公开(公告)号：US20230066955A1

公开(公告)日：2023-03-02

申请号：US18049522

申请日：2022-10-25

Applicant: Intel Corporation

Inventor： Santosh Ghosh ,  Marcio Juliato ,  Manoj Sastry

IPC: H04L9/08 ,  H04L9/06

Abstract: A method comprises receiving an image of an update for a software module, a rate parameter, an index parameter, and a public key, generating a 32-byte aligned string, computing a state parameter using the 32-byte aligned string, generating a modified message representative, computing a Merkle Tree root node, and in response to a determination that the Merkle Tree root node matches the public key, forwarding, to a remote device, the image of the update for a software module, the state parameter; and the modified message representative.

公开(公告)号：US11423162B2

公开(公告)日：2022-08-23

申请号：US16833200

申请日：2020-03-27

Applicant: Intel Corporation

Inventor： Marcio Juliato ,  Shabbir Ahmed ,  Maria Soledad Elli ,  Christopher Noe Gutierrez ,  Vuk Lesi ,  Manoj R. Sastry ,  John Charles Weast ,  Liuyang Lily Yang

IPC: G06F21/62 ,  G06F13/38

Abstract: A vehicle control system, including an in-vehicle bus and a plurality of electronic control units (ECUs) coupled to the in-vehicle bus, wherein at least one ECU of the plurality of ECUs is configured to: receive, at a respective at least one ECU of the plurality of ECUs, a message in a message stream on the in-vehicle bus; evaluate the message to determine at least one of a confidence value of the security classification, a significance value of the message, or a bounds check value of the message; and determine in real-time to allow or deny the message to the vehicle control system based on at least one of the significance value of the message, the bounds check value of the message, or the confidence value of the security classification of the message, to provide a sanitized message stream to the vehicle control system.

公开(公告)号：US20220224501A1

公开(公告)日：2022-07-14

申请号：US17706939

申请日：2022-03-29

Applicant: Intel Corporation

Inventor： Vuk Lesi ,  Christopher Gutierrez ,  Manoj Sastry ,  Christopher Hall ,  Marcio Juliato ,  Shabbir Ahmed ,  Qian Wang

IPC: H04L7/00

Abstract: Time recovery techniques are described. A method comprises receiving messages from the first device by the second device in the first network domain, the messages to comprise time information to synchronize a first clock for the first device and a second clock for the second device to a network time, determining the second clock is to recover the network time for the second device without new messages from the first device, retrieving a first set of timestamps previously stored for events in the first network domain using the network time from the second clock, retrieving a second set of timestamps previously stored for the events in the first network domain using a redundant time from a third clock, where the third clock is not synchronized with the first and second clocks, and recovering the network time using a regression model and the redundant time from the third clock.

公开(公告)号：US11386204B2

公开(公告)日：2022-07-12

申请号：US17031140

申请日：2020-09-24

Applicant: Intel Corporation

Inventor： Marcio Juliato ,  Manoj Sastry ,  Shabbir Ahmed ,  Christopher Gutierrez ,  Qian Wang ,  Vuk Lesi

IPC: G06F21/55 ,  G06F21/85 ,  G06F21/71

Abstract: A platform comprising numerous reconfigurable circuit components arranged to operate as primary and redundant circuits is provided. The platform further comprises security circuitry arranged to monitor the primary circuit for anomalies and reconfigurable circuit arranged to disconnect the primary circuit from a bus responsive to detection of an anomaly. Furthermore, the present disclosure provides for the quarantine, refurbishment and designation as redundant, the anomalous circuit.

公开(公告)号：US20220083439A1

公开(公告)日：2022-03-17

申请号：US17447600

申请日：2021-09-14

Applicant: Intel Corporation

Inventor： Santosh Ghosh ,  Marcio Juliato ,  Manoj R. Sastry

IPC: G06F11/27 ,  H04L9/30 ,  G06F11/22 ,  H04L9/32 ,  H04L9/00

Abstract: A data processing system includes technology for detecting and tolerating faults. The data processing system comprises an electronic control unit (ECU) with a processing core and a fault-tolerant elliptic curve digital signature algorithm (ECDSA) engine. The fault-tolerant ECDSA engine comprises multiple verification state machines (VSMs). The data processing system also comprises nonvolatile storage in communication with the processing core and ECU software in the nonvolatile storage. The ECU software, when executed, enables the data processing system to operate as a node in a distributed data processing system, including receiving digitally signed messages from other nodes in the distributed data processing system. The ECU further comprises a known-answer built-in self-test unit (KA-BISTU). Also, the ECU software comprises fault-tolerant ECDSA engine (FTEE) management software which, when executed by the processing core, utilizes the KA-BISTU to periodically test the fault-tolerant ECDSA engine for faults. Other embodiments are described and claimed.

