公开(公告)号：US20200034574A1

公开(公告)日：2020-01-30

申请号：US15711666

申请日：2017-09-21

Applicant: GM GLOBAL TECHNOLOGY OPERATIONS LLC

Inventor： Kevin M. Baltes ,  Karl B. Leboeuf

IPC: G06F21/78

Abstract: A system and method of evaluating one or more cybersecurity vulnerabilities to establish a priority metric for each of the one or more cybersecurity vulnerabilities, the method including: constructing a cybersecurity attack schema for each of the one or more cybersecurity vulnerabilities; determining, for each of the plurality of malicious actions of each of the one or more cybersecurity vulnerabilities, one or more resource metrics; obtaining, for each of the one or more cybersecurity vulnerabilities, one or more final resource metrics based on evaluating each of the one or more resource metrics; obtaining, for each of the one or more cybersecurity vulnerabilities, an impact metric that is indicative of a degree of damage that can be caused by the cybersecurity vulnerability; and calculating, for each of the one or more cybersecurity vulnerabilities, a cybersecurity priority level based on the impact metric and the one or more final resource metrics.

公开(公告)号：US10430178B2

公开(公告)日：2019-10-01

申请号：US15898689

申请日：2018-02-19

Applicant: GM Global Technology Operations LLC

Inventor： Monica E. Mitchell ,  Kevin M. Baltes ,  Brian J. Ciesinski ,  Peter M. Ansbro ,  Scott E. Jackson ,  Kathleen S. McMahon ,  Kelly M. Comastro

IPC: G06F8/65 ,  H04W4/44

Abstract: An updating system of a vehicle includes a communication module configured to wirelessly download an over the air (OTA) update package. The OTA update package includes: a predetermined period for beginning installation of the OTA update package; an indicator of a module and code to be updated; and replacement code. A display control module is configured to, when a transmission of the vehicle is in park and the predetermined period has not yet passed after the downloading of the OTA update package, display a message on a display within a passenger cabin of the vehicle. The message solicits user input regarding whether to: (i) begin installation of the OTA update package; or (ii) install the OTA update package at a later time.

公开(公告)号：US09912754B2

公开(公告)日：2018-03-06

申请号：US14702452

申请日：2015-05-01

Applicant: GM Global Technology Operations LLC

Inventor： Corey Wideman ,  Kevin M. Baltes ,  Joseph E. Ploucha ,  Thomas M. Forest ,  Michael L. Imel

IPC: H04L29/08 ,  H04L29/06

CPC classification number: H04L67/12 ,  H04L63/101 ,  H04L67/125 ,  H04L69/08

Abstract: A system and method of regulating data communications between a vehicle electronics system and a computing device includes: communicatively linking a first data port of an isolation device with the vehicle electronics system; communicatively linking a second data port of the isolation device with the computing device; receiving data at the isolation device sent between the computing device and the vehicle electronics system; and permitting the data to pass through the isolation device based on the identity of the computing device, the rate at which the data passes through the isolation device, or the content of the data.

公开(公告)号：US09578047B2

公开(公告)日：2017-02-21

申请号：US14595584

申请日：2015-01-13

Applicant: GM GLOBAL TECHNOLOGY OPERATIONS LLC

Inventor： Moshe Laifenfeld ,  Yuval Polevoy ,  Timothy D. Julson ,  Kevin M. Baltes ,  Omer Cohen

IPC: H04L29/06 ,  H04B1/3822 ,  H04L29/08

CPC classification number: H04L63/1416 ,  H04B1/3822 ,  H04B10/071 ,  H04L63/08 ,  H04L63/123 ,  H04L63/1425 ,  H04L67/12

Abstract: Systems and methods are provided for monitoring and detecting intrusions and authenticating messages on a communication network of a vehicle. A plurality of signals transmitted over communications network between an electronic control module and a remote electronic module are monitored. Reflectometry feature sets are extracted from the plurality of signals and compared to a repository of predetermined communication network feature sets to generate a mismatch value. The mismatch value is compared to a predetermined threshold range and an authenticated event occurs when the mismatch value is within the predetermined threshold range. When the mismatch value is outside the predetermined threshold range, a flagged event occurs and is recorded.

Abstract translation: 提供了系统和方法，用于在车辆的通信网络上监视和检测入侵和认证消息。 监视通过电子控制模块和远程电子模块之间的通信网络传输的多个信号。 从多个信号中提取反射特征集，并与预定的通信网络特征集的存储库进行比较以产生不匹配值。 将不匹配值与预定阈值范围进行比较，并且当失配值在预定阈值范围内时发生认证事件。 当不匹配值在预定阈值范围之外时，发生标记事件并被记录。

公开(公告)号：US11420656B2

公开(公告)日：2022-08-23

申请号：US16927230

申请日：2020-07-13

Applicant: GM GLOBAL TECHNOLOGY OPERATIONS LLC

Inventor： Joseph E. Ploucha ,  Kevin M. Baltes

IPC: B60W30/14 ,  B60W60/00

Abstract: A vehicle system comprising a plurality of subsystems, each of the plurality of subsystems configured to perform at least a portion of at least one of a plurality of functions. The plurality of functions are organized in a hierarchy of functions including complex higher order functions and simpler lower order functions. The vehicle system further comprises an advanced computing module configured to control the plurality of subsystems in order to perform a higher order function and a lower order function that supports the higher order function. The advanced computing module comprises software instructions including a first gate point. The first gate point may be activated to prevent the advanced computing module from performing the higher order function.

