Patent application number | Description | Published |
20080204191 | System and method for controlling information access on a mobile platform - A method and system are provided for controlling extra-vehicle communications to a device of a mobile platform. The method comprises establishing a policy comprising attributes for permitting communications to the device, the attributes having selectable states. Access to communicate with the device is authorized based upon a least privilege of the selectable states of the attributes. An information requestor is permitted to communicate with the device when the access is authorized, and the information requestor is denied access to the device when one of the selectable states of the attributes is not satisfied | 08-28-2008 |
20080205320 | Method and system for selectively communicating with mobile platforms - There is provided a method for selectively communicating from a remote system to a subset of a plurality of vehicles. Each of the vehicles is equipped with a first wireless communications device and a second wireless communication device. The method comprises broadcasting a common message from the remote system to the vehicles via the first wireless communication device. A subset of the plurality of vehicles is selected based upon the common message. A communications link is established between the remote system and the second wireless communication device of each of the selected subset of vehicles to transmit formatted electronic data therebetween. | 08-28-2008 |
20080208405 | Method and system for facilitating communication of information to a mobile platform - There is provided a method and system for facilitating communications between a remote access point and a mobile platform during a shutdown period. The mobile platform is equipped with a first receiver and a wireless communications receiver. A wake-up signal is wirelessly transmitted from a remote wireless device to the first receiver of the mobile platform. The communications receiver is activated based upon the wake-up signal. The remote access point is controlled to communicate with the communications receiver subsequent to the activation of the communications receiver. | 08-28-2008 |
20090077240 | METHOD AND APPARATUS FOR IMPLEMENTING A MOBILE SERVER - Methods and apparatus are provided for transmitting data to a client device from a computer module in a vehicle. Data is transmitted from the computer module over an in-vehicle network to an in-vehicle communications gateway module. The data from the computer module is destined for the client device. A request for a software component is transmitted to the client device from a standard port of the in-vehicle communications gateway module. The software component comprises a non-standard transfer protocol module. The in-vehicle communications gateway module loads the non-standard transfer protocol module, and the data is exchanged between the in-vehicle communications gateway module and the client device according to the non-standard transfer protocol. | 03-19-2009 |
20090077266 | METHOD AND APPARATUS FOR IMPLEMENTING A MOBILE SERVER - Methods and apparatus are provided for transmitting data from remote server device to a computer module in a vehicle. A request for data is transmitted from the computer module over an in-vehicle network to an in-vehicle communications gateway module. The request for data from the computer module is destined for a remote server device. A request for a software component is transmitted from a standard port of the in-vehicle communications gateway module to the remote server device. The software component comprises a non-standard transfer protocol module. The in-vehicle communications gateway module loads the non-standard transfer protocol module, and the remote server device transmits the requested data to the in-vehicle communications gateway module according to the non-standard transfer protocol. The in-vehicle communications gateway module then transmits the requested data (provided from the remote server device) to the computer module over the in-vehicle network. | 03-19-2009 |
20090077267 | METHOD AND APPARATUS FOR IMPLEMENTING A MOBILE SERVER - Methods and apparatus are provided for transmitting data between a client device and a vehicle. A server hosted at an in-vehicle communications gateway module sends a software component comprising a non-standard transfer protocol module to a browser application hosted at the client device in response to a request from the client device. Standard ports at the in-vehicle communications gateway module and the client device are closed, and data is exchanged between the server and the browser application according to the non-standard transfer protocol. Optionally, the received data can then be transmitted from the in-vehicle communications gateway module to a computer module in the vehicle. | 03-19-2009 |
20090091419 | METHODS AND SYSTEMS TO CONTROL REMOTE ACCESS TO A VEHICLE MODULE - A method for controlling remote access to a module of a vehicle includes the steps of determining whether the vehicle is in a predetermined state, and permitting remote access to the module only on the condition that the vehicle is in the predetermined state. | 04-09-2009 |
