Method for protecting vehicle data transmission system from intrusions

US 8,955,130 B1
Filed: 04/10/2014
Issued: 02/10/2015
Est. Priority Date: 04/10/2014
Status: Active Grant

First Claim

Patent Images

1. A system for protecting a vehicle data bus from intrusions and bugs, the system comprising:

a vehicle data bus based on a CAN (Controller Area Network) standard;

a vehicle bus protection module attached to the vehicle data bus and configured to monitor a state of the vehicle data bus indicative of a malicious data sequence on the vehicle data bus;

a transceiver implemented as part of the vehicle bus protection module,wherein if there is no malicious data sequence detected;

the transceiver is configured to monitor a resistive or a capacitive vehicle bus state and to detect a lower resistance or a higher capacitance of the vehicle data bus that indicates a presence of intrusion in the vehicle data bus; and

the vehicle data bus protection module is configured to detect an additional device attached to the vehicle data bus by estimating a total number of the devices based on a measured resistance of the vehicle data bus and to send a notification about the additional device to a driver display panel if the measured resistance is abnormal.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for detecting an intrusion or a bug in a vehicle data transmission system. A hardware-software complex (HSC) is used to find a bug or intrusion device in a vehicle electronic system. The HSC is connected to CAN-buses in the vehicle and also scans radio waves, which can be used to transmit data to a bug. This complex is a self-teaching CAN-system used to monitor and block harmful commands in the vehicle. Each vehicle (of each model, type and settings) has its own reference bus data (parameters), which is used to detect added modules and malicious data sent over the vehicle'"'"'s CAN bus.

44 Citations

View as Search Results

19 Claims

1. A system for protecting a vehicle data bus from intrusions and bugs, the system comprising:
- a vehicle data bus based on a CAN (Controller Area Network) standard;
  
  a vehicle bus protection module attached to the vehicle data bus and configured to monitor a state of the vehicle data bus indicative of a malicious data sequence on the vehicle data bus;
  
  a transceiver implemented as part of the vehicle bus protection module,wherein if there is no malicious data sequence detected;
  
  the transceiver is configured to monitor a resistive or a capacitive vehicle bus state and to detect a lower resistance or a higher capacitance of the vehicle data bus that indicates a presence of intrusion in the vehicle data bus; and
  
  the vehicle data bus protection module is configured to detect an additional device attached to the vehicle data bus by estimating a total number of the devices based on a measured resistance of the vehicle data bus and to send a notification about the additional device to a driver display panel if the measured resistance is abnormal.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1, further comprising a generator and an oscillator coupled to the vehicle data bus protection module for measuring a standing wave on the vehicle data bus in a switched off sate, wherein the vehicle data bus protection module is configured to compare a standing wave frequency value against a reference value for the vehicle data bus.
  - 3. The system of claim 2, wherein the data bus protection module is configured to generate an intrusion notification.
  - 4. The system of claim 2, wherein the reference value is an earlier measured value.
  - 5. The system of claim 2, wherein the reference value is a pre-set value.
  - 6. The system of claim 1, wherein the vehicle data bus protection module is configured to block a command inputting at least one module into a vehicle service mode.
  - 7. The system of claim 6, wherein the command is blocked by forcing a change in a state of the vehicle data bus from active to passive.

8. A method for detecting an intrusion or a presence of a bug on a vehicle data bus, the method comprising:
- detecting a malicious data sequence on the vehicle data bus;
  
  displaying a notification of a potential threat;
  
  checking a resistive or a capacitive state of the vehicle data bus, if no malicious data sequence is detected;
  
  displaying the notification of the potential threat, if the resistive or the capacitive state of the vehicle data bus is not normal;
  
  detecting external radio waves;
  
  estimating a potential threat based on the detected radio waves; and
  
  displaying the threat notification to the driver if the detected radio waves are deemed malicious.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 9. The method of claim 8, wherein the threat notification is a blinking light and a beeping sound.
  - 10. The method of claim 8, further comprising monitoring a multi-media bus and detecting intrusions into a vehicle audio system.
  - 11. The method of claim 8, further comprising monitoring the vehicle data bus by an AV module and detecting threats.
  - 12. The method of claim 8, further comprising checking a radio frequency background of the vehicle data bus.
  - 13. The method of claim 8, further comprising deactivating the data sequence by applying a recessive data sequence.
  - 14. The method of claim 8, further comprising displaying a notification of the detected threat on a driver panel.
  - 15. The method of claim 8, wherein the vehicle data bus is a CAN (Controller Area Network) bus, and further comprising:
    - collecting reference values of packet identifiers that appeared on the CAN bus, their frequencies of appearance, dispersion of their frequencies of appearance on a started car with no actions performed with car controls;
      
      detecting new packet identifiers appearing on the CAN bus with respect to the collected reference values;
      
      calculating a frequency of appearance change for each packet identifier with respect to reference values;
      
      calculating a frequency of appearance dispersion change for each packet identifier with respect to reference values; and
      
      warning the driver if there were new identifiers or frequency changes were above a warning threshold or if the frequency dispersion changes were above the warning threshold.
  - 16. The method of claim 8, further comprising collecting reference values of packet identifiers that appeared on the vehicle data bus, their frequencies of appearance, and dispersion of their frequencies of appearance on a started car with no actions performed with car controls.
  - 17. The method of claim 8, further comprising detecting new packet identifiers appearing on the vehicle data bus with respect to previously collected reference values, and calculating a frequency of appearance change for each packet identifier with respect to the reference values.
  - 18. The method of claim 8, further comprising calculating a frequency of dispersion change for each packet identifier on the vehicle data bus with respect to reference values, andwarning the driver if there were new identifiers or frequency changes were above a warning threshold or if the frequency dispersion changes were above the warning threshold.

19. A system for protecting a vehicle data bus from intrusions and bugs, the system comprising:
- a vehicle data bus based on a CAN (Controller Area Network) standard;
  
  a vehicle bus protection module attached to the vehicle data bus and configured to monitor a state of the vehicle data bus indicative of a malicious intrusion into the vehicle data bus;
  
  a transceiver implemented as part of the vehicle bus protection module,wherein;
  
  the transceiver is configured to monitor a resistive vehicle bus state and to detect a lower resistance of the vehicle data bus that indicates a presence of intrusion in the vehicle data bus;
  
  the vehicle data bus protection module is configured to detect an additional device attached to the vehicle data bus by estimating a total number of the devices based on a measured resistance of the vehicle data bus, andthe vehicle data bus protection module is configured to send a notification about the additional device as indicative of the malicious intrusion to a driver display panel.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Reperion Pte Limited
Original Assignee
Zephyr Technology Co., Limited
Inventors
Mikhailov, Dmitry, Zuykov, Alexander, Kalintsev, Nikolay, Khabibullin, Timur, Starikovsky, Andrey
Primary Examiner(s)
Patel, Nirav B
Assistant Examiner(s)
Waliullah, Mohammed

Application Number

US14/249,375
Time in Patent Office

306 Days
Field of Search

726 22- 25
US Class Current

726/23
CPC Class Codes

G06F 21/567   using dedicated hardware

H04L 12/40013   Details regarding a bus con...

H04L 2012/40215   Controller Area Network CAN

Method for protecting vehicle data transmission system from intrusions

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

44 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Method for protecting vehicle data transmission system from intrusions

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

44 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links