Program distribution system, program distribution device, and in-vehicle gateway device

US 7,551,986 B2
Filed: 02/23/2005
Issued: 06/23/2009
Est. Priority Date: 02/24/2004
Status: Active Grant

First Claim

Patent Images

1. A program distribution system comprising:

a program distribution device that distributesa program conducting an access to a given ECU of a plurality of ECUs provided in a vehicle, andan identifier that defines an access right to the given ECU; and

a gateway device that is provided in the vehicle and receives the distributed program and the distributed identifier,wherein the program distribution devicegenerates a first digest from the program and the identifier using a converting algorism,generates an electronic signature by encrypting the first digest using a secret key, wherein the secret key is pared with a public key in a public-key cryptography, anddistributes the generated electronic signature, the program, the identifier, and the public key, andwherein the gateway device determines an electronic signature validity by comparing a second digest, which is generated from the received program and the received identifier using the converting algorism, with data obtained by decrypting the received electronic signature using the public key, andwherein, when the electronic signature validity is affirmatively determined, the gateway devicesets, to the received program, an access right to the given ECU, andprohibits the received program from conducting an access to other ECUs excluding the given ECU,based on the received identifier.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

According to a request from a gateway device in a subject vehicle, a program distribution device designates a program that conducts an access to an ECU in the subject vehicle and associated with vehicular information of the subject vehicle on a table where vehicular information and programs are previously associated. The designated program is distributed to the gateway device along with an access right identifier defining an access right to the given ECU, and an electronic signature. When the gateway device determines that the received electronic signature is valid, the gateway device sets, to the received program, an access right to the ECU based on the distributed access right identifier.

Citations

13 Claims

1. A program distribution system comprising:
- a program distribution device that distributesa program conducting an access to a given ECU of a plurality of ECUs provided in a vehicle, andan identifier that defines an access right to the given ECU; and
  
  a gateway device that is provided in the vehicle and receives the distributed program and the distributed identifier,wherein the program distribution devicegenerates a first digest from the program and the identifier using a converting algorism,generates an electronic signature by encrypting the first digest using a secret key, wherein the secret key is pared with a public key in a public-key cryptography, anddistributes the generated electronic signature, the program, the identifier, and the public key, andwherein the gateway device determines an electronic signature validity by comparing a second digest, which is generated from the received program and the received identifier using the converting algorism, with data obtained by decrypting the received electronic signature using the public key, andwherein, when the electronic signature validity is affirmatively determined, the gateway devicesets, to the received program, an access right to the given ECU, andprohibits the received program from conducting an access to other ECUs excluding the given ECU,based on the received identifier.
- View Dependent Claims (2, 3)
- - 2. The program distribution system of claim 1, further comprising:
    - a program execution device that executes the program distributed to the gateway device,wherein, when the electronic signature validity is affirmatively determined by the gateway device, the program execution devicesets, to the received program, an access right to the given ECU andprohibits the received program from conducting an access to other ECUs excluding the given ECU,based on the received identifier, instead of the gateway device.
  - 3. The program distribution system of claim 1, further comprising:
    - a certificate authority that manages a plurality of cryptographic keys in the public-key cryptography including the secret key and the public key,wherein the certificate authority sends the secret key and the public key to the program distribution device and sends the public key to the gateway device,wherein the program distribution device generates the electronic signature by using the secret key sent by the certificate authority, and distributes the public key along with the program, the identifier, and the electronic signature,wherein the gateway device determines a public key validity by comparing the public key sent by the program distribution device with the public key directly sent by the certificate authority, andwherein, when the public key validity is affirmatively determined, the gateway device determines the electronic signature validity.

4. A gateway device that is provided in a vehicle and is used along with a program distribution device in a program distribution system,wherein the program distribution device that distributesa program conducting an access to a given ECU of a plurality of ECUs provided in the vehicle, andan identifier that defines an access right to the given ECU,wherein the program distribution devicegenerates a first digest from the program and the identifier using a converting algorism,generates an electronic signature by encrypting the first digest using a secret key, wherein the secret key is pared with a public key in a public-key cryptography, anddistributes the generated electronic signature, the program, the identifier, and the public key,the gateway device comprising:
- signature determining means that determines an electronic signature validity by comparing a second digest, which is generated from the received program and the received identifier using the converting algorism, with data obtained by decrypting the received electronic signature using the public key; and
  
  access setting means thatsets, to the received program, an access right to the given ECU andprohibits the received program from conducting an access to other ECUs excluding the given ECU,based on the received identifier when the electronic signature validity is affirmatively determined.
- View Dependent Claims (5, 6)
- - 5. The gateway device of claim 4,wherein the program distribution system further includes a program execution device thatexecutes the program distributed to the gateway device andincludes the access setting means, instead of the gateway device.
  - 6. The gateway device of claim 4,wherein the program distribution system further includes a certificate authority that manages a plurality of cryptographic keys in the public-key cryptography including the secret key and the public key,wherein the certificate authority sends the secret key and the public key to the program distribution device and sends the public key to the gateway device,the gateway device further comprising:
    - key validity determining means that determines a public key validity by comparing the public key distributed from the program distribution device with the public key sent directly by the certificate authority,wherein, when the public key validity is affirmatively determined, the signature determining means determines the electronic signature validity.

