EP3092768A1 - Method and device for releasing functions of a control device - Google Patents
Method and device for releasing functions of a control deviceInfo
- Publication number
- EP3092768A1 EP3092768A1 EP14827764.3A EP14827764A EP3092768A1 EP 3092768 A1 EP3092768 A1 EP 3092768A1 EP 14827764 A EP14827764 A EP 14827764A EP 3092768 A1 EP3092768 A1 EP 3092768A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- authorization
- unit
- remote control
- control unit
- control device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6236—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database between heterogeneous systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/34—Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
- H04W12/082—Access security using revocation of authorisation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/84—Vehicles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/18—Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
Definitions
- the invention relates to a method and a device for releasing functions of a control unit, in particular a control unit of a motor vehicle.
- safety-relevant data and services should only be available after they have been enabled by the diagnostic software.
- a typical example of such a safety-relevant function is the training of a new immobilizer or the introduction of a new
- the activation is usually carried out by means of a so-called “seed & key method" in which the test device and the control device share a secret algorithm or key, such a known method usually taking place as follows:
- a data connection is established between the control unit and a workshop test device.
- the diagnostic software in the test device initiates a request via the data connection to the control unit that a specific safety-relevant function is to be released.
- the controller responds to the trial software with a random value.
- test device Since the diagnostic software in the test device knows the secret algorithm, it is able to calculate the appropriate answer from the random value. This answer sends the test device back to the control unit.
- the controller checks the diagnostic software's response by itself using the secret algorithm to calculate the response from the random value and compare it to the response transmitted by the tester.
- the controller sends a feedback to the diagnostic software, whether the activation has been made or not.
- the vehicle manufacturers hand over to the manufacturers of the test equipment and / or the diagnostic software a library which contains the corresponding seed & key algorithms. With this library, the manufacturers of the test equipment / diagnostic software are able to implement safety-related functions and safety-relevant workshops
- An object of the invention is to provide an improved method and an improved device for enabling functions of control devices, in particular motor vehicle control devices, and in particular an improved control of access to the functions of
- a method for enabling external access to a control device, in particular for enabling a function of a control device, wherein the control device is in particular a control device of a motor vehicle comprises the steps of: a) establishing a data connection between a remote control device and the control device;
- Random in response to the request signal, whereupon the device generates a random value
- Control unit stored calculation rule for calculating a
- Storage unit of the control unit e) transmitting the generated random value to a remote from the remote control device authentication device;
- the release of the at least one function of the control unit can in particular be done by setting an enable bit on an input of an AND gate, so that a signal that is applied to a second input of the AND gate to perform the at least one function on
- the invention also includes a device for enabling external access to a control device, in particular a function of the control device, wherein the control device is in particular a control device of a motor vehicle, comprising: a receiving unit which is designed to receive at least one random value via a data connection; an authentication device having a response value generation unit for generating a response value corresponding to the random value, in particular by applying a calculation rule stored in a memory of the authentication device to the random value to calculate the response value; and a transmitting unit configured to send the generated response value.
- An inventive system for enabling external access to a control unit, in particular at least one function of the control unit, wherein the control unit is in particular the control unit of a motor vehicle, has a device according to the invention for enabling external access to a
- Control unit in particular for enabling at least one function of a control unit; and at least one spatially separated from the device for enabling external access to a control device authorization checking device for checking the authorization of one of the Authorization checking device spatially separated remote control device is formed.
- the checking of the authorization can in particular be done by comparing a remote control device identification data record received by the receiving unit with entries in a
- Authorization storage device of the authorization checking device are stored.
- the system also comprises a control device with a device for generating a random value;
- Reference value generating unit which is formed by applying a stored in a memory of the reference value generating unit
- Calculation rule to generate the random value at least one reference value corresponding to the random value a storage unit for storing the generated reference value; a transmitting unit for transmitting the at least one random value; a receiving unit for receiving at least one response value; a comparison unit for comparing the reference value stored in the reference value memory with the at least one response value received by the reception unit, and a
- Release unit for enabling external access to the control unit, in particular the at least one function of the control unit, when the at least one received response value matches the stored reference value.