公开(公告)号：US10678954B2

公开(公告)日：2020-06-09

申请号：US15711666

申请日：2017-09-21

Applicant: GM GLOBAL TECHNOLOGY OPERATIONS LLC

Inventor： Kevin M. Baltes ,  Karl B. Leboeuf

IPC: G06F11/00 ,  G06F21/78 ,  G06F21/60 ,  G06F12/14

Abstract: A system and method of evaluating one or more cybersecurity vulnerabilities to establish a priority metric for each of the one or more cybersecurity vulnerabilities, the method including: constructing a cybersecurity attack schema for each of the one or more cybersecurity vulnerabilities; determining, for each of the plurality of malicious actions of each of the one or more cybersecurity vulnerabilities, one or more resource metrics; obtaining, for each of the one or more cybersecurity vulnerabilities, one or more final resource metrics based on evaluating each of the one or more resource metrics; obtaining, for each of the one or more cybersecurity vulnerabilities, an impact metric that is indicative of a degree of damage that can be caused by the cybersecurity vulnerability; and calculating, for each of the one or more cybersecurity vulnerabilities, a cybersecurity priority level based on the impact metric and the one or more final resource metrics.

公开(公告)号：US10038565B2

公开(公告)日：2018-07-31

申请号：US13722810

申请日：2012-12-20

Applicant: GM Global Technology Operations LLC

Inventor： Ansaf I. Alrabady ,  Kevin M. Baltes ,  J. David Rosa ,  Thomas M. Forest ,  Alan D. Wist

IPC: G06F21/00 ,  H04L29/06 ,  H04L9/32 ,  G06F21/57

CPC classification number: H04L9/3249 ,  G06F21/572 ,  H04L9/3247 ,  H04L2209/84

Abstract: Methods and systems are provided for bypassing an authenticity check for a secure control module. In one embodiment, a method includes: receiving authenticity data from a secure source, wherein the authenticity data includes a signature and an identifier that is unique to the control module; programming the control module with the authenticity data; and bypassing the authenticity check of a control program of the control module based on the authenticity data.

公开(公告)号：US09866542B2

公开(公告)日：2018-01-09

申请号：US14607910

申请日：2015-01-28

Applicant: GM Global Technology Operations LLC

Inventor： Kevin M. Baltes ,  Thomas M. Forest ,  Joseph E. Ploucha

IPC: H04L29/06 ,  H04W12/12 ,  H04W12/06 ,  H04L29/08

CPC classification number: H04L63/08 ,  H04L63/0227 ,  H04L63/1408 ,  H04L63/1441 ,  H04L67/12 ,  H04W4/046 ,  H04W12/06 ,  H04W12/12

Abstract: A system and method of responding to unauthorized electronic access to a vehicle includes: receiving data indicating unauthorized electronic access to electronic hardware in the vehicle; initiating an electronic hardware countermeasure in response to the unauthorized electronic access; generating a command set that instructs at least a portion of the electronic hardware to implement the electronic hardware countermeasure; and communicating the command set to the portion of the electronic hardware.

公开(公告)号：US20160219028A1

公开(公告)日：2016-07-28

申请号：US14607910

申请日：2015-01-28

Applicant: GM GLOBAL TECHNOLOGY OPERATIONS LLC

Inventor： Kevin M. Baltes ,  Thomas M. Forest ,  Joseph E. Ploucha

IPC: H04L29/06

CPC classification number: H04L63/08 ,  H04L63/0227 ,  H04L63/1408 ,  H04L63/1441 ,  H04L67/12 ,  H04W4/046 ,  H04W12/06 ,  H04W12/12

Abstract: A system and method of responding to unauthorized electronic access to a vehicle includes: receiving data indicating unauthorized electronic access to electronic hardware in the vehicle; initiating an electronic hardware countermeasure in response to the unauthorized electronic access; generating a command set that instructs at least a portion of the electronic hardware to implement the electronic hardware countermeasure; and communicating the command set to the portion of the electronic hardware.

Abstract translation: 响应未经授权的电子访问车辆的系统和方法包括：接收指示未经授权的电子访问车辆中的电子硬件的数据; 响应于未授权的电子访问发起电子硬件对策; 生成指示电子硬件的至少一部分来实现电子硬件对策的指令集; 以及将所述命令集传送到所述电子硬件的所述部分。

公开(公告)号：US08966248B2

公开(公告)日：2015-02-24

申请号：US13627055

申请日：2012-09-26

Applicant: GM Global Technology Operations LLC

Inventor： Kevin M. Baltes ,  Thomas M. Forest

IPC: H04L9/00

CPC classification number: H04L9/3247 ,  H04L63/126 ,  H04L67/06 ,  H04L2209/60 ,  H04L2209/84

Abstract: A server includes an import module that receives a first content file and a first instruction file from a design network. The first instruction file includes a first set of parameters. A job request module, based on the first instruction parameter set, determines a second parameter set and generates a second instruction file comprising the second parameter set. The job request module transmits the first content file and the second parameter set to a signature server. An export module receives a signature file from the signature server. The signature server generates the signature file based on the second instruction file. The export module integrates the signature into the first content file to generate a second content file and downloads the second content file to at least one of a service server, a manufacturing server, and a supplier network.

Abstract translation: 服务器包括从设计网络接收第一内容文件和第一指令文件的导入模块。 第一指令文件包括第一组参数。 作业请求模块基于第一指令参数集确定第二参数集，并生成包括第二参数集的第二指令文件。 作业请求模块将第一内容文件和第二参数集发送到签名服务器。 导出模块从签名服务器接收签名文件。 签名服务器基于第二指令文件生成签名文件。 导出模块将签名集成到第一内容文件中以生成第二内容文件，并将第二内容文件下载到服务服务器，制造服务器和供应商网络中的至少一个。