Who is the assignee on this patent?

Faraday&Future Inc, Faraday & Future Inc

What technology area does this patent fall under?

Primary CPC classification H04L63/123. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Jan 01 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Efficient and secure method and apparatus for firmware update

US10171478B2 · US · B2

Patent metadata
Field	Value
Publication number	US-10171478-B2
Application number	US-201715639436-A
Country	US
Kind code	B2
Filing date	Jun 30, 2017
Priority date	Jun 30, 2016
Publication date	Jan 1, 2019
Grant date	Jan 1, 2019

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

This relates to a vehicle and, more particularly to, a vehicle configured to perform a secure firmware update. Some examples of the disclosure include receiving a firmware update package including updated firmware for one or more electronic control units (ECUs) of a vehicle. According to the disclosure, the firmware update package can be transmitted to and stored on an untrusted ECU and distributed to one or more target ECUs in a secure firmware update process monitored by a secure ECU.

First claim

Opening claim text (preview).

The invention claimed is: 1. A vehicle, comprising: an untrusted electronic control unit (ECU) comprising a receiver, a processor, and a memory, the receiver configured for receiving from a secure server a firmware update package including one or more firmware updates, and the memory of the untrusted ECU configured to store the firmware update package; a secure ECU operatively coupled to the untrusted ECU, the secure ECU configured for authenticating the firmware update package; and one or more target ECUs, each operatively coupled to the untrusted ECU and to the secure ECU, each respective target ECU comprising a bootloader configured for computing a checksum for a respective firmware update of the one or more firmware updates and signing the checksum with a unique key associated with the respective target ECU. 2. The vehicle of claim 1 , wherein the firmware update package is encrypted with an asymmetric key and each of the one or more firmware updates is encrypted with the unique key corresponding to a respective target ECU of the one or more target ECUs. 3. The vehicle of claim 1 , wherein the untrusted ECU is further configured for: decrypting the firmware update package; and transmitting a signed update command to the secure ECU. 4. The vehicle of claim 1 , wherein the secure ECU is configured for: receiving a signed update command from the untrusted ECU, the signed update command indicative of the received firmware update package; authenticating the signed update command; and in accordance with a determination that the signed update command is authentic, transmitting a signed distribution command to initiate a transmission of one or more firmware updates to one or more target ECUs. 5. The vehicle of claim 4 , wherein the secure ECU is configured for: in accordance with a determination that the signed updated command is inauthentic, transmitting a signed erase command to the untrusted ECU to initiate an erasure of the firmware update package. 6. The vehicle of claim 1 , wherein the secure ECU is configured for: receiving the signed checksum from one or more target ECUs; verifying a signature of the signed checksum; verifying a result of the signed checksum; and in accordance with a determination that the signature is valid and the result is correct, transmitting one or more installation commands to the one or more target ECUs to install a respective firmware update corresponding to the signed checksum. 7. The vehicle of claim 6 , wherein the secure ECU is configured for: in accordance with a determination that the signature is not valid or the result is incorrect, transmitting one or more erase commands to the one or more target ECUs to erase a respective firmware update corresponding to the signed checksum. 8. The vehicle of claim 1 , wherein each unique key associated with each target ECU is a symmetric key. 9. A method for updating firmware at a vehicle, the method comprising: receiving, from a secure server, a firmware update package including one or more firmware updates; storing the firmware update package at a memory of an untrusted electronic control unit (ECU); authenticating, with a secure ECU, the firmware update package; in accordance with a determination that the firmware update package is authentic: transmitting one or more firmware updates included in the firmware update package to one or more respective target ECUs; computing, with a bootloader included in a target ECU of the one or more respective target ECUs, a checksum for a respective firmware update; and signing, with the bootloader, the checksum using a unique key associated with the target ECU. 10. The method of claim 9 , wherein the firmware update package is encrypted with an asymmetric key and each of the one or more firmware updates is encrypted with the unique key corresponding to the respective target ECU. 11. The method of claim 9 , further comprising, at the untrusted ECU: decrypting the firmware update package; and transmitting a signed update command to the secure ECU. 12. The method of claim 9 , further comprising, at the secure ECU: receiving a signed update command from the untrusted ECU, the signed update command indicative of the received firmware update package; authenticating the signed update command; and in accordance with a determination that the signed update command is authentic, transmitting a signed distribution command to initiate a transmission of one or more firmware updates to one or more target ECUs. 13. The method of claim 12 , further comprising, at the secure ECU: in accordance with a determination that the signed updated command is inauthentic, transmitting a signed erase command to the untrusted ECU to initiate an erasure of the firmware update package. 14. The method of claim 9 , further comprising, at the secure ECU: receiving a signed checksum from one or more target ECUs; verifying a signature of the signed checksum; verifying a result of the signed checksum; and in accordance with a determination that the signature is valid and the result is correct, transmitting one or more installation commands to the one or more target ECUs to install a respective firmware update corresponding to the signed checksum. 15. The method of claim 14 , further comprising, at the secure ECU: in accordance with a determination that the signature is not valid or the result is incorrect, transmitting one or more erase commands to the one or more target ECUs to erase a respective firmware update corresponding to the signed checksum. 16. The method of claim 9 , wherein each unique key associated with each target ECU is a symmetric key. 17. A non-transitory computer-readable medium including instructions, which when executed by one or more processors, cause the one or more processors to perform a method for updating firmware at a vehicle, the method comprising: receiving, from a secure server, a firmware update package including one or more firmware updates; storing the firmware update package at a memory of an untrusted electronic control unit (ECU); authenticating, with a secure ECU, the firmware update package; in accordance with a determination that the firmware update package is authentic: transmitting one or more firmware updates included in the firmware update package to one or more respective target ECUs; computing, with a bootloader included in a target ECU of the one or more respective target ECUs, a checksum for a respective firmware update; and signing, with the bootloader, the checksum using a unique key associated with the target ECU.

Assignees

Inventors

Classifications

G06F8/65
Updates (security arrangements therefor G06F21/57) · CPC title
H04W4/40
for vehicles, e.g. vehicle-to-pedestrians [V2P] · CPC title
H04L63/0435
wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption (cryptographic mechanisms or cryptographic arrangements for symmetric key encryption H04L9/06) · CPC title
H04L63/0442
wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption (cryptographic mechanisms or cryptographic arrangements for public-key encryption H04L9/30) · CPC title
H04L63/045
wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption (cryptographic mechanisms or cryptographic arrangements using a plurality of keys or algorithms H04L9/14) · CPC title

Patent family

Related publications grouped by family.

View patent family 62147963

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US10171478B2 cover?: This relates to a vehicle and, more particularly to, a vehicle configured to perform a secure firmware update. Some examples of the disclosure include receiving a firmware update package including updated firmware for one or more electronic control units (ECUs) of a vehicle. According to the disclosure, the firmware update package can be transmitted to and stored on an untrusted ECU and distrib…
Who is the assignee on this patent?: Faraday&Future Inc, Faraday & Future Inc
What technology area does this patent fall under?: Primary CPC classification H04L63/123. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Jan 01 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).