Programming vehicle modules from remote devices and related methods and systems

US 9,374,355 B2
Filed: 10/28/2013
Issued: 06/21/2016
Est. Priority Date: 10/28/2013
Status: Active Grant

First Claim

Patent Images

1. A method of programming a vehicle module of a vehicle, the method comprising:

generating, by a gateway module communicatively coupled to the vehicle module in response to a programming request, session authentication information for a programming update for the vehicle module, the session authentication information including a public key dynamically generated by the gateway module based at least in part on a stored private key associated with the vehicle and a timestamp associated with the programming request;

providing the session authentication information to a remote device via an external communications network, wherein the remote device generates authorization authentication information based at least in part on the public key;

obtaining the authorization authentication information from the remote device via the external communications network;

decrypting, by the gateway module, the authorization authentication information using the public key to obtain a decrypted key;

authenticating, by the gateway module, the programming update based at least in part on the decrypted key matching the stored private key associated with the vehicle; and

providing, via the gateway module, programming data for the programming update to the vehicle module after authenticating the programming update.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, apparatus and systems are provided for programming a vehicle module. An exemplary vehicle includes a first module, a gateway module communicatively coupled to the first module, and an update module communicatively coupled to the gateway module. The update module is configured to provide authorization information and programming data to the gateway module. The gateway module is configured to verify that programming of the first module is authorized based at least in part on the authorization information and provide the programming data to the first module after verifying that the programming of the first module is authorized.

Citations

17 Claims

1. A method of programming a vehicle module of a vehicle, the method comprising:
- generating, by a gateway module communicatively coupled to the vehicle module in response to a programming request, session authentication information for a programming update for the vehicle module, the session authentication information including a public key dynamically generated by the gateway module based at least in part on a stored private key associated with the vehicle and a timestamp associated with the programming request;
  
  providing the session authentication information to a remote device via an external communications network, wherein the remote device generates authorization authentication information based at least in part on the public key;
  
  obtaining the authorization authentication information from the remote device via the external communications network;
  
  decrypting, by the gateway module, the authorization authentication information using the public key to obtain a decrypted key;
  
  authenticating, by the gateway module, the programming update based at least in part on the decrypted key matching the stored private key associated with the vehicle; and
  
  providing, via the gateway module, programming data for the programming update to the vehicle module after authenticating the programming update.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, further comprising updating the vehicle module based at least in part on the programming data after providing the programming data for the programming update to the vehicle module.
  - 3. The method of claim 2, the programming data including a set of instructions, wherein updating the vehicle module comprises the vehicle module executing the set of instructions to update an application on the vehicle module.
  - 4. The method of claim 1, wherein authenticating the programming update comprises:
    - comparing, by the gateway module, the decrypted key to the stored private key associated with the vehicle; and
      
      authenticating the programming update when the decrypted key matches the stored private key.
  - 5. The method of claim 4, wherein the remote device generates the authorization authentication information by encrypting the stored private key using the session authentication information in response to determining the programming update is authorized based at least in part on the session authentication information.

6. A vehicle comprising:
- a first vehicle communications network;
  
  a second vehicle communications network different from the first vehicle communications network;
  
  a target vehicle module coupled to the first vehicle communications network;
  
  a gateway module communicatively coupled to the target vehicle module via the first vehicle communications network, the gateway module generating session authentication information for a programming update for the target vehicle module in response to a programming request, the session authentication information including a public key dynamically generated by the gateway module based at least in part on a stored private key associated with the vehicle and a timestamp associated with the programming request; and
  
  an update module communicatively coupled to the gateway module via the second communications network to provide authorization authentication information received from an external communications network and programming data to the gateway module, wherein;
  
  the gateway module is configured to;
  
  verify programming the target vehicle module is authorized based at least in part on authenticating the authorization authentication information is provided from a trusted remote device by decrypting the authorization authentication information using the public key to obtain a decrypted key and authenticating the programming update based at least in part on the decrypted key matching the stored private key associated with the vehicle; and
  
  provide the programming data to the target vehicle module via the first vehicle communications network after verifying the programming is authorized.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 7. The vehicle of claim 6, wherein the update module is a head unit.
  - 8. The vehicle of claim 6, wherein the gateway module is configured to:
    - obtain a decrypted key from the authorization authentication information using session authentication information; and
      
      verify the programming is authorized when the decrypted key matches the stored private key.
  - 9. The vehicle of claim 8, the update module providing the programming request to the gateway module, wherein the gateway module is configured to generate the session authentication information in response to the programming request from the update module.
  - 10. The vehicle of claim 9, wherein the update module is configured to provide the session authentication information to a remote device, the remote device generating the authorization authentication information by encrypting a key associated with the vehicle using the session authentication information provided by the update module after determining the programming of the target vehicle module is authorized.
  - 11. The vehicle of claim 6, wherein the gateway module is coupled between the first vehicle communications network and the second vehicle communications network.
  - 12. The vehicle of claim 11, wherein the first vehicle communications network is an Ethernet network and the second communications network is a controller area network (CAN).
  - 13. The vehicle of claim 11, wherein the update module is communicatively coupled to a remote device via an external communications network to receive the authorization authentication information from the remote device, the remote device generating the authorization authentication information after determining the programming of the target vehicle module is authorized.
  - 14. The vehicle of claim 6, wherein the target vehicle module is configured to update an application on the target vehicle module based at least in part on the programming data.
  - 15. The vehicle of claim 14, the programming data including a set of instructions, wherein the target vehicle module updates the application by executing the set of instructions.

16. A vehicle system comprising:
- a first vehicle communications network;
  
  a second vehicle communications network;
  
  a target vehicle module coupled to the second vehicle communications network;
  
  an update vehicle module coupled to the first vehicle communications network and an external communications network; and
  
  a gateway module coupled to the first vehicle communications network and the second vehicle communications network, wherein;
  
  the update vehicle module is configured to obtain programming data for the target vehicle module, transmit session authentication information to a remote device via the external vehicle communications network, receive authorization authentication information from a remote device via the external communications network, and provide the authorization authentication information and the programming data to the gateway module via the first vehicle communications network;
  
  the gateway module is configured to generate the session authentication information for the programming data, the session authentication information including a public key dynamically generated by the gateway module based at least in part on a stored private key associated with the vehicle and a timestamp associated with a programming request, decrypt the authorization authentication information using the session authentication information to obtain a decrypted key, provide the programming data to the target vehicle module after authenticating the authorization authentication information by determining the decrypted key matches the stored private key associated with the vehicle; and
  
  the target vehicle module is configured to update an application on the target vehicle module based at least in part on the programming data after receiving the programming data from the gateway module.
- View Dependent Claims (17)
- - 17. The vehicle system of claim 16, whereinthe remote device generates the authorization authentication information based at least in part on the session authentication information in response to determining that programming the target vehicle module is authorized based at least in part on the session authentication information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
GM Global Technology Operations LLC (General Motors Company)
Original Assignee
GM Global Technology Operations LLC (General Motors Company)
Inventors
Schwarz, Jonathan R., Martin, Douglas C., Mazzara, William E. Jr.
Primary Examiner(s)
Mehedi, Morshed
Assistant Examiner(s)
Naghdali, Khalil

Application Number

US14/064,425
Publication Number

US 20150121071A1
Time in Patent Office

967 Days
Field of Search

713/168
US Class Current

1/1
CPC Class Codes

H04L 63/08 for authentication of entit...

H04L 63/12 Applying verification of th...

Programming vehicle modules from remote devices and related methods and systems

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Programming vehicle modules from remote devices and related methods and systems

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links