Method for detecting the use of unauthorized security credentials in connected vehicles

US 10,530,816 B2
Filed: 05/18/2017
Issued: 01/07/2020
Est. Priority Date: 05/18/2017
Status: Active Grant

First Claim

Patent Images

1. A method for detecting potential tampering with security features of a vehicle the method comprising:

maintaining, by one or more systems of the vehicle, a plurality of credentials, each credential comprising a key value and a set of one or more attributes identifying the credential and each credential being associated with a component of a plurality of components of the vehicle connected with a communications network of the vehicle and used by the component to access the communications network;

maintaining, by a network security system of the vehicle, separate from the credentials, information related to and identifying each credential of the plurality of credentials;

performing, by the network security system, a plurality of checks on the credentials using the maintained information, wherein the plurality of checks comprise one or more checks on each of the plurality of credentials individually and one or more checks on the plurality of credentials together in aggregate, wherein the one or more checks on each of the plurality of credentials individually comprises at least a check to determine whether one or more attributes of the credential has changed since last performing the plurality of checks, and wherein the one or more checks on the plurality of credentials together in aggregate comprises at least a check to determine whether a total number for the plurality of credentials has changed since last performing the plurality of checks; and

determining, by the network security system, whether one or more of the credentials have been changed based on the one or more checks.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the present disclosure monitor certificates or other credentials loaded to various components and systems of a vehicle. A set of information identifying credentials that are expected to be present and/or in use can be saved. Periodically, on request, or upon the occurrence of an event or condition, checks can be performed on the credentials individually or in the aggregate using the saved information to determine whether the certificates present and/or in use are those expected or if a change has occurred. If a change is detected, i.e., a difference between the current set of certificates and the saved set of information, the network security system can take some action. The action, depending on the nature of the change detected, can vary from recording and/or reporting the condition up to and including isolating or even disabling a particular component or system on which the changed certificate is used.

13 Citations

14 Claims

1. A method for detecting potential tampering with security features of a vehicle the method comprising:
- maintaining, by one or more systems of the vehicle, a plurality of credentials, each credential comprising a key value and a set of one or more attributes identifying the credential and each credential being associated with a component of a plurality of components of the vehicle connected with a communications network of the vehicle and used by the component to access the communications network;
  
  maintaining, by a network security system of the vehicle, separate from the credentials, information related to and identifying each credential of the plurality of credentials;
  
  performing, by the network security system, a plurality of checks on the credentials using the maintained information, wherein the plurality of checks comprise one or more checks on each of the plurality of credentials individually and one or more checks on the plurality of credentials together in aggregate, wherein the one or more checks on each of the plurality of credentials individually comprises at least a check to determine whether one or more attributes of the credential has changed since last performing the plurality of checks, and wherein the one or more checks on the plurality of credentials together in aggregate comprises at least a check to determine whether a total number for the plurality of credentials has changed since last performing the plurality of checks; and
  
  determining, by the network security system, whether one or more of the credentials have been changed based on the one or more checks.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the maintained information related to and identifying each credential of the plurality of credentials comprises values for at least one of the one or more attributes identifying each credential.
  - 3. The method of claim 2, wherein the attributes comprise a plurality of an identifying name or number, an identification of an owner of the credential, an identification of an issuer of the credential, a date and time when the credential becomes valid, a date and time when the credential expires, an indication of usage of the credential, an indication of a signature algorithm used to sign the credential, or a signature by an issuer of the credential.
  - 4. The method of claim 1, wherein the one or more checks are performed upon a system boot, periodically, or based on satisfaction of a condition defined in a rule.
  - 5. The method of claim 1, further comprising, in response to determining one or more of the credentials have changed, performing an action based on the determined change.
  - 6. The method of claim 5, wherein the performed action comprises identifying a component of the plurality of components using the one or more credentials that have changed to access the communications network of the vehicle and isolating the identified one or more components from the communications network.

