Method for vehicle intrusion detection with electronic control unit

The invention claimed is: 1. A method of operating a predetermined electronic control unit disposed in a vehicle comprising a wireless wide area network interface to access a wireless wide area network, a wireless local area network interface operable to provide a wireless local area network mobile with said vehicle, a vehicle network bus and one or more additional electronic control units each comprising a separate processor and a separate dedicated memory and each said additional electronic unit coupled to said vehicle network bus, said predetermined electronic control unit comprising a predetermined unit separate processor, a predetermined unit separate dedicated memory, and a predetermined unit interface to said vehicle network bus, said predetermined electronic control unit operable to route data between one or more mobile devices located in said vehicle coupled to said wireless local area network and said wireless wide area network, said method comprising: providing said predetermined electronic control unit with an intrusion detection program to detect electronic intrusions; storing said intrusion detection program in said predetermined unit separate dedicated memory; isolating said intrusion detection program to insure the integrity of said intrusion detection program, utilizing one or more memory isolation approaches to isolate said intrusion detection program from said any other programs in said vehicle including all said any other programs stored in said predetermined unit separate dedicated memory; executing said intrusion detection program to monitor data on said vehicle network bus; executing said intrusion detection program to detect one or more anomalies indicative of electronic intrusion in said monitored data; said one or more anomalies indicative of an electronic intrusion comprise re-flashing of an electronic control unit memory and predetermined radio frequency hub activity in said vehicle of a type that comprise attempts to determine a predetermined code assigned to said vehicle; and receiving at least one of calibration information and update information for said intrusion detection program via a selected one of said wireless wide area network interface and said wireless local area network interface; and generating an alert upon detection of said one or more of anomalies indicative of electronic intrusion. 2. The method in accordance with claim 1 , comprising: utilizing statistical anomaly detection in said intrusion detection program to detect said one or more anomalies indicative of electronic intrusion. 3. The method in accordance with claim 2 , comprising: utilizing Bayes' Law in said intrusion detection program to detect said one or more anomalies indicative of electronic intrusion. 4. The method in accordance with claim 3 , comprising: transmitting said alert indicative of an electronic intrusion to one of a display in said vehicle, a mobile device, and a server. 5. The method in accordance with claim 2 : utilizing a profile of normal data on said vehicle network bus to detect said one or more anomalies indicative of electronic intrusion, said profile of normal data being based upon learned data. 6. The method in accordance with claim 5 , wherein: selecting said normal data as comprising one or more of an amount of normal traffic, identification of normal messages, identification of normal vehicle device to device communication, and identification of normal sensor data. 7. The method in accordance with claim 1 , comprising: transmitting said alert indicative of an electronic intrusion to one of a mobile device and a server via a wireless wide area network interface. 8. The method in accordance with claim 1 , wherein: said vehicle network bus comprises a Controller Area Network (CAN) bus. 9. The method in accordance with claim 1 , comprising: providing said intrusion detection program with specification based anomaly detection to detect said one or more anomalies indicative of electronic intrusion. 10. The method in accordance with claim 9 , comprising: executing said intrusion detection program to ignore all specification compliant data on said vehicle network bus; and generating said alert for data on said vehicle network bus that is not specification compliant. 11. The method in accordance with claim 10 , comprising: transmitting said alert indicative of an electronic intrusion to one of a display in said vehicle, a mobile device, and a server. 12. The method in accordance with claim 11 , wherein: said vehicle network bus comprises a Controller Area Network (CAN) bus. 13. The method in accordance with claim 9 , comprising: utilizing said specification-based anomaly detection to detect one or more of acceleration patterns, braking patterns, original equipment manufacturer (OEM) provided patterns, identifications of airbags, and bus identifications. 14. The method in accordance with claim 1 , comprising: providing said predetermined electronic control unit with an anomaly detection engine. 15. The method in accordance with claim 14 , comprising: selecting said anomaly detection engine to comprise at least one of statistical anomaly detection and specification based anomaly detection. 16. The method in accordance with claim 1 , comprising: utilizing Bayes' Law in said intrusion detection program to detect said one or more anomalies indicative of electronic intrusion.