公开(公告)号：US09935776B2

公开(公告)日：2018-04-03

申请号：US14437423

申请日：2013-10-22

Applicant: BAE SYSTEMS plc

Inventor： Alan Manuel Cullen ,  Nicholas Giacomo Robert Colosimo

IPC: H04L9/32 ,  G05D1/00 ,  G06F21/60 ,  B64C39/02

CPC classification number: H04L9/3247 ,  B64C39/024 ,  B64C2201/141 ,  G05D1/0077 ,  G06F21/606 ,  H04L2209/24 ,  H04L2209/72

Abstract: A control system for an unmanned vehicle includes a control processing unit which receives input signals from one or more sensors and supplies output signals to one or more actuators. Processing modules are divided into a plurality of successively linked stages. In a first stage, multiple processing modules produce substantially equivalent payload data when operating correctly. Message cryptography units generate cryptographically signed messages containing the payload data. In a second stage, a voting cryptography unit receives and examines the cryptographically signed messages, and applies voting logic to derive a validated payload data for use by the respective processing module of the second stage.

公开(公告)号：US20170034762A1

公开(公告)日：2017-02-02

申请号：US15302592

申请日：2015-04-01

Applicant: BAE Systems plc

Inventor： Christopher Mark Dearlove ,  Alan Manuel Cullen ,  Peter Noble Hudson ,  Rania Hamdi Eissa

IPC: H04W40/18 ,  H04W40/30 ,  H04W40/24

CPC classification number: H04W40/18 ,  H04W40/24 ,  H04W40/30 ,  H04W40/38 ,  H04W84/18

Abstract: A method and apparatus in an ad hoc network, comprising: a node advertising a theoretical destination it is not currently connected to as part of a theoretical route; allocating to the theoretical destination a special metric value that gives a reduced likelihood of selection as a suitable route compared to conventionally available routes; determining that a message from a further node is to be transmitted via the theoretical route; the node receiving the message from the further node when the node is at a first location and storing the message; the node moving from the first location to a second location thereby transforming the theoretical route into a new real route; and the node transmitting the message to a second further node as part of the new real route.

Abstract translation: 一种自组织网络中的方法和装置，包括：广告理论目的地的节点当前未被连接到理论路由的一部分; 向理论目的地分配特定度量值，其给出与常规可用路线相比选择作为合适路线的可能性降低; 确定来自另一节点的消息将通过理论路由发送; 所述节点在所述节点处于第一位置时从所述另一节点接收所述消息并存储所述消息; 节点从第一位置移动到第二位置，从而将理论路线转换成新的实际路线; 并且所述节点将所述消息发送到作为所述新的真实路由的一部分的第二另外的节点。

公开(公告)号：US10212142B2

公开(公告)日：2019-02-19

申请号：US15500409

申请日：2015-07-31

Applicant: BAE SYSTEMS PLC

Inventor： Christopher Mark Dearlove ,  Alan Manuel Cullen ,  Kenneth Graham Paterson ,  Jacob Chroeis Nakamura Schuldt

IPC: H04L29/06 ,  H04W12/04 ,  H04L9/08 ,  H04L9/30 ,  H04W84/18

Abstract: A method of establishing a network by sharing a secret between a first entity (A) and a second entity (B), comprising the steps of: the first entity (A) broadcasting (100) an ANNOUNCE message announcing its identity and details of other entities it is aware of, wherein each of the other entities of which it is aware is associated with a particular nonce, and the message is encrypted using a broadcast encryption scheme common to the first and second entities (A,B), and; the second entity (B), upon receiving and decrypting the ANNOUNCE message, transmitting (110) to the first entity (A) a SHARE message, wherein the SHARE message comprises a signcryption of the secret, authenticated using signcryption data associated with the particular nonce associated with the second entity (B).