公开(公告)号：US20210385239A1

公开(公告)日：2021-12-09

申请号：US17347214

申请日：2021-06-14

Applicant: Intel Corporation

Inventor： Marcio Juliato ,  Liuyang Lily Yang ,  Manoj Sastry ,  Christopher Gutierrez ,  Shabbir Ahmed ,  Vuk Lesi

IPC: H04L29/06 ,  B60R16/023 ,  H04L29/08 ,  H04W4/48 ,  H04W12/122

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed for anomaly detection and recovery. An apparatus to isolate a first controller in an autonomous vehicle includes a first controller to control a reference signal of the autonomous vehicle via a communication bus, a second controller to control the reference signal of the autonomous vehicle when the first controller is compromised, and a message neutralizer to neutralize messages transmitted by the first controller when the first controller is compromised, the neutralized messages to cause the first controller to become isolated from the communication bus.

公开(公告)号：US20210320933A1

公开(公告)日：2021-10-14

申请号：US17356033

申请日：2021-06-23

Applicant: Intel Corporation

Inventor： Marcio Juliato ,  Shabbir Ahmed ,  Christopher Gutierrez ,  Vuk Lesi ,  Manoj Sastry ,  Qian Wang

IPC: H04L29/06 ,  H04L12/40 ,  H04L12/66

Abstract: Systems, apparatuses, and methods to identify bus-off and masquerade attacks against ECUs transmitting on a communication bus from behind a gateway coupled to the communication bus. The disclosure further describes systems, apparatuses, and methods to mitigate against bus-off attacks made against an ECU coupled to a communication bus through a gateway.

公开(公告)号：US20210119777A1

公开(公告)日：2021-04-22

申请号：US17133183

申请日：2020-12-23

Applicant: Intel Corporation

Inventor： SANTOSH GHOSH ,  Marcio Juliato ,  Manoj Sastry

IPC: H04L9/06 ,  H04L9/00 ,  H03M13/15

Abstract: An apparatus comprises an input register comprising a state register and a parity field, a first round secure hash algorithm (SHA) datapath communicatively coupled to the state register, comprising a first section to perform a θ step of a SHA calculation, a second section to perform a ρ step and a ρ step of the SHA calculation, a third section to perform a χ step of the SHA calculation and a fourth section to perform a τ step of the SHA calculation.

公开(公告)号：US20210004725A1

公开(公告)日：2021-01-07

申请号：US17024232

申请日：2020-09-17

Applicant: Intel Corporation

Inventor： Shabbir Ahmed ,  Christopher Gutierrez ,  Marcio Juliato ,  Qian Wang ,  Vuk Lesi ,  Manoj Sastry

IPC: G06N20/00 ,  G06N5/04 ,  G06F21/55

Abstract: Systems, apparatuses, and methods to establish ground truth for an intrusion detection system using machine learning models to identify an electronic control unit transmitting a message on a communication bus, such as an in-vehicle network bus, are provided. Voltage signatures for overlapping message identification (MID) numbers are collapsed and trained on a single ECU label.

公开(公告)号：US20200377057A1

公开(公告)日：2020-12-03

申请号：US16994147

申请日：2020-08-14

Applicant: Intel Corporation

Inventor： Shabbir Ahmed ,  Marcio Juliato ,  Christopher Gutierrez ,  Qian Wang ,  Vuk Lesi ,  Manoj Sastry

IPC: B60R25/30 ,  B60R25/104 ,  B60R25/24 ,  G06F21/44

Abstract: Systems, apparatuses, and methods to identify an electronic control unit transmitting a message on a communication bus, such as an in-vehicle network bus, are provided. ECUs transmit messages by manipulating voltage on conductive lines of the bus. Observation circuitry can observe voltage transitions associated with the transmission at a point on the in-vehicle network bus. A domain bitmap can be generated from the observed voltage transitions. ECUs can be identified and/or fingerprinted based on the domain bitmaps.