Gateway device, in-vehicle network system, and firmware update method
US-2023153099-A1 · May 18, 2023 · US
Security protection method in in-vehicle system and device
US12323889B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12323889-B2 |
| Application number | US-202217675966-A |
| Country | US |
| Kind code | B2 |
| Filing date | Feb 18, 2022 |
| Priority date | Aug 20, 2019 |
| Publication date | Jun 3, 2025 |
| Grant date | Jun 3, 2025 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Embodiments of this application provide a security protection method in an in-vehicle system and a device, relate to the field of internet of vehicles technologies, to deploy a first security protection module on an electronic control unit, deploy a second security protection module on a domain controller, and deploy a third security protection module on a gateway based on security level requirements of the gateway, the domain controller, and the electronic control unit, so that the gateway, the domain controller, and the electronic control unit have different security levels. A security level of the first security protection module is a first security level, a security level of the second security protection module is a second security level, and a security level of the third security protection module is a third security level.
First claim
Opening claim text (preview).
What is claimed is: 1. An in-vehicle security protection system, comprising: an electronic control unit (ECU); a domain controller coupled to the ECU; and a gateway coupled to the domain controller, wherein the ECU is configured to generate a public key of the ECU and a private key of the ECU by using a first security protection module deployed on the ECU, wherein the first security protection module is configured to provide security protection for the ECU, and a security level of the first security protection module is a first security level, wherein the ECU is further configured to sign a firmware digest of the ECU by using the private key of the ECU to obtain first signature information, wherein the ECU is further configured to send the first signature information, the public key of the ECU, and the firmware digest of the ECU to the domain controller, wherein the domain controller is configured to receive the first signature information, the public key of the ECU, and the firmware digest of the ECU from the ECU, wherein the domain controller is further configured to generate a public key of the domain controller and a private key of the domain controller by using a second security protection module, wherein the second security protection module is configured to provide security protection for the domain controller, and a security level of the second security protection module is a second security level, wherein the domain controller is further configured to perform verification on the first signature information by using the public key of the ECU, wherein the domain controller is further configured to, when the first signature information has been verified, sign the firmware digest of the ECU by using the private key of the domain controller, to obtain second signature information, wherein the domain controller is further configured to send the second signature information, the public key of the domain controller, and the firmware digest of the ECU to the gateway, wherein the gateway is configured to receive the second signature information, the public key of the domain controller, and the firmware digest of the ECU from the domain controller, wherein the gateway is further configured to generate a public key of the gateway and a private key of the gateway by using a third security protection module, wherein the third security protection module is configured to provide security protection for the gateway, and a security level of the third security protection module is a third security level, wherein the gateway is further configured to perform verification on the second signature information by using the public key of the domain controller, wherein the gateway is further configured to, when the second signature information has been verified, sign the firmware digest of the ECU by using the private key of the gateway, to obtain third signature information, and wherein the gateway is further configured to send the third signature information, the public key of the gateway, and the firmware digest of the ECU to a server external to the in-vehicle security protection system. 2. The in-vehicle security protection system according to claim 1 , wherein the third security level is higher than or equal to the second security level, and the second security level is higher than the first security level. 3. The in-vehicle security protection system according to claim 1 , wherein the first security protection module comprises a device identifier composition engine (DICE), the second security protection module comprises a trusted platform module-thin, an embedded secure element (eSE), a chip comprising a physically isolated security processor (SP) system, or a chip comprising a physically isolated hardware security module (HSM), and the third security protection module comprises a trusted platform module-rich, an (eSE), a chip comprising a physically isolated SP system, or a chip comprising a physically isolated HSM. 4. The in-vehicle security protection system according to claim 1 , wherein the domain controller stores an ECU list, and the ECU is in the ECU list. 5. The in-vehicle security protection system according to claim 1 , wherein the firmware digest of the ECU is obtained by calculating firmware of the ECU according to a first digest function. 6. The in-vehicle security protection system according to claim 1 , wherein the in-vehicle security protection system further comprises the server, wherein the server is configured to receive the third signature information, the public key of the gateway, and the firmware digest of the ECU from the gateway, wherein the server is further configured to perform verification on the third signature information by using the public key of the gateway, wherein the server is further configured to: if the third signature information has been verified, send first response information to the gateway, wherein the first response information is used to indicate to start the ECU, wherein the gateway is further configured to receive the first response information from the server, wherein the gateway is further configured to send the first response information to the domain controller, wherein the domain controller is further configured to receive the first response information from the gateway, wherein the domain controller is further configured to send the first response information to the ECU, and wherein the ECU is further configured to receive the first response information from the domain controller. 7. A method, comprising: generating, by an electronic control unit (ECU) of an in-vehicle security protection system, a public key of the ECU and a private key of the ECU by using a first security protection module deployed on the ECU, wherein the first security protection module is configured to provide security protection for the ECU, and a security level of the first security protection module is a first security level; signing, by the ECU, a firmware digest of the ECU by using the private key of the ECU to obtain first signature information; sending, by the ECU, the first signature information, the public key of the ECU, and the firmware digest of the ECU to a domain controller of the in-vehicle security protection system coupled to the ECU; receiving, by the domain controller, the first signature information, the public key of the ECU, and the firmware digest of the ECU from the ECU; generating, bythe domain controller, a public key of the domain controller and a private key of the domain controller by using a second security protection module, wherein the second security protection module is configured to provide security protection for the domain controller, and a security level of the second security protection module is a second security level; performing, by the domain controller, verification on the first signature information by using the public key of the ECU; when the first signature information has been verified, signing, by the domain controller, the firmware digest of the ECU by using the private key of the domain controller, to obtain second signature information; sending, by the domain controller, the second signature information, the public key of the domain controller, and the firmware digest of the ECU to a gateway of the in-vehicle security protection system coupled to the domain controller; receiving, by the gateway, the second signature information, the public key of the domain controller, and the firmware digest of the ECU from the domain controller; generating, by the gateway, a public key of the gateway and a private key of the gateway by using a third security protection module, wherein the third security protection module is configured to provide security protection for the gateway, and
Assignees
Inventors
Classifications
- H04L67/12Primary
specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks · CPC title
involving digital signatures · CPC title
using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM] · CPC title
using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates · CPC title
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12323889B2 cover?
- Embodiments of this application provide a security protection method in an in-vehicle system and a device, relate to the field of internet of vehicles technologies, to deploy a first security protection module on an electronic control unit, deploy a second security protection module on a domain controller, and deploy a third security protection module on a gateway based on security level requir…
- Who is the assignee on this patent?
- Shenzhen Yinwang Intelligent Technology Co Ltd
- What technology area does this patent fall under?
- Primary CPC classification H04L67/12. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jun 03 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).