System and Method for Providing the Status of Safety Critical Systems to Untrusted Devices

US 20150113125A1
Filed: 10/23/2013
Published: 04/23/2015
Est. Priority Date: 10/23/2013
Status: Abandoned Application

First Claim

Patent Images

1. A system comprising:

a first network, the first network comprising a first communications bus over which a plurality of trusted devices and systems are adapted to communicate, the plurality of devices and systems comprising at least one safety critical system;

a second network, the second network comprising a second communications bus over which at least one untrusted device is adapted to communicate;

a monitor device which is connected to and can communicate on both the first communications bus and the second communications bus, the monitor device having a data structure that represents various states of one or more the plurality of trusted devices or systems on the first network, the monitor device updating the data structure when an update about the state of one of the plurality of trusted devices or systems is received via the first network;

a processor which, when the monitor device receives, from the at least one untrusted device, a request for the state of one of the trusted devices or systems, replies to the at least one untrusted device with the state of the one of the trusted devices or systems from the internal data structure that represents the states of each trusted device on the first network.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method is described for providing the status of safety critical systems to untrusted devices.

Citations

14 Claims

1. A system comprising:
- a first network, the first network comprising a first communications bus over which a plurality of trusted devices and systems are adapted to communicate, the plurality of devices and systems comprising at least one safety critical system;
  
  a second network, the second network comprising a second communications bus over which at least one untrusted device is adapted to communicate;
  
  a monitor device which is connected to and can communicate on both the first communications bus and the second communications bus, the monitor device having a data structure that represents various states of one or more the plurality of trusted devices or systems on the first network, the monitor device updating the data structure when an update about the state of one of the plurality of trusted devices or systems is received via the first network;
  
  a processor which, when the monitor device receives, from the at least one untrusted device, a request for the state of one of the trusted devices or systems, replies to the at least one untrusted device with the state of the one of the trusted devices or systems from the internal data structure that represents the states of each trusted device on the first network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The system according to claim 1 wherein the monitor device passively monitors the first network.
  - 3. The system according to claim 1 wherein the monitor device receives an update about the state of one of the plurality of trusted devices at a predetermined time interval.
  - 4. The system according to claim 1 wherein the at least one untrusted device communicates with the monitor device via an applications programming interface.
  - 5. The system according to claim 1 wherein the first communications bus comprises one of the following communications buses:
    - Flexray;
      
      CAN;
      
      Ethernet;
      
      LIN; and
      
      MOST.
  - 6. The system according to claim 1 wherein the second communications bus comprises one of the following communications buses:
    - Flexray;
      
      CAN;
      
      Ethernet;
      
      LIN; and
      
      MOST.
  - 7. The system according to claim 1 wherein the monitor device receives a message from a first device of the plurality of trusted devices sent to a second device of the plurality of trusted devices and updates the data structure on the basis of the received message.
  - 8. The system according to claim 1 wherein at least one device of the plurality of trusted devices sends status information to the monitor device at a predetermined interval.
  - 9. The system according to claim 1 wherein the monitor device is unable to pass a message received over the second communications bus to the first communications bus.
  - 10. The system according to claim 1 wherein the monitor device is unable to send messages over the first communications bus.

11. A monitor device comprising:
- a connection to a first network external to the monitor device, the first network comprising a first communications bus adapted to communicate with a plurality of trusted devices and systems are connected, the plurality of devices comprising at least one safety critical system;
  
  a first communication port adapted to receive messages sent to the trusted network, and is thereby able to receive messages sent from one trusted device on the first network to a second trusted device on the first network;
  
  a data structure that represent the state of at least one or more of the plurality of trusted devices and systems on the first network;
  
  a processor which updates the data structure each time an update about the state of one of the plurality of trusted devices and systems is received over the first network, wherein the message may either have been directly sent to the monitor device or the message may have been sent to one of the plurality of the trusted devices and systems on the first network to a second trusted device on the first network; and
  
  a connection to a second network external to the monitor device, the second network comprising a second communications bus adapted to communicate with at least one untrusted device,wherein when the monitor device receives a request for the state of one of the plurality of trusted devices and systems on the trusted network from the at least one untrusted device, the monitor device replies to the at least one untrusted device with a state of the one of the plurality of trusted devices and systems from the internal data structure that represents the states of each trusted device and system on the first network.
- View Dependent Claims (12, 13)
- - 12. The device according to claim 11 wherein the monitor device is unable to pass a message received over the second communications bus to the first communications bus.
  - 13. The device according to claim 11 wherein the monitor device is unable to send messages over the first communications bus.

14. A method comprising:
- receiving, over a first network, a state update from at least one of a plurality of trusted devices and systems, the first network comprising a first communications bus over which the plurality of trusted devices and systems are adapted to communicate, the plurality of devices and systems comprising at least one safety critical system;
  
  transmitting the state update to a monitor device, the monitor device having a data structure that represents various states of one or more of the plurality of trusted devices or systems on the first network, the monitor device updating the data structure when an update about the state of one of the plurality of trusted devices or systems is received via the first network;
  
  receiving, at the monitor device, over a second network, a request from at least one untrusted device for the state of one of the trusted devices or systems, the second network comprising a second communications bus over which the at least one untrusted device is adapted to communicate;
  
  replying to the request from the at least one untrusted device with the state of the one of the trusted devices or systems from the internal data structure that represents the states of each trusted device on the first network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Chamberlin, Brian, Solow, Hillel, Sella, Yaron, Kipnis, Aviad, Smith, Perry, Parnall, Simon

Application Number

US14/061,165
Publication Number

US 20150113125A1
Time in Patent Office

Days
Field of Search
US Class Current

709/224
CPC Class Codes

H04L 43/0805   by checking availability

H04L 63/0209   Architectural arrangements,...

H04L 63/0281   Proxies

System and Method for Providing the Status of Safety Critical Systems to Untrusted Devices

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

System and Method for Providing the Status of Safety Critical Systems to Untrusted Devices

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links