20090138942 | SECURE OVER-THE-AIR MODIFICATION OF AUTOMOTIVE VEHICULAR OPTIONS - A method and system are provided for secure over-the-air modification of vehicular options by a vehicle user. The system includes a vehicle and a secure server. The vehicle includes receiver circuitry for receiving and demodulating wireless signals and a controller coupled to the receiver. The secure server is accessible by the vehicle user and generates a vehicular option modification package for provision to the vehicle by generating option parameter modification instructions in response to user parameter modification requests from the vehicle owner and generating authentication information in response to unique server authentication information associated with the secure server. The vehicle's receiver demodulates received wireless signals to generate the vehicular option modification package and the vehicle's controller authenticates the vehicular option modification package and, when the vehicular option modification package is authenticated, modifies the vehicular options of the vehicle in response to the parameter modification instructions. | 05-28-2009 |
20090158396 | Secure Home-to-Vehicle Wireless Connectivity - A method for providing a secure communications link between a home PC and a vehicle through a wireless access point. The method includes providing a wireless connection between a vehicle communications system and the wireless access point and causing a user of the PC to initiate a communication with the vehicle communications system through the wireless access point so as to allow the user to send information to the vehicle from the home PC. The method also includes causing the vehicle communications system to send an authentication challenge to the PC, such as identifying a user name and password, to authorize the user to communicate with the vehicle communications system, and establishing a secure communications link between the vehicle communications system and the PC if the user responds to the challenge with a correct response. | 06-18-2009 |
20090170539 | PREVENTING REPLAY-TYPE ATTACKS ON A VEHICLE COMMUNICATIONS SYSTEM - A method and system for preventing replay-type attacks on a vehicle communications system that sends short message service (SMS) messages between a call center and a fleet of vehicles. The method uses separate sequence counters maintained at the call center and at each of the vehicles in the fleet to help prevent or at least minimize the effects of unauthorized third party interference; such as replay-type attacks. Each wireless message is embedded with a sequence counter that is provided by the sender and is compared by the recipient with a separate sequence counter for purposes of validation. Some optional features that can be used in conjunction with the sequence counters include a tolerance window feature, a consecutive message feature, and a proximity feature, to name but a few. | 07-02-2009 |
20090249074 | WIRELESS COMMUNICATION USING COMPACT CERTIFICATES - A method and communications system for generating and using compact digital certificates for secure wireless communication. Each compact certificate includes a digital signature and only a portion of the data used in generating the signature. The remaining certificate data is pre-stored on one or more wireless devices for which secure communication is desired. Upon receiving a compact certificate, the wireless device authenticates the certificate using its digital signature along with both the data contained in the certificate and the data pre-stored on the wireless device. This approach permits secure connections to be established between wireless devices using relatively small digital certificates. | 10-01-2009 |
20090291637 | SECURE WIRELESS COMMUNICATION INITIALIZATION SYSTEM AND METHOD - A wireless communication system for a vehicle is provided. The system comprises a portable wireless device comprising first and second manual interface devices and adapted to transmit a wireless network security protocol confirmation signal in response to manipulation of the first and second manual interface devices, and an onboard wireless communication device for the vehicle, adapted to accept a Wi-Fi Protected Setup (WPS) session outcome in response to receiving the wireless network security protocol confirmation signal. | 11-26-2009 |
20090323967 | PRODUCTION OF CRYPTOGRAPHIC KEYS FOR AN EMBEDDED PROCESSING DEVICE - A system and method for producing cryptographic keys for use by an embedded processing device within a manufactured product. A pseudo random number generator is seeded with entropy data gathered by the embedded device, and the result is used to generate a public-private key pair. The process can be carried out during manufacturing so that the public key of each manufactured product can be stored in a database along with a unique identifier for the embedded device associated with the key. In one particular example, a vehicle having an installed telematics unit uses the key generating process to self-generate keys using entropy data available to the vehicle. | 12-31-2009 |
20090328189 | SECURE WIRELESS COMMUNICATION INITIALIZATION SYSTEM AND METHOD - A wireless communication system for use with a vehicle is disclosed. The communication system comprises a portable wireless device comprising a first manual interface device, the portable wireless device adapted to transmit an activation signal in response to manipulation of the first manual interface device, and an onboard wireless communication device for a vehicle. The onboard wireless communication device can be adapted to transmit Wi-Fi Protected Setup initiation signals in response to receiving the activation signal. | 12-31-2009 |
