Hardware security for an electronic control unit

US 10,664,413 B2
Filed: 01/27/2017
Issued: 05/26/2020
Est. Priority Date: 01/27/2017
Status: Active Grant

First Claim

Patent Images

1. A vehicle electronic control unit, comprising:

a memory configured to store encrypted and unencrypted vehicle data;

a main processor operatively connected to the memory and configured to access unencrypted vehicle data stored in the memory, the main processor further configured to process unencrypted vehicle data to perform tasks assigned to the electronic control unit;

a security processor operatively connected to the memory and configured to access encrypted and unencrypted vehicle data stored in the memory, the security processor further configured to encrypt unencrypted vehicle data stored in the memory and store the encrypted vehicle data in the memory and to decrypt encrypted vehicle data stored in the memory and store the decrypted vehicle data in the memory as unencrypted vehicle data for accessing and processing by the main processor, the security processor executing encryption and decryption in hardware circuitry that is field programmable; and

a substrate in which is defined a bus to connect the main processor, the memory, and the security processor;

wherein the encryption of unencrypted vehicle data or decryption of encrypted vehicle data by the security processor is performed in parallel to processing by the main processor of unencrypted vehicle data to perform the tasks assigned to the electronic control unit;

wherein the security processor includes an IP core configured to produce a security counter measure at run-time to side-channel attacks against the vehicle electronic control unit, and wherein the IP core senses current drawn by the main processor and the security processor and consumes current to maintain a current on the substrate to reduce sensing operation of the security processor and the main processor.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An electronic control unit (ECU) for vehicles is described, including memory to store encrypted data and unencrypted data; a main control unit operatively connected to memory to access unencrypted data; and a hardware encryption-decryption device operatively connected to memory to access encrypted/decrypted data for decryption using a hardware algorithm and for encryption using a hardware algorithm. Data in the memory is decrypted by the hardware encryption-decryption device using the hardware algorithm and stored in memory for use by the main control unit. Data in memory is encrypted by the hardware encryption-decryption device using the hardware algorithm for storage in memory. The main control unit and the hardware encryption-decryption device are separate integrate circuits on a same substrate or SOC and are connected by a bus and can process data in parallel. An external bus can communicate encrypted information with the ECU to allow encrypt/decrypt at run time (on-the-fly) and wire-speed.

46 Citations

View as Search Results

25 Claims

1. A vehicle electronic control unit, comprising:
- a memory configured to store encrypted and unencrypted vehicle data;
  
  a main processor operatively connected to the memory and configured to access unencrypted vehicle data stored in the memory, the main processor further configured to process unencrypted vehicle data to perform tasks assigned to the electronic control unit;
  
  a security processor operatively connected to the memory and configured to access encrypted and unencrypted vehicle data stored in the memory, the security processor further configured to encrypt unencrypted vehicle data stored in the memory and store the encrypted vehicle data in the memory and to decrypt encrypted vehicle data stored in the memory and store the decrypted vehicle data in the memory as unencrypted vehicle data for accessing and processing by the main processor, the security processor executing encryption and decryption in hardware circuitry that is field programmable; and
  
  a substrate in which is defined a bus to connect the main processor, the memory, and the security processor;
  
  wherein the encryption of unencrypted vehicle data or decryption of encrypted vehicle data by the security processor is performed in parallel to processing by the main processor of unencrypted vehicle data to perform the tasks assigned to the electronic control unit;
  
