System and method for deterring theft of vehicles and other products having integral computer means

US 20080027602A1
Filed: 05/30/2007
Published: 01/31/2008
Est. Priority Date: 05/30/2006
Status: Abandoned Application

First Claim

Patent Images

1. A secure system for providing firmware upgrades for a vehicle having an integral computer for controlling one or more components or functions of the vehicle and progammed with said firmware, the system comprising:

at a service location, a network interface device coupled to a public data network and having an input port for connection to said integral computer;

an upgrade computer connected to the public data network for delivering upgrades to said integral computer via the public data network;

a security certificate authority means connected to the upgrade computer for storing security certificate information for said vehicle, including validity status of a security certificate unique to said vehicle, and communicating said validity status to said upgrade computer in response to a request received therefrom; and

a computer-readable secure storage device containing a public-key certificate for said vehicle;

the vehicle computer having a port to receive the computer-readable secure storage device;

the vehicle computer being operable to read the public-key certificate information from the received storage device and convey same to the upgrade computer via said network interface device;

the upgrade computer being operable to validate the certificate with the security certificate authority means and, if valid, download firmware upgrade software to the vehicle computer.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A security system and method for deterring theft of a product, especially an automotive vehicle, is provided. In an embodiment, a secure storage device is provided that can be presented to a vehicle computer. The secure storage device includes a digital certificate associated with the vehicle and is operable to automatically install the certificate on the vehicle'"'"'s computer once presented to the computer. At this point the vehicle'"'"'s computer checks whether the certificate is valid and is issued by the private enterprise certificate authority of the vehicle manufacturer. If it is valid, the vehicle'"'"'s computer then presents the certificate to the software upgrade server of the vehicle manufacurer. The upgrade server checks its certificate revocation list to see if the certificate has been revoked, perhaps because the vehicle is in a list of reported stolen vehicles. If the vehicle is not in the list i.e., its certificate is still valid, the server then allows for authorization of a fully autonomous online download (can be confirmed, if desired) and the secure authentication of such activities. If the vehicle is in the list of reported stolen vehicles, the server performs an exceptional handling process to prevent any software upgrade to the vehicle and reports the incident to the administrator to take firer action. The main vehicle computer may disable the stolen vehicle completely if the vehicle does not get its software upgraded for a predetermined period of time from an authorized server.

64 Citations

23 Claims

1. A secure system for providing firmware upgrades for a vehicle having an integral computer for controlling one or more components or functions of the vehicle and progammed with said firmware, the system comprising:
- at a service location, a network interface device coupled to a public data network and having an input port for connection to said integral computer;
  
  an upgrade computer connected to the public data network for delivering upgrades to said integral computer via the public data network;
  
  a security certificate authority means connected to the upgrade computer for storing security certificate information for said vehicle, including validity status of a security certificate unique to said vehicle, and communicating said validity status to said upgrade computer in response to a request received therefrom; and
  
  a computer-readable secure storage device containing a public-key certificate for said vehicle;
  
  the vehicle computer having a port to receive the computer-readable secure storage device;
  
  the vehicle computer being operable to read the public-key certificate information from the received storage device and convey same to the upgrade computer via said network interface device;
  
  the upgrade computer being operable to validate the certificate with the security certificate authority means and, if valid, download firmware upgrade software to the vehicle computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. A system according to claim 1, wherein the upgrade computer is operable, following validation of the certificate, to transmit to the vehicle computer a session key used to encrypt the upgrade software, the vehicle computer being operable to use the session key to decrypt the download upgrade software prior to installation.
  - 3. A system according to claim 1, wherein the vehicle computer is operable to disable at least one component or function of the vehicle in the event that the firmware has not been upgraded within a predetermined period of time, or a predetermined number of upgrades have been missed.
  - 4. A system according to claim 1, wherein the vehicle computer is operable to disable one or more functions or components of the vehicle.
  - 5. A system according to claim 4, wherein the vehicle computer is operable to disable several inessential functions progressively before immobilising the vehicle.
  - 6. A system according to claim 5, wherein, while disabling said inessential functions, the vehicle computer causes the vehicle to display or sound a warning to the effect that disabling of a component or function is imminent.
  - 7. A system according to claim 1, wherein the vehicle computer is programmed to disable the vehicle components or functions by deleting the associated firmware, so that the functionality can be restored only by installing replacement firmware.

