claim 16, wherein the persistence count value automatically decrements after each power-down and power-up cycle.
  - 18. The gateway module of claim 16, wherein the diagnostic service interface is further configured to disable the persistence mode after receiving a diagnostic service request to disable the persistence mode regardless of the persistence count value.
  - 19. The gateway module of claim 18, wherein the diagnostic service interface is configured to reset the persistence count value to zero when disabling the persistence mode.
  - 20. The gateway module of claim 16, wherein the persistence count value may only be set to a value greater than zero during an operating cycle in which the access credentials have been verified in the security system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
GM Global Technology Operations LLC (General Motors Company)
Original Assignee
GM Global Technology Operations LLC (General Motors Company)
Inventors
Anderson, Anthony, Ploucha, Joseph E., Hromada, Kenneth M., Sowa, Michael A., Wienckowski, Natalie Ann
Primary Examiner(s)
Perungavoor, Venkat
Assistant Examiner(s)
Almaghayreh, Khalid M

Application Number

US15/605,658
Publication Number

US 20180343262A1
Time in Patent Office

838 Days
Field of Search

726 2, 726 4, 726 5, 726 7, 726 17- 19, 726 21- 22, 713182, 713502, 713166, 713176, 701 36, 701 75, 701 291, 701 315, 709223-225
US Class Current
CPC Class Codes

B60R 16/0234   related to maintenance or r...

B60R 25/00   Fittings or systems for pre...

G07C 5/0808   Diagnosing performance data...

H04L 2012/40215   Controller Area Network CAN

H04L 63/0823   using certificates cryptogr...

H04L 63/102   Entity profiles

H04W 12/06   Authentication

H04W 4/44   for communication between v...

Privileged, diagnostic link connector based network monitoring capabilities within a vehicle employing a gateway module used to isolate and secure vehicle networks

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

13 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Privileged, diagnostic link connector based network monitoring capabilities within a vehicle employing a gateway module used to isolate and secure vehicle networks

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links