- at least one remote control device is in one
- the authorization checking device and / or the authentication device can be embodied in a common central server, which is arranged spatially separate from the remote control device (s) and connectable to a plurality of remote control devices in different workshops to provide the rights to release control device functions centrally managed and assigned.
- a central server which is arranged in particular outside the workshop, for example at a manufacturer of the remote control device at a manufacturer of the diagnostic software and / or an authorization service provider, the control over the release of these functions is improved.
- the secret algorithm or the secret key according to the invention is stored not in each remote control device, but in a spatially separated from the remote control device, in particular in a central authentication device, the risk that the secret algorithms / keys required to calculate the response value will fall into the wrong hands can be misused and abused considerably.
- access control to the functions of the control devices can be improved and centralized.
- the authentication device is arranged spatially separate from the authorization checking device.
- a plurality of authentication devices may be provided, and the authorization checking device may be configured, for example by comparing a selection criterion transmitted by the control device with entries in a selection list stored in the authorization checking device, to select one of the plurality of authentication devices for generating the response value, the random value to the transmit selected external authentication device and receive the response value from the selected external authentication device.
- the external authentication devices may be located at the controller and / or vehicle manufacturers and operated under their control.
- the secret information and / or algorithms necessary for generating the response value can be located on external authentication devices arranged at the manufacturers of the control devices and / or the vehicles. Devices remain. In this way, security is further enhanced by minimizing the risk of misleading and abusing safety-related information and / or algorithms when left under the direct control of manufacturers.
- the method may also include transmitting a remote control device identification record associated with the remote control device, in particular one-to-one, from the remote control device to an authentication device, which may be spatially separated from the remote control device, and the authorization of the remote control device by the authentication device in particular by comparing the remote control device identification record transmitted by the remote control device with entries in an authorization list and / or a non-authorization list stored in an authorization storage device of the authorization verification device.
- an authentication device which may be spatially separated from the remote control device
- the authorization of the remote control device by the authentication device in particular by comparing the remote control device identification record transmitted by the remote control device with entries in an authorization list and / or a non-authorization list stored in an authorization storage device of the authorization verification device.
- the transmission of the random value may also include transmitting a function identification value associated with the function to be released, in particular one-to-one, and thus enabling the authorization checking device to identify the desired function to be released, such that the authorization is checked and the Release function-specific can be done.
- the method may include generating the random value generated in the controller via the established data connection from the
- Control device to the remote control device and from the remote control device to the authorization check device and / or the authentication device to transmit can thus take place via a conventional data interface provided in any conventional control unit, for example an OBD interface, without the need for modifications to the control unit.
- a conventional data interface provided in any conventional control unit, for example an OBD interface
- no (additional) transmission device for data transmission to the authorization checking device and / or the authentication device must be formed in the control device.
- the invention may also include providing one with the
- Remote control device is not authorized to perform the requested function.
- the checking of the authorization may in particular include comparing a transmitted identification data record with the entries of an authorization list and / or a non-authorization list. On a
- White List may include workshops, control units and / or remote control devices that are authorized to perform the desired function (s), unauthorized workshops and / or unauthorized, eg stolen, vehicles, control units and / or or remote control devices may be removed from the entitlement list and / or on one
- Non-authorization list (“black list") are detected in order to prevent the release of the requested function (s).
- Non-authorization list (“black list”), checking the authorization of the remote control device results in a negative result and that
- Blocking unit blocks the authentication device and / or the
- Blockadepeicher set a blocking bit and / or a release bit at the input of an AND gate is not set, so that an activation signal from the AND gate is not forwarded, but blocked.
- an immobilizer can be activated to render the stolen vehicle useless for the thief.
- the authorizations may be specifiable and / or changeable by providing a password, a personal identification number and / or a symmetric or asymmetrical key, in order to make it possible to adapt the authorizations to the current circumstances.
- the owner of a vehicle before a visit to the workshop by entries in the authorization list targeted for the planned work necessary functions and only for the remote control devices of the workshop visited.
- the unlocking can in particular also be limited in time, so that the authorization expires automatically after the workshop visit.
