EP3969996A1 - Procédé de suppression de données utilisateurs spécifiques à l'utilisateur et/ou spécifiques à des trajets dans un véhicule automobile ainsi que véhicule automobile correspondant - Google Patents

Procédé de suppression de données utilisateurs spécifiques à l'utilisateur et/ou spécifiques à des trajets dans un véhicule automobile ainsi que véhicule automobile correspondant

Info

Publication number
EP3969996A1
EP3969996A1 EP20729641.9A EP20729641A EP3969996A1 EP 3969996 A1 EP3969996 A1 EP 3969996A1 EP 20729641 A EP20729641 A EP 20729641A EP 3969996 A1 EP3969996 A1 EP 3969996A1
Authority
EP
European Patent Office
Prior art keywords
motor vehicle
user
data
operating
triggering
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
EP20729641.9A
Other languages
German (de)
English (en)
Inventor
Klaus Lange
Christoph Hoffmann
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Volkswagen AG
Original Assignee
Volkswagen AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Volkswagen AG filed Critical Volkswagen AG
Publication of EP3969996A1 publication Critical patent/EP3969996A1/fr
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0602Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
    • G06F3/0608Saving storage space on storage systems
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60WCONJOINT CONTROL OF VEHICLE SUB-UNITS OF DIFFERENT TYPE OR DIFFERENT FUNCTION; CONTROL SYSTEMS SPECIALLY ADAPTED FOR HYBRID VEHICLES; ROAD VEHICLE DRIVE CONTROL SYSTEMS FOR PURPOSES NOT RELATED TO THE CONTROL OF A PARTICULAR SUB-UNIT
    • B60W30/00Purposes of road vehicle drive control systems not related to the control of a particular sub-unit, e.g. of systems using conjoint control of vehicle sub-units
    • B60W30/08Active safety systems predicting or avoiding probable or impending collision or attempting to minimise its consequences
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60WCONJOINT CONTROL OF VEHICLE SUB-UNITS OF DIFFERENT TYPE OR DIFFERENT FUNCTION; CONTROL SYSTEMS SPECIALLY ADAPTED FOR HYBRID VEHICLES; ROAD VEHICLE DRIVE CONTROL SYSTEMS FOR PURPOSES NOT RELATED TO THE CONTROL OF A PARTICULAR SUB-UNIT
    • B60W50/00Details of control systems for road vehicle drive control not related to the control of a particular sub-unit, e.g. process diagnostic or vehicle driver interfaces
    • B60W50/08Interaction between the driver and the control system
    • B60W50/14Means for informing the driver, warning the driver or prompting a driver intervention
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B62LAND VEHICLES FOR TRAVELLING OTHERWISE THAN ON RAILS
    • B62DMOTOR VEHICLES; TRAILERS
    • B62D15/00Steering not otherwise provided for
    • B62D15/02Steering position indicators ; Steering position determination; Steering aids
    • B62D15/021Determination of steering angle
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0646Horizontal data movement in storage systems, i.e. moving data in between storage devices or systems
    • G06F3/0652Erasing, e.g. deleting, data cleaning, moving of data to a wastebasket
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0668Interfaces specially adapted for storage systems adopting a particular infrastructure
    • G06F3/067Distributed or networked storage systems, e.g. storage area networks [SAN], network attached storage [NAS]
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60WCONJOINT CONTROL OF VEHICLE SUB-UNITS OF DIFFERENT TYPE OR DIFFERENT FUNCTION; CONTROL SYSTEMS SPECIALLY ADAPTED FOR HYBRID VEHICLES; ROAD VEHICLE DRIVE CONTROL SYSTEMS FOR PURPOSES NOT RELATED TO THE CONTROL OF A PARTICULAR SUB-UNIT
    • B60W50/00Details of control systems for road vehicle drive control not related to the control of a particular sub-unit, e.g. process diagnostic or vehicle driver interfaces
    • B60W50/08Interaction between the driver and the control system
    • B60W50/14Means for informing the driver, warning the driver or prompting a driver intervention
    • B60W2050/146Display means
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2143Clearing memory, e.g. to prevent the data from being stolen

