Method and apparatus for secure firmware download using diagnostic link connector (DLC) and OnStar system

US 8,856,536 B2
Filed: 12/15/2011
Issued: 10/07/2014
Est. Priority Date: 12/15/2011
Status: Active Grant

First Claim

Patent Images

1. A method for authenticating a piece of firmware that is to be downloaded to a vehicle ECU, said method comprising:

separating the firmware into a first firmware part and a second firmware part;

hashing the first firmware part using a hash function at a first trusted source;

encrypting the hash of the first firmware part with a first source private key to create a signature at the first trusted source;

hashing the second firmware part using a hash function at the first trusted source;

sending the hashed second firmware part to a second trusted source;

encrypting the hash of the second firmware part with a second source private key to create a signature at the second trusted source;

sending the firmware and the signature of the first firmware part from the first trusted source to a downloading tool;

requesting the firmware and the signature of the first firmware part from the downloading tool;

requesting the signature of the second firmware part from the second trusted source;

sending the signature of the second firmware part to the vehicle from the second trusted source;

validating the signature of the first firmware part in the vehicle using a first source public key;

validating the signature of the second firmware part in the vehicle using a second source public key; and

authenticating the firmware in the ECU if both the first and second firmware parts are valid.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for authenticating a piece of firmware to be downloaded to a controller. The method includes signing the firmware or a first part of the firmware with a first private key at a first trusted source and signing the firmware or a second part of the firmware with a second private key at a second trusted source. The method also includes validating the signed firmware or the first part of the firmware using a first public key at the controller and validating the firmware or the second part of the firmware using a second public key at the controller. The method further includes authenticating the firmware if the firmware or the first part of the firmware is validated by the first public key at the controller and the firmware or the second part of the firmware is validated by the second public key at the controller.

30 Citations

View as Search Results

20 Claims

1. A method for authenticating a piece of firmware that is to be downloaded to a vehicle ECU, said method comprising:
- separating the firmware into a first firmware part and a second firmware part;
  
  hashing the first firmware part using a hash function at a first trusted source;
  
  encrypting the hash of the first firmware part with a first source private key to create a signature at the first trusted source;
  
  hashing the second firmware part using a hash function at the first trusted source;
  
  sending the hashed second firmware part to a second trusted source;
  
  encrypting the hash of the second firmware part with a second source private key to create a signature at the second trusted source;
  
  sending the firmware and the signature of the first firmware part from the first trusted source to a downloading tool;
  
  requesting the firmware and the signature of the first firmware part from the downloading tool;
  
  requesting the signature of the second firmware part from the second trusted source;
  
  sending the signature of the second firmware part to the vehicle from the second trusted source;
  
  validating the signature of the first firmware part in the vehicle using a first source public key;
  
  validating the signature of the second firmware part in the vehicle using a second source public key; and
  
  authenticating the firmware in the ECU if both the first and second firmware parts are valid.
- View Dependent Claims (2, 3, 4)
- - 2. The method according to claim 1 wherein the first trusted source is a vehicle manufacturer.
  - 3. The method according to claim 2 wherein the second trusted source is OnStar™
    - .
  - 4. The method according to claim 1 further comprising entering a password in the vehicle to authorize the vehicle before requesting the signed signature of the second firmware part.

5. A method for authenticating a piece of firmware to be downloaded to a controller, said method comprising:
- signing the firmware or a first part of the firmware with a first private key at a first trusted source;
  
  signing the firmware or a second part of the firmware with a second private key at a second trusted source;
  
  validating the signed firmware or the first part of the firmware using a first public key at the controller;
  
  validating the firmware or the second part of the firmware using a second public key at the controller; and
  
