System and method for deterring theft of vehicles and other products having integral computer means
First Claim
1. A secure system for providing firmware upgrades for a vehicle having an integral computer for controlling one or more components or functions of the vehicle and progammed with said firmware, the system comprising:
- at a service location, a network interface device coupled to a public data network and having an input port for connection to said integral computer;
an upgrade computer connected to the public data network for delivering upgrades to said integral computer via the public data network;
a security certificate authority means connected to the upgrade computer for storing security certificate information for said vehicle, including validity status of a security certificate unique to said vehicle, and communicating said validity status to said upgrade computer in response to a request received therefrom; and
a computer-readable secure storage device containing a public-key certificate for said vehicle;
the vehicle computer having a port to receive the computer-readable secure storage device;
the vehicle computer being operable to read the public-key certificate information from the received storage device and convey same to the upgrade computer via said network interface device;
the upgrade computer being operable to validate the certificate with the security certificate authority means and, if valid, download firmware upgrade software to the vehicle computer.
1 Assignment
0 Petitions
Accused Products
Abstract
A security system and method for deterring theft of a product, especially an automotive vehicle, is provided. In an embodiment, a secure storage device is provided that can be presented to a vehicle computer. The secure storage device includes a digital certificate associated with the vehicle and is operable to automatically install the certificate on the vehicle'"'"'s computer once presented to the computer. At this point the vehicle'"'"'s computer checks whether the certificate is valid and is issued by the private enterprise certificate authority of the vehicle manufacturer. If it is valid, the vehicle'"'"'s computer then presents the certificate to the software upgrade server of the vehicle manufacurer. The upgrade server checks its certificate revocation list to see if the certificate has been revoked, perhaps because the vehicle is in a list of reported stolen vehicles. If the vehicle is not in the list i.e., its certificate is still valid, the server then allows for authorization of a fully autonomous online download (can be confirmed, if desired) and the secure authentication of such activities. If the vehicle is in the list of reported stolen vehicles, the server performs an exceptional handling process to prevent any software upgrade to the vehicle and reports the incident to the administrator to take firer action. The main vehicle computer may disable the stolen vehicle completely if the vehicle does not get its software upgraded for a predetermined period of time from an authorized server.
64 Citations
23 Claims
-
1. A secure system for providing firmware upgrades for a vehicle having an integral computer for controlling one or more components or functions of the vehicle and progammed with said firmware, the system comprising:
-
at a service location, a network interface device coupled to a public data network and having an input port for connection to said integral computer;
an upgrade computer connected to the public data network for delivering upgrades to said integral computer via the public data network;
a security certificate authority means connected to the upgrade computer for storing security certificate information for said vehicle, including validity status of a security certificate unique to said vehicle, and communicating said validity status to said upgrade computer in response to a request received therefrom; and
a computer-readable secure storage device containing a public-key certificate for said vehicle;
the vehicle computer having a port to receive the computer-readable secure storage device;
the vehicle computer being operable to read the public-key certificate information from the received storage device and convey same to the upgrade computer via said network interface device;
the upgrade computer being operable to validate the certificate with the security certificate authority means and, if valid, download firmware upgrade software to the vehicle computer. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of providing firmware upgrades for a vehicle having an integral computer for controlling one or more components or functions of the vehicle and programmed with said firmware, and an associated secure storage device storing a security certificate unique to said vehicle, the method comprising the steps of:
-
at a service location having a network interface device coupled to a public data network, coupling the vehicle computer to an input port of the interface device and said computer-readable secure storage device with a port of the vehicle computers;
reading the security certificate information and communicating same via said public data network to an upgrade computer at a remote location;
at the upgrade computer, communicating with a security certificate authority means to determine validity status of the security certificate and, if the certificate is valid, downloading the upgrade software to the vehicle computer by way of the public data network and network interface device; and
at the vehicle computer, using the upgrade software to upgrade the computer firmware. - View Dependent Claims (9, 10, 11, 12)
-
-
13. A secure storage device having means for coupling to a vehicle computer and storing security certificate information unique to a particular vehicle.
- 14. A vehicle computer programmed with software enabling upgrading of the software/firmware by means of a secure certificate system, including reading a secure storage device associated with the vehicle validating a security certificate storage thereon by means of a remote upgrade software received from the upgrade server using an encryption key from the an upgrade server and installing the upgrade software.
- 19. An upgrade server computer for supplying upgrade software to a vehicle computer integral to a particular vehicle and having a separate security certificate bearing storage device associated therewith, the upgrade computer being programmed to communicate with the vehicle computer using a public/private key security certificate system to validate the security certificate bearing storage device before providing said upgrade.
-
23. A system for deterring theft of a product having an integral computer which controls one or more essential functions of the product, the integral computer being programmed to require periodic validation of a separate computer-readable security certificate issued to the product owner, the certificate being presented to the integral computer and checked thereby by means of public-private key communication with a secure server, and to disable said essential function in the event that such validation does not occur.
Specification