Specially programmed computing systems with associated devices configured to implement secure communication lockdowns and methods of use thereof
First Claim
1. A device, comprising:
- wherein the device is located within a vehicle;
wherein the device is an intermediary for a plurality of communication networks of the vehicle so that the device receives all electronic messages transmitted between the plurality of communication networks;
wherein the plurality of communication networks of the vehicle comprises a plurality of electronic control units (ECUs);
wherein the device comprises at least one secure communication lockdown component;
wherein the at least one secure communication lockdown component is configured such that the device securely separates each respective source of each respective electronic message from each respective destination to which each respective electronic message has been directed;
wherein each respective ECU of the plurality of ECUs is either each respective source or each respective destination;
wherein the at least one secure communication lockdown component comprises;
at least one processor programmed to execute at least one secure communication lockdown procedure andat least one non-volatile memory component, at least storing;
i) at least one pre-defined communication schema, andii) at least one software instruction for the at least one secure communication lockdown procedure;
wherein the at least one pre-defined communication schema comprises;
i) at least one pre-defined approved message dictionary, andii) at least one finite state machine;
wherein the at least one finite state machine comprises;
i) a plurality of states for at least one component of the vehicle, andii) a plurality of state transitions for each state of the plurality of states;
wherein each state is associated with at least one state vector;
wherein the at least one state vector comprises data representative of at least one of the following;
i) at least one general parameter associated with at least one of;
1) an overall operation of the vehicle and2) an overall condition of the vehicle,ii) at least one component-specific parameter associated with at least one operational state of the at least one component of the vehicle,iii) at least one ECU-specific parameter associated with at least one operational state of at least one ECU of the vehicle, andiv) at least one communication-specific parameter associated with at least one communication process that is associated with the vehicle;
wherein the at least one state transition comprises data that is representative of a change in at least on state vector corresponding to the at least one state of the plurality of states;
wherein the at least one processor of the at least one secure communication lockdown component is configured, at runtime, to execute the at least one software instruction of the at least one secure communication lockdown procedure that is configured to;
receive each respective electronic message;
verify at least one portion of each respective electronic message against;
i) the at least one pre-defined approved message dictionary andii) the at least one finite state machine;
determine, based on the verification of the at least one portion of each respective electronic message, that each respective electronic message is;
i) an unauthorized electronic message in accordance with the at least one pre-defined communication schema orii) an approved electronic message in accordance with the at least one pre-defined communication schema; and
perform one of;
i) executing at least one administrative action with the unauthorized electronic message orii) one of;
1) transmitting the approved electronic message to each respective destination or2) modifying the approved electronic message with at least one pre-defined change to generate a changed approved electronic message and transmitting the changed approved electronic message to each respective destination.
1 Assignment
0 Petitions
Accused Products
Abstract
In some embodiments, the present invention provides for an exemplary inventive device which includes at least the following components: a secure lockdown component that is operationally associated with at least one electronic control unit (ECU) of at least one network; where the secure lockdown component is configured such that the device physically separates at least one of: i) the at least one network from any other network, ii) the at least one network from external inputs directed to the at least one network, iii) the at least one ECU from at least one other ECU, iv) the at least one ECU from external inputs directed to the at least one ECU, v) at least one memory component within the at least one ECU from at least one processing unit within the at least one ECU, and vi) any combination thereof.
