FR3099835B1 - Procédé d’écriture dans une zone de données sécurisée d’un calculateur sur bus embarqué de véhicule. - Google Patents
Procédé d’écriture dans une zone de données sécurisée d’un calculateur sur bus embarqué de véhicule. Download PDFInfo
- Publication number
- FR3099835B1 FR3099835B1 FR1909018A FR1909018A FR3099835B1 FR 3099835 B1 FR3099835 B1 FR 3099835B1 FR 1909018 A FR1909018 A FR 1909018A FR 1909018 A FR1909018 A FR 1909018A FR 3099835 B1 FR3099835 B1 FR 3099835B1
- Authority
- FR
- France
- Prior art keywords
- values
- data structure
- computer
- writing
- current signature
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1416—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
- G06F12/1425—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block
- G06F12/1433—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block for a module or a part of a module
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
- G06F9/44505—Configuring for program initiating, e.g. using registry, configuration files
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
- H04L67/125—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/34—Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2212/00—Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
- G06F2212/10—Providing a specific technical effect
- G06F2212/1052—Security improvement
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2212/00—Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
- G06F2212/17—Embedded application
- G06F2212/173—Vehicle or other transportation
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Medical Informatics (AREA)
- Storage Device Security (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
Procédé d’écriture sécurisée de valeurs d’une structure de données dans un calculateur embarqué. Pour écrire des valeurs d’une structure de données à partir d’un premier calculateur (10) embarqué dans un véhicule, dans une première zone (67, 68) sécurisée de données d’un deuxième calculateur (9, 12, 13, 14) embarqué dans le véhicule, le procédé comprend des étapes consistant à : - émettre une commande principale d’écriture d’une signature courante contenue dans une requête d’écriture de valeurs de la structure de données, reçue par le premier calculateur (10) en provenance d’un serveur distant, la requête d’écriture comprenant par ailleurs un identificateur du deuxième calculateur, un identificateur (DID) de ladite zone sécurisée de données, les valeurs de la structure de données à écrire ; - vérifier que la signature courante est recevable indépendamment des valeurs de la structure de données à écrire ; - émettre une commande principale d’écriture des valeurs de la structure de données si la signature courante porte sur les valeurs de la structure de données à écrire ; - vérifier que la signature courante porte sur les valeurs de la structure de données à écrire lorsque la signature courante est recevable ; - écrire les valeurs de la structure de données, dans celle des zones (67, 68) sécurisées du deuxième calculateur (9, 12, 13, 14) si la signature courante porte sur les valeurs de la structure de données à écrire. Figure à publier avec l’abrégé : Fig. 1.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR1909018A FR3099835B1 (fr) | 2019-08-06 | 2019-08-06 | Procédé d’écriture dans une zone de données sécurisée d’un calculateur sur bus embarqué de véhicule. |
PCT/EP2020/071768 WO2021023694A1 (fr) | 2019-08-06 | 2020-08-03 | Procédé d'écriture dans une zone de données sécurisée d'un calculateur sur bus embarqué de véhicule |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR1909018 | 2019-08-06 | ||
FR1909018A FR3099835B1 (fr) | 2019-08-06 | 2019-08-06 | Procédé d’écriture dans une zone de données sécurisée d’un calculateur sur bus embarqué de véhicule. |
Publications (2)
Publication Number | Publication Date |
---|---|
FR3099835A1 FR3099835A1 (fr) | 2021-02-12 |
FR3099835B1 true FR3099835B1 (fr) | 2023-06-30 |
Family
ID=69375411
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
FR1909018A Active FR3099835B1 (fr) | 2019-08-06 | 2019-08-06 | Procédé d’écriture dans une zone de données sécurisée d’un calculateur sur bus embarqué de véhicule. |
Country Status (2)
Country | Link |
---|---|
FR (1) | FR3099835B1 (fr) |
WO (1) | WO2021023694A1 (fr) |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR3027129B1 (fr) | 2014-10-08 | 2016-10-21 | Renault Sa | Systeme de reseau embarque de vehicule et procede de detection d'intrusion sur le reseau embarque |
JP6345157B2 (ja) * | 2015-06-29 | 2018-06-20 | クラリオン株式会社 | 車載情報通信システム及び認証方法 |
JP2019036238A (ja) * | 2017-08-21 | 2019-03-07 | 株式会社東芝 | 更新制御装置、端末、更新制御方法およびプログラム |
US10850684B2 (en) * | 2017-12-19 | 2020-12-01 | Micron Technology, Inc. | Vehicle secure messages based on a vehicle private key |
-
2019
- 2019-08-06 FR FR1909018A patent/FR3099835B1/fr active Active
-
2020
- 2020-08-03 WO PCT/EP2020/071768 patent/WO2021023694A1/fr active Application Filing
Also Published As
Publication number | Publication date |
---|---|
FR3099835A1 (fr) | 2021-02-12 |
WO2021023694A1 (fr) | 2021-02-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110502507B (zh) | 一种分布式数据库的管理系统、方法、设备和存储介质 | |
US20080222628A1 (en) | Method and Apparatus for a Browser with Offline Web-Application Architecture | |
CN109062613B (zh) | 多核互联二级缓存访问验证方法 | |
CN109582649B (zh) | 一种元数据存储方法、装置、设备及可读存储介质 | |
US20160188653A1 (en) | Updating progression of performing computer system maintenance | |
CN112148689A (zh) | 一种用于城市级数据中台的数据共享交换系统 | |
CN104184601B (zh) | 用户在线时长的获取方法及装置 | |
WO2016101662A1 (fr) | Procédé de traitement de données et serveur approprié | |
CN103684823A (zh) | 网络日志记录方法、网络访问路径确定方法及相关装置 | |
FR3099835B1 (fr) | Procédé d’écriture dans une zone de données sécurisée d’un calculateur sur bus embarqué de véhicule. | |
CN112995354B (zh) | 域名解析记录重构方法及域名解析方法 | |
CN111064619B (zh) | 一种配置信息管理方法、装置、电子设备和存储介质 | |
CN103064929B (zh) | 一种网络文件系统中服务器写数据的方法 | |
CN107436920A (zh) | Node.js权限控制方法、存储介质、电子设备及系统 | |
CN105162765B (zh) | 一种基于断尾求生的云数据安全实现方法 | |
US20190303476A1 (en) | Dynamic buffer pools for process non-conforming tasks | |
CN104883381B (zh) | 分布式存储的数据存取方法及系统 | |
WO2020073517A1 (fr) | Procédé et appareil d'archivage de données basés sur un système de stockage distribué, et dispositif informatique | |
CN109150590B (zh) | 一种物联应用平台自动生成物联系统 | |
US10997677B2 (en) | Creating action plans to handle legal matters based on model legal matters | |
CN113268518B (zh) | 流量统计方法及装置、分布式流量统计系统 | |
CN111104187A (zh) | 一种基于接口聚合服务器的接口聚合方法及装置 | |
CN107818122A (zh) | 一种代理组件、搜索管理方法及搜索管理系统 | |
US20190303037A1 (en) | Using sequential read intention to increase data buffer reuse | |
CN111399825A (zh) | 一种基于api文档的api接口开发管理方法及系统 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PLFP | Fee payment |
Year of fee payment: 2 |
|
PLSC | Publication of the preliminary search report |
Effective date: 20210212 |
|
PLFP | Fee payment |
Year of fee payment: 3 |
|
PLFP | Fee payment |
Year of fee payment: 4 |
|
CA | Change of address |
Effective date: 20221005 |
|
PLFP | Fee payment |
Year of fee payment: 5 |