-
公开(公告)号:US10326453B2
公开(公告)日:2019-06-18
申请号:US15841225
申请日:2017-12-13
Applicant: NXP B.V.
Inventor: Thierry G. C. Walrant , Bernd Uwe Gerhard Elend , Andreas Bening
Abstract: The present application relates to a system hosting a monotonic counter and a method of operating the system. The system comprises a non-volatile memory (110) for holding a save counter value and a volatile memory (120) for maintaining a current counter value. The system (100) is configured during a startup phase to retrieve the saved counter value of the monotonic counter from the non-volatile memory (110); to detect whether a previous shutdown of the system (100) was an uncontrolled shutdown; and to adjust the retrieved counter value in accordance with a step size (130) provided at the system (100) in case an previous uncontrolled shutdown is detected.
-
公开(公告)号:US12206521B2
公开(公告)日:2025-01-21
申请号:US18066018
申请日:2022-12-14
Applicant: NXP B.V.
Inventor: Rolf van de Burgt , Bernd Uwe Gerhard Elend , Thierry G. C. Walrant , Dennis aan de Stegge
Abstract: An apparatus for a CAN transceiver configured to couple to a CAN bus and generate receive-data based on signals therefrom and generate signals on the CAN bus in response to transmit-data received from a CAN controller, wherein the apparatus is configured to: receive the receive-data comprising a plurality of bits; and for each of one or more bits of the receive-data, sample at a respective sample time to determine a respective value of each of the one or more bits; and with an edge detector determine, during a respective edge detector window, the occurrence of an edge in the receive-data and generate metadata indicative thereof, wherein the edge detector window comprises a period of time that includes the sample time; and wherein the apparatus is configured to determine whether transmit-data is compliant with one or more rules based on the respective values and the metadata.
-
公开(公告)号:US11789886B2
公开(公告)日:2023-10-17
申请号:US17657069
申请日:2022-03-29
Applicant: NXP B.V.
CPC classification number: G06F13/4068 , H04L12/40 , H04L2012/40215
Abstract: A Controller Area Network, CAN, device comprising: a compare module configured to interface with a CAN transceiver, a CAN decoder configured to decode an identifier of a CAN message received from the RXD input interface; an identifier memory configured to store an entry that corresponds to at least one identifier; compare logic configured to compare a received identifier from a CAN message to the entry that is stored in the identifier memory and to output a match signal upon a match; a signal generator configured to output, in response to the match signal, a signal to invalidate the CAN message, wherein the signal is output from the TXD output interface to the CAN transceiver; and wherein the signal generated by the signal generator provides for one or more dominant bits that are timed so that at a bit immediately following a FDF field or the FDF field bit is made dominant.
-
公开(公告)号:US20220318178A1
公开(公告)日:2022-10-06
申请号:US17657069
申请日:2022-03-29
Applicant: NXP B.V.
Abstract: A Controller Area Network, CAN, device comprising: a compare module configured to interface with a CAN transceiver, a CAN decoder configured to decode an identifier of a CAN message received from the RXD input interface; an identifier memory configured to store an entry that corresponds to at least one identifier; compare logic configured to compare a received identifier from a CAN message to the entry that is stored in the identifier memory and to output a match signal upon a match; a signal generator configured to output, in response to the match signal, a signal to invalidate the CAN message, wherein the signal is output from the TXD output interface to the CAN transceiver; and wherein the signal generated by the signal generator provides for one or more dominant bits that are timed so that at a bit immediately following a FDF field or the FDF field bit is made dominant.
-
公开(公告)号:US11251989B2
公开(公告)日:2022-02-15
申请号:US16359232
申请日:2019-03-20
Applicant: NXP B.V.
Inventor: Thierry G. C. Walrant
Abstract: A vehicle network system is disclosed. The vehicle network system includes a first controller area network (CAN) bus including a first node and a first secure transceiver and a second CAN bus including a second node and a second secure transceiver, a gateway to enable transmission of a CAN message from the first node to the second node. The vehicle network system also includes an auxiliary communication link to transmit an auxiliary data derived from the CAN message from the first secure transceiver to the second secure transceiver.
-
Patent Agency Ranking
公开(公告)号:US10715333B2
公开(公告)日:2020-07-14
申请号:US15839853
申请日:2017-12-13
Applicant: NXP B.V.
