Bus watchman
First Claim
Patent Images
1. A module for providing security to an in-vehicle communication network having a bus and at least one node connected to the bus, the module comprising:
- at least one memory having data characterizing messages that the at least one node transmits and receives via the bus during normal operation of the node;
a communication port via which the module receives and transmits messages, the port being configured to be connected to a portion of the in-vehicle network; and
a processor that processes, responsive to the data characterizing messages in the at least one memory, messages received via the port from the portion of the in-vehicle network to;
determine a measure of vehicle health responsive to the data characterizing the messages;
identify, responsive to the measure of vehicle health, an anomalous message in the received messages indicative of exposure of the in-vehicle network to damage from a cyber attack; and
cause the module to transmit at least one signal via the port to the portion of the in-vehicle network that alters the anomalous message so that the at least one node will discard the anomalous message.
1 Assignment
0 Petitions
Accused Products
Abstract
A module for providing security to an in-vehicle communication network comprising at least one node, the module being operative to identify an anomalous message in the network indicative of exposure of the in-vehicle network to damage from a cyber attack and transmit at least one signal that alters the anomalous message so that the at least one node will discard it.
-
Citations
20 Claims
-
1. A module for providing security to an in-vehicle communication network having a bus and at least one node connected to the bus, the module comprising:
-
at least one memory having data characterizing messages that the at least one node transmits and receives via the bus during normal operation of the node; a communication port via which the module receives and transmits messages, the port being configured to be connected to a portion of the in-vehicle network; and a processor that processes, responsive to the data characterizing messages in the at least one memory, messages received via the port from the portion of the in-vehicle network to;
determine a measure of vehicle health responsive to the data characterizing the messages;identify, responsive to the measure of vehicle health, an anomalous message in the received messages indicative of exposure of the in-vehicle network to damage from a cyber attack; and cause the module to transmit at least one signal via the port to the portion of the in-vehicle network that alters the anomalous message so that the at least one node will discard the anomalous message. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method of providing security to an in-vehicle communication network having a bus and at least one node connected to the bus, the method comprising:
-
monitoring messages in communication traffic propagating in a portion of the in-vehicle network; determining a measure of vehicle health responsive to data characterizing the monitored messages; identifying an anomalous message in the monitored messages indicative of exposure of the in-vehicle network to damage from a cyber attack responsive to the measure of vehicle health; and transmitting at least one signal to the portion of the in-vehicle network that alters the anomalous message so that the at least one node will discard the anomalous message. - View Dependent Claims (18, 19, 20)
-
Specification