20100040234 | SYSTEM AND METHOD FOR PERFORMING AN ASYMMETRIC KEY EXCHANGE BETWEEN A VEHICLE AND A REMOTE DEVICE - Methods and apparatus are provided for performing an asymmetric key exchange between a vehicle and a first remote device. The method comprises storing predetermined cryptographic information on the vehicle, generating a first public key and a first private key that correspond to the vehicle, storing the first private key on the vehicle, and providing the first public key and descriptive data associated with the vehicle to a trusted entity, wherein the trusted entity is configured to store the first public key and the descriptive data in a location that is accessible to the first remote device. | 02-18-2010 |
20100049373 | METHOD FOR MODULAR SOFTWARE REMOVAL - A method of managing a code module that generates output information for a computer system is provided. The method comprises searching for the output information in the computer system, if the output information is not detected by the searching step, executing the code module, generating the output information in response to executing the code module, and removing the code module from the computer system in response to generating the output information. | 02-25-2010 |
20100073125 | SYSTEM AND METHOD FOR CONFIRMING THAT A USER OF AN ELECTRONIC DEVICE IS AN AUTHORIZED USER OF A VEHICLE - Methods and a system are provided for confirming that a user of an electronic device is an authorized user of a vehicle. The method comprises receiving a request regarding the vehicle from the electronic device in response to a user action, verifying that the user is able to cause the vehicle to perform a predetermined operation, and permitting the request to proceed only if the vehicle performs the predetermined operation. | 03-25-2010 |
20100109835 | APPARATUS AND METHOD FOR PROVIDING LOCATION BASED SECURITY FOR COMMUNICATION WITH A REMOTE DEVICE - A method for providing location based security for communication between a remote device and a mobile device having a global positioning system receiver for determining its current position. The method comprises receiving geographic data from the remote device, determining if the mobile device is within a predetermined geographic region based on the geographic data and the current position, and enabling subsequent communication with the remote device when the current position is within the predetermined geographic region. | 05-06-2010 |
20100161490 | METHOD AND APPARATUS FOR PROTECTING THE PRIVACY OF RESPONDER INFORMATION - A device, such as a vehicle, and a method within the device are provided for protecting the privacy of device specific information. The method includes the steps of detecting a beacon transmitted by an association requestor, determining whether the association requestor is an authorized requester by determining whether a present parameter falls within a range of authorized parameters associated with the association requester, and transmitting the device specific information to the authorized requester only if the present parameter falls within the range of authorized requester parameters. | 06-24-2010 |
20100178872 | INITIATING WIRELESS COMMUNICATION BETWEEN A VEHICLE AND AN ACCESS POINT - Methods and a vehicle are provided for initiating a short range radio frequency (RF) connection between the vehicle and an access point. The vehicle includes transceiver circuitry comprising receiver circuitry and transmitter circuitry, a Global Positioning System (GPS) receiver for receiving GPS coordinates, and a controller. The controller is coupled to the GPS receiver for determining a location of the vehicle in response to the GPS coordinates. The controller is also coupled to the transmitter circuitry for providing a probe request thereto for transmission to the access point in order to initiate the short range RF connection in response to the location of the vehicle. | 07-15-2010 |
20100179720 | AUTONOMOUS VEHICLE MAINTENANCE AND REPAIR SYSTEM - A system and method for providing autonomous and remote vehicle maintenance and repair. The system employs an on-board diagnosis and prognosis module that monitors one or more vehicle buses to identify trouble codes and other information indicating a vehicle problem. The on-board module causes a telematic device on the vehicle to broadcast a message including a problem code that identifies the problem the vehicle is having. A remote repair center may receive the message and may identify a software upgrade patch associated with the problem that can be transmitted to the vehicle to upgrade its software to correct the problem. Also, the message may be received by another vehicle that is part of a broadcast network that has previously received the software upgrade patch to fix a problem on that vehicle, where the receiving vehicle may transmit the software upgrade patch to the vehicle having the problem. | 07-15-2010 |
20100191973 | SYSTEM AND METHOD FOR ESTABLISHING A SECURE CONNECTION WITH A MOBILE DEVICE - Methods and apparatus are provided for establishing a secure connection with a mobile device that is configured to store a first private key that mathematically corresponds to a first public key. The method comprises receiving a quasi-public key from a trusted entity, wherein the quasi-public key mathematically corresponds to a quasi-private key that is stored on the mobile device, receiving a first digital certificate from the mobile device, the first digital certificate comprising the first public key and a first digital signature generated with the quasi-private key, and authenticating the first digital certificate using the first digital signature and the quasi-public key. | 07-29-2010 |
