公开(公告)号：US20220234626A1

公开(公告)日：2022-07-28

申请号：US17160122

申请日：2021-01-27

Applicant: GM GLOBAL TECHNOLOGY OPERATIONS LLC

Inventor： Mayssaa El Rifai ,  Samuel B. Kupfer ,  Joseph E. Ploucha ,  Ron C. Carleton

IPC: B60W60/00 ,  G06N20/00 ,  H04L12/40 ,  G06F16/955

Abstract: In various embodiments, methods, systems, and vehicle apparatuses are provided. A method for determining a trusted context of operation by an in-vehicle Network Intrusion Detection System (NIDS) for learning of a vehicle platform, including executing the NIDS to monitor a set of Electronic Control Units (ECUs) and vehicle state elements by receiving a set of vehicle derived inputs about a vehicle's operating state; in response to a determination about the vehicle's operating state, identifying the trusted window during which learning about network topology and whitelisted messages contained in a vehicle platform is allowable; creating a vehicle-specific configuration containing a list of networks of topologies and whitelisted messages in use by the ECUs in the vehicle platform, and preventing misconfiguring of at least one network in the list of network topologies and whitelisted messages of the vehicle-specific configuration in the vehicle platform outside the trusted window.

公开(公告)号：US10686815B2

公开(公告)日：2020-06-16

申请号：US15700605

申请日：2017-09-11

Applicant: GM GLOBAL TECHNOLOGY OPERATIONS LLC

Inventor： Joseph E. Ploucha ,  Samuel B. Kupfer

IPC: H04L29/06 ,  H04L12/40 ,  H04L29/08 ,  H04W4/44

Abstract: A system for in-vehicle network intrusion detection includes a microcontroller having first and second cores and memory. The first core may be configured to obtain one or more network messages from one or more communication buses of a vehicle describing one or more events associated with the vehicle. The memory may be configured to store the one or more network messages obtained by the first core. The second core may be configured to: (i) read the one or more network messages from the memory; (ii) detect whether at least some of the one or more events constitute an anomaly based on predefined rules; (iii) generate one or more resident incident logs including metadata associated with one or more detected anomalous events based on the detected anomaly event data; and (iv) generate one or more transmitted incident logs based on the one or more resident incident logs.

公开(公告)号：US20150100197A1

公开(公告)日：2015-04-09

申请号：US14046272

申请日：2013-10-04

Applicant: GM Global Technology Operations LLC

Inventor： Kenneth L. Peirce ,  Ervin Hoxha ,  Joseph E. Ploucha

IPC: H04W12/08

CPC classification number: H04W12/08 ,  H04L9/006 ,  H04L9/3263 ,  H04L2209/84 ,  H04W12/06

Abstract: A system and method of securely communicating information between a vehicle and a central facility includes receiving at a vehicle diagnostic tool a challenge query from the vehicle; establishing a wireless connection between the vehicle diagnostic tool and a central facility; transmitting the challenge query from the vehicle diagnostic tool to the central facility via the wireless connection; receiving at the vehicle diagnostic tool a response to the challenge query via the wireless connection; and accessing one or more vehicle modules on the vehicle using the received response to the challenge query.

Abstract translation: 一种在车辆和中央设施之间安全地传递信息的系统和方法包括在车辆诊断工具处接收来自车辆的挑战询问; 在车辆诊断工具和中央设施之间建立无线连接; 通过所述无线连接将所述挑战询问从所述车辆诊断工具发送到所述中心设施; 在所述车辆诊断工具处经由所述无线连接接收对所述挑战询问的响应; 以及使用所接收的对所述挑战询问的响应来访问所述车辆上的一个或多个车辆模块。

公开(公告)号：US11954205B2

公开(公告)日：2024-04-09

申请号：US17848629

申请日：2022-06-24

Applicant: GM GLOBAL TECHNOLOGY OPERATIONS LLC

Inventor： Brian Farrell ,  Joseph E. Ploucha

IPC: G06F21/57

CPC classification number: G06F21/57

Abstract: A method for securing an electronic control unit (ECU). The method may include generating a granular security control adjustment authorization ticket (G-SCAAT) for securing the ECU according to a plurality of security parameters determined based on to a role selected for a corresponding user. The G-SCAAT may include security values to be used in controlling the ECU to operate according to the security parameters.

公开(公告)号：US09912754B2

公开(公告)日：2018-03-06

申请号：US14702452

申请日：2015-05-01

Applicant: GM Global Technology Operations LLC

Inventor： Corey Wideman ,  Kevin M. Baltes ,  Joseph E. Ploucha ,  Thomas M. Forest ,  Michael L. Imel

IPC: H04L29/08 ,  H04L29/06

CPC classification number: H04L67/12 ,  H04L63/101 ,  H04L67/125 ,  H04L69/08

Abstract: A system and method of regulating data communications between a vehicle electronics system and a computing device includes: communicatively linking a first data port of an isolation device with the vehicle electronics system; communicatively linking a second data port of the isolation device with the computing device; receiving data at the isolation device sent between the computing device and the vehicle electronics system; and permitting the data to pass through the isolation device based on the identity of the computing device, the rate at which the data passes through the isolation device, or the content of the data.

