Patents by Inventor Markus Ihle
Markus Ihle has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10762177Abstract: A method for preventing an unauthorized operation of a vehicle, and an electronic hardware security module for implementing the method are provided. A vehicle immobilizer software is used therein, which is at least partially stored in the electronic hardware security module.Type: GrantFiled: May 12, 2015Date of Patent: September 1, 2020Assignee: Robert Bosch GmbHInventors: Thorsten Schwepp, Ingo Opferkuch, Markus Ihle, Holger Egeler
-
Patent number: 9479478Abstract: A method for operating a communication module of a network element of a communication network as well as the communication module itself are described. The communication module is embodied for the transmission of data. The network element has a communication module and an interface for communication with further network elements of the communication network. The communication module is embodied in such a way that the transmission, via the interface, of data for transmission is inhibited or authorized on the basis of a filter instruction.Type: GrantFiled: May 19, 2014Date of Patent: October 25, 2016Assignee: ROBERT BOSCH GMBHInventors: Markus Ihle, Robert Szerwinski, Juergen Likkei
-
Patent number: 9252945Abstract: A method for data transmission between a sensor and an electronic control and/or regulating unit (ECU), the transmitted sensor data (x1, . . . , xt) and the sensor being secured against a manipulation. The system provides a particularly simple, but very secure method for manipulation protection, the sensor data (x1, . . . , xt) being transmitted via a first logical data transmission channel at a first data transmission rate, and security data (MAC; CMAC) for securing the transmitted sensor data and/or the sensor being transmitted via a second logical data transmission channel at a second data transmission rate from the sensor to the ECU. At least once at the beginning of a data transmission session, a session key is transmitted from the ECU to the sensor via a third logical data transmission channel and received by the latter, the session key being used at least for the ongoing session to generate the security data.Type: GrantFiled: April 4, 2014Date of Patent: February 2, 2016Assignee: ROBERT BOSCH GMBHInventors: Matthew Lewis, Markus Ihle, Robert Szerwinski, Jamshid Shokrollahi, Benjamin Glas
-
Publication number: 20150323919Abstract: In a method for operating a control unit using an electronic hardware security module, a secure layer is provided, which is assigned to the hardware security module and monitors the operation of the main computer unit. The secure layer switches to an operation under emergency conditions if a malfunction is present.Type: ApplicationFiled: May 4, 2015Publication date: November 12, 2015Inventors: Thorsten Schwepp, Markus Ihle, Andreas Soenkens, Thomas Kuhn, Stefan Schneider
-
Publication number: 20150321642Abstract: A method for preventing an unauthorized operation of a vehicle, and an electronic hardware security module for implementing the method are provided. A vehicle immobilizer software is used therein, which is at least partially stored in the electronic hardware security module.Type: ApplicationFiled: May 12, 2015Publication date: November 12, 2015Inventors: Thorsten SCHWEPP, Ingo Opferkuch, Markus Ihle, Holger Egeler
-
Publication number: 20150324610Abstract: A method and an electronic hardware security module are provided for managing software functionalities in a control unit. The hardware security module records results of a security functionality and acts on software functionalities as a function of the results.Type: ApplicationFiled: May 12, 2015Publication date: November 12, 2015Inventors: Markus IHLE, Ingo OPFERKUCH, Thomas KELLER, Andreas SOENKENS, Thomas KUHN, Stefan SCHNEIDER
-
Patent number: 9154324Abstract: A method and a filter system for filtering messages which are received, via a serial data bus of a communications network, in a communication module of a user connected to the data bus. To allow particularly simple and efficient filtering of incoming messages, even when there is a large number of filtering criteria, it is proposed that the filter system includes a list in which multiple identifier pairs are stored which define a range delimited in each case by a first identifier and a second identifier. The identifier for an incoming message is compared at least to selected identifier pairs from the list, and a query is made concerning whether the identifier for the incoming message is greater than, or greater than or equal to, the selected first identifier, and is less than, or less than or equal to, the selected second identifier.Type: GrantFiled: March 5, 2009Date of Patent: October 6, 2015Assignee: ROBERT BOSCH GMBHInventors: Florian Hartwich, Franz Bailer, Markus Ihle, Christian Horst
