Abstract: Methods are provided for securely loading software objects into an electronic control unit. The methods include receiving a first software object comprising a second level public key certificate, a first encryption signature and a first set of software. Once the first software object is received, validating the first second level public key is validated with the embedded root public key, the first encryption signature with the first second level public key certificate, and the first set of software with the first encryption signature. When the first set of software is valid, then the first second level public key certificate and the first set of software are stored to non-volatile memory. Once stored, a consecutive software object is received comprising only a consecutive encryption signature and a consecutive set of software from the programming source.

Abstract: A system and method for installing software on a secure controller without requiring the software to be properly signed. The method includes determining whether a by-pass flag has been set in the controller that identifies whether a file validation procedure is required to install the file and performing a pre-check operation to determine whether predetermined parameters of the file have been satisfied. The method also includes installing the file into a memory in the controller if the pre-check operation has been satisfied. The method further includes determining whether the file has a proper signature and indicating that the signature is proper if the by-pass flag is set and the file does not include a proper signature, and allowing the file to be installed if the signature has been indicated as being proper.

Abstract: A system and method for securely flashing a controller, where the controller includes at least one main processor and at least one secondary processor, and where the processing duties are distributed between the processors. A programming tool provides a content file to be flashed and a digital signature to the controller. The controller calculates a hash value of the content file, decrypts the digital signature using a public key to generate a decrypted hash value, compares the decrypted hash value to the calculated hash value, and determines that the content file is valid if the decrypted hash code matches the calculated hash value, where one or more of the steps of calculating the hash value, decrypting the digital signature, comparing the decrypted hash value to the calculated hash value and determining that the content file is valid, is performed by the main processor for the secondary processor.

Abstract: A control module reflash system includes a control module located in a vehicle that controls at least one function of the vehicle according to stored vehicle software. An external interface module receives a software file from a source external to the vehicle and receives a part number for the stored vehicle software in the control module. The external interface module retrieves a comparison software file from the source external to the vehicle corresponding to the part number and compares the software file and the comparison software file. The external interface module identifies differences between the software file and the comparison software file, generates a compressed file based on the differences, and provides the compressed file to the control module. The control module generates a flash file based on the received compressed file and the stored vehicle software and modifies the stored vehicle software based on the flash file.

Abstract: A communication system of a vehicle includes a mode determination module and a connection control module. The mode determination module sets a mode of operation to one of a first mode and a second mode based on a comparison of a common name (CN) of a root certificate with first and second predetermined CNs associated with operation in the first and second modes, respectively. The connection control module selectively transmits a request to one of a first server and a second server to establish a secure wireless connection between the connection control module and the one of the first and second servers. The first and second servers are different, and the first and second predetermined CNs are different.

Abstract: Methods and systems are provided for bypassing an authenticity check for a secure control module. In one embodiment, a method includes: receiving authenticity data from a secure source, wherein the authenticity data includes a signature and an identifier that is unique to the control module; programming the control module with the authenticity data; and bypassing the authenticity check of a control program of the control module based on the authenticity data.

Abstract: A system and method for producing cryptographic keys for use by an embedded processing device within a manufactured product. A pseudo random number generator is seeded with entropy data gathered by the embedded device, and the result is used to generate a public-private key pair. The process can be carried out during manufacturing so that the public key of each manufactured product can be stored in a database along with a unique identifier for the embedded device associated with the key. In one particular example, a vehicle having an installed telematics unit uses the key generating process to self-generate keys using entropy data available to the vehicle.

Abstract: Mobile device-activated vehicle functions are implemented by authenticating a vehicle with a device via wireless signals transmitted between a low frequency antenna of the device and a low frequency antenna of the vehicle when the vehicle is in communicative range of the device. The mobile device-activated vehicle functions are further implemented by receiving, via computer processor embedded in the device, a selection from one of a plurality of input components embedded in the device, the selection associated with a vehicle function, and transmitting a request to implement the vehicle function via the low frequency antenna coupled to the computer processor and the low frequency antenna of the vehicle.

Abstract: A system and method of authenticating data files is provided. The method includes providing a plurality of software part files and a manifest file associated with the software part files. The manifest file identifies each of the plurality of software part files. The method includes associating the manifest file with a manifest detached digital signature. The method also includes digitally signing the manifest file with the manifest detached digital signature. The manifest detached digital signature authenticates the manifest file. The method includes associating each of the plurality of software part files with one a plurality of unique detached digital signatures. The method includes digitally signing each of the plurality of software part files with one of the plurality of unique detached digital signatures. Each of the plurality of unique detached digital signatures authenticates one of the software part files.

Abstract: A system and method for validating a software file to be installed into a controller. The method includes preparing the software file including assigning a software version code to the software file, assigning a security version code to the software file, and signing the software file with the software file version code and the security version code. The signed software file is presented to the controller for installing on the controller and the controller verifies the software file signature to determine if the software file is valid and the security version code is valid. The controller allows the software file to be installed in the controller if both the signed software file is valid and the security version code is valid.