- the method comprises, by the controller over the data link, transmitting feedback to the remote control device of a successful release or non-release; the remote control device may then activate the enabled function and / or inform the user that the requested function has been released.
- providing a response value includes calculating the response value using a predetermined, preferably secret, algorithm from the random value and / or assigning the random value using an asymmetric cryptographic method based on a pair of public and secret keys sign.
- the random value and / or the response value is transmitted between the remote control device and the authorization checking device via an electronic data connection, by e-mail, fax, SMS, EMS (Enhanced Message Service), MMS (Multimedia Messaging Service), Instant Messaging (eg WhatsApp) and / or by phone.
- the transmission via an electronic data connection can in particular be automatic and thus enables a particularly convenient release of the desired
- E-mail E-mail, fax, SMS, enhanced message service (EMS), multimedia messaging service (MMS), instant messaging (e.g.
- WhatsApp and / or telephone makes it possible to unlock the desired function (s) even if electronic data transmission is not possible, e.g. because no suitable data connection is available.
- the random value and / or the response value are transmitted via an encrypted connection in order to prevent unauthorized spying of the data and / or manipulation of the data by third parties.
- Both the requests and made clearances as well as all functions performed by the remote control device can be logged in order to be able to understand them in particular in case of abuse.
- the deletion of the logs may be the responsibility of the owner and / or manufacturer of the diagnostic Software, the motor vehicle and / or the control unit reserved. Changes to the protocols are not possible to avoid subsequent manipulation.
- an alarm message to the owner and / or manufacturer of the motor vehicle can be triggered to warn against a possible attempted abuse. Also, the release of the functions can be locked permanently or for a predetermined period.
- control unit can in particular be assigned to one of several security classes.
- a first public security class may include all functions that allow information such as e.g. Error memory which is accessible to all, e.g. also a breakdown service, should be available to read.
- a second, limited safety class may include all functions that should be available only to the manufacturer (“OEM”) and manufacturer-approved workshops (“Tier I suppliers”), such as: Software updates or the deletion of (error) memory entries.
- control unit After the control unit has been clearly identified and the authorization of the workshop or the remote control device has been confirmed, the control unit can then be reprogrammed by a free but authenticated workshop and in particular provided with an updated software.
- additional memory may be provided by the remote control device in the authentication server, which is used to temporarily store data during the vehicle diagnosis.
- additional memory may be provided to the controller in the authentication server, e.g. To realize counters. These are always provided during the vehicle diagnosis.
- a third, protected security class may include all functions that should only be available after specific approval by the vehicle owner, so that these functions can not be performed without the knowledge and approval of the Vehicle owner can be performed. This may be, for example, the history of the GPS data of the vehicle, which make it possible to create a movement profile of the motor vehicle or its driver.
- the functions of the different security classes can be defined by different passwords, PINs and / or symmetric or
- unblocked asymmetric keys that are only known or available to authorized persons and / or organizations.
- FIG. 1 shows a first embodiment of a system according to the invention for releasing functions of a control unit of a motor vehicle.
- Fig. 2 shows a second embodiment of a system according to the invention for releasing functions of a control unit of a motor vehicle.
- FIG. 1 shows a schematic view of a first exemplary embodiment of a system according to the invention for enabling functions of a control unit 4 of a motor vehicle 2.
- the motor vehicle 2 is located in a workshop 1 and the control unit 4 of the motor vehicle 2 is connected via a suitable interface 43, e.g. a standardized vehicle communication interface (VCI), which comprises a transmitting unit 43a and a receiving unit 43b, connected wirelessly and / or by wire via a data connection 6 to a remote control device (eg a test and / or diagnostic device) 5 in the workshop 1, that a transmission of data between the controller 4 and the remote control device 5 is possible.
- a suitable interface 43 e.g. a standardized vehicle communication interface (VCI), which comprises a transmitting unit 43a and a receiving unit 43b, connected wirelessly and / or by wire via a data connection 6 to a remote control device (eg a test and / or diagnostic device) 5 in the workshop 1, that a transmission of data between the controller 4 and the remote control device 5 is possible.
