AUTHORIZATION SCHEME TO ENABLE SPECIAL PRIVILEGE MODE IN A SECURE ELECTRONIC CONTROL UNIT
First Claim
1. A method for enabling a privilege mode in a secure controller, said method comprising:
- establishing direct communication between a programming tool and the controller, where the controller communicates only with the programming tool;
requesting information from the controller via the programming tool;
creating an information ticket in the controller that identifies the controller in response to the request;
sending the controller information ticket to a secure server;
creating an authorization ticket in the secure server that identifies the controller and creates a security code for the authorization ticket;
presenting the authorization ticket to the controller via the programming tool; and
processing the authorization ticket in the controller to verify the security code and allowing access to the controller.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method for by-passing a security code to allow developmental software to be installed on a production controller without having to authenticate the software. The method includes requesting information from the controller and creating an information ticket in the controller in response to the request that identifies the controller. The information ticket is sent to a secure server that creates an authorization ticket that identifies the controller from the information ticket and creates a security code for the ticket. The authorization ticket is presented to the controller and if the security code is verified by the controller, the controller allows the developmental software to be installed.
-
Citations
20 Claims
-
1. A method for enabling a privilege mode in a secure controller, said method comprising:
-
establishing direct communication between a programming tool and the controller, where the controller communicates only with the programming tool; requesting information from the controller via the programming tool; creating an information ticket in the controller that identifies the controller in response to the request; sending the controller information ticket to a secure server; creating an authorization ticket in the secure server that identifies the controller and creates a security code for the authorization ticket; presenting the authorization ticket to the controller via the programming tool; and processing the authorization ticket in the controller to verify the security code and allowing access to the controller. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for placing a production electronic control unit (ECU) for a vehicle in a special privilege mode to allow the ECU to be used for installing development software files on the ECU without the need for signing the development software with a security signature, said method comprising:
-
establishing direct communication between a programming tool and the ECU, where the ECU communicates only with the programming tool; requesting unique identifying information from the ECU via the programming tool; creating an ECU information ticket in the ECU including an ECU identification number in response to the request; sending the ECU information ticket to a remote secure server; creating an authorization ticket in the secure server that includes the ECU identification number and a signature code that establishes the user and authorization ticket as authorized, where the authorization ticket includes identifying information about the controller, the purpose for accessing the controller, a period of validity of the authorization ticket and the security code; presenting the authorization ticket to the ECU via the ‘
programming tool; andprocessing the authorization ticket in the ECU to disable the signature verification requirement and to allow the developmental software file to be installed on the ECU. - View Dependent Claims (12, 13)
-
-
11. (canceled)
-
14. A system for enabling a privilege mode in a secure controller, said system comprising:
-
means for requesting information from the controller, where the controller communicates only with the means for requesting information; means for creating an information ticket in the controller that identifies the controller in response to the request; means for sending the controller information ticket to a secure server; means for creating an authorization ticket in the secure server that identifies the controller and creates a security code for the authorization ticket, where the authorization ticket includes identifying information about the controller, the purpose for accessing the controller, a period of validity of the authorization ticket and the security code; means for presenting the authorization ticket to the controller; and means for processing the authorization ticket in the controller to verify the security code and allow privileged access to the controller. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
15. (canceled)
Specification