20100205429 | SYSTEM AND METHOD FOR VERIFYING THAT A REMOTE DEVICE IS A TRUSTED ENTITY - Methods and systems are provided for verifying that a remote device is a trusted entity. The method comprises receiving a first digital certificate from a first certificate authority, wherein the first certificate authority is a trusted entity, receiving a second digital certificate from the remote device during a first handshake procedure for establishing a secure connection, the second digital certificate corresponding to a second certificate authority, determining if the second digital certificate was issued by the first certificate authority based on at least a portion of the contents of the first digital certificate, and storing the second digital certificate to enable subsequent authentication of additional digital certificates received from the remote device, if the second digital certificate was issued by the first certificate authority. | 08-12-2010 |
20100211770 | METHOD AND APPARATUS FOR PROTECTING PRIVATE DATA ON A VEHICLE - Methods and apparatus are provided for protecting private data on a vehicle. The method comprises receiving a first signal generated by a user of the vehicle and, in response to the first signal, deleting predetermined data stored on the vehicle to prevent the private data from being accessed. | 08-19-2010 |
20100228423 | AGGREGATED INFORMATION FUSION FOR ENHANCED DIAGNOSTICS, PROGNOSTICS AND MAINTENANCE PRACTICES OF VEHICLES - A system and method for enhancing vehicle diagnostic and prognostic algorithms and improving vehicle maintenance practices. The method includes collecting data from vehicle components, sub-systems and systems, and storing the collected data in a database. The collected and stored data can be from multiple sources for similar vehicles or similar components and can include various types of trouble codes and labor codes as well as other information, such as operational data and physics of failure data, which are fused together. The method generates classes for different vehicle components, sub-systems and systems, and builds feature extractors for each class using data mining techniques of the data stored in the database. The method also generates classifiers that classify the features for each class. The feature extractors and feature classifiers are used to determine when a fault condition has occurred for a vehicle component, sub-system or system. | 09-09-2010 |
20100274570 | VEHICLE CHARGING AUTHORIZATION - Methods and apparatus are provided for charging an onboard energy storage system of a plug-in vehicle using a charging station. An embodiment of the system includes a vehicle communication system configured to transmit data related to charging authorization to the charging station. The embodiment also includes an electronic device configured to communicate with the vehicle communication system within a set range from the plug-in vehicle; and a vehicle controller communicatively coupled to the vehicle communication system. The vehicle controller is configured to direct the vehicle communication system to transmit the data related to charging authorization if the electronic device is within the set range from the plug-in vehicle. | 10-28-2010 |
20110032075 | METHODS AND APPARATUS FOR HOME-TO-VEHICLE APPLICATIONS OVER WIRELESS LINKS - Methods and apparatus are provided for enabling communication between an information handling device, such as a computer, and a vehicle. A dongle is provided for enabling the communication and includes an external coupling device, dongle transceiver circuitry, and a dongle controller. The dongle transceiver circuitry enables remote keyless entry communication between the dongle and the vehicle. The external coupling device couples the dongle to the information handling device, and the dongle controller is coupled to the external coupling device for determining when the dongle is coupled to the information handling device. The dongle controller is also coupled to the dongle transceiver circuitry for providing a remote keyless entry wakeup message to the dongle transceiver circuitry in response to receiving a communication initiation signal from the information handling device. | 02-10-2011 |
20120110654 | SECURE CONNECTION SYSTEMS AND METHODS FOR VEHICLES - A communication system of a vehicle includes a mode determination module and a connection control module. The mode determination module sets a mode of operation to one of a first mode and a second mode based on a comparison of a common name (CN) of a root certificate with first and second predetermined CNs associated with operation in the first and second modes, respectively. The connection control module selectively transmits a request to one of a first server and a second server to establish a secure wireless connection between the connection control module and the one of the first and second servers. The first and second servers are different, and the first and second predetermined CNs are different. | 05-03-2012 |
20120322377 | COMPUTER TO VEHICLE WIRELESS LINK - A wireless data link system between a vehicle having a vehicle controller and a computing device having a computing processor is provided. The wireless data link system includes a vehicle data link (“VDL”) device and a computing data link (“CDL”). The VDL device has a VDL controller, a VDL memory, and a VDL interface circuitry. The VDL interface circuitry provides a connection to the vehicle controller for exchanging data. The VDL memory stores a passcode that provides a secure connection and a VDL recognizable code that is associated with the VDL device. The CDL device has a CDL controller, a CDL memory, and CDL interface circuitry. The CDL interface circuitry provides a connection to the computing processor for exchanging data. | 12-20-2012 |
