Authenticating messages sent over a vehicle bus that include message authentication codes

The invention claimed is: 1. A method of transmitting data within a vehicle over a vehicle bus, comprising the steps of: (a) storing a first copy of a data message in a first memory installed to the vehicle, and a second copy of the data message in a second memory installed to the vehicle, the second memory physically separated from the first memory; (b) constructing at an electronic control unit (ECU) a serial bus message that includes: (1) the first copy of the data message as retrieved from the first memory; and (2)a message authentication code (MAC), wherein the MAC is created using a secret key stored at the ECU, a MAC algorithm, and the second copy of the data message as retrieved from the second memory; (c) transmitting the serial bus message to a receiving ECU over the vehicle bus; and (d) authenticating the serial bus message at the receiving ECU using a copy of the secret key stored at the receiving ECU by: (d1) creating a copy of the MAC from the first copy of the data message included in the serial bus message, the copy of the secret key, and the MAC algorithm; (d2) comparing the MAC included in the serial bus message with the copy of the MAC created at the receiving ECU; and (d3) rejecting or accepting the data message based on the comparison in step (d2). 2. The method of claim 1 , wherein a length of the MAC is greater than 30 bits. 3. The method of claim 1 , wherein the vehicle bus is a controller area network (CAN) bus, a media oriented system transfer (MOST) bus, or a local area network (LAN). 4. The method of claim 1 , further comprising the step of including the MAC in a payload of the serial bus message. 5. The method of claim 1 , wherein the ECU controls one or more vehicle systems. 6. The method of claim 1 , wherein storing the first and second copies of the data message includes storing the first and second copies in physically separate locations. 7. The method of claim 1 , wherein storing the first and second copies of the data message includes storing the first and second copies in a same physical location. 8. The method of claim 1 , further comprising storing at least one of the first and second copies of the data message in a volatile memory of the sending ECU prior to constructing the serial bus message. 9. The method of claim 1 , further comprising creating the first and second copies of the data message at the time the serial bus message is constructed. 10. A method of transmitting data within a vehicle over a vehicle bus, comprising the steps of: (a) storing a first copy of a data message in a first memory installed to the vehicle, and a second copy of the data message in a second memory installed to the vehicle, the second memory physically separated from the first memory, wherein at least one of the first and second copies of the data message is stored in a volatile memory of the sending ECU; (b) after step (a), constructing at an electronic control unit (ECU) a serial bus message that includes: (1) the first copy of the data message as retrieved from the first memory; and (2) a message authentication code (MAC), wherein the MAC is created using a secret key stored at the ECU, a MAC algorithm, and the second copy of the data message as retrieved from the second memory; (c) transmitting the serial bus message to a receiving ECU over the vehicle bus; (d) authenticating the serial bus message at the receiving ECU using a copy of the secret key stored at the receiving ECU by: (d1) creating a copy of the MAC from the first copy of the data message included in the serial bus message, the copy of the secret key, and the MAC algorithm; (d2) comparing the MAC included in the serial bus message with the copy of the MAC created at the receiving ECU; and (d3) rejecting or accepting the data message based on the comparison in step (d2). 11. A electronic control unit (ECU) for transmitting data within a vehicle over a vehicle bus, comprising: a microprocessor that executes one or more computer-readable instructions; first and second memory devices communicatively coupled with the microprocessor such that the memory devices can receive requests from the microprocessor for data stored at the memory devices, the first and second memory devices configured to store first and second copies of a data message, respectively, the second memory device physically separated from the first memory device; an input/output port for sending and receiving data over a vehicle bus; a secret key stored in the memory device; and a message authentication code (MAC) algorithm stored at the memory device, wherein the microprocessor creates a serial bus message, the serial bus message including a data message comprising the first copy of the data message as retrieved from the first memory, the serial bus message including a message authentication code (MAC) that is created using the second copy of the data message as retrieved from the second memory, the secret key, and the MAC algorithm. 12. The ECU of claim 11 , wherein a length of the MAC is greater than 30 bits. 13. The ECU of claim 12 , wherein the vehicle bus is a controller area network (CAN) bus, a media oriented system transfer (MOST) bus, or a local area network (LAN). 14. The ECU of claim 13 , wherein the MAC is located in a payload of the serial bus message. 15. The ECU of claim 14 , wherein the ECU controls one or more vehicle systems. 16. The ECU of claim 11 , wherein the memory devices comprise physically separate locations for storing the first and second copies of the data message, respectively. 17. The ECU of claim 11 , wherein the at least one memory device is configured to store at least one of the first and second copies of the data message in a volatile memory of the sending ECU prior to constructing the serial bus message.