Vehicle module update, protection and diagnostics
First Claim
Patent Images
1. A method for thwarting unauthorized programming of a server included on a road vehicle comprising:
- inspecting a programming message transmitted from a client to the server for the purposes of requesting a programming of the server;
determining whether the programming message is one of authorized and unauthorized; and
engaging one of a passive mode and an active mode in the event the programming message is unauthorized, including;
i) transmitting a default message to the server sufficient to return the server to a default session before the server updates a memory pursuant to the requested programming if engaged according to the active mode;
ii) allowing the server to update the memory pursuant to the programming if engaged according to the passive mode; and
iii) logging parameters associated with the programming message, the parameters including at least a timestamp and an address.
1 Assignment
0 Petitions
Accused Products
Abstract
Updating, protecting, diagnosing and/or otherwise managing a server, module or other analogous device(s) included on a vehicle for the purposes of facilitating a vehicle related operation is contemplated. A local controller physical connected or otherwise associated with to the vehicle may be employed to implement the contemplated processes, optionally at the direction of a remote controller or other master controller having capabilities sufficient to provide corresponding instructions thereto.
25 Citations
24 Claims
-
1. A method for thwarting unauthorized programming of a server included on a road vehicle comprising:
-
inspecting a programming message transmitted from a client to the server for the purposes of requesting a programming of the server; determining whether the programming message is one of authorized and unauthorized; and engaging one of a passive mode and an active mode in the event the programming message is unauthorized, including; i) transmitting a default message to the server sufficient to return the server to a default session before the server updates a memory pursuant to the requested programming if engaged according to the active mode; ii) allowing the server to update the memory pursuant to the programming if engaged according to the passive mode; and iii) logging parameters associated with the programming message, the parameters including at least a timestamp and an address. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A non-transitory computer-readable medium having a plurality of non-transitory instructions operable with a controller to facilitate thwarting a client from updating a server when the controller, client and server are physically connected to a vehicle, the non-transitory instructions being sufficient for:
-
inspecting a programming request made by the client to request an update of the server to determine whether the programming request is authorized or unauthorized; taking no action against the server to prevent the update when the programming request is authorized; determining whether to engage a passive mode and an active mode to thwart the update when the programming request is unauthorized; and engaging the active mode when the programming request is unauthorized and the active mode is engaged, the active mode including the controller transmitting a default message to the server sufficient to prevent the server from performing the update pursuant to the programming request before a memory or other data construct of the server is overwritten as a function thereof, the default message being sufficient for controlling the server to cease further processing of the programming request through a return or other transition to a default session or other suitable operating state; and engaging the passive mode when the programming request is unauthorized and the passive mode is engaged, the passive mode including preventing the controller from transmitting the default message to the server such that the server is permitted to perform the update. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A system for protecting a module included within a vehicle from unauthorized updates, the module being configured to facilitate a vehicle related operation according to a corresponding plurality of non-transitory computer-readable instructions stored on a memory, the system comprising:
-
a remote controller physically disconnected from the vehicle, the remote controller configured to wirelessly transmit a protection instruction sufficient for identifying one or more authorized updates for the module and whether unauthorized updates of the module are to be thwarted according to a passive mode or an active mode; and a local controller physically connected to a controller area network (CAN) shared with the module, the local controller configured to wirelessly receive the protection instructions from the remote controller and includes a non-transitory computer-readable medium having a plurality of non-transitory instructions, which when executed with a processor associated therewith, sufficient to; i) determine whether a programming requested by a client connected to the CAN for the purposes of updating the module is one of the authorized updates; ii) transmit a default message to the module over the CAN to prevent the module from performing the programming if the programming is unauthorized and to be thwarted according to the active mode, the default message causing the module to return to a default session or other state sufficient to cease further processing of the programming requested by the client prior to a memory associated therewith being overwritten as a function thereof; and iii) allow the module to perform the programming if the programming is unauthorized and to be thwarted according to the passive mode. - View Dependent Claims (21, 22)
-
-
23. A method for thwarting unauthorized programming of a server included on a road vehicle comprising:
-
inspecting a programming message transmitted from a client to the server for the purposes of requesting a programming of the server; determining whether the programming message is one of authorized and unauthorized; engaging one of a passive mode and an active mode in the event the programming message is unauthorized, including; i) transmitting a default message to the server sufficient to return the server to a default session before the server updates a memory pursuant to the requested programming if engaged according to the active mode; and ii) allowing the server to update the memory pursuant to the programming if engaged according to the passive mode preventing engagement of the active and passive modes in the event the programming message is authorized; taking no action to prevent the server from receiving the programming message from the client regardless of whether the programming message is authorized or unauthorized; engaging the passive mode in the event the programming message is determined at a first instance in time to be unauthorized; and engaging the active mode in the event the programming message is determined at a second instance in time to be unauthorized, the second instance being different than the first instance.
-
-
24. A method for thwarting unauthorized programming of a server included on a road vehicle comprising:
-
inspecting a programming message transmitted from a client to the server for the purposes of requesting a programming of the server; determining whether the programming message is one of authorized and unauthorized; engaging one of a passive mode and an active mode in the event the programming message is unauthorized, including; i) transmitting a default message to the server sufficient to return the server to a default session before the server updates a memory pursuant to the requested programming if engaged according to the active mode; and ii) allowing the server to update the memory pursuant to the programming if engaged according to the passive mode taking no action to prevent the server from receiving the programming message from the client; determining an operation performed for the road vehicle with the server to be one of a first type and a second type; engaging the active mode in the event the programming message is unauthorized and the operation is the first type; and engage the passive mode in the event the programming message is unauthorized and the operation is the second type, the second type being different than the first type so as to selectively engage the active mode and the passive mode according to the operation of the server.
-
Specification