What technology area does this patent fall under?

Primary CPC classification G06F8/65. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Dec 22 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Method and system for providing secure over-the-air vehicle updates

US10871952B2 · US · B2

Patent metadata
Field	Value
Publication number	US-10871952-B2
Application number	US-201715849131-A
Country	US
Kind code	B2
Filing date	Dec 20, 2017
Priority date	Dec 20, 2017
Publication date	Dec 22, 2020
Grant date	Dec 22, 2020

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Embodiments of the present disclosure are directed to methods and systems for providing secure over-the-air firmware updates to one or more vehicles. More specifically, the present disclosure describes applying to firmware images distributed to one or more vehicles encryption that is unique to each update version. The encryption is also unique to each vehicle receiving the update. Embodiments of the present disclosure can also include determining and verifying the integrity of an available OTA firmware update prior to authorizing installation of the firmware update in a vehicle.

First claim

Opening claim text (preview).

What is claimed is: 1. A method for providing a secure Over-The-Air (OTA) firmware update, the method comprising: generating, by one or more servers, a firmware update package for a plurality of vehicles; applying, by the one or more servers, a version-specific encryption to the generated firmware update package using a version key, the version key comprising a key specific to a version for the firmware update; applying, by the one or more servers, a vehicle-specific encryption to the version key using a plurality of vehicle keys, each vehicle key comprising a private key maintained by the one or more servers and specific to each of the plurality of vehicles, wherein applying the vehicle-specific encryption to the version key using the plurality of vehicle keys generates a plurality of encrypted version keys; and distributing, by the one or more servers, the encrypted generated firmware update package and the plurality of encrypted version keys to the plurality of vehicles, wherein distributing the encrypted generated firmware update package and the plurality of encrypted version keys to the plurality of vehicles comprises sending the encrypted generated firmware update package and the plurality of encrypted version keys over one or more communication networks to a service tool and transferring the encrypted generated firmware update package and one of the plurality of encrypted version keys from the service tool to each of the plurality of vehicles for installation through an On-Board Diagnostics (OBD) port of each of the plurality of vehicles, wherein the one of the plurality of encrypted version keys transferred to each of the plurality of vehicles is selected by the service tool based on a vehicle identification of the corresponding vehicle, and wherein each vehicle decrypts the one of the plurality of encrypted version keys transferred from the service tool using a private key maintained by the corresponding vehicle, decrypts the encrypted generated firmware update package using the decrypted one of the plurality of encrypted version keys, and applies the decrypted generated firmware update package. 2. The method of claim 1 , wherein the generated firmware update package comprises an image for firmware to update in the plurality of vehicles and a manifest for the image, the manifest for the image identifying contents of the image and defining dependencies for modules within the identified contents of the image. 3. The method of claim 2 , wherein the image for the firmware to update in the generated firmware update package comprises an image of all firmware for each of the plurality of vehicles. 4. The method of claim 1 , wherein applying the vehicle-specific encryption to the key specific to the version for the firmware update further comprises: receiving, by the one or more servers, a trigger for the OTA firmware update; identifying, by the one or more servers, each vehicle of the plurality of vehicles based on the received trigger; and encrypting, by the one or more servers, the version key using the private key maintained by the one or more servers for each identified vehicle of the plurality of vehicles. 5. The method of claim 4 , wherein receiving the trigger for the OTA firmware update comprises receiving an indication of a period update check for the plurality of vehicles, receiving a request to push updates to the plurality of vehicles, or receiving a request from each of the plurality of vehicles to pull updates for the corresponding vehicle. 6. The method of claim 1 , further comprising signing, by the one or more servers, the generated firmware update package with a certificate authenticating a source of the generated firmware update package. 7. The method of claim 6 , further comprising, upon expiration of the generated firmware update package, adding, by the one or more servers, the certificate used to sign the generated firmware update package to a Certificate Revocation List (CRL). 