- VCI vehicle communication interface
- the remote control device 5 is connected via a wireless and / or wired data connection 7, which may in particular also include the Internet, connected to a central server 8.
- the central server 8 is typically located outside the workshop 1 and is accessible via suitable data Connections 7 with several remote control devices 5, which can be located in particular, in different, spatially separate workshops 1, connectable. For reasons of clarity, only one data connection with a single remote control device 5 is shown in FIG.
- the invention also includes systems in which the server 8 is arranged within the workshop 1 in order to authenticate all the remote control devices 5 of the respective workshop 1.
- the remote control device 5 makes a request to release a protected function of the control device 4 via the data connection 6 established between the remote control device 5 and the control device 4.
- a random number generator 41 formed in the control device 4 is, a random value.
- a reference value generation unit 42 also provided in the control unit 4 generates a reference value corresponding to the random value by applying a calculation rule stored in a memory of the reference value generation unit 42, and stores the reference value in a memory device 42a.
- the random value can also be stored in the memory device 42a in order to be able to generate the associated reference value later.
- the random value generated by the random generator 41 is transmitted via the interface 43 to a first transmitting and receiving unit 51 of the remote control device 5 and transmitted from a second transmitting and receiving unit 52 of the remote control device 5 to a receiving unit 81 of the server 8.
- the identification data set can in particular unique identification features, such.
- Example, the vehicle identification number (VIN) of the vehicle 2 and / or the "Media Access Control Address"("MACaddress") of the remote control device 5 and encoded and / or signed by the remote control device 5 to the receiving unit 81 of the server 8 are transmitted .
- An authorization checking device 82 embodied in the server 8 uses the transmitted information, in particular by comparing the transmitted identification data set with the records of an authorization database stored in an authorization storage device 82a, to check whether the remote control device 5 and / or the workshop 1 are authorized to check the requested function unlock or activate.
- an authentication device 83 likewise formed within the server 8, is generated , from the transmitted random value, a response value which is transmitted via a transmitting unit 84 of the server 8 again to the remote control device 5 and from the first transmitting and receiving unit 51 of the remote control device 5 to the control unit 4 of the vehicle 2.
- the authentication device 83 in particular has a response value calculation unit 85 with a memory in which at least one secret algorithm is stored, which makes it possible to calculate a corresponding response value from the transmitted random value.
- the response value calculation unit 85 may also be configured as a signing unit that signs the random value using an asymmetric cryptographic method with a secret key stored in a memory of the response value calculation unit 85.
- a comparison and release unit 45 implemented in the control unit 4 compares the response value transmitted from the server 8 via the remote control device 5 to the control unit 4 with the reference value previously generated by the reference value generation unit 42 from the random value and stored in the memory unit 42a, and outputs the requested ( n) Function (s) of the
- Control unit 4 (only) free, if the received response value with the
- the server 8 also has an input device 86, which may be formed as a keyboard, touch screen and / or Internet portal, and it the vehicle owner or other authorized persons, for. As employees of the manufacturer or the approval authority, allows to modify the stored in the authorization storage device 82a permissions for the release of functions of the control unit 4.
- the authorizations can be adapted in this way individually to the respective current situation.
- the functions required for the intended work can be selectively activated only for the workshop 1 visited and the remote control devices (test and diagnostic devices) 5 present in the workshop 1.
- the remote control devices (test and diagnostic devices) 5 present in the workshop 1.
- all functions of the control unit 4 of the vehicle 2 can be disabled and / or an immobilizer activated to make the vehicle 2 unusable for the thief.
- suitable software e.g. as an "App” or as a PC application, Alternatively or additionally, a browser-based access can be provided.
- the release can also be coupled with a payment system in order to release paid services only after a corresponding payment ("pay-per-use").
- an input device 3 can also be provided on or in the motor vehicle 2, which allows the driver and / or vehicle owner to carry out the desired modifications of the authorizations.
- the inputs of the driver and / or vehicle owner are transmitted from the input unit 3 via the control unit 4 and the remote control device 5 to the server 8 and in particular to the authorization checking device 82 to modify the entries in the authorization storage device 82a.