20130073864 | SYSTEM AND METHOD OF AUTHENTICATING MULTIPLE FILES USING A DETACHED DIGITAL SIGNATURE - A system and method of authenticating data files is provided. The method includes providing a plurality of software part files and a manifest file associated with the software part files. The manifest file identifies each of the plurality of software part files. The method includes associating the manifest file with a manifest detached digital signature. The method also includes digitally signing the manifest file with the manifest detached digital signature. The manifest detached digital signature authenticates the manifest file. The method includes associating each of the plurality of software part files with one a plurality of unique detached digital signatures. The method includes digitally signing each of the plurality of software part files with one of the plurality of unique detached digital signatures. Each of the plurality of unique detached digital signatures authenticates one of the software part files. | 03-21-2013 |
20130111203 | METHOD TO REPLACE BOOTLOADER PUBLIC KEY | 05-02-2013 |
20130111212 | METHODS TO PROVIDE DIGITAL SIGNATURE TO SECURE FLASH PROGRAMMING FUNCTION | 05-02-2013 |
20130111271 | USING A MANIFEST TO RECORD PRESENCE OF VALID SOFTWARE AND CALIBRATION | 05-02-2013 |
20130275761 | PROCESSING MESSAGES RECEIVED AT A VEHICLE - A system and method for processing messages received at a vehicle. The method carried by the system involves wirelessly receiving at a vehicle a first communication message having secure credentials and a message signature for a second communication message. Then, the vehicle authenticates the first communication message via its secure credentials. Later, the vehicle wirelessly receives the second communication message and validates this second message using the message signature from the first message. In response to the validation, the second message is processed at the vehicle. | 10-17-2013 |
20130329888 | IN-VEHICLE MOBILE TRANSACTIONS - A mobile client system initiates a wireless communication with a transaction system and receives a digital certificate from the transaction system in response. The digital certificate includes an embedded geographic location of the transaction system. The mobile client system also compares the geographic location of the transaction system with a current geographic location of the mobile client system and establishes an encrypted communication channel with the transaction system upon determining that the location of the transaction system is in proximity of the current location of the mobile client system. The mobile client system further sends the user credentials to the transaction system via the encrypted communication channel. Upon successful authentication of the mobile client system via the user credentials, the mobile client system performs a transaction with the transaction system using a graphical user interface of the client system. | 12-12-2013 |
20140032916 | SECURED FLASH PROGRAMMING OF SECONDARY PROCESSOR - A system and method for securely flashing a controller, where the controller includes at least one main processor and at least one secondary processor, and where the processing duties are distributed between the processors. A programming tool provides a content file to be flashed and a digital signature to the controller. The controller calculates a hash value of the content file, decrypts the digital signature using a public key to generate a decrypted hash value, compares the decrypted hash value to the calculated hash value, and determines that the content file is valid if the decrypted hash code matches the calculated hash value, where one or more of the steps of calculating the hash value, decrypting the digital signature, comparing the decrypted hash value to the calculated hash value and determining that the content file is valid, is performed by the main processor for the secondary processor. | 01-30-2014 |
20140075094 | METHOD TO IMPLEMENT A BINARY FLAG IN FLASH MEMORY - A system and method for changing a state of a binary flag in a flash memory. The method defines a cell segment including a predetermined number of bits as the binary flag, where each bit is converted to a logical 1 when the memory is erased. The method also defines that an even number of logical 1 bits in the flash cell segment is an even parity and an odd number of logical 1 bits in the flash cell segment is an odd parity, and defines whether an even parity is an ON state of the binary flag or an odd parity is the ON state of the binary flag. The method changes the parity of the binary flag by writing one of the bits in the flash cell segment from a logical 1 to a logical 0 to change the state of the flag. | 03-13-2014 |
20140075197 | METHOD FOR SELECTIVE SOFTWARE ROLLBACK - A system and method for validating a software file to be installed into a controller. The method includes preparing the software file including assigning a software version code to the software file, assigning a security version code to the software file, and signing the software file with the software file version code and the security version code. The signed software file is presented to the controller for installing on the controller and the controller verifies the software file signature to determine if the software file is valid and the security version code is valid. The controller allows the software file to be installed in the controller if both the signed software file is valid and the security version code is valid. | 03-13-2014 |
