System and methods for network routing and data repackaging

US 10,502,572 B1
Filed: 08/25/2016
Issued: 12/10/2019
Est. Priority Date: 08/25/2016
Status: Active Grant

First Claim

Patent Images

1. A network routing and data repackaging system, comprising:

a multilayered obstructed brokered network routing and data repackaging system (MOB HUB) configured to provide crypographically secure wireless communications between a mobile computer and a mission computer on an aircraft and one or more embedded aircraft control systems and said mobile computer, wherein said MOB HUB is configured to intentionally obstruct direct communication paths between said mobile computer and said mission computer, wherein said intentional obstruction isolates said mission computer from direct communication with said mobile computer;

wherein said MOB HUB, further comprising;

a multilayered obstructed brokered (MOB) embedded cyber security architecture (MOB Architecture), the MOB and MOB Architecture, further comprising;

one or more external interface hardware processors with limited access to resources as compared to a master controller hardware processor, these external interface hardware processors located physically and electrically between said master controller hardware processor and external clients external to the MOB Architecture, these external clients including said mobile computer, these one or more external interface hardware processors configured to provide isolation of said master controller hardware processor from the external clients and any potential attacks from the external clients in the event one or more of the external clients is compromised or becomes compromised from attack, andone or more internal interface hardware processors with limited access to resources as compared to said master controller hardware processor, these internal interface hardware processors located physically and electrically between said master controller hardware processor and internal clients internal to the MOB Architecture, these internal clients including the one or more embedded aircraft control systems, these one or more internal interface hardware processors configured to provide isolation of said master controller hardware processor from the internal clients and any potential attacks from the internal clients in the event one or more of the internal clients is compromised or becomes compromised from attack;

a network routing system (HUB), further comprising;

a self-contained network routing and data repackaging hardware based system that securely translates and routes between different communication protocols and communicating parties within the MOB Architecture, configured to provide a secure wireless communications interface via the external interface hardware processors in conjunction with a wireless transceiver, for secure communications between the master controller hardware processor and the external clients, the external clients including said mobile computer, also configured to provide a secure wired MIL-STD-1553 communications interface via the internal interface hardware processors in conjunction with one or more wired MIL-STD-1553 buses, for secure communications between said master controller hardware processor and the internal clients, the internal clients including the various embedded aircraft control systems, and in addition configured to provide a secure wired MIL-STD-1553 communications interface for secure communications between said master controller hardware processor and said mission computer;

wherein said MOB HUB is configured to communicate with said mission computer on said aircraft, wherein said aircraft having a cockpit and a human operator in said cockpit; and

a cyber kneeboard configured to removably attach to said human operator, said cyber kneeboard, further comprising;

a platform having a first side and a second side, an attachment device on said second side, wherein said attachment device is a removable attachment mechanism configured to removably attach said platform to said human operator'"'"'s leg;

wherein said platform is configured to removably secure said mobile computer to said first side, wherein said platform is configured to communicate with said mobile computer;

a cyber kneeboard encryption/decryption module integrated into said platform;

a key fill and storage system electrically-connected with said cyber kneeboard encryption/decryption module; and

a re-chargeable battery providing power for said encryption/decryption module and said platform;

wherein said MOB HUB is configured to wirelessly communicate with said mobile computer.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the invention are directed a network routing and data repackaging system. The system pairs a multilayered obstructed brokered network routing and data repackaging system, sometimes referred to as a MOB HUB, with a cyber kneeboard. Both the MOB HUB and cyber kneeboard communicate with a mobile computer removably-attached to the cyber kneeboard.