8. A method of providing firmware upgrades for a vehicle having an integral computer for controlling one or more components or functions of the vehicle and programmed with said firmware, and an associated secure storage device storing a security certificate unique to said vehicle, the method comprising the steps of:
- at a service location having a network interface device coupled to a public data network, coupling the vehicle computer to an input port of the interface device and said computer-readable secure storage device with a port of the vehicle computers;
  
  reading the security certificate information and communicating same via said public data network to an upgrade computer at a remote location;
  
  at the upgrade computer, communicating with a security certificate authority means to determine validity status of the security certificate and, if the certificate is valid, downloading the upgrade software to the vehicle computer by way of the public data network and network interface device; and
  
  at the vehicle computer, using the upgrade software to upgrade the computer firmware.
- View Dependent Claims (9, 10, 11, 12)
- - 9. A method according to claim 8, wherein, following validation of the security certificate, a session key used to encrypt the upgrade software is transmitted to the vehicle computer and used to decrypt the downloaded upgrade software for installation.
  - 10. A method according to claim 8, wherein the certificate for a particular vehicle is revoked from the authentication list for software upgrades when the vehicle is reported stolen.
  - 11. A method according to claim 8, wherein a configurable number of unauthorized software upgrade attempts over a certain period trigger a notification to the owner, the vendor or the police, giving an indication of a potential vehicle theft.
  - 12. A method according to claim 8, wherein the software of the vehicle is personalized to operation of that vehicle only (identified by electronic part identifiers or in another way) with one or several vehicle owner keys, so that copying of upgraded software from another vehicle would not enable operation in the individual vehicle.

13. A secure storage device having means for coupling to a vehicle computer and storing security certificate information unique to a particular vehicle.

14. A vehicle computer programmed with software enabling upgrading of the software/firmware by means of a secure certificate system, including reading a secure storage device associated with the vehicle validating a security certificate storage thereon by means of a remote upgrade software received from the upgrade server using an encryption key from the an upgrade server and installing the upgrade software.
- View Dependent Claims (15, 16, 17, 18, 20, 22)
- - 15. A vehicle computer according to claim 14, programmed to disable one or more functions or components of the vehicle if the software has not been upgraded within a predetermined time period, or a predetermined number of upgrades have been missed.
  - 16. A vehicle computer according to claim 15, operable to disable several inessential components or functions progressively before immobilising the vehicle.
  - 17. A vehicle computer according to claim 16, operable to cause a warning to be displayed or sounded to the effect that disabling of a component or function is imminent.
  - 18. A vehicle computer according to claim 16, programmed to disable the vehicle components or functions by deleting the associated firmware so that the functionality can be restored only by installing replacement firmware.
  - 20. An upgrade server computer according to claim 15, wherein the upgrade computer is operable, after validating the security certificate bearing storage device, to supply an encryption key to the vehicle computer and then encrypt the upgrade software using the encryption key before transmitting the encrypted upgrade software to the vehicle computer.
  - 22. An upgrade computer according to claim 20, wherein the upgrade computer is operable to communicate with a private enterprise certificate authority to validate said certificate borne by the secure storage device against a revocation list.

19. An upgrade server computer for supplying upgrade software to a vehicle computer integral to a particular vehicle and having a separate security certificate bearing storage device associated therewith, the upgrade computer being programmed to communicate with the vehicle computer using a public/private key security certificate system to validate the security certificate bearing storage device before providing said upgrade.
- View Dependent Claims (21)
- - 21. An upgrade computer according to claim 19, wherein the upgrade computer is operable to communicate with a private enterprise certificate authority to validate said certificate borne by the secure storage device against a revocation list.

23. A system for deterring theft of a product having an integral computer which controls one or more essential functions of the product, the integral computer being programmed to require periodic validation of a separate computer-readable security certificate issued to the product owner, the certificate being presented to the integral computer and checked thereby by means of public-private key communication with a secure server, and to disable said essential function in the event that such validation does not occur.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
6580874 Canada Incorporated
Original Assignee
6580874 Canada Incorporated
Inventors
Goeller, Thomas, Yeap, Tet

Application Number

US11/806,247
Publication Number

US 20080027602A1
Time in Patent Office

Days
Field of Search
US Class Current

701/29
CPC Class Codes

B60R 25/04 operating on the propulsion...

System and method for deterring theft of vehicles and other products having integral computer means

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

64 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for deterring theft of vehicles and other products having integral computer means

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

64 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links