7. A vehicle comprising:
- a processor; and
  
  a memory coupled with and readable by the processor and storing therein a set of instructions which, when executed by the processor, causes the processor to detect potential tampering with security features of the vehicle by;
  
  maintaining a plurality of credentials, each credential comprising a key value and a set of one or more attributes identifying the credential and each credential being associated with a component of a plurality of components of the vehicle connected with a communications network of the vehicle and used by the component to access the communications network;
  
  maintaining, separate from the credentials, information related to and identifying each credential of the plurality of credentials;
  
  performing a plurality of checks on the credentials using the maintained information, wherein the plurality of checks comprise one or more checks on each of the plurality of credentials individually and one or more checks on the plurality of credentials together in aggregate, wherein the one or more checks on each of the plurality of credentials individually comprises at least a check to determine whether one or more attributes of the credential has changed since last performing the plurality of checks, and wherein the one or more checks on the plurality of credentials together in aggregate comprises at least a check to determine whether a total number for the plurality of credentials has changed since last performing the plurality of checks; and
  
  determining whether one or more of the credentials have been changed based on the one or more checks.
- View Dependent Claims (8, 9, 10)
- - 8. The vehicle of claim 7, wherein the maintained information related to and identifying each credential of the plurality of credentials comprises values for at least one of the one or more attributes identifying each credential and wherein the attributes comprise a plurality of an identifying name or number, an identification of an owner of the credential, an identification of an issuer of the credential, a date and time when the credential becomes valid, a date and time when the credential expires, an indication of usage of the credential, an indication of a signature algorithm used to sign the credential, or a signature by an issuer of the credential.
  - 9. The vehicle of claim 7, wherein the one or more checks are performed upon a system boot, periodically, or based on satisfaction of a condition defined in a rule.
  - 10. The vehicle of claim 7, further comprising, in response to determining one or more of the credentials have changed, identifying a component of the plurality of components using the one or more credentials that have changed to access the communications network of the vehicle and isolating the identified one or more components from the communications network.

11. A non-transitory computer-readable medium comprising a set of instructions stored therein which, when executed by a processor, causes the processor to detect potential tampering with security features of the vehicle by:
- maintaining a plurality of credentials, each credential comprising a key value and a set of one or more attributes identifying the credential and each credential being associated with a component of a plurality of components of the vehicle connected with a communications network of the vehicle and used by the component to access the communications network;
  
  maintaining, separate from the credentials, information related to and identifying each credential of the plurality of credentials;
  
  performing a plurality of checks on the credentials using the maintained information, wherein the plurality of checks comprises one or more checks on each of the plurality of credentials individually and one or more checks on the plurality of credentials together in aggregate, wherein the one or more checks on each of the plurality of credentials individually comprises at least a check to determine whether one or more attributes of the credential has changed since last performing the plurality of checks, and wherein the one or more checks on the plurality of credentials together in aggregate comprises at least a check to determine whether a total number for the plurality of credentials has changed since last performing the plurality of checks; and
  
  determining whether one or more of the credentials have been changed based on the one or more checks.
- View Dependent Claims (12, 13, 14)
- - 12. The non-transitory computer-readable medium of claim 11, wherein the maintained information related to and identifying each credential of the plurality of credentials comprises values for at least one of the one or more attributes identifying each credential and wherein the attributes comprise a plurality of an identifying name or number, an identification of an owner of the credential, an identification of an issuer of the credential, a date and time when the credential becomes valid, a date and time when the credential expires, an indication of usage of the credential, an indication of a signature algorithm used to sign the credential, or a signature by an issuer of the credential.
  - 13. The non-transitory computer-readable medium of claim 11, wherein the one or more checks are performed upon a system boot, periodically, or based on satisfaction of a condition defined in a rule.
  - 14. The non-transitory computer-readable medium of claim 11, further comprising, in response to determining one or more of the credentials have changed, identifying a component of the plurality of components using the one or more credentials that have changed to access the communications network of the vehicle and isolating the identified one or more components from the communications network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NIO Technology Company Limited (NIO, Inc. (China))
Original Assignee
Nio Usa Inc. (NIO, Inc. (China))
Inventors
Chen, Abraham T.
Primary Examiner(s)
Chiang, Jason

Application Number

US15/599,256
Publication Number

US 20180337957A1
Time in Patent Office

964 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/33   using certificates

G06F 21/85   interconnection devices, e....

H04L 2209/80   Wireless network architectu...

H04L 2209/84   Vehicles

H04L 63/0428   wherein the data content is...

H04L 63/06   for supporting key manageme...

H04L 63/0823   using certificates cryptogr...

H04L 63/205   involving negotiation or de...

H04L 9/006   involving public key infras...

H04L 9/3268   using certificate validatio...

H04W 12/03   Protecting confidentiality,...

H04W 12/043   using a trusted network nod...

H04W 12/10   Integrity

H04W 12/128   Anti-malware arrangements, ...

H04W 12/61   Time-dependent

H04W 4/40   for vehicles, e.g. vehicle-...

Method for detecting the use of unauthorized security credentials in connected vehicles

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

13 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Method for detecting the use of unauthorized security credentials in connected vehicles

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links