Program distribution system, program distribution device, and in-vehicle gateway device
First Claim
1. A program distribution system comprising:
- a program distribution device that distributesa program conducting an access to a given ECU of a plurality of ECUs provided in a vehicle, andan identifier that defines an access right to the given ECU; and
a gateway device that is provided in the vehicle and receives the distributed program and the distributed identifier,wherein the program distribution devicegenerates a first digest from the program and the identifier using a converting algorism,generates an electronic signature by encrypting the first digest using a secret key, wherein the secret key is pared with a public key in a public-key cryptography, anddistributes the generated electronic signature, the program, the identifier, and the public key, andwherein the gateway device determines an electronic signature validity by comparing a second digest, which is generated from the received program and the received identifier using the converting algorism, with data obtained by decrypting the received electronic signature using the public key, andwherein, when the electronic signature validity is affirmatively determined, the gateway devicesets, to the received program, an access right to the given ECU, andprohibits the received program from conducting an access to other ECUs excluding the given ECU,based on the received identifier.
1 Assignment
0 Petitions
Accused Products
Abstract
According to a request from a gateway device in a subject vehicle, a program distribution device designates a program that conducts an access to an ECU in the subject vehicle and associated with vehicular information of the subject vehicle on a table where vehicular information and programs are previously associated. The designated program is distributed to the gateway device along with an access right identifier defining an access right to the given ECU, and an electronic signature. When the gateway device determines that the received electronic signature is valid, the gateway device sets, to the received program, an access right to the ECU based on the distributed access right identifier.
-
Citations
13 Claims
-
1. A program distribution system comprising:
-
a program distribution device that distributes a program conducting an access to a given ECU of a plurality of ECUs provided in a vehicle, and an identifier that defines an access right to the given ECU; and a gateway device that is provided in the vehicle and receives the distributed program and the distributed identifier, wherein the program distribution device generates a first digest from the program and the identifier using a converting algorism, generates an electronic signature by encrypting the first digest using a secret key, wherein the secret key is pared with a public key in a public-key cryptography, and distributes the generated electronic signature, the program, the identifier, and the public key, and wherein the gateway device determines an electronic signature validity by comparing a second digest, which is generated from the received program and the received identifier using the converting algorism, with data obtained by decrypting the received electronic signature using the public key, and wherein, when the electronic signature validity is affirmatively determined, the gateway device sets, to the received program, an access right to the given ECU, and prohibits the received program from conducting an access to other ECUs excluding the given ECU, based on the received identifier. - View Dependent Claims (2, 3)
-
-
4. A gateway device that is provided in a vehicle and is used along with a program distribution device in a program distribution system,
wherein the program distribution device that distributes a program conducting an access to a given ECU of a plurality of ECUs provided in the vehicle, and an identifier that defines an access right to the given ECU, wherein the program distribution device generates a first digest from the program and the identifier using a converting algorism, generates an electronic signature by encrypting the first digest using a secret key, wherein the secret key is pared with a public key in a public-key cryptography, and distributes the generated electronic signature, the program, the identifier, and the public key, the gateway device comprising: -
signature determining means that determines an electronic signature validity by comparing a second digest, which is generated from the received program and the received identifier using the converting algorism, with data obtained by decrypting the received electronic signature using the public key; and access setting means that sets, to the received program, an access right to the given ECU and prohibits the received program from conducting an access to other ECUs excluding the given ECU, based on the received identifier when the electronic signature validity is affirmatively determined. - View Dependent Claims (5, 6)
-
-
7. A program distribution system comprising:
-
a program distribution device that distributes a program conducting an access to a given ECU of a plurality of ECUs provided in a vehicle and an identifier that defines an access right to the given ECU; and a gateway device that is provided in the vehicle and receives the distributed program and the distributed identifier, wherein the program distribution device includes signature generating means that generates an electronic signature that is generated based on the program and the identifier by using a cryptography and enables the gateway device to confirm that the program and the identifier are distributed without being altered from the program distribution device; and signature attaching means that distributes, along with the program and the identifier, at least the electronic signature, and wherein the gateway device including; signature validity determining means that determines an electronic signature validity regarding the received electronic signature; and access setting means that sets, to the received program, an access right to the given ECU, and prohibits the received program from conducting an access to other ECUs excluding the given ECU, based on the received identifier, when the electronic signature validity is affirmatively determined. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A method of distributing a program for conducting an access to a given ECU of ECUs provided in a vehicle and an identifier that defines an access right to the given ECU, from a program distribution device to a gateway device provided in the vehicle,
the method comprising steps of: -
generating an electronic signature based on the program and the identifier by using a cryptography, wherein the electronic signature enables the gateway device to confirm that the program and the identifier are distributed without being altered from the program distribution device; distributing at least the generated electronic signature, along with the program and the identifier from the program distribution device to the gateway device; determining a validity of the received electronic signature; and setting to the received program, an access right to the given ECU based on the received identifier, when the validity of the electronic signature is affirmatively determined in the gateway device; and prohibiting the program from conducting an access to other ECUs excluding the given ECU based on the received identifier, when the validity of the electronic signature is affirmatively determined in the gateway device.
-
Specification