公开(公告)号：US20240007859A1

公开(公告)日：2024-01-04

申请号：US17852715

申请日：2022-06-29

Applicant: GM Global Technology Operations LLC

Inventor： Mohamed A. Layouni ,  Vinaya Rayapeta ,  Manohar Reddy Nanjundappa ,  Thomas M. Forest ,  Karl Bernard Leboeuf

IPC: H04W12/106 ,  H04W12/104 ,  G07C5/00

CPC classification number: H04W12/106 ,  H04W12/104 ,  G07C5/008

Abstract: A system comprises a computer including a processor and a memory. The memory includes instructions such that the processor is programmed to: receive, at a device driver, an Ethernet frame from an Automotive Open System Architecture (AUTOSAR) communication stack, determine, at the device driver, whether the Ethernet frame is a spoofed Ethernet frame, and transmit a cancelation command to at least one layer of the AUTOSAR communication stack when the device driver determines the Ethernet frame is spoofed.

公开(公告)号：US20250080358A1

公开(公告)日：2025-03-06

申请号：US18459603

申请日：2023-09-01

Applicant: GM GLOBAL TECHNOLOGY OPERATIONS LLC

Inventor： Brian Farrell ,  Sherif Aly ,  Manohar Reddy Nanjundappa

IPC: H04L9/32 ,  H04L9/08

Abstract: An electronic control unit (ECU), or node, is configured to use a single key for generating requests from a security peripheral for a MAC. The security peripheral includes the stored shared key. The security peripheral may further include a policy enabling it to detect if a request from the V-ECU is valid, in which case it generates a MAC. The security peripheral is also used to store information in a MAC Generate Allow List (MGAL). In some embodiments, the receiving nodes in a network receive data based on a security peripheral's response to a transmit nodes requests for a MAC. The receiving nodes use this knowledge to avoid being spoofed.

公开(公告)号：US20240333479A1

公开(公告)日：2024-10-03

申请号：US18194029

申请日：2023-03-31

Applicant: GM GLOBAL TECHNOLOGY OPERATIONS LLC

Inventor： Brian Farrell ,  Christopher J. Kloote ,  Manohar Reddy Nanjundappa ,  Kenneth W. Junk

IPC: H04L9/08 ,  H04L9/32 ,  H04L12/40

CPC classification number: H04L9/0825 ,  H04L9/0891 ,  H04L9/3242 ,  H04L12/40013 ,  H04L2012/40273

Abstract: An apparatus includes a compute device having a microcontroller unit circuit, multiple processing circuits, and a backplane bus. Initial unsecured communications through the backplane bus are restricted. The microcontroller unit circuit is operational to authenticate the processing circuits with a plurality of processor attestations over a local area network bus based on a secure onboard communication protocol of an automotive open system architecture, a symmetric key, and a message authentication code. The processing circuits are operational to reply to the processor attestations over the local area network bus, and verify the microcontroller unit circuit based on the secure onboard communication protocol, the symmetric key, and the message authentication code received from the microcontroller unit circuit. Secure communications through the backplane bus among the processing circuits is enabled based on the authentications of the processing circuits and the verifications of the microcontroller unit circuit.

公开(公告)号：US12278811B2

公开(公告)日：2025-04-15

申请号：US18073540

申请日：2022-12-01

Applicant: GM GLOBAL TECHNOLOGY OPERATIONS LLC

Inventor： Brian Farrell ,  Sherif Aly ,  Mohamed A. Layouni ,  Manohar Reddy Nanjundappa

IPC: G06F21/00 ,  H04L9/40

Abstract: An electronic control unit (ECU), or node, is configured to use a single key for generating requests from a security peripheral for a MAC. The security peripheral includes the stored shared key. The security peripheral may further include a policy enabling it to detect if a request from the V-ECU is valid, in which case it generates a MAC. The security peripheral is also used to store information in a MAC Generate Allow List (MGAL). In some embodiments, the receiving nodes in a network receive data based on a security peripheral's response to a transmit nodes requests for a MAC. The receiving nodes use this knowledge to avoid being spoofed.

公开(公告)号：US20240187401A1

公开(公告)日：2024-06-06

申请号：US18073540

申请日：2022-12-01

Applicant: GM GLOBAL TECHNOLOGY OPERATIONS LLC

Inventor： Brian Farrell ,  Sherif Aly ,  Mohamed A. Layouni ,  Manohar Reddy Nanjundappa

IPC: H04L9/40

CPC classification number: H04L63/083 ,  H04L63/20

Abstract: An electronic control unit (ECU), or node, is configured to use a single key for generating requests from a security peripheral for a MAC. The security peripheral includes the stored shared key. The security peripheral may further include a policy enabling it to detect if a request from the V-ECU is valid, in which case it generates a MAC. The security peripheral is also used to store information in a MAC Generate Allow List (MGAL). In some embodiments, the receiving nodes in a network receive data based on a security peripheral's response to a transmit nodes requests for a MAC. The receiving nodes use this knowledge to avoid being spoofed.

公开(公告)号：US09923722B2

公开(公告)日：2018-03-20

申请号：US15131871

申请日：2016-04-18

Applicant: GM Global Technology Operations LLC

Inventor： Manohar Reddy Nanjundappa

IPC: H04L9/32 ,  B60R16/023 ,  G07C5/08 ,  H04L29/06 ,  H04L29/08

CPC classification number: H04L9/3242 ,  B60R16/023 ,  G07C5/008 ,  G07C5/0808 ,  H04L63/0428 ,  H04L63/08 ,  H04L63/123 ,  H04L67/12 ,  H04W4/46 ,  H04W12/02 ,  H04W12/10

Abstract: A vehicle communication test system is described that includes a diagnostic computer having a computer program product stored thereon. The program product includes a non-transitory computer-readable medium for the diagnostic computer that includes an application software program stored on the computer-readable medium that includes instructions adapted to validate encrypted messages transmitted over a network connection in a vehicle. The instructions include: performing an initialization sequence that includes receiving initialization data at the diagnostic computer, wherein the initialization data is associated with a plurality of vehicle system modules (VSMs) which are coupled together via the vehicle network connection; receiving as a data input at the diagnostic computer an encrypted message transmitted over the network connection; and based on the initialization data, determining at the diagnostic computer whether the received encrypted message is valid.