公开(公告)号：US20170126701A1

公开(公告)日：2017-05-04

申请号：US15333771

申请日：2016-10-25

申请人： Robert Bosch GmbH

发明人： Benjamin Glas ,  Carsten Gebauer

IPC分类号： H04L29/06

CPC分类号： H04L63/123 ,  G06F12/1416 ,  H04L9/0838 ,  H04L9/0877 ,  H04L9/3236 ,  H04L9/34 ,  H04L63/1466

摘要： A method for protecting data integrity through an embedded system having a main processor core and a security hardware module. The method includes the following: the main processor core generates transmit data, the security hardware module calculates a transmit message authentication code from the transmit data, the main processor core links the transmit data and the transmit message authentication code to form a transmit message, and the main processor core transmits the transmit message to a receiver.

公开(公告)号：US10404717B2

公开(公告)日：2019-09-03

申请号：US15333771

申请日：2016-10-25

申请人： Robert Bosch GmbH

发明人： Benjamin Glas ,  Carsten Gebauer

IPC分类号： H04L29/06 ,  H04L9/08 ,  H04L9/32 ,  H04L9/34 ,  G06F12/14

摘要： A method for protecting data integrity through an embedded system having a main processor core and a security hardware module. The method includes the following: the main processor core generates transmit data, the security hardware module calculates a transmit message authentication code from the transmit data, the main processor core links the transmit data and the transmit message authentication code to form a transmit message, and the main processor core transmits the transmit message to a receiver.

公开(公告)号：US09684304B2

公开(公告)日：2017-06-20

申请号：US15002119

申请日：2016-01-20

申请人： Robert Bosch GmbH

发明人： Markus Schweizer ,  Carsten Gebauer ,  Bernd Mueller ,  Christian Lasarczyk ,  Thomas Heinz ,  Jochen Ulrich Haenger ,  Rakshith Amarnath

IPC分类号： G05D1/00 ,  B62D15/02

CPC分类号： G05D1/0022 ,  B62D15/027 ,  G05D2201/0213

摘要： A communication module for controlling a motor vehicle, which is configured for receiving vehicle-independent commands and converting these received commands into a target trajectory of the motor vehicle, and transmitting this target trajectory to an implementation module which is configured for associating a sequence of control commands for components of the motor vehicle with this transmitted target trajectory.

公开(公告)号：US20170091011A1

公开(公告)日：2017-03-30

申请号：US15271496

申请日：2016-09-21

申请人： Robert Bosch GmbH

发明人： Mikkel LIISBERG ,  Carsten Gebauer ,  Roland Schleser

IPC分类号： G06F11/07

CPC分类号： G06F11/079 ,  G06F11/0724 ,  G06F11/0751 ,  G06F11/14 ,  G06F11/16 ,  H04L1/24

摘要： A method for generating an output data stream from an input data stream, a processing unit receives a first input data stream including a first data set, and this processing unit receives, from a further processing unit, a second set of metadata, which describes a second data set of a second input data stream of this further processing unit, the processing unit outputs or does not output, as a function of the second set of metadata, an output data set of the output data stream generated from the first data set.

公开(公告)号：US09606537B2

公开(公告)日：2017-03-28

申请号：US14880510

申请日：2015-10-12

申请人： Robert Bosch GmbH

发明人： Thomas Hogenmueller ,  Thorsten Huck ,  Ulrich Kersken ,  Armin Ruehle ,  Heinz Tilsner ,  Carsten Gebauer ,  Tuelin Baysal ,  Bernd Mueller ,  Volker Blaschke ,  Wolfgang Niem

IPC分类号： G05D1/00 ,  G05D1/02 ,  B60W30/00

CPC分类号： G05D1/0077 ,  B60W30/00 ,  G05D2201/0213

摘要： A system with a first computer unit and with a second computer unit, wherein the first computer unit comprises a first interface to enable connection to at least one sensor and to at least one actuator, wherein the second computer unit comprises a second interface to enable connection to at least one sensor and to at least one actuator, wherein the first and the second computer units can be connected to each other by means of a further interface, wherein the actuator comprises an interface, wherein depending on the first or on the second operating state the interface determines whether a control command for a driving function is adopted by the first or the second computer unit, so that in the first operating state only the first computer unit can activate the actuator and in a second operating state only the second computer unit can activate the actuator.

公开(公告)号：US20150339133A1

公开(公告)日：2015-11-26

申请号：US14717828

申请日：2015-05-20

申请人： Robert Bosch GmbH

发明人： Jochen ULRICH HAENGER ,  Markus Schweizer ,  Carsten Gebauer ,  Bernd Mueller ,  Christian Lasarczyk ,  Thomas Heinz ,  Rakshith Amarnath

IPC分类号： G06F9/445 ,  H04M1/725

CPC分类号： G06F9/44505 ,  G05B9/02 ,  G06F8/61 ,  G06F21/53 ,  H04M1/7253

摘要： A coupling device for coupling a software component, which transmits a setting command for setting an actuator on a control system of a motor vehicle, to the control system, the coupling device including a monitoring unit, which is designed to carry out an assessment for each setting command as to whether its implementation will transfer the motor vehicle into a dangerous state, the coupling device being further designed to transmit, as a function of this assessment, a monitored setting command corresponding to the setting command to an implementation unit, the implementation unit being designed to control the actuator.

