Methods, apparatus and computer program products for authenticating and determining integrity of a software part of an air vehicle
First Claim
1. A method for authenticating and determining integrity of a software part of an air vehicle comprising:
- determining a first hash of digital data that comprises the software part; and
utilizing first and second different techniques to determine authenticity and integrity of the software part depending upon whether the air vehicle has data communications connectivity with an off-board security system in which case the first technique is utilized or lacks data communications connectivity with the off-board security system in which case the second technique is utilized,wherein, in an instance in which the air vehicle lacks data communications connectivity with the off-board security system, determining authenticity and integrity of the software part in accordance with the second technique by;
decrypting an encrypted hash of a software part in accordance with a public-private key pair to create a decrypted hash;
comparing the first hash with the decrypted hash;
executing the software part in an instance in which the first hash matches the decrypted hash without awaiting establishment of data communications connectivity with the off-board security system; and
thereafter transmitting the first hash to the off-board security system, following execution of the software part, once data communications connectivity is established; and
wherein, in an instance in which the air vehicle has data communications connectivity with the off-board security system, determining the integrity of the software part in accordance with the first technique by transmitting the first hash to the off-board security system for comparison with a whitelist including a plurality of hashes of authentic software parts.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, apparatus and computer program products are provided to authenticate and determine the integrity a software part. In this regard, a software part is authenticated and its integrity is determined by determining a first hash of the digital data that comprises the software part. If the air vehicle lacks data communications connectivity with an off-board security system, the method determines the authenticity and integrity of the software part by decrypting an encrypted hash of a software part in accordance with a public-private key pair to create a decrypted hash, comparing the first hash with the decrypted hash and transmitting the first hash to the off-board security system once data communications connectivity is established. Conversely, if the air vehicle has data communications connectivity with the off-board security system, the method determines the integrity of the software part by transmitting the first hash to the off-board security system for comparison with a whitelist.
13 Citations
20 Claims
-
1. A method for authenticating and determining integrity of a software part of an air vehicle comprising:
-
determining a first hash of digital data that comprises the software part; and utilizing first and second different techniques to determine authenticity and integrity of the software part depending upon whether the air vehicle has data communications connectivity with an off-board security system in which case the first technique is utilized or lacks data communications connectivity with the off-board security system in which case the second technique is utilized, wherein, in an instance in which the air vehicle lacks data communications connectivity with the off-board security system, determining authenticity and integrity of the software part in accordance with the second technique by; decrypting an encrypted hash of a software part in accordance with a public-private key pair to create a decrypted hash; comparing the first hash with the decrypted hash; executing the software part in an instance in which the first hash matches the decrypted hash without awaiting establishment of data communications connectivity with the off-board security system; and thereafter transmitting the first hash to the off-board security system, following execution of the software part, once data communications connectivity is established; and wherein, in an instance in which the air vehicle has data communications connectivity with the off-board security system, determining the integrity of the software part in accordance with the first technique by transmitting the first hash to the off-board security system for comparison with a whitelist including a plurality of hashes of authentic software parts. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for authenticating and determining integrity of a software part of an air vehicle comprising:
an on-board computing system comprising a processor and memory configured to determine a first hash of digital data that comprises the software part, said on-board computing system also configured to utilize first and second different techniques to determine authenticity and integrity of the software part depending upon whether the air vehicle has data communications connectivity with an off-board security system in which case the first technique is utilized or lacks data communications connectivity with the off-board security system in which case the second technique is utilized, wherein, in an instance in which the air vehicle lacks data communications connectivity with an off-board security system, said on-board computing system is configured to determine authenticity and integrity of the software part in accordance with the second technique by decrypting an encrypted hash of a software part in accordance with a public-private key pair to create a decrypted hash, comparing the first hash with the decrypted hash, executing the software part in an instance in which the first hash matches the decrypted hash without awaiting establishment of data communications connectivity with the off-board security system and thereafter transmitting the first hash to the off-board security system, following execution of the software part, once data communications connectivity is established, and wherein, in an instance in which the air vehicle has data communications connectivity with the off-board security system, said on-board computing system is configured to determine the integrity of the software part in accordance with the first technique by transmitting the first hash to the off-board security system for comparison with a whitelist including a plurality of hashes of authentic software parts. - View Dependent Claims (8, 9, 10, 11, 12)
-
13. A computer program product for authenticating and determining integrity of a software part of an air vehicle and comprising at least one non-transitory computer-readable storage medium having computer-executable program code portions stored therein, the computer-executable program code portions comprising:
-
program code instructions for determining a first hash of digital data that comprises the software part; and program code instructions for utilizing first and second different techniques to determine authenticity and integrity of the software part depending upon whether the air vehicle has data communications connectivity with an off-board security system in which case the first technique is utilized or lacks data communications connectivity with the off-board security system in which case the second technique is utilized, wherein the program code instructions are configured to determine authenticity and integrity of the software part in an instance in which the air vehicle lacks data communications connectivity with an off-board security system in accordance with the second technique by; decrypting an encrypted hash of a software part in accordance with a public-private key pair to create a decrypted hash; comparing the first hash with the decrypted hash; executing the software part in an instance in which the first hash matches the decrypted hash without awaiting establishment of data communications connectivity with the off-board security system; and thereafter transmitting the first hash to the off-board security system, following execution of the software part, once data communications connectivity is established; and wherein the program code instructions are configured to determine the integrity of the software part in an instance in which the air vehicle has data communications connectivity with the off-board security system in accordance with the first technique by transmitting the first hash to the off-board security system for comparison with a whitelist including a plurality of hashes of authentic software parts. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. A system for authenticating and determining integrity of a software part of an air vehicle comprising:
-
an off-board security system having access to a whitelist include a plurality of hashes of authentic software parts; and an on-board computing system comprising a processor and memory configured to determine a first hash of digital data that comprises the software part, said processor of said on-board computing system also configured to utilize first and second different techniques to determine authenticity and integrity of the software part depending upon whether the air vehicle has data communications connectivity with an off-board security system in which case the first technique is utilized or lacks data communications connectivity with the off-board security system in which case the second technique is utilized, wherein the processor of the on-board computing system is configured to determine authenticity and integrity of the software part in an instance in which the air vehicle lacks data communications connectivity with the off-board security system in accordance with the second technique by decrypting an encrypted hash of a software part in accordance with a public-private key pair to create a decrypted hash, comparing the first hash with the decrypted hash, executing the software part in an instance in which the first hash matches the decrypted hash without awaiting establishment of data communications connectivity with the off-board security system and thereafter transmitting the first hash to the off-board security system, following execution of the software part, once data communications connectivity is established, and wherein the processor of said on-board computing system further configured to determine the integrity of the software part in an instance in which the air vehicle has data communications connectivity with the off-board security system in accordance with the first technique by transmitting the first hash to the off-board security system, wherein the off-board security system comprises a processor configured to compare the first hash provided by the on-board computing system with the whitelist and to provide an indication of the integrity of the software part. - View Dependent Claims (20)
-
Specification