公开(公告)号：US20240113867A1

公开(公告)日：2024-04-04

申请号：US17956939

申请日：2022-09-30

Applicant: General Electric Company ,  BAE Systems Controls Inc.

Inventor： Jeffrey S. Gilton ,  Matthew B. Pfenninger ,  Douglas R. Nichols ,  Russell Seidel

IPC: H04L9/08

CPC classification number: H04L9/0833 ,  H04L9/0841 ,  H04L9/085 ,  H04L9/0894

Abstract: A distributed control system includes an electronic control unit to establish secure communication with a distributed control module. Upon determination that a previously negotiated session key is stored on the electronic control unit, the electronic control unit transmits encrypted communications with the distributed control module using the previously negotiated session key, negotiates a new session key with the distributed control module, and stores the new session key. Upon determination that the previously negotiated session key is not stored on the electronic control unit, the electronic control unit negotiates the new session key with the distributed control module. After negotiating the new session key with the distributed control module, the electronic control unit ceases transmission of unencrypted communications with the distributed control module, transmits encrypted communications with the distributed control module using the new session key, and stores the new session key.

公开(公告)号：US20240111872A1

公开(公告)日：2024-04-04

申请号：US17956940

申请日：2022-09-30

Applicant: General Electric Company ,  BAE Systems Controls Inc.

Inventor： Jeffrey S. Gilton ,  Matthew B. Pfenninger ,  Douglas R. Nichols ,  Russell Seidel

IPC: G06F21/57 ,  G06F21/44

CPC classification number: G06F21/575 ,  G06F21/44 ,  G06F2221/034

Abstract: A method for initializing an engine control system of an aircraft may include authenticating a boot loader, authenticating a manifest in response to authentication of the boot loader wherein the manifest contains hashes of one or more software components, and in response to authentication of the manifest, loading a first set of software components from among the one or more software components onto a non-transitory computer-readable medium, calculating a hash of each software component of the first set of software components, authenticating the first set of software components by comparing the calculated hash of each software component of the first set of software components to the hash of a corresponding software component in the manifest, and executing the first set of software components in response to authentication of the one or more software components. Devices and systems are also provided for initializing an engine control system of an aircraft.

公开(公告)号：US11711206B2

公开(公告)日：2023-07-25

申请号：US17030682

申请日：2020-09-24

Applicant: General Electric Company

Inventor： Jeffrey S. Gilton ,  Douglas R. Nichols ,  Mark E. Hingsbergen ,  Matthew B. Pfenninger

IPC: H04L9/08 ,  H04L9/32

CPC classification number: H04L9/0825 ,  H04L9/0822 ,  H04L9/0841 ,  H04L9/3247

Abstract: A method comprises a server generating a server nonce and transmitting a server public key, a key signature and the server nonce to a device, the device verifying the server public key, signing the server nonce with a device private key, generating a device nonce, and transmitting the server nonce, the server nonce signature, a device public key, a device key signature, and the device nonce to the server, the server verifying the server nonce and the device public key, generating a session key, encrypting the session key with the device public key, signing the device nonce and the session key with a server private key, and transmitting the device nonce, the signed device nonce and session key, and the encrypted session key to the device, and the device verifying the device nonce, decrypting the encrypted session key with the device private key, and verifying the decrypted session key.

公开(公告)号：US20210097185A1

公开(公告)日：2021-04-01

申请号：US17030624

申请日：2020-09-24

Applicant: General Electric Company

Inventor： Jeffrey S. Gilton ,  Matthew B. Pfenninger ,  Douglas R. Nichols ,  Mark E. Hingsbergen

IPC: G06F21/57 ,  G06F21/54 ,  G06F21/60 ,  G06F9/4401 ,  G06F8/61

Abstract: A method is disclosed and includes authenticating a first stage boot loader and authenticating a second stage boot loader in response to authentication of the first stage boot loader. The method also includes executing the second stage boot loader in response to authentication of the second stage boot loader. Executing the second stage boot loader includes loading an operating system, a first set of machine-readable instructions, and first configuration information associated with the first set of machine-readable instructions onto a non-transitory computer-readable medium, wherein the first set of machine-readable instructions and the first configuration information are associated with one or more priority partitions. Executing the second stage boot loader includes authenticating the operating system and the first set of machine-readable instructions. Executing the second stage boot loader includes executing the first set of machine-readable instructions in response to authentication of the operating system and the first set of machine-readable instructions.

公开(公告)号：US20210096970A1

公开(公告)日：2021-04-01

申请号：US17030824

申请日：2020-09-24

Applicant: General Electric Company

Inventor： Jeffrey S. Gilton ,  Brian T. Clark ,  Matthew B. Pfenninger ,  Vasanth Ganapathy ,  Douglas R. Nichols

IPC: G06F11/22 ,  G06F11/273 ,  G06F11/30

Abstract: Devices, systems, and methods for providing an engine control system configured with a two-part test equipment monitor where at least one part is selectively removable are disclosed. An engine control system for an aircraft includes an electronic control unit (ECU). The ECU is configured to implement a production support equipment module and a selectively removable test support equipment module. The production support equipment module enables restricted data monitoring of the engine control system. The test support equipment module enables a comprehensive interface with the engine control system when installed with the ECU.