Citations

13 Claims

1. A network routing and data repackaging system, comprising:
- a multilayered obstructed brokered network routing and data repackaging system (MOB HUB) configured to provide crypographically secure wireless communications between a mobile computer and a mission computer on an aircraft and one or more embedded aircraft control systems and said mobile computer, wherein said MOB HUB is configured to intentionally obstruct direct communication paths between said mobile computer and said mission computer, wherein said intentional obstruction isolates said mission computer from direct communication with said mobile computer;
  
  wherein said MOB HUB, further comprising;
  
  a multilayered obstructed brokered (MOB) embedded cyber security architecture (MOB Architecture), the MOB and MOB Architecture, further comprising;
  
  one or more external interface hardware processors with limited access to resources as compared to a master controller hardware processor, these external interface hardware processors located physically and electrically between said master controller hardware processor and external clients external to the MOB Architecture, these external clients including said mobile computer, these one or more external interface hardware processors configured to provide isolation of said master controller hardware processor from the external clients and any potential attacks from the external clients in the event one or more of the external clients is compromised or becomes compromised from attack, andone or more internal interface hardware processors with limited access to resources as compared to said master controller hardware processor, these internal interface hardware processors located physically and electrically between said master controller hardware processor and internal clients internal to the MOB Architecture, these internal clients including the one or more embedded aircraft control systems, these one or more internal interface hardware processors configured to provide isolation of said master controller hardware processor from the internal clients and any potential attacks from the internal clients in the event one or more of the internal clients is compromised or becomes compromised from attack;
  
  a network routing system (HUB), further comprising;
  
  a self-contained network routing and data repackaging hardware based system that securely translates and routes between different communication protocols and communicating parties within the MOB Architecture, configured to provide a secure wireless communications interface via the external interface hardware processors in conjunction with a wireless transceiver, for secure communications between the master controller hardware processor and the external clients, the external clients including said mobile computer, also configured to provide a secure wired MIL-STD-1553 communications interface via the internal interface hardware processors in conjunction with one or more wired MIL-STD-1553 buses, for secure communications between said master controller hardware processor and the internal clients, the internal clients including the various embedded aircraft control systems, and in addition configured to provide a secure wired MIL-STD-1553 communications interface for secure communications between said master controller hardware processor and said mission computer;
  
  wherein said MOB HUB is configured to communicate with said mission computer on said aircraft, wherein said aircraft having a cockpit and a human operator in said cockpit; and
  
  a cyber kneeboard configured to removably attach to said human operator, said cyber kneeboard, further comprising;
  
  a platform having a first side and a second side, an attachment device on said second side, wherein said attachment device is a removable attachment mechanism configured to removably attach said platform to said human operator'"'"'s leg;
  
  wherein said platform is configured to removably secure said mobile computer to said first side, wherein said platform is configured to communicate with said mobile computer;
  
  a cyber kneeboard encryption/decryption module integrated into said platform;
  
  a key fill and storage system electrically-connected with said cyber kneeboard encryption/decryption module; and
  
  a re-chargeable battery providing power for said encryption/decryption module and said platform;
  
  wherein said MOB HUB is configured to wirelessly communicate with said mobile computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The system according to claim 1, wherein said MOB HUB, further comprising:
    - an Institute of Electrical and Electronics Engineers (IEEE) 802.11 standard compliant operations wireless data module;
      
      wherein said master controller is an advanced reduced instruction set microprocessor (ARM) in communication with said IEEE 802.11 standard compliant operations wireless data module and a MOB HUB encryption/decryption module integrated into said MOB HUB, said MOB HUB encryption/decryption module is an NSA wireless daughter card, said ARM running a high level operating system (HLOS); and
      
      at least one MIL-STD-1553 communication bus interface chip configured as a bus monitor by said ARM, wherein communication between said at least one MIL-STD-1553 communication bus interface chip and said mobile computer is isolated and obstructed;
      
      wherein said IEEE 802.11 standard compliant operations wireless data module is a microcontroller (MCU) integrated with a wireless radio in communication with said MCU and said at least one mobile computer;
      
      wherein said mobile computer is configured to communicate with said IEEE 802.11 standard compliant operations wireless data module;
      
      a power regulator configured to provide low DC voltage under 5 about 1.8 V DC to said MOB HUB encryption/decryption module; and
      