  wherein the security processor includes an IP core configured to produce a security counter measure at run-time to side-channel attacks against the vehicle electronic control unit, and wherein the IP core senses current drawn by the main processor and the security processor and consumes current to maintain a current on the substrate to reduce sensing operation of the security processor and the main processor.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The vehicle electronic control unit according to claim 1, wherein the security processor includes a plurality of IP cores that include reconfigurable circuitry to assign at least one of the plurality of IP cores a task for encryption or decryption.
  - 3. The vehicle electronic control unit according to claim 2, wherein one of the plurality of IP cores includes circuitry configured for data decompression and data compression.
  - 4. The vehicle electronic control unit according to claim 2, wherein the IP cores operate as finite state machines that run in parallel with the main processor.
  - 5. The vehicle electronic control unit according to claim 1, wherein the security processor is configurable to a new encryption scheme by reconfiguring hardware.
  - 6. The vehicle electronic control unit according to claim 2, wherein one of the plurality of IP cores is configured to produce security counter measures at run-time to side-channel attacks against the vehicle electronic control unit.
  - 7. The vehicle electronic control unit according to claim 2, wherein the main processor and at least one IP core engage in vehicle to vehicle communication with connections that cause a delay resulting in a connection failure of at least one of the connections and at least one additional one of the IP cores is configured to authenticate the vehicle to vehicle communications in parallel to the main processor when a delay to fail occurs during run-time.
  - 8. The vehicle electronic control unit of claim 2, wherein the main processor receives a command that a cryptographic code is compromised, the main processor enters a secure mode where no critical operations are allowed from received data until a specific secure connection is established and the cryptographic code is upgraded in the security circuitry.
  - 9. The electronic control unit of claim 1, wherein the main processor, after confirmation of successful upgrade of encryption/decryption algorithms by the security processor, sends the same hardware algorithm upgrade to a second electronic control unit in a vehicle so that the hardware encryption-decryption algorithm is also upgraded in the second electronic control unit.

10. An electronic control unit, comprising:
- a memory configured to store encrypted data and unencrypted data;
  
  a main control unit operatively connected to the memory and configured to access unencrypted data stored in the memory, the main control unit further configured to process unencrypted data to perform tasks not related to authentication; and
  
  a hardware encryption-decryption device operatively connected to the memory and configured to access encrypted data stored in the memory for decryption using a hardware algorithm and to access unencrypted data stored in the memory for encryption using the hardware algorithm;
  
  wherein encrypted data stored in the memory is decrypted by the hardware encryption-decryption device using the hardware algorithm and stored in the memory as unencrypted data for accessing and processing by the main control unit to perform the tasks,wherein unencrypted data stored in the memory is encrypted by the hardware encryption-decryption device using the hardware algorithm and stored in the memory as encrypted data by the hardware encryption-decryption device, andwherein the main control unit and the hardware encryption-decryption device are separate integrated circuits on a single substrate with a bus connecting the memory with the main control unit and the hardware encryption-decryption device and wherein the encryption of unencrypted data or decryption of encrypted data by the hardware encryption-decryption device is performed in parallel to processing by the main control unit of unencrypted data to perform the tasks;
  
  wherein the security processor includes an IP core configured to produce a security counter measures at run-time to side-channel attacks against the main control unit, and wherein the IP core produces acoustic information to mask operation of the main control unit and the hardware encryption-decryption device.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 11. The electronic control unit of claim 10, wherein the hardware encryption-decryption device includes a field programmable device or programmable logic.
  - 12. The electronic control unit of claim 11, wherein the main control unit receives a hardware algorithm update in a compressed, encrypted data file, sends the hardware algorithm update to the memory, and the field programmable device decompresses and decrypts the hardware algorithm update, wherein the hardware encryption-decryption device uses the decrypted hardware update to update the hardware algorithm in the hardware encryption-decryption device while the main control unit processes other software tasks.
  - 13. The electronic control unit of claim 10, wherein the hardware encryption-decryption device includes a reconfigurable memory in the form of a flash memory or a random access memory.
  - 14. The electronic control unit of claim 10, wherein the hardware encryption-decryption device includes a field programmable gate array.
  - 15. The electronic control unit of claim 14, wherein the main control unit receives an update for the hardware algorithm in the field programmable gate array.
  - 16. The electronic control unit of claim 15, wherein the update is a new cryptography algorithm in run-time.
  - 17. The electronic control unit of claim 15, wherein the hardware encryption-decryption device includes a plurality of IP cores, and wherein the update is to erase at least one of the IP cores and install a new hardware algorithm.
  - 18. The electronic control unit of claim 15, wherein the hardware encryption-decryption device includes a plurality of IP cores, and wherein the update is to add a further IP core to the hardware algorithm in the hardware encryption-decryption device.
  - 19. The electronic control unit of claim 15, wherein the hardware encryption-decryption device includes a plurality of IP cores, and wherein the update is to remove an IP core from hardware placement in the hardware encryption-decryption device.
  - 20. The electronic control unit of claim 15, wherein the hardware encryption-decryption device includes a plurality of IP cores, and wherein the update is to change specific processing of an IP core in run-time with other processors operating in parallel.
  - 21. The electronic control unit of claim 10, wherein the hardware encryption-decryption device is reconfigured for a new process while the main control unit continues to process other data.