Definitions

  • the invention relates to a method for removing user-specific and / or trip-specific user data which are distributed over a plurality of control devices in a motor vehicle, that is to say are stored in a decentralized manner.
  • the invention also includes a motor vehicle which can carry out the method according to the invention.
  • a motor vehicle In a motor vehicle, one may be interested in making the storage of data in control units controllable for a user. Within the framework of the European GDPR (General Data Protection Regulation), for example, it may be of interest to enable a user to delete the user-specific data relating to him that is stored in one or more control units in the vehicle.
  • Trip-related data for example data relating to friction coefficients of different road sections, can also allow conclusions to be drawn about a possible whereabouts of a user, which is why a user can also be interested in deleting such data.
  • US 2015/0281374 A1 describes that the user settings can also be reset in said telematics system if an ignition of the motor vehicle is switched off. A wake-up signal is used for this.
  • the invention is based on the object of providing a user in a motor vehicle with control over user data that are stored in a number of control units.
  • the invention provides a method for removing user-specific and / or trip-specific user data.
  • the method is based on the assumption that this user data is stored in a motor vehicle and is divided among several control units. While user-specific user data are assigned directly to a user or a user identity or user group, trip-specific user data means that an indirect conclusion about at least one person is possible, since the trip data describe the course of at least one trip and based on knowledge of the respective driver and / or vehicle occupants are also given information about the whereabouts of at least one person while driving.
  • a triggering device is provided in the motor vehicle which checks whether a triggering condition is met. If the trigger condition is met. is a predetermined by the triggering device via a data bus of the motor vehicle common delete command sent to the multiple control units of the motor vehicle. In other words, it is ensured that the multiple control units to which the user data is distributed all respond to the same delete command, which is why this is referred to as a “common delete command”. Thus, by sending the delete command as a so-called broadcast command to the control devices via the data bus, it can be achieved that all these control devices can be controlled with just a single delete command.
  • each of the control units carries out a predetermined deletion routine, by means of which the user data stored in the respective control unit are overwritten and / or deleted.
  • a further aspect of the invention therefore provides that the deletion routine is provided in each of the control units. Since each control unit reacts to the delete command from the data bus and a deletion routine is provided in each control unit, it only has to be ensured in the motor vehicle that the said trigger condition is met and as a result, in the motor vehicle in each of the control units by overwriting and / or deleting the user data, the information about the user is deleted.
  • user data can be, for example: at least one telephone number and / or at least one travel destination and / or a seat position and / or a mirror setting of a rearview mirror and / or exterior mirror and / or travel history information in at least one driver assistance system. It is preferably provided that by means of the method, all control units that store data during operation of the motor vehicle, in particular user-specific and / or trip-specific user data, are controlled by means of the delete command and keep the corresponding delete routine ready.
  • the invention has the advantage that by setting or bringing about the triggering condition in the motor vehicle, wherever user data were created and / or stored in the motor vehicle, these are removed. By overwriting the user data, it can be ensured that the presence of the user data is concealed or hidden. Deleting the user data can at least ensure that it can no longer be reconstructed.
  • the invention also comprises embodiments which result in additional advantages.
  • the deletion routine restores a factory state in one or some or each of the control devices.
  • a data status or data content is restored in the respective data memory in which the user data is stored, as it was at delivery or ex works was present in the respective control unit.
  • said triggering device comprises an operating device that is accessible or kept accessible for the user and the triggering condition that is detected or checked by this triggering device includes that a predetermined operating action from the user is received via the operating device.
  • the user has to carry out the predetermined operating action on the operating device, as a result of which the trigger condition is then fulfilled, that is to say that the delete command is transmitted to the data bus by the triggering device.
  • the operating device comprises a mechanical switch, for example a button, or an operating element of a graphical user interface, that is to say, for example, a menu entry of an operating menu or a touch or control surface.
  • a graphical user interface that is to say a GUI (Graphical User Interface)
  • GUI Graphic User Interface
  • One embodiment comprises a steering column switch of a steering wheel as the operating device.
  • Such a steering column switch can be monitored or queried by a multifunction display (that is, a combination instrument) in order to recognize a predetermined operating action via the steering column switch, for example a predetermined sequence of movements that the user performs with the steering column switch.
  • the operating device comprises an operating element which is assigned at least one operating function different from the triggering of the delete command (i.e. can be or is used to execute or trigger at least one other operating function, and the said predetermined operating action has a predetermined sequence of operating steps by which the at least one operating function remains untriggered.
  • the operating element can be provided for triggering at least one operating function in the motor vehicle.
  • the predetermined sequence of operating steps is carried out on this operating element, for example three times and / or once Hold down for a predetermined minimum period of time, this will not remove the at least one operating function is triggered or controlled, but the trigger condition is met, which means that the delete command is triggered or generated.