      a key fill and storage system configured for electrical connection with each of said MOB HUB encryption/decryption module and said cyber kneeboard encryption/decryption module.
  - 3. The system according to claim 2, said MOB HUB further comprising:
    - a micro secure digital (microSD) card reader port, wherein said microSD card reader port is configured to read a non-volatile memory card;
      
      a NAND flash drive port connected to said ARM;
      
      a universal serial bus (USB) flash drive port connected to said ARM;
      
      a mini-USB port connected to said ARM, said mini-USB port configured for a secure socket shell (SSH) into said HLOS;
      
      a switch electrically-connected between said ARM and said at least one MIL-STD-1553 communication bus chip;
      
      wherein said at least one MIL-STD-1553 communication bus chip is configured with a dedicated MIL-STD-1553 communication microcontroller having read-only memory, wherein said at least one MIL-STD-1553 microcontroller executes an instruction set permanently programmed into said communication microcontroller'"'"'s read-only memory;
      
      a 5 V DC power source electrically-connected with said MCU, said ARM, and said at least one MIL-STD-1553 communication bus chip;
      
      an electrically erasable programmable read-only memory (EEPROM) in electrical communication with said switch; and
      
      a double data rate type 3 synchronous dynamic random access memory (DDR3 SDRAM) electrically connected with said ARM.
  - 4. The system according to claim 2, wherein said at least one MIL-STD-1553 communication bus interface chip are four MIL-STD-1553 communication bus interface chips.
  - 5. The system according to claim 2, wherein said wireless radio is a wi-fi transceiver.
  - 6. The system according to claim 1, wherein said mobile computer is a computer tablet having a graphics user interface (GUI).
  - 7. The system according to claim 1, wherein said mobile computer is a secure handheld network access device (HNAD).
  - 8. The system according to claim 1, wherein said aircraft is selected from the group of aircraft consisting of fixed-wing aircraft and rotary-wing aircraft.
  - 9. The system according to claim 1, wherein said cyber kneeboard, further comprising:
    - an Institute of Electrical and Electronics Engineers (IEEE) 802.11 standard compliant operations wireless data module having a microcontroller (MCU) integrated with a wireless radio;
      
      wherein said cyber kneeboard encryption/decryption module is configured to communicate with said mobile computer.
  - 10. The system according to claim 9, wherein said wireless radio is a wi-fi transceiver.
  - 11. The system according to claim 1, wherein said re-chargeable battery is configured to provide low DC voltage under 5 V DC.

12. A method for the cryptographically secure wireless transfer of target coordinates between a mission computer on a targeting aircraft to a mobile computer, wherein each of said mobile computer and said mission computer on said targeting aircraft have a non-transitory computer readable medium, the method comprising:
- designating a target on a heads up display (HUD), said HUD operatively associated with a mission computer on a targeting aircraft, wherein said targeting aircraft has a cockpit and a human operator in said cockpit, wherein said HUD is operatively associated with said human operator and said mission computer, wherein a mobile computer having a graphics user interface (GUI) is attached to and controlled by said human operator in said cockpit;
  
  wherein said target has associated target coordinates of latitude, longitude, and elevation;
  
  transferring said target coordinates from said mission computer to a multilayered obstructed brokered network routing and data repackaging system (MOB HUB), wherein said transfer is performed using a MIL-STD-1553 communication bus interface;
  
  obstructing direct communication paths between said mobile computer and said mission computer, wherein communication between said MIL-STD-1553 communication bus interface and said mobile computer is isolated and obstructed by said MOB HUB;
  
  wherein said MOB HUB, further comprising;
  
  an Institute of Electrical and Electronics Engineers (IEEE) 802.11 standard compliant operations wireless data module;
  
  a master controller, wherein said master controller is an advanced reduced instruction set microprocessor (ARM) in communication with said IEEE 802.11 standard compliant operations wireless data module and a MOB HUB encryption/decryption module integrated into said MOB HUB, said MOB HUB encryption/decryption module is an NSA wireless daughter card, said ARM running a high level operating system (HLOS);
  