摘要翻译： 一种用于耦合软件部件的联接装置，该软件部件将用于将机动车辆的控制系统上的致动器设置的设置命令发送到控制系统，该耦合装置包括监视单元，该监视单元被设计成对每个 关于其实施是否将机动车辆转移到危险状态的设定命令，所述联接装置进一步设计成将与所述设定命令对应的被监视设定命令作为该评估的功能传送到实施单元，所述实施单元 被设计成控制致动器。

公开(公告)号：US10127161B2

公开(公告)日：2018-11-13

申请号：US14603544

申请日：2015-01-23

申请人： Robert Bosch GmbH

发明人： Peter Wegner ,  Jochen Ulrich Haenger ,  Markus Schweizer ,  Carsten Gebauer ,  Bernd Mueller ,  Thomas Heinz

IPC分类号： G06F12/00 ,  G06F12/14 ,  G06F11/07 ,  G06F8/656

摘要： A method for the coexistence of software having different safety levels in a multicore processor which has at least two processor cores (2, 3). A memory range (4, 5) is associated with each processor core (2, 3) and a plurality of software (SW1, SW2) is processed on one of the processor cores (2, 3) having a predefined safety level. The plurality of software (SW1, SW2) is processed having a predefined safety level only on the processor core (2, 3) with which the same safety level is associated, in which during the processing of the plurality of software (SW1, SW2), the processor core (2, 3) accesses only the protected memory range (4, 5) which is permanently associated with this processor core (2, 3).

公开(公告)号：US09710290B2

公开(公告)日：2017-07-18

申请号：US14717828

申请日：2015-05-20

申请人： Robert Bosch GmbH

发明人： Jochen Ulrich Haenger ,  Markus Schweizer ,  Carsten Gebauer ,  Bernd Mueller ,  Christian Lasarczyk ,  Thomas Heinz ,  Rakshith Amarnath

IPC分类号： G06F11/30 ,  G06F9/445 ,  H04M1/725 ,  G06F21/53 ,  G05B9/02

CPC分类号： G06F9/44505 ,  G05B9/02 ,  G06F8/61 ,  G06F21/53 ,  H04M1/7253

摘要： A coupling device for coupling a software component, which transmits a setting command for setting an actuator on a control system of a motor vehicle, to the control system, the coupling device including a monitoring unit, which is designed to carry out an assessment for each setting command as to whether its implementation will transfer the motor vehicle into a dangerous state, the coupling device being further designed to transmit, as a function of this assessment, a monitored setting command corresponding to the setting command to an implementation unit, the implementation unit being designed to control the actuator.

公开(公告)号：US20160216709A1

公开(公告)日：2016-07-28

申请号：US15002119

申请日：2016-01-20

申请人： Robert Bosch GmbH

发明人： Markus Schweizer ,  Carsten Gebauer ,  Bernd Mueller ,  Christian Lasarczyk ,  Thomas Heinz ,  Jochen Ulrich Haenger ,  Rakshith Amarnath

IPC分类号： G05D1/00

CPC分类号： G05D1/0022 ,  B62D15/027 ,  G05D2201/0213

摘要： A communication module for controlling a motor vehicle, which is configured for receiving vehicle-independent commands and converting these received commands into a target trajectory of the motor vehicle, and transmitting this target trajectory to an implementation module which is configured for associating a sequence of control commands for components of the motor vehicle with this transmitted target trajectory.

摘要翻译： 一种用于控制机动车辆的通信模块，其被配置为用于接收独立于车辆的命令并将这些接收到的命令转换成机动车辆的目标轨迹，并将该目标轨迹发送到实施模块，该实施模块被配置为将控制序列 具有该发送的目标轨迹的机动车辆的部件的命令。

公开(公告)号：US20160103450A1

公开(公告)日：2016-04-14

申请号：US14880510

申请日：2015-10-12

申请人： Robert Bosch GmbH

发明人： Thomas Hogenmueller ,  Thorsten Huck ,  Ulrich Kersken ,  Armin Ruehle ,  Heinz Tilsner ,  Carsten Gebauer ,  Tuelin Baysal ,  Bernd Mueller ,  Volker Blaschke ,  Wolfgang Niem

IPC分类号： G05D1/00 ,  G05D1/02

CPC分类号： G05D1/0077 ,  B60W30/00 ,  G05D2201/0213

摘要： A system with a first computer unit and with a second computer unit, wherein the first computer unit comprises a first interface to enable connection to at least one sensor and to at least one actuator, wherein the second computer unit comprises a second interface to enable connection to at least one sensor and to at least one actuator, wherein the first and the second computer units can be connected to each other by means of a further interface, wherein the actuator comprises an interface, wherein depending on the first or on the second operating state the interface determines whether a control command for a driving function is adopted by the first or the second computer unit, so that in the first operating state only the first computer unit can activate the actuator and in a second operating state only the second computer unit can activate the actuator.

摘要翻译： 一种具有第一计算机单元和第二计算机单元的系统，其中所述第一计算机单元包括能够连接至少一个传感器和至少一个致动器的第一接口，其中所述第二计算机单元包括能够连接的第二接口 至少一个传感器和至少一个致动器，其中所述第一和第二计算机单元可以通过另一个接口彼此连接，其中所述致动器包括接口，其中取决于所述第一或第二操作 状态，所述接口确定所述第一或第二计算机单元是否采用用于驱动功能的控制命令，使得在所述第一操作状态中，所述第一计算机单元仅能够激活所述致动器，并且在第二操作状态下仅所述第二计算机单元 可以激活执行机构。