Inhibiting access to sensitive vehicle diagnostic data
First Claim
Patent Images
1. A method of secure communication between a vehicle and an external device communicating with the vehicle in a diagnostics mode, comprising the steps of:
- receiving a first diagnostic request at an electronic control unit (ECU) from the external device;
determining an increased risk of security breach at the ECU based on the first request; and
when it is determined that the increased risk exists, providing a misinformative response, wherein the misinformative response purposely misdirects the requesting external device.
1 Assignment
0 Petitions
Accused Products
Abstract
A vehicle system and method of secure communication between a vehicle and an external device communicating with the vehicle in a diagnostics mode. The method includes the steps of: receiving a first diagnostic request at an electronic control unit (ECU) from the external device; determining an increased risk of security breach at the ECU based on the [nature of the] first request; and when it is determined that the increased risk exists, providing a misinformative response.
-
Citations
16 Claims
-
1. A method of secure communication between a vehicle and an external device communicating with the vehicle in a diagnostics mode, comprising the steps of:
-
receiving a first diagnostic request at an electronic control unit (ECU) from the external device; determining an increased risk of security breach at the ECU based on the first request; and when it is determined that the increased risk exists, providing a misinformative response, wherein the misinformative response purposely misdirects the requesting external device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method of secure communication between a vehicle electronic control unit (ECU) and an external device communicating with the ECU in a diagnostics mode, comprising the steps of:
-
preconfiguring a static, misinformative response to a diagnostic request for sensitive data; receiving a first diagnostic request from the external device, the first diagnostic request being at least a portion of a malicious attack; determining that the first diagnostic request is for the sensitive data; and providing the misinformative response, wherein the misinformative response purposely misdirects the requesting external device from the sensitive data. - View Dependent Claims (14, 15)
-
-
16. The method of 13, wherein the misinformative response does not include error code data associated with an out-of-range message.
Specification