7. A program distribution system comprising:
- a program distribution device that distributesa program conducting an access to a given ECU of a plurality of ECUs provided in a vehicle andan identifier that defines an access right to the given ECU; and
  
  a gateway device that is provided in the vehicle and receives the distributed program and the distributed identifier,wherein the program distribution device includessignature generating means that generates an electronic signature that is generated based on the program and the identifier by using a cryptography and enables the gateway device to confirm that the program and the identifier are distributed without being altered from the program distribution device; and
  
  signature attaching means that distributes, along with the program and the identifier, at least the electronic signature, andwherein the gateway device including;
  
  signature validity determining means that determines an electronic signature validity regarding the received electronic signature; and
  
  access setting means thatsets, to the received program, an access right to the given ECU, andprohibits the received program from conducting an access to other ECUs excluding the given ECU,based on the received identifier, when the electronic signature validity is affirmatively determined.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The program distribution system of claim 7,wherein the electronic signature uses a public-key cryptography having a pair of a secret key and a public key,wherein the program distribution device further includes:
    - first digest generating means that generates a first digest from the program and the identifier using a converting algorism, wherein the electronic signature is generated by encrypting the first digest using the secret key, andwherein the gateway device further includes;
      
      second digest generating means that generates a second digest from the received program and the received identifier using the converting algorism, wherein the electronic signature validity is determined by comparing the second digest with data obtained by decrypting the received electronic signature using the public key.
  - 9. The program distribution system of claim 8, further comprising:
    - a certificate authority that manages a plurality of cryptographic keys in the public-key cryptography including the secret key and the public key,wherein the certificate authority sends the secret key and the public key to the program distribution device and sends the public key to the gateway device,wherein the electronic signature is generated by using the secret key sent by the certificate authority, and the public key sent by the certificate authority is distributed along with the program, the identifier, and the electronic signature,wherein the gateway device further includes;
      
      key validity means that determines a public key validity by comparing the public key sent by the program distribution device with the public key directly sent by the certificate authority, wherein the signature validity is determined when the public key validity is affirmatively determined.
  - 10. The program distribution system of claim 7,wherein the electronic signature uses a public-key cryptography having a pair of a secret key and a public key,wherein the electronic signature is generated by encrypting the program and the identifier using the secret key, and the program and the identifier, both of which are encrypted, are distributed as the generated electronic signature, andwherein the electronic signature validity is determined by checking data obtained by decrypting the received electronic signature using the public key.
  - 11. The program distribution system of claim 7,wherein the electronic signature uses a common-key cryptography having a common secret key that is previously provided to the distribution device and the gateway device without known to a third party,wherein the program distribution device further includes:
    - first digest generating means that generates a first digest from the program and the identifier using a converting algorism, wherein the electronic signature is generated by encrypting the first digest using the secret key, andwherein the gateway device further includes;
      
      second digest generating means that generates a second digest from the received program and the received identifier using the converting algorism, wherein the electronic signature validity is determined by comparing the second digest with data obtained by decrypting the received electronic signature using the secret key.
  - 12. The program distribution system of claim 7,wherein the electronic signature uses a common-key cryptography having a common secret key that is previously provided to the distribution device and the gateway device without known to a third party,wherein the electronic signature is generated by encrypting the program and the identifier using the secret key, and the program and the identifier, both of which are encrypted, are distributed as the generated electronic signature, andwherein the electronic signature validity is determined by checking data obtained by decrypting the received electronic signature using the secret key.

13. A method of distributing a program for conducting an access to a given ECU of ECUs provided in a vehicle and an identifier that defines an access right to the given ECU, from a program distribution device to a gateway device provided in the vehicle,the method comprising steps of:
- generating an electronic signature based on the program and the identifier by using a cryptography, wherein the electronic signature enables the gateway device to confirm that the program and the identifier are distributed without being altered from the program distribution device;
  
  distributing at least the generated electronic signature, along with the program and the identifier from the program distribution device to the gateway device;
  
  determining a validity of the received electronic signature; and
  
  setting to the received program, an access right to the given ECU based on the received identifier, when the validity of the electronic signature is affirmatively determined in the gateway device; and
  
  prohibiting the program from conducting an access to other ECUs excluding the given ECU based on the received identifier, when the validity of the electronic signature is affirmatively determined in the gateway device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
DENSO Corporation
Original Assignee
DENSO Corporation
Inventors
Ando, Toshihide
Primary Examiner(s)
Camby; Richard M.

Application Number

US11/063,414
Publication Number

US 20050187674A1
Time in Patent Office

1,581 Days
Field of Search

701/1, 701 29- 36, 701101-116, 707/8, 707/9, 700/2, 700/23, 700/24
US Class Current

701/1
CPC Class Codes

B60W 2050/0006   Digital architecture hierarchy

G06F 21/51   at application loading time...

G06F 8/61   Installation

G07C 5/008   communicating information t...

Program distribution system, program distribution device, and in-vehicle gateway device

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Program distribution system, program distribution device, and in-vehicle gateway device

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links