20140075517 | AUTHORIZATION SCHEME TO ENABLE SPECIAL PRIVILEGE MODE IN A SECURE ELECTRONIC CONTROL UNIT - A system and method for by-passing a security code to allow developmental software to be installed on a production controller without having to authenticate the software. The method includes requesting information from the controller and creating an information ticket in the controller in response to the request that identifies the controller. The information ticket is sent to a secure server that creates an authorization ticket that identifies the controller from the information ticket and creates a security code for the ticket. The authorization ticket is presented to the controller and if the security code is verified by the controller, the controller allows the developmental software to be installed. | 03-13-2014 |
20140075579 | METHOD TO ENABLE DEVELOPMENT MODE OF A SECURE ELECTRONIC CONTROL UNIT - A system and method for installing software on a secure controller without requiring the software to be properly signed. The method includes determining whether a by-pass flag has been set in the controller that identifies whether a file validation procedure is required to install the file and performing a pre-check operation to determine whether predetermined parameters of the file have been satisfied. The method also includes installing the file into a memory in the controller if the pre-check operation has been satisfied. The method further includes determining whether the file has a proper signature and indicating that the signature is proper if the by-pass flag is set and the file does not include a proper signature, and allowing the file to be installed if the signature has been indicated as being proper. | 03-13-2014 |
20140129054 | MOBILE DEVICE-ACTIVATED VEHICLE FUNCTIONS - Mobile device-activated vehicle functions are implemented by authenticating a vehicle with a device via wireless signals transmitted between a low frequency antenna of the device and a low frequency antenna of the vehicle when the vehicle is in communicative range of the device. The mobile device-activated vehicle functions are further implemented by receiving, via computer processor embedded in the device, a selection from one of a plurality of input components embedded in the device, the selection associated with a vehicle function, and transmitting a request to implement the vehicle function via the low frequency antenna coupled to the computer processor and the low frequency antenna of the vehicle. | 05-08-2014 |
20140181526 | METHODS AND SYSTEMS FOR BYPASSING AUTHENTICITY CHECKS FOR SECURE CONTROL MODULES - Methods and systems are provided for bypassing an authenticity check for a secure control module. In one embodiment, a method includes: receiving authenticity data from a secure source, wherein the authenticity data includes a signature and an identifier that is unique to the control module; programming the control module with the authenticity data; and bypassing the authenticity check of a control program of the control module based on the authenticity data. | 06-26-2014 |
20140245284 | SYSTEM AND METHOD TO IMPROVE CONTROL MODULE REFLASH TIME - A control module reflash system includes a control module located in a vehicle that controls at least one function of the vehicle according to stored vehicle software. An external interface module receives a software file from a source external to the vehicle and receives a part number for the stored vehicle software in the control module. The external interface module retrieves a comparison software file from the source external to the vehicle corresponding to the part number and compares the software file and the comparison software file. The external interface module identifies differences between the software file and the comparison software file, generates a compressed file based on the differences, and provides the compressed file to the control module. The control module generates a flash file based on the received compressed file and the stored vehicle software and modifies the stored vehicle software based on the flash file. | 08-28-2014 |
20140359296 | METHODS TO IMPROVE SECURE FLASH PROGRAMMING - Methods are provided for securely loading software objects into an electronic control unit. The methods include receiving a first software object comprising a second level public key certificate, a first encryption signature and a first set of software. Once the first software object is received, validating the first second level public key is validated with the embedded root public key, the first encryption signature with the first second level public key certificate, and the first set of software with the first encryption signature. When the first set of software is valid, then the first second level public key certificate and the first set of software are stored to non-volatile memory. Once stored, a consecutive software object is received comprising only a consecutive encryption signature and a consecutive set of software from the programming source. The consecutive encryption signature is validated with the stored second level public key certificate, and the consecutive set of software is validated with the consecutive encryption signature. | 12-04-2014 |