  • the operating device comprises an Internet portal for operating the motor vehicle from an Internet connection.
  • the user can trigger the delete command from outside the motor vehicle via the operating portal.
  • an Internet server can then trigger the delete command in the motor vehicle via an Internet connection.
  • the motor vehicle can be coupled to the Internet via a cellular radio connection and / or a WLAN connection (WLAN - Wireless Local Area Network).
  • WLAN Wireless Local Area Network
  • the triggering criterion includes that a predetermined period of use of the motor vehicle ends and / or that there is an expiry of a use authorization for the motor vehicle signaled by a vehicle security device.
  • the usage period can be stored in the release device, for example, by storing usage time data. If the motor vehicle is rented as a rental vehicle, for example, the rental period can be specified as the period of use.
  • a vehicle security device can, for example, be provided in such a way that authorization data of a vehicle key, in particular a digital vehicle key, are checked for validity.
  • the vehicle security device can signal that the vehicle key has expired when the vehicle key is used again, and accordingly all of them User data are to be deleted.
  • the vehicle security device can be provided, for example, by a locking system of the motor vehicle.
  • the user data are each assigned to one of several predetermined security levels.
  • the trigger condition is also designed in stages, that is to say the trigger condition defines several different deletion levels, each of which indicates the security level for which the deletion routine is to be carried out. Each deletion level indicates the security level for which the deletion routine should be carried out.
  • deletion level for leaving the motor vehicle, so that the user data of this deletion level are already deleted when the user only leaves the motor vehicle temporarily (for example after reaching the workplace or after reaching the apartment).
  • a higher deletion level can provide that user data are deleted because the trigger condition indicates that the user leaves the motor vehicle for a predetermined longer period, for example for a day or a week, and / or lends it to another person.
  • higher deletion level can indicate that the user surrenders the motor vehicle permanently and thus all user data are to be deleted.
  • the delete command is sent out several times. This makes it possible to ensure that a control device which, for example, due to a restart of the control device and / or a delayed readiness to receive, does not receive or does not process the first delete command, nevertheless reliably receives the delete command.
  • each of the control units sends an acknowledgment message into the data bus if the delete command has been received and / or the delete routine has been carried out.
  • the triggering device or a predetermined computer unit uses acknowledgment messages received via the data bus and a list of control devices to check whether each of the control devices has sent out its acknowledgment message. If the acknowledgment message is missing from at least one of the control devices, a notification signal is output to the user. The user thus advantageously receives a warning if not all control units acknowledge the delete command and / or the execution of the delete routine. The user is thus informed that user data has remained in the motor vehicle.
  • the computer unit which can be provided for checking the acknowledgment messages, can, for example, by the Be formed infotainment system of the motor vehicle.
  • the computing unit can control a screen in order to display a notification message to inform the user.
  • At least one gateway of the data bus routes the delete command into several different bus branches. This results in the advantage that the same delete command can be transmitted to control units across different bus technologies, for example for CAN (Controller Area Network) and Ethernet and LIN (Local Interconnect Network).
  • the invention also comprises the motor vehicle with the plurality of control devices, each of which is set up to generate and store personal and / or trip-related user data during operation of the motor vehicle.
  • the control units are coupled to a release device via a wired data bus.
  • the data bus can be based on one or more bus technologies, which can include at least one of the following bus technologies: CAN, Ethernet, LIN, MOST (Media Oriented Systems Transport).
  • the triggering device can be implemented, for example, on the basis of a control device or an electronic circuit or a combination of several control devices and / or electronic circuits.
  • the triggering device can for example provide a processor for checking the described triggering condition, which processor is coupled to a data memory in which computer-readable instructions are stored which, when executed by the processor, check the triggering condition and cause the erase command to be generated.
  • the control devices can implement the deletion routine, for example, on the basis of a processor with a data memory coupled to it, with computer-readable instructions being stored in the data memory which, when executed by the processor of the control device, carry out the deletion routine, i.e. for example overwrite the user data with predetermined other data and / or delete the user data, in particular restore a factory setting.
  • their acceptance filters which filter bus messages from the data bus, can be expanded or adapted in the control units so that the acceptance filters receive the delete command from the data bus and forward it to the processor of the control unit.
  • the motor vehicle according to the invention is preferably designed as a motor vehicle, in particular as a passenger car or truck, or as a motorcycle. Exemplary embodiments of the invention are described below. This shows:
  • FIG. 1 shows a schematic representation of an embodiment of the motor vehicle according to the invention.
  • FIG. 2 shows a flow chart to illustrate an embodiment of the method according to the invention.
  • the exemplary embodiment explained below is a preferred embodiment of the invention.
  • the described components of the embodiment each represent individual features of the invention that are to be considered independently of one another, which also develop the invention independently of one another and are therefore to be regarded as part of the invention individually or in a combination other than the one shown.
  • the described embodiment can also be supplemented by further features of the invention already described.
  • a motor vehicle 10 which can be a motor vehicle, in particular a passenger vehicle or truck, or a passenger bus or a motorcycle.