8. The method of claim 1 , wherein distributing the encrypted generated firmware update package and the encrypted version keys to the plurality of vehicles comprises sending the encrypted generated firmware update package and the encrypted version keys to the plurality of vehicles over one or more communications networks. 9. A system comprising: one or more communications networks; a plurality of vehicles; and one or more servers coupled with the one or more communications networks, each server comprising at least a processor and a memory coupled with and readable by the processor and storing therein a set of instructions which, when executed by the processor, causes the processor to provide a secure Over-The-Air (OTA) firmware update to one or more vehicles of the plurality of vehicles by: generating a firmware update package for the plurality of vehicles, applying a version-specific encryption to the generated firmware update package using a version key, the version key comprising a key specific to a version for the firmware update, applying a vehicle-specific encryption to the version key using a plurality of vehicle keys, each vehicle key comprising a private key maintained by the one or more servers and specific to each of the plurality of vehicles, wherein applying the vehicle-specific encryption to the version key using the plurality of vehicle keys generates a plurality of encrypted version keys, and distributing the encrypted generated firmware update package and the plurality of encrypted version keys to the plurality of vehicles over the one or more communications networks, wherein distributing the encrypted generated firmware update package and the plurality of encrypted version keys to the plurality of vehicles comprises sending the encrypted generated firmware update package and the plurality of encrypted version keys over the one or more communication networks to a service tool and transferring the encrypted generated firmware update package and one of the plurality of encrypted version keys from the service tool to each of the plurality of vehicles for installation through an On-Board Diagnostics (OBD) port of each of the plurality of vehicles, wherein the one of the plurality of encrypted version keys transferred to each of the plurality of vehicles is selected by the service tool based on a vehicle identification of the corresponding vehicle, and wherein each vehicle decrypts the one of the plurality of encrypted version keys transferred from the service tool using a private key maintained by the corresponding vehicle, decrypts the encrypted generated firmware update package using the decrypted one of the plurality of encrypted version keys, and applies the decrypted generated firmware update package. 10. The system of claim 9 , wherein the generated firmware update package comprises an image for firmware to update in the plurality of vehicles and a manifest for the image, wherein the image for the firmware to update in the generated firmware update package comprises an image of all firmware for each of the plurality of vehicles, and wherein the manifest for the image identifies contents of the image and defines dependencies for modules within the identified contents of the image. 11. The system of claim 9 , wherein applying the version-specific encryption to the generated firmware update package further comprises: receiving a trigger for the OTA firmware update, wherein receiving the trigger for the OTA firmware update comprises receiving an indication of a period update check for one or more target vehicles, receiving a request to push updates to the one or more target vehicles, or receiving a request from each of the one or more target vehicles to pull updates for the correspondin

Assignees

Nio Usa Inc

Inventors

Classifications

H04W4/50
Service provisioning or reconfiguring · CPC title
H04W12/35
Protecting application or service provisioning, e.g. securing SIM application provisioning · CPC title
H04W4/40
for vehicles, e.g. vehicle-to-pedestrians [V2P] · CPC title
H04L67/34
involving the movement of software or configuration parameters (network booting or remote initial program loading [RIPL] G06F9/4416) · CPC title
H04L63/061
for key exchange, e.g. in peer-to-peer networks (cryptographic mechanisms or cryptographic arrangements for key agreement H04L9/0838) · CPC title

Patent family

Related publications grouped by family.

View patent family 66814455

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US10871952B2 cover?: Embodiments of the present disclosure are directed to methods and systems for providing secure over-the-air firmware updates to one or more vehicles. More specifically, the present disclosure describes applying to firmware images distributed to one or more vehicles encryption that is unique to each update version. The encryption is also unique to each vehicle receiving the update. Embodiments o…
Who is the assignee on this patent?: Nio Usa Inc
What technology area does this patent fall under?: Primary CPC classification G06F8/65. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Dec 22 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).