公开(公告)号：US20190251265A1

公开(公告)日：2019-08-15

申请号：US15896207

申请日：2018-02-14

Applicant: GM Global Technology Operations LLC

Inventor： Joseph E. Ploucha ,  Cheryl A. Williams ,  Robert F. Semrau

IPC: G06F21/57 ,  B60W50/02 ,  B60W50/04

Abstract: A vehicle control module is provided and includes a hybrid memory and a processor. The hybrid memory includes: application memory that stores application code; boot memory that stores a first RMTS code, where the first RMTS code includes first risk functions; and ETM that temporarily stores a second RMTS code. The second RMTS code includes second risk functions. The processor: based on an operating mode of the vehicle control module, executes the application, first RMTS and second RMTS codes; erases the ETM prior to installation of the vehicle control module in a vehicle or delivery of the vehicle; and based on the first RMTS code, permits execution of the first RMTS code prior to and subsequent to installation of the vehicle control module in the vehicle and the second RMTS code prior to installation of the vehicle control module in the vehicle or delivery of the vehicle.

公开(公告)号：US09281942B2

公开(公告)日：2016-03-08

申请号：US14204178

申请日：2014-03-11

Applicant: GM Global Technology Operations LLC

Inventor： Karl B. Leboeuf ,  Joseph E. Ploucha

IPC: H04L9/08

CPC classification number: H04L9/0866 ,  H04L2209/84

Abstract: A method of providing access to a password-protected electronic control unit (ECU) using encryption includes generating a cryptographic key for the ECU using a master password, a serial number of the ECU, and a password-based key derivation function; converting the generated cryptographic key into an ECU password; and accessing data from the ECU using the ECU password.

Abstract translation: 使用加密提供对受密码保护的电子控制单元（ECU）的访问的方法包括使用主密码，ECU的序列号和基于密码的密钥导出功能来生成ECU的密码密钥; 将生成的加密密钥转换成ECU密码; 并使用ECU密码从ECU访问数据。

公开(公告)号：US12151692B2

公开(公告)日：2024-11-26

申请号：US17847812

申请日：2022-06-23

Applicant: GM GLOBAL TECHNOLOGY OPERATIONS LLC

Inventor： Brian Farrell ,  Joseph E. Ploucha

IPC: B60W50/02 ,  B60W50/00

Abstract: A method for performance tuning an electronic control unit (ECU). The performance tuning may include determining one or more tunable values stored on a tunable implementation memory of the ECU to specify tunable calibration data for one or more tunable calibration parameters selected for performance tuning and controlling an application software of the ECU to execute according to the tunable calibration data.

公开(公告)号：US11952013B2

公开(公告)日：2024-04-09

申请号：US17160122

申请日：2021-01-27

Applicant: GM GLOBAL TECHNOLOGY OPERATIONS LLC

Inventor： Mayssaa El Rifai ,  Samuel B. Kupfer ,  Joseph E. Ploucha ,  Ron C. Carleton

IPC: B60W60/00 ,  G06F16/955 ,  G06N20/00 ,  H04L12/40

CPC classification number: B60W60/00188 ,  G06F16/9566 ,  G06N20/00 ,  H04L12/40 ,  H04L2012/40215 ,  H04L2012/40273

Abstract: In various embodiments, methods, systems, and vehicle apparatuses are provided. A method for determining a trusted context of operation by an in-vehicle Network Intrusion Detection System (NIDS) for learning of a vehicle platform, including executing the NIDS to monitor a set of Electronic Control Units (ECUs) and vehicle state elements by receiving a set of vehicle derived inputs about a vehicle's operating state; in response to a determination about the vehicle's operating state, identifying the trusted window during which learning about network topology and whitelisted messages contained in a vehicle platform is allowable; creating a vehicle-specific configuration containing a list of networks of topologies and whitelisted messages in use by the ECUs in the vehicle platform, and preventing misconfiguring of at least one network in the list of network topologies and whitelisted messages of the vehicle-specific configuration in the vehicle platform outside the trusted window.

公开(公告)号：US20230418944A1

公开(公告)日：2023-12-28

申请号：US17848629

申请日：2022-06-24

Applicant: GM GLOBAL TECHNOLOGY OPERATIONS LLC

Inventor： Brian Farrell ,  Joseph E. Ploucha

IPC: G06F21/57 ,  G06F8/65 ,  B60R16/023

CPC classification number: G06F21/577 ,  B60R16/023 ,  G06F8/65 ,  G06F21/575

Abstract: A method for securing an electronic control unit (ECU). The method may include generating a granular security control adjustment authorization ticket (G-SCAAT) for securing the ECU according to a plurality of security parameters determined based on to a role selected for a corresponding user. The G-SCAAT may include security values to be used in controlling the ECU to operate according to the security parameters.