Abstract: A method for preventing an unauthorized operation of a vehicle, and an electronic hardware security module for implementing the method are provided. A vehicle immobilizer software is used therein, which is at least partially stored in the electronic hardware security module.

Abstract: A method for operating a communication module of a network element of a communication network as well as the communication module itself are described. The communication module is embodied for the transmission of data. The network element has a communication module and an interface for communication with further network elements of the communication network. The communication module is embodied in such a way that the transmission, via the interface, of data for transmission is inhibited or authorized on the basis of a filter instruction.

Abstract: A method for data transmission between a sensor and an electronic control and/or regulating unit (ECU), the transmitted sensor data (x1, . . . , xt) and the sensor being secured against a manipulation. The system provides a particularly simple, but very secure method for manipulation protection, the sensor data (x1, . . . , xt) being transmitted via a first logical data transmission channel at a first data transmission rate, and security data (MAC; CMAC) for securing the transmitted sensor data and/or the sensor being transmitted via a second logical data transmission channel at a second data transmission rate from the sensor to the ECU. At least once at the beginning of a data transmission session, a session key is transmitted from the ECU to the sensor via a third logical data transmission channel and received by the latter, the session key being used at least for the ongoing session to generate the security data.

Abstract: In a method for operating a control unit using an electronic hardware security module, a secure layer is provided, which is assigned to the hardware security module and monitors the operation of the main computer unit. The secure layer switches to an operation under emergency conditions if a malfunction is present.

Abstract: A method for preventing an unauthorized operation of a vehicle, and an electronic hardware security module for implementing the method are provided. A vehicle immobilizer software is used therein, which is at least partially stored in the electronic hardware security module.

Abstract: A method and an electronic hardware security module are provided for managing software functionalities in a control unit. The hardware security module records results of a security functionality and acts on software functionalities as a function of the results.

Abstract: A method and a filter system for filtering messages which are received, via a serial data bus of a communications network, in a communication module of a user connected to the data bus. To allow particularly simple and efficient filtering of incoming messages, even when there is a large number of filtering criteria, it is proposed that the filter system includes a list in which multiple identifier pairs are stored which define a range delimited in each case by a first identifier and a second identifier. The identifier for an incoming message is compared at least to selected identifier pairs from the list, and a query is made concerning whether the identifier for the incoming message is greater than, or greater than or equal to, the selected first identifier, and is less than, or less than or equal to, the selected second identifier.

Abstract: In a counter mode encryption scheme, a sending device sends a first message including first cipher text and a first counter used to generate the first cipher text to a receiving device for decryption. The sending device subsequently generates a second counter for generating second cipher text. The sending device sends a second message including the second cipher text and intermediate state data corresponding to a change between the first counter second counter to the receiving device for decryption. The intermediate state data are represented by a smaller number of bits than the first counter. The method enables improved counter mode encrypted communication in networks that lose one or more intermediate messages between the first message and the second message.

Abstract: A memory module has at least one secure and at least one insecure memory area, separate write/read electronic units for each of the memory areas and at least one shared analog circuit part such as a voltage supply circuit for supplying the write/read electronic units and/or the memory areas.

Abstract: A method for operating a security device includes a microcontroller, a protected memory area, in which at least one item of protection-worthy information is stored, and a unit, the microcontroller being connected to the protected memory area via the unit, the at least one item of protection-worthy information being accessed by the microcontroller via the unit when the method is carried out.

Abstract: A method for operating a communication module of a network element of a communication network as well as the communication module itself are described. The communication module is embodied for the transmission of data. The network element has a communication module and an interface for communication with further network elements of the communication network. The communication module is embodied in such a way that the transmission, via the interface, of data for transmission is inhibited or authorized on the basis of a filter instruction.

