System and method for protecting train event data

US 9,813,405 B2
Filed: 02/24/2014
Issued: 11/07/2017
Est. Priority Date: 03/04/2013
Status: Active Grant

First Claim

Patent Images

1. A system for protecting recorded train event data, comprising:

a non-transitory memory including program instructions which, when executed by at least one processor of a computer, cause the computer to;

receive user input;

generate authentication data based at least in part on the user input; and

encrypt at least a portion of the authentication data with at least one first key accessible by the computer;

at least one external memory device comprising the encrypted authentication data; and

a train event recording system on a train and in communication with a train management computer, the train event recording system configured to;

record train event data for the train from the train management computer;

determine if the at least one external memory device comprises the encrypted authentication data when the at least one external memory device is in communication with the train event recording system;

decrypt the encrypted authentication data based at least partially on at least one second key wherein the at least one first key and the at least one second key are different, wherein the at least one first key comprises at least one private key and the at least one second key comprises at least one public key, and wherein the authentication data is encrypted with an asymmetrical encryption algorithm, wherein the public key is stored on the train event recording system or the train management computer; and

determine if the authentication data is valid or invalid; and

if the authentication data is valid, facilitate a transfer or cause the transfer of at least a portion of the event data to the at least one external memory device; and

if the authentication data is invalid, prevent at least a portion of the event data from being transferred to the at least one external memory device.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for protecting and preventing unauthorized transfer or downloading of recorded train event data for use in a train event recording system of a train. A train event recording system and an authenticated data storage device are also disclosed. According to one preferred and non-limiting embodiment, provided is a system for protecting recorded train event data, the system including at least one external memory device having encrypted authentication data stored thereon, the encrypted authentication data including authentication data encrypted with at least one first key.

11 Citations

11 Claims

1. A system for protecting recorded train event data, comprising:
- a non-transitory memory including program instructions which, when executed by at least one processor of a computer, cause the computer to;
  
  receive user input;
  
  generate authentication data based at least in part on the user input; and
  
  encrypt at least a portion of the authentication data with at least one first key accessible by the computer;
  
  at least one external memory device comprising the encrypted authentication data; and
  
  a train event recording system on a train and in communication with a train management computer, the train event recording system configured to;
  
  record train event data for the train from the train management computer;
  
  determine if the at least one external memory device comprises the encrypted authentication data when the at least one external memory device is in communication with the train event recording system;
  
  decrypt the encrypted authentication data based at least partially on at least one second key wherein the at least one first key and the at least one second key are different, wherein the at least one first key comprises at least one private key and the at least one second key comprises at least one public key, and wherein the authentication data is encrypted with an asymmetrical encryption algorithm, wherein the public key is stored on the train event recording system or the train management computer; and
  
  determine if the authentication data is valid or invalid; and
  
  if the authentication data is valid, facilitate a transfer or cause the transfer of at least a portion of the event data to the at least one external memory device; and
  
  if the authentication data is invalid, prevent at least a portion of the event data from being transferred to the at least one external memory device.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The system of claim 1, wherein the authentication data comprises at least one of the following:
    - railroad data, user data, a device serial number, an expiration date, or any combination thereof.
  - 3. The system of claim 1, wherein the train event recording system is further configured to detect when the at least one external memory device is in communication with the train event recording system.
  - 4. The system of claim 1, further comprising at least one authentication token stored on the at least one external memory device, the at least one authentication token including at least a portion of the encrypted authentication data.
  - 5. The system of claim 1, further comprising a verification server configured to receive at least a portion of the decrypted authentication data, and transmit an indication to the train event recording system that the at least one external storage device is valid or invalid.

6. A method of preventing unauthorized transfer of train event data from a train event recording system, comprising:
- receiving user input at a management computer;
  
  generating authentication data based at least in part on the user input;
  
  encrypting at least a portion of the authentication data with the at least one first key accessible by the management computer;
  
  providing at least one memory device, wherein the at least one memory device comprises the authentication data;
  
  storing at least one second key on a computer-readable medium in communication with the train event recording system;
  
  determining, with the train event recording system or a train management computer, if the encrypted authentication data is on the at least one memory device;
  
  decrypting, with the train event recording system or the train management computer, the encrypted authentication data based at least partially on the at least one second key, wherein the at least one first key and the at least one second key are different, wherein the at least one first key comprises at least one public key and the at least one second key comprises at least one private key, and wherein the authentication data is encrypted with an asymmetrical encryption algorithm, wherein the public key is stored on the train event recording system or the train management computer;
  
  determining if the at least one memory device is valid or invalid based at least partially on the authentication data; and
  
  if the authentication data is valid, facilitating a transfer or causing the transfer of at least a portion of the event data to the at least one memory device; and
  
  if the authentication data is invalid, preventing at least a portion of the event data from being transferred to the at least one memory device.
- View Dependent Claims (7, 8)
- - 7. The method of claim 6, wherein the authentication data comprises at least one of the following:
    - railroad data, user data, a memory device serial number, an expiration date, or any combination thereof.
  - 8. The method of claim 6, further comprising detecting a connection of the at least one memory device to the train event recording system.

9. A non-transitory computer-readable medium having stored thereon instructions which, when executed by one or more processors of one or more computers, causes the one or more processors to prevent unauthorized transfer of train event data from a train event recording system by performing the steps of:
- receiving user input at a management computer;
  
  generating authentication data based at least in part on the user input;
  
  encrypting at least a portion of the authentication data with the at least one first key accessible by the management computer;
  
  providing at least one memory device, wherein the at least one memory device comprises the authentication data;
  
  storing at least one second key on a computer-readable medium in communication with the train event recording system;
  
  determining, with the train event recording system or a train management computer, if the encrypted authentication data is on the at least one memory device;
  
  decrypting, with the train event recording system or the train management computer, the encrypted authentication data based at least partially on the at least one second key, wherein the at least one first key and the at least one second key are different, wherein the at least one first key comprises at least one public key and the at least one second key comprises at least one private key, and wherein the authentication data is encrypted with an asymmetrical encryption algorithm, wherein the public key is stored on the train event recording system or the train management computer;
  
  determining if the at least one memory device is valid or invalid based at least partially on the authentication data; and
  
  if the authentication data is valid, facilitating a transfer or causing the transfer of at least a portion of the event data to the at least one memory device; and
  
  if the authentication data is invalid, preventing at least a portion of the event data from being transferred to the at least one memory device.
- View Dependent Claims (10, 11)
- - 10. The computer readable medium of claim 9, wherein the authentication data comprises at least one of the following:
    - railroad data, user data, a memory device serial number, an expiration date, or any combination thereof.
  - 11. The computer readable medium of claim 9, wherein the instructions further cause the processor to detect a connection of the at least one memory device to the train event recording system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Wabtec Corporation (Westinghouse Air Brake Technologies Corporation)
Original Assignee
Wabtec Corporation (Westinghouse Air Brake Technologies Corporation)
Inventors
Kurz, Brian E.
Primary Examiner(s)
Hailu, Teshome

Application Number

US14/767,418
Publication Number

US 20160014111A1
Time in Patent Office

1,352 Days
Field of Search

713172
US Class Current
CPC Class Codes

B61L 15/0072   On-board train data handling

B61L 15/0094   Recorders on the vehicle

B61L 27/40   Handling position reports o...

B61L 27/70   Details of trackside commun...

G06F 21/44   Program or device authentic...

G06F 21/552   involving long-term monitor...

H04L 2209/84   Vehicles

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/123   received data contents, e.g...

H04L 9/3234   involving additional secure...

System and method for protecting train event data

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

11 Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for protecting train event data

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

11 Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links