  authenticating the firmware for use if the firmware or the first part of the firmware is validated by the first public key at the controller and the firmware or the second part of the firmware is validated by the second public key at the controller.
- View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 6. The method according to claim 5 further comprising hashing the firmware or the first part of the firmware prior to the firmware or the first part of the firmware being signed and hashing the firmware or the second part of the firmware prior to the firmware or the second part of the firmware being signed, and wherein signing the firmware or the first part of the firmware with a first private key includes signing the hash of the firmware or the first part of the firmware and signing the firmware or the second part of the firmware with a second private key includes signing the hash of the firmware or the second part of the firmware.
  - 7. The method according to claim 5 wherein signing the firmware or the second part of the firmware with a second private key at a second trusted source includes providing the firmware from a data file repository to the second trusted source to be signed.
  - 8. The method according to claim 7 further comprising returning the signed firmware or the second part of the firmware from the second trusted source back to the data file repository.
  - 9. The method according to claim 8 further comprising providing the firmware, the signed firmware or the first part of the firmware and the signed firmware or the second part of the firmware from the data file repository to a downloading tool.
  - 10. The method according to claim 5 further comprising providing the signed firmware or the first part of the firmware to a downloading tool from the first trusted source and providing the signed firmware or the second part of the firmware to the controller from the second trusted source.
  - 11. The method according to claim 5 further comprising providing the firmware or the second part of the firmware and the signed firmware or the first part of the firmware from the first trusted source to the second trusted source and providing the firmware, the signed firmware or the second part of the firmware and the signed firmware or the first part of the firmware from the second trusted entity to the controller.
  - 12. The method according to claim 5 further comprising providing a password to the controller before downloading the firmware.
  - 13. The method according to claim 5 wherein the first trusted source is a vehicle manufacturer.
  - 14. The method according to claim 13 wherein the second trusted source is OnStar™
    - .
  - 15. The method according to claim 14 wherein the controller is an ECU on a vehicle.

16. A system for authenticating a piece of firmware to be downloaded to a controller, said system comprising:
- means for signing the firmware or a first part of the firmware with a first private key at a first trusted source;
  
  means for signing the firmware or a second part of the firmware with a second private key at a second trusted source;
  
  means for validating the signed firmware or the first part of the firmware using a first public key at the controller;
  
  means for validating the firmware or the second part of the firmware using a second public key at the controller; and
  
  means for authenticating the firmware for use if the firmware or the first part of the firmware is validated by the first public key at the controller and the firmware or the second part of the firmware is validated by the second public key at the controller.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The system according to claim 16 further comprising means for hashing the firmware or the first part of the firmware prior to the firmware or the first part of the firmware being signed and hashing the firmware or the second part of the firmware prior to the firmware or the second part of the firmware being signed, and wherein the means for signing the firmware or the first part of the firmware with a first private key includes signing the hash of the firmware or the first part of the firmware and the means for signing the firmware or the second part of the firmware with a second private key signs the hash of the firmware or the second part of the firmware.
  - 18. The system according to claim 16 further comprising means for providing the signed firmware or the first part of the firmware to a downloading tool from the first trusted source and providing the signed firmware or the second part of the firmware to the controller from the second trusted source.
  - 19. The system according to claim 16 further comprising means for providing a password to the controller before downloading the firmware.
  - 20. The system according to claim 16 wherein the first trusted source is a vehicle manufacturer, the second trusted source is OnStar™
    - and the controller is a vehicle ECU.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
GM Global Technology Operations LLC (General Motors Company)
Original Assignee
GM Global Technology Operations LLC (General Motors Company)
Inventors
Rabadi, Nader M., Baltes, Kevin M.
Primary Examiner(s)
Pwu, Jeffrey
Assistant Examiner(s)
Ambaye, Samuel

Application Number

US13/327,216
Publication Number

US 20130159717A1
Time in Patent Office

1,027 Days
Field of Search

713/176, 713/193, 713/187, 713/191
US Class Current

713/176
CPC Class Codes

G06F 17/00   Digital computing or data p...

G06F 21/572   Secure firmware programming...

G06F 9/44   Arrangements for executing ...

H04L 2209/84   Vehicles

H04L 67/12   specially adapted for propr...

H04L 9/30   Public key, i.e. encryption...

H04L 9/3247   involving digital signatures

Method and apparatus for secure firmware download using diagnostic link connector (DLC) and OnStar system

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

30 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for secure firmware download using diagnostic link connector (DLC) and OnStar system

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

30 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links