- the prerequisite for the modification of entries in the authorization storage device 82a may be the provision of a password, a personal identification number and / or a symmetric or asymmetric key to prevent unauthorized access to the entries in the
- Authorization storage device 82a effectively prevent.
- the rights to modify the authorizations may be transferred from the seller to the buyer. In this case, the rights of the previous owner (seller) and the authorizations granted by him expire.
- Fig. 2 shows schematically a second embodiment of a system according to the invention.
- the authentication device 83 is not formed together with the authentication device 82 within a common server 8.
- an additional transmitting / receiving unit 88 is provided in the server 8 in addition to the authorization checking device 82, which can be set up via at least one suitable data connection 7, which in particular can also be established via the Internet, with external authentication devices 83a, 83b, 83c, for example are held and operated by motor vehicle manufacturers connected.
- the transceiver 88 selects an appropriate external authentication device 83a, 83b, 83c , in particular the authentication device 83a, 83b, 83c of the manufacturer of the control unit 4 and / or of the motor vehicle 2, and the random value is transmitted to the selected authentication device 83a, 83b, 83c.
- the selected authentication device 83a, 83b, 83c calculates a response value corresponding to the transmitted random value.
- the response value is transmitted via the data connection 7, the transmitting and receiving unit 88 and the transmitting device 84 to the remote control device 5 and from the remote control device 5 via the data link 6 to the control unit 4 of the motor vehicle 2 and evaluated there, as described in detail for the first embodiment has been described.
- the security of the system is further increased because the necessary for the calculation of the response value secret algorithms and / or keys on the Authentifi- Z istsvortechniken 83a, 83b, 83c of the manufacturer and thus remain under their complete control.
- the data transmission between the authorization checking device 82, the remote control device 5 and / or the at least one authentication device 83a, 83b, 83c can in particular be encrypted and / or signed, wherein in particular an asymmetric encryption and signature method based on a pair of secret and a public key, can be used to effectively prevent interception and / or manipulation of the data in the transmission path.
- the calculation of the response value by the authentication devices 83, 83a, 83b, 83c of the first or second embodiment can be performed using a secret seed & key algorithm.
- the random value can be signed with a secret key and the signature can under
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- Bioethics (AREA)
- Medical Informatics (AREA)
- Databases & Information Systems (AREA)
- Lock And Its Accessories (AREA)
- Selective Calling Equipment (AREA)
Abstract
Description
Claims
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE102014200116.1A DE102014200116A1 (en) | 2014-01-08 | 2014-01-08 | Method and device for enabling functions of a control unit |
PCT/EP2014/078982 WO2015104180A1 (en) | 2014-01-08 | 2014-12-22 | Method and device for releasing functions of a control device |
Publications (1)
Publication Number | Publication Date |
---|---|
EP3092768A1 true EP3092768A1 (en) | 2016-11-16 |
Family
ID=52354938
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP14827764.3A Ceased EP3092768A1 (en) | 2014-01-08 | 2014-12-22 | Method and device for releasing functions of a control device |
Country Status (5)
Country | Link |
---|---|
US (1) | US9965637B2 (en) |
EP (1) | EP3092768A1 (en) |
CN (1) | CN105900394A (en) |
DE (1) | DE102014200116A1 (en) |
WO (1) | WO2015104180A1 (en) |
Families Citing this family (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR3031268B1 (en) * | 2014-12-30 | 2017-01-13 | Valeo Comfort & Driving Assistance | METHOD FOR REGISTERING A USER WITH A SERVICE FOR CONTROLLING A FUNCTIONALITY OF A VEHICLE USING A USER TERMINAL |