86 Citations
30 Claims
-
1. A device, comprising:
-
wherein the device is located within a vehicle; wherein the device is an intermediary for a plurality of communication networks of the vehicle so that the device receives all electronic messages transmitted between the plurality of communication networks; wherein the plurality of communication networks of the vehicle comprises a plurality of electronic control units (ECUs); wherein the device comprises at least one secure communication lockdown component; wherein the at least one secure communication lockdown component is configured such that the device securely separates each respective source of each respective electronic message from each respective destination to which each respective electronic message has been directed; wherein each respective ECU of the plurality of ECUs is either each respective source or each respective destination; wherein the at least one secure communication lockdown component comprises; at least one processor programmed to execute at least one secure communication lockdown procedure and at least one non-volatile memory component, at least storing; i) at least one pre-defined communication schema, and ii) at least one software instruction for the at least one secure communication lockdown procedure; wherein the at least one pre-defined communication schema comprises; i) at least one pre-defined approved message dictionary, and ii) at least one finite state machine; wherein the at least one finite state machine comprises; i) a plurality of states for at least one component of the vehicle, and ii) a plurality of state transitions for each state of the plurality of states; wherein each state is associated with at least one state vector; wherein the at least one state vector comprises data representative of at least one of the following; i) at least one general parameter associated with at least one of; 1) an overall operation of the vehicle and 2) an overall condition of the vehicle, ii) at least one component-specific parameter associated with at least one operational state of the at least one component of the vehicle, iii) at least one ECU-specific parameter associated with at least one operational state of at least one ECU of the vehicle, and iv) at least one communication-specific parameter associated with at least one communication process that is associated with the vehicle; wherein the at least one state transition comprises data that is representative of a change in at least on state vector corresponding to the at least one state of the plurality of states; wherein the at least one processor of the at least one secure communication lockdown component is configured, at runtime, to execute the at least one software instruction of the at least one secure communication lockdown procedure that is configured to; receive each respective electronic message; verify at least one portion of each respective electronic message against; i) the at least one pre-defined approved message dictionary and ii) the at least one finite state machine; determine, based on the verification of the at least one portion of each respective electronic message, that each respective electronic message is; i) an unauthorized electronic message in accordance with the at least one pre-defined communication schema or ii) an approved electronic message in accordance with the at least one pre-defined communication schema; and perform one of; i) executing at least one administrative action with the unauthorized electronic message or ii) one of; 1) transmitting the approved electronic message to each respective destination or 2) modifying the approved electronic message with at least one pre-defined change to generate a changed approved electronic message and transmitting the changed approved electronic message to each respective destination. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A method, comprising:
-
incorporating, into a vehicle, a device so that the device is located within a vehicle; wherein the device is an intermediary for a plurality of communication networks of the vehicle so that the device receives all electronic messages transmitted between the plurality of communication networks; wherein the plurality of communication networks of the vehicle comprises a plurality of electronic control units (ECUs); wherein the device comprises at least one secure communication lockdown component; wherein the device comprises at least one secure communication lockdown component; wherein the at least one secure communication lockdown component is configured such that the device securely separates each respective source of each respective electronic message from each respective destination to which each respective electronic message has been directed; wherein each respective ECU of the plurality of ECUs is either each respective source or each respective destination; wherein the at least one secure communication lockdown component comprises; at least one processor programmed to execute at least one secure communication lockdown procedure and at least one non-volatile memory component, at least storing; i) at least one pre-defined communication schema, and ii) at least one software instruction for the at least one secure communication lockdown procedure; wherein the at least one pre-defined communication schema comprises; 1) at least one finite state machine, 2) at least one pre-defined approved message dictionary, and 3) at least one of;
i) all pre-defined communication sequences for all electronic messages that are pre-defined based at least in part on the at least one finite state machine, and
ii) all pre-defined communication protocols for all electronic messages that are pre-defined based at least in part on the at least one finite state machine;wherein the at least one finite state machine comprises; i) a plurality of states for at least one component of the vehicle, and ii) a plurality of state transitions for each state of the plurality of states; wherein each state is associated with at least one state vector; wherein the at least one state vector comprises data representative of at least one of the following; i) at least one general parameter associated with at least one of; 1) an overall operation of the vehicle and 2) an overall condition of the vehicle, ii) at least one component-specific parameter associated with at least one operational state of the at least one component of the vehicle, iii) at least one ECU-specific parameter associated with at least one operational state of at least one ECU of the vehicle, and iv) at least one communication-specific parameter associated with at least one communication process that is associated with the vehicle; wherein the at least one state transition comprises data that is representative of a change in at least on state vector corresponding to the at least one state of the plurality of states; wherein the at least one pre-defined approved message dictionary that comprises at least one of; 1) all pre-defined electronic messages that can be generated within the vehicle during all possible state transitions within the plurality of states, 2) a maximal rate at which each electronic message is allowed to be sent, 3) a minimal rate at which each electronic message is allowed to be sent, 4) all pre-defined source-destination messaging pairs associated with the plurality of states; receiving, by the device, each respective electronic message; and executing, by the device, the at least one secure communication lockdown procedure, by at least; verifying at least one portion of each respective electronic message against; i) the at least one pre-defined approved message dictionary and ii) the at least one finite state machine; determining, based on the verification of the at least one portion of each respective electronic message, that each respective electronic message is; i) an unauthorized electronic message in accordance with the at least one pre-defined communication schema or ii) an approved electronic message in accordance with the at least one pre-defined communication schema; and performing one of; i) executing at least one administrative action with the unauthorized electronic message or ii) one of; 1) transmitting the approved electronic message to each respective destination or 2) modifying the approved electronic message with at least one pre-defined change to generate a changed approved electronic message and transmitting the changed approved electronic message to each respective destination. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30)
-
Specification