公开(公告)号：US20170222993A1

公开(公告)日：2017-08-03

申请号：US15500409

申请日：2015-07-31

Applicant: BAE SYSTEMS PLC

Inventor： Christopher Mark Dearlove ,  Alan Manuel Cullen ,  Kenneth Graham Paterson ,  Jacob Chroeis Nakamura Schuldt

IPC: H04L29/06 ,  H04L9/30 ,  H04W12/04 ,  H04L9/08

CPC classification number: H04L63/061 ,  H04L9/0891 ,  H04L9/3073 ,  H04L63/101 ,  H04L2209/72 ,  H04W12/04 ,  H04W84/18

Abstract: A method of establishing a network by sharing a secret between a first entity (A) and a second entity (B), comprising the steps of: the first entity (A) broadcasting (100) an ANNOUNCE message announcing its identity and details of other entities it is aware of, wherein each of the other entities of which it is aware is associated with a particular nonce, and the message is encrypted using a broadcast encryption scheme common to the first and second entities (A,B), and; the second entity (B), upon receiving and decrypting the ANNOUNCE message, transmitting (110) to the first entity (A) a SHARE message, wherein the SHARE message comprises a signcryption of the secret, authenticated using signcryption data associated with the particular nonce associated with the second entity (B).

公开(公告)号：US20180270052A1

公开(公告)日：2018-09-20

申请号：US15758402

申请日：2016-09-21

Applicant: BAE Systems plc

Inventor： Alan Manuel Cullen

IPC: H04L9/08 ,  H04L29/08

CPC classification number: H04L9/0827 ,  H04L9/0822 ,  H04L63/062 ,  H04L63/18 ,  H04L67/12

Abstract: Disclosed is a cryptographic key distribution method and apparatus for installing a cryptographic key in an ECU. The method comprises: establishing a first communication link between the ECU and a key source; sending, via the first link, a first cryptographic key from the key source to the ECU; establishing a second communication link between the key source and a key manager; sending, via the second link, the first key from the key source to the key manager; encrypting, by the key manager, using the first key, a second cryptographic key; sending, by the key manager, to the ECU, the encrypted second key; and decrypting, by the ECU, using the first key, the encrypted second key, thereby providing the ECU with the second key.

公开(公告)号：US09974001B2

公开(公告)日：2018-05-15

申请号：US15302594

申请日：2015-04-01

Applicant: BAE Systems plc

Inventor： Christopher Mark Dearlove ,  Alan Manuel Cullen ,  Peter Noble Hudson ,  Rania Hamdi Eissa

IPC: H04W40/24 ,  H04W40/30 ,  B64C39/02 ,  G05D1/10 ,  H04W84/18

CPC classification number: H04W40/246 ,  B64C39/024 ,  B64C2201/122 ,  G05D1/104 ,  H04B7/18504 ,  H04W40/30 ,  H04W84/18

Abstract: A method and apparatus for use in an ad hoc network, comprising: a node transmitting an extended allowable hold time value to a further node; the node changing its transmission behavior such that the further node stops receiving transmission from the node for an extended period, for example by pausing transmission at least in the direction of the further node; and the further node treating the link to the node as intact during the extended allowable hold time. The transmitting of the extended allowable hold time value may be performed earlier than a next routine transmission of routine allowable hold time value would have been sent. The method may further comprise the node being instructed to maintain topology information for an extended time.

公开(公告)号：US20170026898A1

公开(公告)日：2017-01-26

申请号：US15302594

申请日：2015-04-01

Applicant: BAE Systems plc

Inventor： Christopher Mark Dearlove ,  Alan Manuel Cullen ,  Peter Noble Hudson ,  Rania Hamdi Eissa

IPC: H04W40/24 ,  B64C39/02 ,  G05D1/10 ,  H04W40/30

CPC classification number: H04W40/246 ,  B64C39/024 ,  B64C2201/122 ,  G05D1/104 ,  H04B7/18504 ,  H04W40/30 ,  H04W84/18

Abstract: A method and apparatus for use in an ad hoc network, comprising: a node transmitting an extended allowable hold time value to a further node; the node changing its transmission behavior such that the further node stops receiving transmission from the node for an extended period, for example by pausing transmission at least in the direction of the further node; and the further node treating the link to the node as intact during the extended allowable hold time. The transmitting of the extended allowable hold time value may be performed earlier than a next routine transmission of routine allowable hold time value would have been sent. The method may further comprise the node being instructed to maintain topology information for an extended time.