  • a data bus 11 can be provided in the motor vehicle 10, via which a plurality of control units 12 can be coupled to a triggering device 13.
  • the data bus 11 can comprise several different data bus technologies (for example CAN, Ethernet, LIN and / or MOST), which can be coupled via a gateway 14.
  • ellipses symbolize that the data bus 11 can comprise more than the control devices shown or also fewer.
  • User data 15 can be generated and stored in control devices 12, for example by control devices 12 even while motor vehicle 10 is in operation.
  • a control device 12 can be a media playback device that can store play lists and / or wish lists of a user.
  • a control device 12 can be a driver assistance system which stores travel history data as user data 15 for routes that are covered regularly or repeatedly by means of the motor vehicle 10.
  • a control unit 12 can be used for a telephony application be provided and store as user data 15, for example, telephone numbers and / or a digital address book. These are only examples of possible control devices 12 that can generate and store user data 15.
  • the user data 15 can be personal and / or trip-related.
  • the triggering device 13 is provided, which can monitor a triggering condition 16. If the triggering condition 16 is met, the triggering device 13 can send a delete command 17 to all control units 12 via the data bus 11.
  • a deletion routine 18 can be provided in each of the control units 12, which is executed by the respective control unit 12 if the deletion command 17 is received via the data bus 11. When it is executed in the control units 12, the deletion routine 18 causes the user data 15 to be deleted and / or overwritten.
  • the deletion routine 18 can provide, for example, that the respective control device 12 is reset to a factory state or a delivery state.
  • FIG. 2 illustrates a possible method as can be carried out in the motor vehicle 10 by the control devices 12 and the triggering device 13.
  • the triggering device can check whether triggering condition 16 is met. If the trigger condition 16 is met, in a step S11 a delete command 17 that applies to all control units 12 can be sent out via the data bus 11 of the motor vehicle 10.
  • each of the control units 12 carries out a predetermined deletion routine 18 in the event that it receives the delete command 17 from the data bus 11, by which the user data 15 stored in the respective control unit 12 is deleted and / or overwritten.
  • the basic concept thus provides that a central delete command is generated which can be sent on all vehicle networks by a control device, which represents the triggering device. This means that without detailed knowledge of the stored personal user data, these can be deleted decentrally in each control unit (storage location). It is about a deletion order for personal data. It can thus be provided that a diagnostic interface for the data bus (eg the gateway) sends the central delete command 17 for all personal user data to all control devices after a predetermined operating action or on the basis of a previously defined trigger event.
  • a diagnostic interface for the data bus eg the gateway
  • the corresponding delete command 17 is preferably part of an already existing cyclic message (for example, bit that is set active 10 times) which is sent on all vehicle networks (CAN, FlexRay, Ethernet), which is represented in FIG. 1 by the data bus 11.
  • the position of the signals can be taken from the corresponding data definition.
  • the currently set configuration is not changed by the receipt of a delete command. I.e. only user data, but no configuration or setting data are changed.
  • the generation of the delete command 17 can be provided as follows.
  • a deletion command 17 for personal user data is preferably only accepted with .Klemme 15 on '(ignition on).
  • the delete command 17 is preferably sent after switching on the .Klemme 15 ‘after 30 seconds at the earliest, so that the receivers are active.
  • the following variants are available for activating the delete command, depending on the vehicle variant: a) Explicit operating action:
  • a new menu entry to be defined in the MIB / HMI contains a selection menu for deleting personal data, which the customer can activate using a checkbox. After selecting this checkbox, the delete command is sent.
  • a "RESET state" defined in the diagnosis and communicated to the control unit via diagnosis commands leads to the deletion of personal data. In vehicles with onboard tester functionality, this command is also sent by the onboard tester.
  • a possible signal assignment for a bus message can look like this (implementation proposal for a message assignment):
  • GenMsgSendType cyclic (cyclic)
  • a delete command represents a bus message or a date that is sent on the entire bus system and received by all control units, causes all control units to be reset to the delivery status, ie all data stored after delivery to the buyer e.g. telephone numbers, travel destinations, seating positions (memeory seat).
  • Another possibility is to include such a command in the multifunction display (on-board computer) and scroll through the menu of the multifunction display using the operating elements provided for this, such as the steering column switch or steering wheel switch, and select this command there. This then causes the on-board computer to send the delete command 17 on all bus systems and a corresponding reset of all control units.
  • a further design would be a specially created control point, e.g. a button, the position of which is read out by a control unit of the network and which also causes the reset command to be sent.
  • Any existing gateway control device must route this command to all bus systems. 4. Introduce a control point
  • the triggering of the delete command e.g. by the driver, there is no need to select individual control units.
  • Central operation triggers the deletion (reset to factory settings) of all personal data in all control units.
  • a defined operating action or a menu item in the central display or in the infotainment triggers the delete command. Automated deletion after the end of use is also possible.
  • the deletion process can be initiated by the vehicle user.
  • the example shows how the invention can provide a global (vehicle-wide) reset of all data memories with personal content to a factory setting.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Human Computer Interaction (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Mechanical Engineering (AREA)
  • Automation & Control Theory (AREA)
  • Transportation (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Chemical & Material Sciences (AREA)
  • Combustion & Propulsion (AREA)
  • Small-Scale Networks (AREA)
  • Electric Propulsion And Braking For Vehicles (AREA)
  • Selective Calling Equipment (AREA)