22. A vehicle electronic control unit, comprising:
- a memory configured to store encrypted and unencrypted vehicle data;
  
  a main processor operatively connected to the memory and configured to access unencrypted vehicle data stored in the memory, the main processor further configured to process unencrypted vehicle data to perform tasks assigned to the electronic control unit;
  
  a security processor operatively connected to the memory and configured to access encrypted and unencrypted vehicle data stored in the memory, the security processor further configured to encrypt unencrypted vehicle data stored in the memory and store the encrypted vehicle data in the memory and to decrypt encrypted vehicle data stored in the memory and store the decrypted vehicle data in the memory as unencrypted vehicle data for accessing and processing by the main processor, the security processor executing encryption and decryption in hardware circuitry that is field programmable; and
  
  a substrate in which is defined a bus to connect the main processor, the memory, and the security processor;
  
  wherein the encryption of unencrypted vehicle data or decryption of encrypted vehicle data by the security processor is performed in parallel to processing by the main processor of unencrypted vehicle data to perform the tasks assigned to the electronic control unit;
  
  wherein the security processor includes an IP core configured to produce a security counter measure at run-time to side-channel attacks against the vehicle electronic control unit, and wherein the IP core produces current in a random pattern to mask currents to and from the main processor and the security processor.
- View Dependent Claims (23)
- - 23. The vehicle electronic control unit of claim 22, wherein the security processor includes a plurality of IP cores that include reconfigurable circuitry to assign at least one of the plurality of IP cores a task for encryption or decryption, and wherein the main processor receives a command that a cryptographic code is compromised, the main processor enters a secure mode where no critical operations are allowed from received data until a specific secure connection is established and the cryptographic code is upgraded in the security circuitry.

24. A vehicle electronic control unit, comprising:
- a memory configured to store encrypted and unencrypted vehicle data;
  
  a main processor operatively connected to the memory and configured to access unencrypted vehicle data stored in the memory, the main processor further configured to process unencrypted vehicle data to perform tasks assigned to the electronic control unit;
  
  a security processor operatively connected to the memory and configured to access encrypted and unencrypted vehicle data stored in the memory, the security processor further configured to encrypt unencrypted vehicle data stored in the memory and store the encrypted vehicle data in the memory and to decrypt encrypted vehicle data stored in the memory and store the decrypted vehicle data in the memory as unencrypted vehicle data for accessing and processing by the main processor, the security processor executing encryption and decryption in hardware circuitry that is field programmable; and
  
  a substrate in which is defined a bus to connect the main processor, the memory, and the security processor;
  
  wherein the encryption of unencrypted vehicle data or decryption of encrypted vehicle data by the security processor is performed in parallel to processing by the main processor of unencrypted vehicle data to perform the tasks assigned to the electronic control unit;
  
  wherein the security processor includes an IP core configured to produce security counter measures at run-time to side-channel attacks against the vehicle electronic control unit, and wherein the IP core outputs random electromagnetic radiation to mask operation of the main processor and the security processor.
- View Dependent Claims (25)
- - 25. The vehicle electronic control unit of claim 24, wherein the security processor includes a plurality of IP cores that include reconfigurable circuitry to assign at least one of the plurality of IP cores a task for encryption or decryption, and wherein the main processor receives a command that a cryptographic code is compromised, the main processor enters a secure mode where no critical operations are allowed from received data until a specific secure connection is established and the cryptographic code is upgraded in the security circuitry.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lear Corporation
Original Assignee
Lear Corporation
Inventors
Fons, Francisco, Fons, Mariano, Fernandez Banares, Jose Gabriel
Primary Examiner(s)
Homayounmehr, Farid
Assistant Examiner(s)
Salman, Raied A

Application Number

US15/418,061
Publication Number

US 20180217942A1
Time in Patent Office

1,215 Days
Field of Search

713190, 713194, 713189, 701 23, 701 334, 3405721, 726 26
US Class Current
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 2212/1052   Security improvement

H04L 2209/84   Vehicles

H04L 9/12   Transmitting and receiving ...

H04L 9/16   the keys or algorithms bein...

Hardware security for an electronic control unit

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

46 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Hardware security for an electronic control unit

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

46 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links