Abstract: A method for data transmission between a sensor and an electronic control and/or regulating unit (ECU), the transmitted sensor data (x1, . . . , xt) and the sensor being secured against a manipulation. The system provides a particularly simple, but very secure method for manipulation protection, the sensor data (x1, . . . , xt) being transmitted via a first logical data transmission channel at a first data transmission rate, and security data (MAC; CMAC) for securing the transmitted sensor data and/or the sensor being transmitted via a second logical data transmission channel at a second data transmission rate from the sensor to the ECU. At least once at the beginning of a data transmission session, a session key is transmitted from the ECU to the sensor via a third logical data transmission channel and received by the latter, the session key being used at least for the ongoing session to generate the security data.

Abstract: In a counter mode encryption scheme, a sending device sends a first message including first cipher text and a first counter used to generate the first cipher text to a receiving device for decryption. The sending device subsequently generates a second counter for generating second cipher text. The sending device sends a second message including the second cipher text and intermediate state data corresponding to a change between the first counter second counter to the receiving device for decryption. The intermediate state data are represented by a smaller number of bits than the first counter. The method enables improved counter mode encrypted communication in networks that lose one or more intermediate messages between the first message and the second message.

Abstract: A subscriber of a communication system includes a microprocessor, at least two communication controllers and a peripheral bus. The microprocessor is connected to the communication controllers via the peripheral bus and is also connected via the communication controllers respectively to a communication link of the communication system, via which messages are transmitted. In order to optimize the gateway functionality within the subscriber, a provision is made that at least one of the communication controllers has an active interface via which the communication controller is connected to the peripheral bus and has a logic circuit for independently implementing a gateway functionality.

Abstract: A subscriber node of a communication system, a communication system and a method for transmitting a message in the communication system. The message is transmitted from a first subscriber node of the communication system via a data bus of the communication system to a second subscriber node of the communication system. An application program of the first subscriber node files the message, that is to be sent, in a message memory, from where it is retrieved by a communication controller, upon a sending command of the application program, and is transmitted via the data bus.

Abstract: A gateway for data transfer between serial buses, including multiple communication modules that are each provided for connection of one serial bus, and that carry out a conversion between data packets and data words, a bus master that, via an internal control bus, controls a word-based transfer of data via an internal data bus between two communication modules, the bus master applying a source address via a source address bus to an internally transmitting first communication module, and a destination address via a separate destination address bus to an internally receiving second communication module, data received in data packets by the first communication module via a first serial bus connected thereto being transferred from the first communication module directly without buffering, in word-based fashion in one or more data words, via the internal data bus to the second communication module, which delivers these transferred data, in data packets, via a second serial bus connected to the second communication

Abstract: A method for controlling access to data of a message memory, and a message handler of a communications module having a message memory, in which data are input or output in response to an access; the message memory being connected to a first buffer configuration and a second buffer configuration, and the data being accessed via the first or the second buffer configuration; in the message handler, at least one first finite state machine being provided which controls the access to the message memory via the first buffer configuration, and at least one second finite state machine being provided which controls the access via the second buffer configuration, the at least one first finite state machine and the second finite state machine making access requests; and a third finite state machine being provided which assigns access to the message memory to the at least one first and the second finite state machine as a function of their access requests.

Abstract: FlexRay communication controller for connecting FlexRay communication lines to a FlexRay network member assigned to the FlexRay communication controller, whereby said FlexRay communication controller encloses some parts as there are at least a message handler, a message memory, a first buffer memory structure for connecting said message memory to said FlexRay network member and a second buffer memory structure for connecting said message memory to said FlexRay communication lines, whereby all the parts are functioning together to connect said FlexRay communication lines to said FlexRay network member and said FlexRay communication controller is constructed in such a way that said functioning is controlled by the contents of a variety of registers located onto said FlexRay communication controller.

Abstract: A memory module has at least one secure and at least one insecure memory area, separate write/read electronic units for each of the memory areas and at least one shared analog circuit part such as a voltage supply circuit for supplying the write/read electronic units and/or the memory areas.

Abstract: In a method for verifying a memory block of a nonvolatile memory, at a first point in time, a first authentication code for the memory block is determined while using a secret keyword and is stored in an authentication code memory table, and at a second point in time, for the verification, a second authentication code for the memory block is determined while using the secret keyword and is compared to the first authentication code and the memory block is verified if the first authentication code and the second authentication code agree.