Abstract

L'invention concerne un procédé de suppression de données utilisateur (15) spécifiques à l'utilisateur et/ou spécifiques à des trajets, lesquelles sont enregistrées distribuées sur plusieurs appareils de commande (12) dans un véhicule automobile (10), un dispositif de déclenchement (13) étant fourni et le dispositif de déclenchement (13) contrôlant si une condition de déclenchement (16) est remplie et, si la condition de déclenchement (16) est remplie, une commande de suppression (17) commune prédéfinie est envoyée à travers un bus de données (11) du véhicule automobile (10) aux plusieurs appareils de commande (12) du véhicule automobile (10) et chacun des appareils de commande (12), s'il reçoit la commande de suppression (17) provenant du bus de données (11), exécutant un programme de suppression (18) prédéfini, au moyen duquel les données utilisateur (15) enregistrées dans l'appareil de commande (12) respectif sont écrasées et/ou supprimées.
EP20729641.9A 2019-05-15 2020-05-13 Procédé de suppression de données utilisateurs spécifiques à l'utilisateur et/ou spécifiques à des trajets dans un véhicule automobile ainsi que véhicule automobile correspondant Pending EP3969996A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102019207074.4A DE102019207074A1 (de) 2019-05-15 2019-05-15 Verfahren zum Entfernen von benutzerspezifischen und/oder fahrtenspezifischen Benutzerdaten in einem Kraftfahrzeug sowie zugehöriges Kraftfahrzeug
PCT/EP2020/063245 WO2020229500A1 (fr) 2019-05-15 2020-05-13 Procédé de suppression de données utilisateurs spécifiques à l'utilisateur et/ou spécifiques à des trajets dans un véhicule automobile ainsi que véhicule automobile correspondant

