SECURE MESSAGE FILTERING TO VEHICLE ELECTRONIC CONTROL UNITS WITH SECURE PROVISIONING OF MESSAGE FILTERING RULES
First Claim
Patent Images
1. A system, comprising:
- a bus controller configured to communicatively couple to one or more vehicle-based electronic control units (ECUs) via a first bus, the bus controller configured to;
receive a plurality of unfiltered bus messages for transmission via the first bus;
identify at least one bus message of the plurality of bus messages as unauthorized for transmission via the first bus based on one or more message filtering rules, the message filtering rules being configured to identify potentially malicious code for altering operation of a vehicle;
filter the plurality of bus messages to remove the at least one identified unauthorized bus message; and
send each of the filtered plurality of bus messages via the first bus.
0 Assignments
0 Petitions
Accused Products
Abstract
A method according to one embodiment includes the operations of configuring a host processor to receive a message filtering rule, the host processor associated with a vehicle; configuring a bus controller to verify authenticity of the message filtering rule, wherein the bus controller is programmed through an interface, the interface inaccessible from the host processor; filtering messages from the host processor using the verified message filtering rule, wherein the filtering is performed by the bus controller; and transmitting the filtered messages from the bus controller over a bus to one or more electronic control units (ECUs), the ECUs communicatively coupled to the bus.
7 Citations
20 Claims
-
1. A system, comprising:
a bus controller configured to communicatively couple to one or more vehicle-based electronic control units (ECUs) via a first bus, the bus controller configured to; receive a plurality of unfiltered bus messages for transmission via the first bus; identify at least one bus message of the plurality of bus messages as unauthorized for transmission via the first bus based on one or more message filtering rules, the message filtering rules being configured to identify potentially malicious code for altering operation of a vehicle; filter the plurality of bus messages to remove the at least one identified unauthorized bus message; and send each of the filtered plurality of bus messages via the first bus. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
11. A method comprising:
-
receiving, by a bus controller, a plurality of unfiltered bus messages for transmission via a first bus to one or more vehicle-based electronic control units (ECUs); identifying, by the bus controller, at least one bus message of the plurality of bus messages as unauthorized for transmission via the first bus based on one or more message filtering rules, the message filtering rules being configured to identify potentially malicious code for altering operation of a vehicle; filtering, by the bus controller, the plurality of bus messages to remove the at least one identified unauthorized bus message; and sending, by the bus controller, each of the filtered plurality of bus messages via the first bus. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A non-transitory computer-readable storage medium having instructions stored thereon which when executed by at least one processor cause a process to be carried out, the process comprising:
-
receiving a plurality of unfiltered bus messages for transmission via a first bus to one or more vehicle-based electronic control units (ECUs); identifying at least one bus message of the plurality of bus messages as unauthorized for transmission via the first bus based on one or more message filtering rules, the message filtering rules being configured to identify potentially malicious code for altering operation of a vehicle; filtering the plurality of bus messages to remove the at least one identified unauthorized bus message; and sending each of the filtered plurality of bus messages via the first bus. - View Dependent Claims (17, 18, 19, 20)
-
Specification