EP3056706A1 (en) | 2015-02-16 | 2016-08-17 | Honeywell International Inc. | An approach for aftertreatment system modeling and model identification |
JP6262681B2 (en) * | 2015-03-26 | 2018-01-17 | Kddi株式会社 | Management device, vehicle, management method, and computer program |
DE102015214513A1 (en) * | 2015-07-30 | 2017-02-02 | Robert Bosch Gmbh | A configurable communication device and method for configuring a configurable communication device |
EP3125052B1 (en) | 2015-07-31 | 2020-09-02 | Garrett Transportation I Inc. | Quadratic program solver for mpc using variable ordering |
US10272779B2 (en) | 2015-08-05 | 2019-04-30 | Garrett Transportation I Inc. | System and approach for dynamic vehicle speed optimization |
US10728249B2 (en) | 2016-04-26 | 2020-07-28 | Garrett Transporation I Inc. | Approach for securing a vehicle access port |
US10036338B2 (en) | 2016-04-26 | 2018-07-31 | Honeywell International Inc. | Condition-based powertrain control system |
US10124750B2 (en) | 2016-04-26 | 2018-11-13 | Honeywell International Inc. | Vehicle security module system |
EP3548729B1 (en) | 2016-11-29 | 2023-02-22 | Garrett Transportation I Inc. | An inferential flow sensor |
US11074360B2 (en) * | 2017-01-05 | 2021-07-27 | Revivermax, Inc. | User controlled access to vehicle relevant information |
US11057213B2 (en) | 2017-10-13 | 2021-07-06 | Garrett Transportation I, Inc. | Authentication system for electronic control unit on a bus |
DE102017222129A1 (en) * | 2017-12-07 | 2019-06-13 | Robert Bosch Gmbh | Method and system for confirming the identity of a vehicle |
FR3082639B1 (en) * | 2018-06-19 | 2020-10-23 | Psa Automobiles Sa | METHOD AND DEVICE FOR DETECTION OF FRAUDULENT DIAGNOSIS REQUEST ON A VEHICLE. |
KR20200057515A (en) * | 2018-11-16 | 2020-05-26 | 현대자동차주식회사 | Apparatus and method for providing security strategy of vehicle |
DE102018222864B3 (en) * | 2018-12-21 | 2020-02-20 | Volkswagen Aktiengesellschaft | Method for deactivating a motor vehicle, deactivation system for a motor vehicle and motor vehicle |
JP7008661B2 (en) * | 2019-05-31 | 2022-01-25 | 本田技研工業株式会社 | Authentication system |
US20210027334A1 (en) * | 2019-07-23 | 2021-01-28 | Ola Electric Mobility Private Limited | Vehicle Communication System |
DE102023103947A1 (en) | 2023-02-17 | 2024-09-05 | Bayerische Motoren Werke Aktiengesellschaft | Procedure and vehicle for service-oriented authorization query in networks |
Family Cites Families (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE4329697C2 (en) * | 1993-09-02 | 1995-10-05 | Siemens Ag | Remote controllable access control device |
DE19748054A1 (en) * | 1997-10-30 | 1999-05-12 | Bosch Gmbh Robert | Method for operating a cell phone and cell phone |
DE19861116C2 (en) * | 1998-07-17 | 2002-05-02 | Siemens Ag | Access control device for a motor vehicle and method for adjusting the sensitivity of the access control device |
EP1069265A3 (en) * | 1999-07-01 | 2004-01-21 | Siemens Aktiengesellschaft | Entry authorisation device and combined entry and user authorisation device |
DE10152508B4 (en) * | 2001-10-24 | 2008-01-31 | Robert Bosch Gmbh | A method of activating a system for controlling and / or regulating operations in a motor vehicle having a plurality of equal control devices |
DE102004050882A1 (en) | 2004-10-19 | 2006-05-04 | Siemens Ag | Adapter for reflashing ECU software |
US8884738B2 (en) * | 2005-07-19 | 2014-11-11 | Baimos Technologies Gmbh | Identifying and/or locking system for identifying and/or unblocking a technical system, and method for the operation thereof |
DE102006040836A1 (en) * | 2006-08-31 | 2008-04-10 | Bayerische Motoren Werke Ag | System of control units in a motor vehicle with protected diagnostic access |
DE102008036678A1 (en) * | 2008-08-06 | 2010-02-11 | Dr.Ing.H.C.F.Porsche Aktiengesellschaft | System architecture for motor vehicles with release interfaces for their commissioning |
CN101414180A (en) * | 2008-11-07 | 2009-04-22 | 深圳创维-Rgb电子有限公司 | Remote control method, system and remote control equipment |