Publications (1)

Publication Number Publication Date
EP3969996A1 true EP3969996A1 (fr) 2022-03-23

Family

ID=70921991

Family Applications (1)

Application Number Title Priority Date Filing Date
EP20729641.9A Pending EP3969996A1 (fr) 2019-05-15 2020-05-13 Procédé de suppression de données utilisateurs spécifiques à l'utilisateur et/ou spécifiques à des trajets dans un véhicule automobile ainsi que véhicule automobile correspondant

Country Status (5)

Country Link
US (1) US20220234574A1 (fr)
EP (1) EP3969996A1 (fr)
CN (1) CN113841113A (fr)
DE (1) DE102019207074A1 (fr)
WO (1) WO2020229500A1 (fr)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022251020A1 (fr) * 2021-05-24 2022-12-01 Termson Management Llc Gestion et configuration de dispositif
US11827213B2 (en) * 2021-10-01 2023-11-28 Volvo Truck Corporation Personalized notification system for a vehicle
DE102022109324A1 (de) 2022-04-14 2023-10-19 Bayerische Motoren Werke Aktiengesellschaft Verfahren und Vorrichtung zum Schutz von Nutzer-spezifischen Daten
EP4362390A1 (fr) * 2022-10-27 2024-05-01 Bayerische Motoren Werke Aktiengesellschaft Procédé de maintien d'une ressource de stockage, appareil, véhicule, programme informatique

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8116682B2 (en) * 2009-09-25 2012-02-14 Tang-Hsien Chang Near field communcation device
DE102010030794A1 (de) * 2010-07-01 2012-01-05 Bayerische Motoren Werke Aktiengesellschaft Verfahren zum Verarbeiten von Daten in einem oder mehreren Steuergeräten eines Fahrzeugs, insbesondere eines Kraftfahrzeugs
US20130159230A1 (en) * 2011-12-15 2013-06-20 Toyota Infotechnology Center Co., Ltd. Data Forgetting System
US9363085B2 (en) * 2013-11-25 2016-06-07 Seagate Technology Llc Attestation of data sanitization
US9716762B2 (en) 2014-03-31 2017-07-25 Ford Global Technologies Llc Remote vehicle connection status
US9323546B2 (en) 2014-03-31 2016-04-26 Ford Global Technologies, Llc Targeted vehicle remote feature updates
US9325650B2 (en) 2014-04-02 2016-04-26 Ford Global Technologies, Llc Vehicle telematics data exchange
US9729707B2 (en) * 2014-12-31 2017-08-08 GM Global Technology Operations LLC Method and system to manage personalized vehicle user information
US9817838B2 (en) * 2015-02-26 2017-11-14 General Motors Llc Purging user data from vehicle memory
DE102015011649A1 (de) * 2015-09-11 2017-03-30 Audi Ag Bedienvorrichtung mit Zeicheneingabe und Löschfunktion
SE1750416A1 (en) * 2017-04-05 2018-01-29 Scania Cv Ab Methods and control unit for factory reset of a vehicle
US10358116B1 (en) * 2018-02-22 2019-07-23 Ford Global Technologies, Llc Vehicle security
US20200098049A1 (en) * 2018-09-21 2020-03-26 Ford Global Technologies, Llc Securing a vehicle on owner change

Also Published As

Publication number Publication date
WO2020229500A1 (fr) 2020-11-19
CN113841113A (zh) 2021-12-24
DE102019207074A1 (de) 2020-11-19
US20220234574A1 (en) 2022-07-28