  wherein said MIL-STD-1553 communication bus interface chip configured as a bus monitor by said ARM;
  
  wherein said IEEE 802.11 standard compliant operations wireless data module is a microcontroller (MCU) integrated with a wireless radio in communication with said MCU and said mobile computer;
  
  wherein said mobile computer is configured to communicate with said IEEE 802.11 standard compliant operations wireless data module;
  
  a power regulator configured to provide low DC voltage under 5 V DC to said MOB HUB encryption/decryption module;
  
  wirelessly transferring said target coordinates from said MOB HUB as a user datagram protocol (UDP) message to said mobile computer, wherein said mobile computer is configured with a targeting computer program; and
  
  displaying said target coordinates on said GUI.

13. A method for the cryptographically secure wireless transfer of targeting coordinates from a mobile computer to a mission computer on a targeting aircraft, wherein each of said mobile computer and said mission computer on said targeting aircraft have a non-transitory computer readable medium, the method comprising:
- pairing a mobile computer having a graphics user interface (GUI) to a multilayered obstructed brokered network routing and data repackaging system (MOB HUB), wherein said mobile computer is attached to and controlled by a human operator in a cockpit of a targeting aircraft, wherein said mobile computer is configured with a targeting computer program, wherein said pairing is through a wireless access point;
  
  displaying a target on, said GUI, said target having associated target coordinates of latitude, longitude, and elevation;
  
  wherein said MOB HUB, further comprising;
  
  an Institute of Electrical and Electronics Engineers (IEEE) 802.11 standard compliant operations wireless data module;
  
  a master controller, wherein said master controller is an advanced reduced instruction set microprocessor (ARM) in communication with said IEEE 802.11 standard compliant operations wireless data module and a MOB HUB encryption/decryption module integrated into said MOB HUB, said MOB HUB encryption/decryption module is an NSA wireless daughter card, said ARM running a high level operating system (HLOS);
  
  wherein said MIL-STD-1553 communication bus interface chip configured as a bus monitor by said ARM;
  
  wherein said IEEE 802.11 standard compliant operations wireless data module is a microcontroller (MCU) integrated with a wireless radio in communication with said MCU and said mobile computer;
  
  wherein said mobile computer is configured to communicate with said IEEE 802.11 standard compliant operations wireless data module;
  
  a power regulator configured to provide low DC voltage under 5 V DC to said MOB HUB encryption/decryption module; and
  
  wirelessly transferring said target coordinates from said mobile computer to said MOB HUB, wherein said wireless transfer of said target coordinates is a user datagram protocol (UDP) message;
  
  transferring said target coordinates from said MOB HUB to a mission computer on said targeting aircraft, wherein said transfer is routed by a MIL-STD-1553 communication bus interface operatively connected between said MOB HUB and said mission computer, wherein communication between said MIL-STD-1553 communication bus interface and said mobile computer is isolated and obstructed by said MOB HUB; and
  
  displaying a target identification label of said target coordinates on a heads up display (HUD) operatively associated with said human operator and said mission computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
the united states of america as represented by the secretary of the navy
Original Assignee
The Government Of The United States Of America, As Represented By The Secretary Of The Navy
Inventors
Surmi, Jonathan L., Quintana, Alvin L., Miliano, Mark, Kunkel, Anthony R.
Primary Examiner(s)
Goodarzi, Nasser M
Assistant Examiner(s)
Ocak, Adil

Application Number

US14/998,846
Time in Patent Office

1,202 Days
Field of Search
US Class Current
CPC Class Codes

G01B 11/26   for measuring angles or tap...

H04B 7/185   Space-based or airborne sta...

H04L 63/1433   Vulnerability analysis

H04N 7/167   Systems rendering the telev...

H04W 12/03   Protecting confidentiality,...

H04W 12/122   Counter-measures against at...

System and methods for network routing and data repackaging

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

System and methods for network routing and data repackaging

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links