US8769288B2 (en) * | 2011-04-22 | 2014-07-01 | Alcatel Lucent | Discovery of security associations |
US9280653B2 (en) * | 2011-10-28 | 2016-03-08 | GM Global Technology Operations LLC | Security access method for automotive electronic control units |
DE102011118234A1 (en) * | 2011-11-11 | 2013-05-16 | Audi Ag | Method and system for releasing a technical device |
-
2014
- 2014-01-08 DE DE102014200116.1A patent/DE102014200116A1/en not_active Withdrawn
- 2014-12-22 EP EP14827764.3A patent/EP3092768A1/en not_active Ceased
- 2014-12-22 CN CN201480072520.1A patent/CN105900394A/en active Pending
- 2014-12-22 WO PCT/EP2014/078982 patent/WO2015104180A1/en active Application Filing
- 2014-12-22 US US15/108,395 patent/US9965637B2/en active Active
Non-Patent Citations (2)
Title |
---|
None * |
See also references of WO2015104180A1 * |
Also Published As
Publication number | Publication date |
---|---|
US20160330204A1 (en) | 2016-11-10 |
CN105900394A (en) | 2016-08-24 |
US9965637B2 (en) | 2018-05-08 |
WO2015104180A1 (en) | 2015-07-16 |
DE102014200116A1 (en) | 2015-07-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP3092768A1 (en) | Method and device for releasing functions of a control device | |
DE102017209961B4 (en) | Method and device for authenticating a user on a vehicle | |
DE102012110499B4 (en) | Safety access procedure for electronic automotive control units | |
DE102015103020B4 (en) | METHOD OF PROVIDING USER INFORMATION IN A VEHICLE USING A CRYPTOGRAPHIC KEY | |
EP2689553B1 (en) | Motor vehicle control unit having a cryptographic device | |
EP3262859B1 (en) | System for using mobile terminals as keys for vehicles | |
DE102016218986B4 (en) | Method for managing access to a vehicle | |
DE102006015212B4 (en) | Method for protecting a movable good, in particular a vehicle, against unauthorized use | |
EP1127756B1 (en) | Authorisation method with certificate | |
DE102013215303A1 (en) | Mobile electronic device | |
DE102013202716A1 (en) | Method for activating software-based function in electronic control unit of motor car, involves transferring data to control unit, and accessing control unit by address stored at provider-side and uniquely assigned to control unit | |
CH705781A1 (en) | User rights management and access control system with a time limit. | |
EP3649625A1 (en) | Method for delegating access rights | |
DE102015005232A1 (en) | Controlling a clearance authorization of a motor vehicle | |
DE102014219502A1 (en) | System and method for limited access to a vehicle | |
WO2009092399A1 (en) | Field device and method of operation thereof | |
WO2016041843A1 (en) | Method and arrangement for authorising an action on a self-service system | |
EP3009992A1 (en) | Method and device for managing access rights | |
DE102018202173A1 (en) | Method and device for authenticating a user of a vehicle | |
DE102015211104A1 (en) | Method for providing authentication factors | |
WO2017144649A1 (en) | Safeguarding of entry authorisations for fixed-location installations | |
EP3300037B1 (en) | Access management device, device for evaluating access information and method for access management | |
DE102018204842A1 (en) | Method for operating a motor vehicle, authentication device, storage medium, motor vehicle, mobile portable terminal, data server device for operating on the Internet | |
EP4176361B1 (en) | Method and system for starting up or managing an offline control device | |
DE102010063401A1 (en) | Method for providing access to device e.g. automatic motor car, for person, involves transmitting access code for access from authorization unit to access control unit such that access to device is provided to user |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20160808 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
AX | Request for extension of the european patent |
Extension state: BA ME |
|
DAX | Request for extension of the european patent (deleted) | ||
17Q | First examination report despatched |
Effective date: 20190212 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R003 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED |
|
18R | Application refused |
Effective date: 20191116 |