Abstract translation: 一种在自组织网络中使用的方法和装置，包括：节点向另一个节点发送延长的允许保持时间值; 所述节点改变其传输行为，使得所述另一节点至少在所述另一节点的方向上暂停所述传输; 并且在延长的允许保持时间期间，另一节点处理到节点的链接是完整的。 延长的允许保持时间值的发送可以比将被发送的例行容许保持时间值的下一个例程传输更早地执行。 该方法还可以包括被指示在更长时间内维护拓扑信息的节点。

公开(公告)号：US20150280919A1

公开(公告)日：2015-10-01

申请号：US14437423

申请日：2013-10-22

Applicant: BAE SYSTEMS PLC

Inventor： Alan Manuel Cullen ,  Nicholas Giacomo Robert Colosimo

IPC: H04L9/32 ,  B64C39/02

CPC classification number: H04L9/3247 ,  B64C39/024 ,  B64C2201/141 ,  G05D1/0077 ,  G06F21/606 ,  H04L2209/24 ,  H04L2209/72

Abstract: A control system (100) for an unmanned vehicle (10) includes a control processing unit (102) which receives input signals from one or more sensors (101) and supplies output signals to one or more actuators (103). Processing modules (110) are divided into a plurality of successively linked stages (120). In a first stage (120A), multiple processing modules (110) produce substantially equivalent payload data when operating correctly. Message cryptography units (140) generate cryptographically signed messages (800) containing the payload data. In a second stage, a voting cryptography unit (130) receives and examines the cryptographically signed messages, and applies voting logic to derive a validated payload data for use by the respective processing module (120) of the second stage. A control method is also described.

Abstract translation: 一种用于无人驾驶车辆（10）的控制系统（100）包括控制处理单元（102），其接收来自一个或多个传感器（101）的输入信号，并将输出信号提供给一个或多个致动器（103）。 处理模块（110）被分成多个连续相连的级（120）。 在第一级（120A）中，当正确操作时，多个处理模块（110）产生大致相当的有效载荷数据。 消息加密单元（140）生成包含有效载荷数据的加密签名消息（800）。 在第二阶段中，投票密码单元（130）接收和检查加密签名的消息，并且应用投票逻辑以导出经过验证的有效载荷数据，供第二阶段的相应处理模块（120）使用。 还描述了控制方法。

公开(公告)号：US20150074398A1

公开(公告)日：2015-03-12

申请号：US14388444

申请日：2013-03-27

Applicant: BAE SYSTEMS plc

Inventor： Alan Manuel Cullen ,  Christopher Mark Dearlove ,  Graeme Craig Jenkinson

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/0428 ,  H04L9/088 ,  H04L67/06

Abstract: A method of secure information sharing between a first domain and a plurality of destination domains, the method comprising: a. Processing a file at the first domain to establish a set of attributes of the file, the attributes of the file comprising a destination attribute for determining permitted domains to which the file may be sent, b. Encrypting the file at the first domain using the attributes of the file, and thereby generating an encrypted file, c. providing the first domain with, for a first destination domain, a first egress data guard comprising a destination attribute associated with the first destination domain, d. identifying that the encrypted file is desired to be communicated to the first destination domain, e. attempting to decrypt the encrypted file at the first egress data guard using a decryption key derived from the destination attribute of the first egress data guard, where decryption will be possible if the destination attribute of the data guard matches the destination attribute of the file, f. if it has been possible to decrypt the encrypted file at step e, making a determination as to whether the file may be communicated to the first destination domain.

Abstract translation: 一种在第一域和多个目的地域之间的安全信息共享的方法，所述方法包括：a。 在第一域处理文件以建立该文件的一组属性，该文件的属性包括用于确定该文件可以发送到的允许域的目的地属性，b。 c。使用文件的属性在第一个域中加密该文件，从而生成一个加密的文件，c。 为第一目的地域提供包括与第一目的地域相关联的目的地属性的第一出口数据保护的第一域，d。 识别加密文件希望被传送到第一目的地域，例如， 尝试使用从第一出口数据保护的目的地属性导出的解密密钥来解密第一出口数据保护处的加密文件，如果数据保护的目的地属性与文件的目的地属性匹配，那么解密是可能的，f 。 如果可以在步骤e解密加密的文件，则确定文件是否可以被传送到第一目的地域。