公开(公告)号：US11561873B2

公开(公告)日：2023-01-24

申请号：US17030824

申请日：2020-09-24

Applicant: General Electric Company

Inventor： Jeffrey S. Gilton ,  Brian T. Clark ,  Matthew B. Pfenninger ,  Vasanth Ganapathy ,  Douglas R. Nichols

IPC: G06F11/22 ,  G06F11/30 ,  G06F11/273

Abstract: Devices, systems, and methods for providing an engine control system configured with a two-part test equipment monitor where at least one part is selectively removable are disclosed. An engine control system for an aircraft includes an electronic control unit (ECU). The ECU is configured to implement a production support equipment module and a selectively removable test support equipment module. The production support equipment module enables restricted data monitoring of the engine control system. The test support equipment module enables a comprehensive interface with the engine control system when installed with the ECU.

公开(公告)号：US20220123957A1

公开(公告)日：2022-04-21

申请号：US17029921

申请日：2020-09-23

Applicant: General Electric Company

Inventor： Jeffrey S. Gilton ,  Brian T. Clark ,  Vasanth Ganapathy ,  Matthew B. Pfenninger ,  Douglas R. Nichols

IPC: H04L12/40 ,  H04L12/931

Abstract: Devices, systems, and methods for routing data to distributed devices in an aircraft are disclosed. A data routing system includes an aircraft and an equipment communicatively coupled to a control unit. The aircraft includes a control unit, and one or more distributed modules. The control unit is configured to communicate with each of the one or more distributed modules via an engine control bus. The control unit is configured to receive an Ethernet packet from the equipment via an Ethernet connection, translate protocols of the Ethernet packet to protocols for the engine control bus, identify an IP address in the Ethernet packet, and route data of the Ethernet packet to one of the one or more distributed modules over the engine control bus based on the IP address and the translated protocols.

公开(公告)号：US20210099292A1

公开(公告)日：2021-04-01

申请号：US17030682

申请日：2020-09-24

Applicant: General Electric Company

Inventor： Jeffrey S. Gilton ,  Douglas R. Nichols ,  Mark E. Hingsbergen ,  Matthew B. Pfenninger

IPC: H04L9/08 ,  H04L9/32

Abstract: A method comprises a server generating a server nonce and transmitting a server public key, a key signature and the server nonce to a device, the device verifying the server public key, signing the server nonce with a device private key, generating a device nonce, and transmitting the server nonce, the server nonce signature, a device public key, a device key signature, and the device nonce to the server, the server verifying the server nonce and the device public key, generating a session key, encrypting the session key with the device public key, signing the device nonce and the session key with a server private key, and transmitting the device nonce, the signed device nonce and session key, and the encrypted session key to the device, and the device verifying the device nonce, decrypting the encrypted session key with the device private key, and verifying the decrypted session key.

公开(公告)号：US11934527B2

公开(公告)日：2024-03-19

申请号：US17030624

申请日：2020-09-24

Applicant: General Electric Company

Inventor： Jeffrey S. Gilton ,  Matthew B. Pfenninger ,  Douglas R. Nichols ,  Mark E Hingsbergen

IPC: G06F21/00 ,  G06F8/61 ,  G06F9/4401 ,  G06F21/54 ,  G06F21/57 ,  G06F21/60 ,  G06F21/10

CPC classification number: G06F21/575 ,  G06F8/63 ,  G06F9/4406 ,  G06F21/54 ,  G06F21/602 ,  G06F21/107

Abstract: A method is disclosed and includes authenticating a first stage boot loader and authenticating a second stage boot loader in response to authentication of the first stage boot loader. The method also includes executing the second stage boot loader in response to authentication of the second stage boot loader. Executing the second stage boot loader includes loading an operating system, a first set of machine-readable instructions, and first configuration information associated with the first set of machine-readable instructions onto a non-transitory computer-readable medium, wherein the first set of machine-readable instructions and the first configuration information are associated with one or more priority partitions. Executing the second stage boot loader includes authenticating the operating system and the first set of machine-readable instructions. Executing the second stage boot loader includes executing the first set of machine-readable instructions in response to authentication of the operating system and the first set of machine-readable instructions.

公开(公告)号：US20230318812A1

公开(公告)日：2023-10-05

申请号：US18206194

申请日：2023-06-06

Applicant: General Electric Company

Inventor： Jeffrey S. Gilton ,  Douglas R. Nichols ,  Mark E. Hingsbergen ,  Matthew B. Pfenninger

IPC: H04L9/08 ,  H04L9/32

CPC classification number: H04L9/0825 ,  H04L9/0822 ,  H04L9/0841 ,  H04L9/3247

Abstract: A method comprises a server generating a server nonce and transmitting a server public key, a key signature and the server nonce to a device, the device verifying the server public key, signing the server nonce with a device private key, generating a device nonce, and transmitting the server nonce, the server nonce signature, a device public key, a device key signature, and the device nonce to the server, the server verifying the server nonce and the device public key, generating a session key, encrypting the session key with the device public key, signing the device nonce and the session key with a server private key, and transmitting the device nonce, the signed device nonce and session key, and the encrypted session key to the device, and the device verifying the device nonce, decrypting the encrypted session key with the device private key, and verifying the decrypted session key.