Similar Documents

Publication Publication Date Title
EP3969996A1 (fr) Procédé de suppression de données utilisateurs spécifiques à l'utilisateur et/ou spécifiques à des trajets dans un véhicule automobile ainsi que véhicule automobile correspondant
EP3368379B1 (fr) Mise à jour des appareils de commande dans un véhicule à moteur
EP2425333B1 (fr) Méthode pour mettre à jour des composants logiciels
WO2012000751A1 (fr) Procédé servant à traiter des données dans un ou plusieurs appareils de commande d'un véhicule, en particulier d'un véhicule automobile
EP3332348B1 (fr) Procédé de fonctionnement d'un véhicule automobile et système de fonctionnement d'un véhicule automobile
DE102015110941A1 (de) Steuern des Zugangs zu einer Fahrzeug-Benutzeroberfläche
EP0731008A1 (fr) Procédé de sécurité pour prévenir une utilisation non-autorisée d'un véhicule
DE10326287A1 (de) Fahrzeug-Kommunikationssystem, welches eine anormale Steuereinheit initialisiert
DE112018006323T5 (de) Bordeigenes Aktualisierungsgerät, Programm und Verfahren zum Aktualisieren eines Programms oder von Daten
DE102006031726B4 (de) Verfahren zum Bereitstellen einer Information über ein Fahrzeug und Fahrzeugdaten-Übertragungsvorrichtung
DE102016224155A1 (de) Verfahren zum Betreiben eines Kraftfahrzeugverriegelungssystems für ein Kraftfahrzeug sowie zentrale Servereinrichtung für ein Kraftfahrzeug
EP3821627B1 (fr) Procédé pour contrôler un échange de données entre un dispositif de commande d'un véhicule automobile et un dispositif externe, dispositif de commande pour un véhicule automobile ainsi que véhicule automobile doté d'un tel dispositif de commande
DE102015226147B4 (de) Verfahren, Prozessorvorrichtung, Kraftfahrzeug mit einer solchen Prozessorvorrichtung und Telematiksystem für die automatische Konfiguration telematischer Datenübermittlungen des Kraftfahrzeugs
EP3811564A1 (fr) Procédé de blocage de composants de véhicule et composant de véhicule correspondant
WO2020126880A1 (fr) Procédé de désactivation d'un véhicule à moteur, système de désactivation pour un véhicule à moteur et véhicule à moteur
WO2020074324A1 (fr) Procédé permettant de faire fonctionner un dispositif de commande d'un véhicule automobile, dispositif de commande d'un véhicule automobile, et véhicule automobile muni d'un tel dispositif de commande
DE102018203178A1 (de) Verfahren und Steuervorrichtung zum Ermitteln von zumindest einem Ereignisdatensatz eines Auslöseereignisses in einem Kraftfahrzeug sowie Kraftfahrzeug
DE102020007310A1 (de) Verfahren zum Vorsehen und Installieren von Softwareaktualisierungen für ein Fahrzeug
EP2705992A1 (fr) Procédé de surveillance d'une position de stationnement d'un véhicule
DE112019006792T5 (de) Fahrzeugmontierte steuerungsvorrichtung, fahrzeug, fahrzeug steuerungsverfahren, und fahrzeugsteuerungssystem
DE10143556A1 (de) Fahrzeugmanagementsystem
DE102009005613A1 (de) Anordnung zur Steuerung von Fahrzeugfunktionen
DE102009052322A1 (de) Verfahren zum Diebstahlschutz für ein Fahrzeug sowie entsprechende Überwachungseinheit, entsprechendes Fahrzeug und System
DE102015225793A1 (de) Verfahren zur Verhinderung der Deaktivierung von Online-Diensten in einem Fahrzeug
DE102021211123A1 (de) Verfahren zum Bereitstellen von Informationen bezüglich zu einem Fahrzeug kompatibel nutzbarer Kindersitze für einen Nutzer des Fahrzeugs, sowie elektronisches Kindersitzinformationssystem und Fahrzeug

Legal Events

Date Code Title Description
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: UNKNOWN

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE

PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

17P Request for examination filed

Effective date: 20211215

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

DAV Request for validation of the european patent (deleted)
DAX Request for extension of the european patent (deleted)
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

17Q First examination report despatched

Effective date: 20230712