Abstract: A method for providing digital signatures for authenticating the source and content of binary files which are flash programmed into automotive embedded controllers. A piece of electronic content is digitally signed on a signing server by creating a hash value and encrypting it using the signer's private key. The content file and digital signature files are then delivered using one of several alternative approaches to a programming tool, which in turn loads the content and signature files onto the controller on which the content will execute. The controller verifies the content by decrypting the signature file to restore the hash value, and comparing the decrypted hash value to a hash value calculated from the content itself. Multiple signature files for a piece of content are supported.

Abstract: A system and method for verifying that operating software and calibration files are present and valid after a bootloader flashes the files into the memory on a vehicle ECU before allowing the operating software to execute. The ECU memory defines a memory segment for the operating software and the calibration files. A software manifest is provided in a memory slot before the operating software segment in the memory. Likewise, a calibration manifest is provided in a memory slot before the calibration segment in the ECU memory. After the software has been flashed into the ECU memory, a software flag is set in the software manifest memory slot and each time a calibration file is flashed, a calibration flag for the particular calibration file is set in the calibration manifest.

Abstract: A system and method for writing a new or replacement public key to a bootloader stored in a memory segment in the memory of a vehicle ECU without having to rewrite the entire bootloader. The method includes defining a key table in the bootloader memory segment includes a number of vacant memory slots that are available to store replacement public keys if they are needed. The key table is a separate section of the bootloader memory segment so that the key table memory slots are not used by the bootloader code.

Abstract: A system and method of authenticating data files is provided. The method includes providing a plurality of software part files and a manifest file associated with the software part files. The manifest file identifies each of the plurality of software part files. The method includes associating the manifest file with a manifest detached digital signature. The method also includes digitally signing the manifest file with the manifest detached digital signature. The manifest detached digital signature authenticates the manifest file. The method includes associating each of the plurality of software part files with one a plurality of unique detached digital signatures. The method includes digitally signing each of the plurality of software part files with one of the plurality of unique detached digital signatures. Each of the plurality of unique detached digital signatures authenticates one of the software part files.

Abstract: A wireless data link system between a vehicle having a vehicle controller and a computing device having a computing processor is provided. The wireless data link system includes a vehicle data link (“VDL”) device and a computing data link (“CDL”). The VDL device has a VDL controller, a VDL memory, and a VDL interface circuitry. The VDL interface circuitry provides a connection to the vehicle controller for exchanging data. The VDL memory stores a passcode that provides a secure connection and a VDL recognizable code that is associated with the VDL device. The CDL device has a CDL controller, a CDL memory, and CDL interface circuitry. The CDL interface circuitry provides a connection to the computing processor for exchanging data.

Abstract: A method and communications system for generating and using compact digital certificates for secure wireless communication. Each compact certificate includes a digital signature and only a portion of the data used in generating the signature. The remaining certificate data is pre-stored on one or more wireless devices for which secure communication is desired. Upon receiving a compact certificate, the wireless device authenticates the certificate using its digital signature along with both the data contained in the certificate and the data pre-stored on the wireless device. This approach permits secure connections to be established between wireless devices using relatively small digital certificates.

Abstract: A method and system for preventing replay-type attacks on a vehicle communications system that sends short message service (SMS) messages between a call center and a fleet of vehicles. The method uses separate sequence counters maintained at the call center and at each of the vehicles in the fleet to help prevent or at least minimize the effects of unauthorized third party interference; such as replay-type attacks. Each wireless message is embedded with a sequence counter that is provided by the sender and is compared by the recipient with a separate sequence counter for purposes of validation. Some optional features that can be used in conjunction with the sequence counters include a tolerance window feature, a consecutive message feature, and a proximity feature, to name but a few.

Abstract: A system and method for providing autonomous and remote vehicle maintenance and repair. The system employs an on-board diagnosis and prognosis module that monitors one or more vehicle buses to identify trouble codes and other information indicating a vehicle problem. The on-board module causes a telematic device on the vehicle to broadcast a message including a problem code that identifies the problem the vehicle is having. A remote repair center may receive the message and may identify a software upgrade patch associated with the problem that can be transmitted to the vehicle to upgrade its software to correct the problem. Also, the message may be received by another vehicle that is part of a broadcast network that has previously received the software upgrade patch to fix a problem on that vehicle, where the receiving vehicle may transmit the software upgrade patch to the vehicle having the problem.

Abstract: A communication system of a vehicle includes a mode determination module and a connection control module. The mode determination module sets a mode of operation to one of a first mode and a second mode based on a comparison of a common name (CN) of a root certificate with first and second predetermined CNs associated with operation in the first and second modes, respectively. The connection control module selectively transmits a request to one of a first server and a second server to establish a secure wireless connection between the connection control module and the one of the first and second servers. The first and second servers are different, and the first and second predetermined CNs are different.

Abstract: A system and method for enhancing vehicle diagnostic and prognostic algorithms and improving vehicle maintenance practices. The method includes collecting data from vehicle components, sub-systems and systems, and storing the collected data in a database. The collected and stored data can be from multiple sources for similar vehicles or similar components and can include various types of trouble codes and labor codes as well as other information, such as operational data and physics of failure data, which are fused together. The method generates classes for different vehicle components, sub-systems and systems, and builds feature extractors for each class using data mining techniques of the data stored in the database. The method also generates classifiers that classify the features for each class. The feature extractors and feature classifiers are used to determine when a fault condition has occurred for a vehicle component, sub-system or system.

