SECURITY SYSTEM AND METHOD FOR PROTECTING A VEHICLE ELECTRONIC SYSTEM
3 Assignments
0 Petitions
Accused Products
Abstract
Security system for protecting a vehicle electronic system by selectively intervening in the communications path in order to prevent the arrival of malicious messages at ECUs, in particular at the safety critical ECUs. The security system includes a filter which prevents illegal messages sent by any system or device communicating over a vehicle communications bus from reaching their destination. The filter may, at its discretion according to preconfigured rules, send messages as is, block messages, change the content of the messages, request authentication or limit the rate such messages can be delivered, by buffering the messages and sending them only in preconfigured intervals.
207 Citations
40 Claims
-
1-20. -20. (canceled)
-
21. A vehicle electronic control unit (ECU) having an embedded security system, the electronic control unit (ECU) comprising embedded therein:
-
a logic unit, configured to control a function of said vehicle; a computer processor, in communication with said logic unit; a message receiving unit, configured to intercept a message being communicated over a communication path between a communications bus of said vehicle and said logic unit; a message analysis unit, implemented on said computer processor, in communication with said message receiving unit, configured to determine whether communication of data based on said intercepted message, over said communication path between said communications bus of said vehicle and said logic unit, is allowable, according to at least one rule applied on said intercepted message; and a message transmission unit, in communication with said message analysis unit, configured to forward said data over said communication path, only upon said communication of said data being determined to be allowable by said message analysis unit.
-
-
22. A security system for vehicle electronic control unit (ECU) protection, the system comprising:
-
a computer processor associated with an ECU of a vehicle; a message receiving unit, configured to intercept a message being communicated over a communication path between a communications bus of said vehicle and said ECU; a message analysis unit, implemented on said computer processor, in communication with said message receiving unit, configured to determine whether communication of data based on said intercepted message over said communication path between said communications bus of said vehicle and said ECU, is allowable, according to at least one rule applied on said intercepted message; and a message transmission unit, in communication with said message analysis unit, configured to forward said data over said communication path, only upon said communication of said data being determined to be allowable by said message analysis unit. - View Dependent Claims (23, 24, 25)
-
-
26. A method for vehicle electronic control unit (ECU) protection, the method comprising:
-
a) by a computer processor associated with an ECU of a vehicle, intercepting a message being communicated over a communication path between a communications bus of said vehicle and said ECU; b) determining whether communication of data based on said intercepted message over said communication path between said communications bus of said vehicle and said ECU, is allowable, according to at least one rule applied on said intercepted message; and c) forwarding said data over said communication path, only upon said communication of said data being determined to be allowable. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
-
Specification