Securely exchanging vehicular sensor information
US-2017244565-A1 · Aug 24, 2017 · US
Method and update gateway for updating an embedded control unit
US10244394B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10244394-B2 |
| Application number | US-201615155537-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 16, 2016 |
| Priority date | May 19, 2015 |
| Publication date | Mar 26, 2019 |
| Grant date | Mar 26, 2019 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method for updating an embedded electronic control unit, including an update gateway requests from a hardware security module an update request destined for the electronic control unit, the update gateway receives from the hardware security module the update request, which is signed by the hardware security module, the update gateway creates a communication channel, based on a cryptographic identity of the update gateway, to a backend, the update gateway sends the update request to the backend, the update gateway receives from the backend via the communication channel an update ticket which corresponds to the update request and is signed by the backend, in addition to associated update data, validates the update data, initiates a validation of the update ticket, checks the result of the validation, and depending on the result, the update gateway updates the electronic control unit with the update data.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for updating an embedded electronic control unit, comprising: requesting, by an update gateway from a hardware security module, an update request destined for the electronic control unit; receiving, by the update gateway from the hardware security module, the update request, which is signed by the hardware security module; creating, by the update gateway, a communication channel, based on a cryptographic identity of the update gateway, to a backend; sending, by the update gateway, the update request to the backend; receiving, by the update gateway from the backend via the communication channel, an update ticket which corresponds to the update request and is signed by the backend, in addition to associated update data; validating, by the update gateway, the update data; initiating, by the update gateway, a validation of the update ticket; checking, by the update gateway, a result of the validation; depending on the result, updating, by the update gateway, the electronic control unit with the update data; wherein the cryptographic identity includes a secret key which is known only to the hardware security module, a public key associated with the secret key, and a certificate of the public key which is issued by a trusted entity, and which is a function of a system environment of the update gateway; wherein the update data are received in a container file, together with a cryptographic signature, and the validation of the update data includes a check of the signature with the aid of a certificate of the backend; wherein the update gateway stores a public key of the update ticket which is signed by the backend, and the validation of the update ticket is carried out by the update gateway with the aid of the public key; and wherein the initiating of the validation includes an at least partial transfer of the update ticket to the hardware security module, and the update gateway receives the result of the validation from the hardware security module. 2. The method as recited in claim 1 , wherein the update gateway is tunneled with a cryptographic communication channel. 3. A method for updating an embedded electronic control unit, comprising: requesting, by an update gateway from a hardware security module, an update request destined for the electronic control unit; receiving, by the update gateway from the hardware security module, the update request, which is signed by the hardware security module; creating, by the update gateway, a communication channel, based on a cryptographic identity of the update gateway, to a backend; sending, by the update gateway, the update request to the backend; receiving, by the update gateway from the backend via the communication channel, an update ticket which corresponds to the update request and is signed by the backend, in addition to associated update data; validating, by the update gateway, the update data; initiating, by the update gateway, a validation of the update ticket; checking, by the update gateway, a result of the validation; depending on the result, updating, by the update gateway, the electronic control unit with the update data; requesting, by the update gateway from the electronic control unit, a security access authorization to the electronic control unit; receiving, by the update gateway, an authentication request from the electronic control unit; sending, by the update gateway, the authentication request, in addition to the update ticket and an identifier of the electronic control unit, to the hardware security module; receiving, by the update gateway from the hardware security module, a response to the authentication request, based on a validation of the update ticket; sending, by the update gateway, the response to the electronic control unit; receiving, by the update gateway, the security access authorization from the electronic control unit; and transferring, by the update gateway, the update data to the electronic control unit so that that the electronic control unit may install and validate software, based on the update data. 4. The method as recited in claim 3 , further comprising: storing, by the update gateway, the update data in a protected manner; wherein the creating of the communication channel, the sending of the update request, the receiving of the update data, the initiating of the validation, and the checking of the result take place before the update data are stored. 5. A non-transitory machine-readable memory medium storing a computer program for updating an embedded electronic control unit, the computer program, when executed by processor, causing the processor to perform: requesting from a hardware security module an update request destined for the electronic control unit; receiving from the hardware security module the update request, which is signed by the hardware security module; creating a communication channel, based on a cryptographic identity of the update gateway, to a backend; sending the update request to the backend; receiving from the backend via the communication channel, an update ticket which corresponds to the update request and is signed by the backend, in addition to associated update data; validating the update data; initiating a validation of the update ticket; checking a result of the validation; and depending on the result, updating the electronic control unit with the update data; requesting, by the update gateway from the electronic control unit, a security access authorization to the electronic control unit; receiving, by the update gateway, an authentication request from the electronic control unit; sending, by the update gateway, the authentication request, in addition to the update ticket and an identifier of the electronic control unit, to the hardware security module; receiving, by the update gateway from the hardware security module, a response to the authentication request, based on a validation of the update ticket; sending, by the update gateway, the response to the electronic control unit; receiving, by the update gateway, the security access authorization from the electronic control unit; and transferring, by the update gateway, the update data to the electronic control unit so that that the electronic control unit may install and validate software, based on the update data. 6. An update gateway embodied at least partially in hardware for updating an embedded electronic control unit, the update gateway configured to: request from a hardware security module an update request destined for the electronic control unit; receive from the hardware security module the update request, which is signed by the hardware security module; create a communication channel, based on a cryptographic identity of the update gateway, to a backend; send the update request to the backend; receive from the backend via the communication channel an update ticket which corresponds to the update request and is signed by the backend, in addition to associated update data; validate the update data; initiate a validation of the update ticket; check a result of the validation; and update the electronic control unit with the update data depending on the result; request from the electronic control unit, a security access authorization to the electronic control unit; receiving an authentication request from the electronic control unit; send the authentication request, in addition to the update ticket and an identifier of the electronic control unit, to the hardware security module; receive from the hardware security module, a response to the authentication request, based on a validation of the update ticket; send the response to the electronic control unit; receive the security access authorization from the ele
Assignees
Inventors
Classifications
using certificates (cryptographic mechanisms or cryptographic arrangements for entity authentication involving certificates H04L9/3263) · CPC title
using tickets, e.g. Kerberos (cryptographic mechanisms or cryptographic arrangements for entity authentication using tickets or tokens H04L9/3213) · CPC title
Wireless · CPC title
Electricity · mapped topic
- H04W12/06Primary
Authentication · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10244394B2 cover?
- A method for updating an embedded electronic control unit, including an update gateway requests from a hardware security module an update request destined for the electronic control unit, the update gateway receives from the hardware security module the update request, which is signed by the hardware security module, the update gateway creates a communication channel, based on a cryptographic i…
- Who is the assignee on this patent?
- Bosch Gmbh Robert
- What technology area does this patent fall under?
- Primary CPC classification H04W12/06. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Mar 26 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).