Abstract: A system and method for authenticating the source and ensuring the integrity of traffic data collected from probe vehicles while maintaining the privacy of the data's source. This is accomplished by dividing the traffic analysis functionality into two distinct responsibilities: data collection, including authentication and verification, and data processing, and assigning each responsibility to a different entity, such the first entity has access to authentication information which identifies the data's source but not to traffic information such as the source's location, and the second entity has access to the traffic information but not to the authentication information which identifies the data's source.

Abstract: A method and system are provided for secure over-the-air modification of vehicular options by a vehicle user. The system includes a vehicle and a secure server. The vehicle includes receiver circuitry for receiving and demodulating wireless signals and a controller coupled to the receiver. The secure server is accessible by the vehicle user and generates a vehicular option modification package for provision to the vehicle by generating option parameter modification instructions in response to user parameter modification requests from the vehicle owner and generating authentication information in response to unique server authentication information associated with the secure server.

Abstract: Methods and apparatus are provided for enabling communication between an information handling device, such as a computer, and a vehicle. A dongle is provided for enabling the communication and includes an external coupling device, dongle transceiver circuitry, and a dongle controller. The dongle transceiver circuitry enables remote keyless entry communication between the dongle and the vehicle. The external coupling device couples the dongle to the information handling device, and the dongle controller is coupled to the external coupling device for determining when the dongle is coupled to the information handling device. The dongle controller is also coupled to the dongle transceiver circuitry for providing a remote keyless entry wakeup message to the dongle transceiver circuitry in response to receiving a communication initiation signal from the information handling device.

Abstract: Methods and apparatus are provided for transmitting data from remote server device to a computer module in a vehicle. A request for data is transmitted from the computer module over an in-vehicle network to an in-vehicle communications gateway module. The request for data from the computer module is destined for a remote server device. A request for a software component is transmitted from a standard port of the in-vehicle communications gateway module to the remote server device. The software component comprises a non-standard transfer protocol module. The in-vehicle communications gateway module loads the non-standard transfer protocol module, and the remote server device transmits the requested data to the in-vehicle communications gateway module according to the non-standard transfer protocol. The in-vehicle communications gateway module then transmits the requested data (provided from the remote server device) to the computer module over the in-vehicle network.

Abstract: Methods and apparatus are provided for charging an onboard energy storage system of a plug-in vehicle using a charging station. An embodiment of the system includes a vehicle communication system configured to transmit data related to charging authorization to the charging station. The embodiment also includes an electronic device configured to communicate with the vehicle communication system within a set range from the plug-in vehicle; and a vehicle controller communicatively coupled to the vehicle communication system. The vehicle controller is configured to direct the vehicle communication system to transmit the data related to charging authorization if the electronic device is within the set range from the plug-in vehicle.

Abstract: Methods and apparatus are provided for transmitting data to a client device from a computer module in a vehicle. Data is transmitted from the computer module over an in-vehicle network to an in-vehicle communications gateway module. The data from the computer module is destined for the client device. A request for a software component is transmitted to the client device from a standard port of the in-vehicle communications gateway module. The software component comprises a non-standard transfer protocol module. The in-vehicle communications gateway module loads the non-standard transfer protocol module, and the data is exchanged between the in-vehicle communications gateway module and the client device according to the non-standard transfer protocol.

Abstract: Methods and apparatus are provided for transmitting data between a client device and a vehicle. A server hosted at an in-vehicle communications gateway module sends a software component comprising a non-standard transfer protocol module to a browser application hosted at the client device in response to a request from the client device. Standard ports at the in-vehicle communications gateway module and the client device are closed, and data is exchanged between the server and the browser application according to the non-standard transfer protocol. Optionally, the received data can then be transmitted from the in-vehicle communications gateway module to a computer module in the vehicle.

Abstract: A system and method for providing server identification to accept a server request in a vehicle wireless communications system. If the server wishes to send a request for a certain function to the vehicle, it will transmit the request and the vehicle will receive the request. If the vehicle receives a valid vehicle identification number, the vehicle will then ask the server to disconnect the communications link. The server will disconnect the communications link, and wait for the vehicle to call the server directly within a predetermined time window to confirm that it was in fact a valid server making the request. If the server confirms that it was the one making the initial request, the vehicle will perform the function.

Abstract: A system and method for providing secure one-way transmissions in a vehicle wireless communications system. The system and method rely on a clock signal to assure that the vehicle and server receive proper messages. The vehicle and the server will periodically synchronize their internal clocks to a global clock signal. The server will add its local time to the body of a message including a vehicle identification number and a function code. The server will then encrypt the message and transmit it to the vehicle. The vehicle will decrypt the message and compare the transmitted vehicle identification number with its identification number. If the identification numbers match, the vehicle will then see if the time in the message is within a predefined window of the vehicle time. If the transmitted time is within the predefined window of the vehicle time, the vehicle will accept the message and perform the function.

Abstract: A system and method for enhancing vehicle diagnostic and prognostic algorithms and improving vehicle maintenance practices. The method includes collecting data from vehicle components, sub-systems and systems, and storing the collected data in a database. The collected and stored data can be from multiple sources for similar vehicles or similar components and can include various types of trouble codes and labor codes as well as other information, such as operational data and physics of failure data, which are fused together. The method generates classes for different vehicle components, sub-systems and systems, and builds feature extractors for each class using data mining techniques of the data stored in the database. The method also generates classifiers that classify the features for each class. The feature extractors and feature classifiers are used to determine when a fault condition has occurred for a vehicle component, sub-system or system.