Abstract: A system and method for by-passing a security code to allow developmental software to be installed on a production controller without having to authenticate the software. The method includes requesting information from the controller and creating an information ticket in the controller in response to the request that identifies the controller. The information ticket is sent to a secure server that creates an authorization ticket that identifies the controller from the information ticket and creates a security code for the ticket. The authorization ticket is presented to the controller and if the security code is verified by the controller, the controller allows the developmental software to be installed.

Abstract: A system and method for changing a state of a binary flag in a flash memory. The method defines a cell segment including a predetermined number of bits as the binary flag, where each bit is converted to a logical 1 when the memory is erased. The method also defines that an even number of logical 1 bits in the flash cell segment is an even parity and an odd number of logical 1 bits in the flash cell segment is an odd parity, and defines whether an even parity is an ON state of the binary flag or an odd parity is the ON state of the binary flag. The method changes the parity of the binary flag by writing one of the bits in the flash cell segment from a logical 1 to a logical 0 to change the state of the flag.

Abstract: A system and method for installing software on a secure controller without requiring the software to be properly signed. The method includes determining whether a by-pass flag has been set in the controller that identifies whether a file validation procedure is required to install the file and performing a pre-check operation to determine whether predetermined parameters of the file have been satisfied. The method also includes installing the file into a memory in the controller if the pre-check operation has been satisfied. The method further includes determining whether the file has a proper signature and indicating that the signature is proper if the by-pass flag is set and the file does not include a proper signature, and allowing the file to be installed if the signature has been indicated as being proper.

Abstract: A system and method for securely flashing a controller, where the controller includes at least one main processor and at least one secondary processor, and where the processing duties are distributed between the processors. A programming tool provides a content file to be flashed and a digital signature to the controller. The controller calculates a hash value of the content file, decrypts the digital signature using a public key to generate a decrypted hash value, compares the decrypted hash value to the calculated hash value, and determines that the content file is valid if the decrypted hash code matches the calculated hash value, where one or more of the steps of calculating the hash value, decrypting the digital signature, comparing the decrypted hash value to the calculated hash value and determining that the content file is valid, is performed by the main processor for the secondary processor.

Abstract: A mobile client system initiates a wireless communication with a transaction system and receives a digital certificate from the transaction system in response. The digital certificate includes an embedded geographic location of the transaction system. The mobile client system also compares the geographic location of the transaction system with a current geographic location of the mobile client system and establishes an encrypted communication channel with the transaction system upon determining that the location of the transaction system is in proximity of the current location of the mobile client system. The mobile client system further sends the user credentials to the transaction system via the encrypted communication channel. Upon successful authentication of the mobile client system via the user credentials, the mobile client system performs a transaction with the transaction system using a graphical user interface of the client system.

Abstract: A system and method for processing messages received at a vehicle. The method carried by the system involves wirelessly receiving at a vehicle a first communication message having secure credentials and a message signature for a second communication message. Then, the vehicle authenticates the first communication message via its secure credentials. Later, the vehicle wirelessly receives the second communication message and validates this second message using the message signature from the first message. In response to the validation, the second message is processed at the vehicle.

Abstract: There is provided a method and system for facilitating communications between a remote access point and a mobile platform during a shutdown period. The mobile platform is equipped with a first receiver and a wireless communications receiver. A wake-up signal is wirelessly transmitted from a remote wireless device to the first receiver of the mobile platform. The communications receiver is activated based upon the wake-up signal. The remote access point is controlled to communicate with the communications receiver subsequent to the activation of the communications receiver.

Abstract: Methods and apparatus are provided for establishing a secure connection with a mobile device that is configured to store a first private key that mathematically corresponds to a first public key. The method comprises receiving a quasi-public key from a trusted entity, wherein the quasi-public key mathematically corresponds to a quasi-private key that is stored on the mobile device, receiving a first digital certificate from the mobile device, the first digital certificate comprising the first public key and a first digital signature generated with the quasi-private key, and authenticating the first digital certificate using the first digital signature and the quasi-public key.

Abstract: Methods and a vehicle are provided for initiating a short range radio frequency (RF) connection between the vehicle and an access point. The vehicle includes transceiver circuitry comprising receiver circuitry and transmitter circuitry, a Global Positioning System (GPS) receiver for receiving GPS coordinates, and a controller. The controller is coupled to the GPS receiver for determining a location of the vehicle in response to the GPS coordinates. The controller is also coupled to the transmitter circuitry for providing a probe request thereto for transmission to the access point in order to initiate the short range RF connection in response to the location of the vehicle.

Abstract: A device, such as a vehicle, and a method within the device are provided for protecting the privacy of device specific information. The method includes the steps of detecting a beacon transmitted by an association requestor, determining whether the association requestor is an authorized requester by determining whether a present parameter falls within a range of authorized parameters associated with the association requester, and transmitting the device specific information to the authorized requester only if the present parameter falls within the range of authorized requester parameters.