Inventor: Thierry G. C. Walrant
IPC: H04L9/32 , H04L9/06 , H04L9/08 , H04L29/12 , H04L29/06 , H04L29/08 , H04W4/44 , H04L9/14 , H04L12/40 , H04W12/06
Abstract: The present application relates to an apparatus and method of authenticating and verifying a message frame on a multi-master access bus with message broadcasting. Logic bus identifier, LID, are associated with each one of a several logical groups of nodes out of a plurality of nodes connected to the multi-master access bus. A key is assigned to each logical group. The keys assigned to different logical groups differ from each other. For message authentication, a logic bus identifier, LID is provided and a key associated with the logic bus identifier, LID, is retrieved. A cryptographic hash value, MAC, is generated using the retrieved key and based on at least the logic bus identifier, LID. A message frame is composed, which comprises the logic bus identifier, LID, and the cryptographic hash value, MAC. For message verification, a message frame is received, which comprises at least a logic bus identifier, LID, and a cryptographic hash value, MAC. A key is retrieved, which is associated with the logic bus identifier, LID, extracted from the frame. A cryptographic verification hash value, VAC, is generated using the retrieved key and based on at least the logic bus identifier, LID. The cryptographic verification hash value, VAC, and the cryptographic hash value, MAC, extracted from the frame are compared. The received message frame is forward for further processing as a legitimate message frame.
-
公开(公告)号:US10581609B2
公开(公告)日:2020-03-03
申请号:US15790612
申请日:2017-10-23
Applicant: NXP B.V.
Inventor: Thierry G. C. Walrant
Abstract: A method is provided for authenticating a log message in a distributed network having a plurality of nodes coupled to a serial bus. In the method, a log session is started by a first device at a first node of the plurality of nodes. A first counter value is provided by the first device to the serial bus. A log message is generated by a second device at a second node of the plurality of nodes. A second counter value is generated by the second device. A log message payload is generated for the log message, wherein the log message payload includes a log message authentication code. A computation of the log message authentication code includes the first counter value and the second counter value. The second device does not store the first counter value in a non-volatile memory on the second device.
-
公开(公告)号:US10547452B2
公开(公告)日:2020-01-28
申请号:US15867406
申请日:2018-01-10
Applicant: NXP B.V.
Inventor: Thierry G. C. Walrant
Abstract: The present application relates to a methodology of verifying secret keys in a distributed network comprising a plurality of nodes connected to a shared medium. Each node of the plurality of nodes is member of at least one group of a plurality of groups. Each group is associated with a secret group key. A verification request is broadcast to the plurality of nodes and verification responses broadcast from the plurality of nodes are received. Each verification response comprises one code sequence for each logical group, of which the broadcasting node is member. Each code sequence of the verification request is generated on the basis of a secret group key associated with a respective logical group from a predefined data sequence. The code sequences are collected and the integrity of the plurality of nodes is confirmed by comparing the code sequences.
-
公开(公告)号:US20190340363A1
公开(公告)日:2019-11-07
申请号:US15969307
申请日:2018-05-02
Applicant: NXP B.V.
Inventor: Thierry G. C. Walrant
Abstract: A method for providing an authenticated update in a distributed network is provided. The distributed network has a plurality of nodes coupled to a serial bus. The method begins with transmitting a credential from an external device to a first node. The update data and an authentication code are provided to a processor of a second node from the external device. The processor of the second node provides the update data and the authentication code to the transceiver of the second node. The authenticated update is finalized by the processor of the second node. The authenticated update is closed by the transceiver of the first node. The credential of the authenticated update is provided to the transceiver of the second node. The transceiver of the second node verifies the update data using the credential and the authentication code. After being verified, the authenticated update data is stored.
-
公开(公告)号:US20190286823A1
公开(公告)日:2019-09-19
申请号:US15924604
申请日:2018-03-19
Applicant: NXP B.V.
Inventor: Thierry G. C. Walrant
Abstract: A method for performing a secure boot of a data processing system, and the data processing system are provided. The method includes: processing a command issued from a processor of the data processing system, the command directed to a memory; determining that the command is a command that causes the memory to be modified; performing cryptographic verification of the memory; and incrementing a first counter in response to the determining that the command is a command that causes the memory to be modified. The data processing system includes a processor, a memory, and a counter. The memory is coupled to the processor, and the memory stores data used by a bootloader during a secure boot. The counter is incremented by a memory controller in response to a command being a type of command that modifies the data stored by the memory.
-
-
-
-
-
-
-
-
-
Search Results
30
records
(took 0.03 seconds)