-
Patent number: 8983069Abstract: In a counter mode encryption scheme, a sending device sends a first message including first cipher text and a first counter used to generate the first cipher text to a receiving device for decryption. The sending device subsequently generates a second counter for generating second cipher text. The sending device sends a second message including the second cipher text and intermediate state data corresponding to a change between the first counter second counter to the receiving device for decryption. The intermediate state data are represented by a smaller number of bits than the first counter. The method enables improved counter mode encrypted communication in networks that lose one or more intermediate messages between the first message and the second message.Type: GrantFiled: March 14, 2013Date of Patent: March 17, 2015Assignee: Robert Bosch GmbHInventors: Jorge Guajardo Merchan, Attila A. Yavuz, Benjamin Glas, Markus Ihle, Hamit Hacioglu, Karsten Wehefritz
-
Memory module for simultaneously providing at least one secure and at least one insecure memory area
Patent number: 8976585Abstract: A memory module has at least one secure and at least one insecure memory area, separate write/read electronic units for each of the memory areas and at least one shared analog circuit part such as a voltage supply circuit for supplying the write/read electronic units and/or the memory areas.Type: GrantFiled: October 21, 2010Date of Patent: March 10, 2015Assignee: Robert Bosch GmbHInventors: Markus Ihle, Axel Aue, Robert Szerwinski, Oliver Bubeck, Jamshid Shokrollahi, Jan Hayek -
Patent number: 8904193Abstract: A method for operating a security device includes a microcontroller, a protected memory area, in which at least one item of protection-worthy information is stored, and a unit, the microcontroller being connected to the protected memory area via the unit, the at least one item of protection-worthy information being accessed by the microcontroller via the unit when the method is carried out.Type: GrantFiled: November 22, 2010Date of Patent: December 2, 2014Assignee: Robert Bosch GmbHInventors: Markus Ihle, Robert Szerwinski, Oliver Bubeck, Jan Hayek, Jamshid Shokrollahi
-
Publication number: 20140344916Abstract: A method for operating a communication module of a network element of a communication network as well as the communication module itself are described. The communication module is embodied for the transmission of data. The network element has a communication module and an interface for communication with further network elements of the communication network. The communication module is embodied in such a way that the transmission, via the interface, of data for transmission is inhibited or authorized on the basis of a filter instruction.Type: ApplicationFiled: May 19, 2014Publication date: November 20, 2014Applicant: ROBERT BOSCH GMBHInventors: Markus IHLE, Robert SZERWINSKI, Juergen LIKKEI
-
Publication number: 20140301550Abstract: A method for data transmission between a sensor and an electronic control and/or regulating unit (ECU), the transmitted sensor data (x1, . . . , xt) and the sensor being secured against a manipulation. The system provides a particularly simple, but very secure method for manipulation protection, the sensor data (x1, . . . , xt) being transmitted via a first logical data transmission channel at a first data transmission rate, and security data (MAC; CMAC) for securing the transmitted sensor data and/or the sensor being transmitted via a second logical data transmission channel at a second data transmission rate from the sensor to the ECU. At least once at the beginning of a data transmission session, a session key is transmitted from the ECU to the sensor via a third logical data transmission channel and received by the latter, the session key being used at least for the ongoing session to generate the security data.Type: ApplicationFiled: April 4, 2014Publication date: October 9, 2014Applicant: Robert Bosch GmbHInventors: Matthew LEWIS, Markus IHLE, Robert SZERWINSKI, Jamshid SHOKROLLAHI, Benjamin GLAS
-
Publication number: 20140270163Abstract: In a counter mode encryption scheme, a sending device sends a first message including first cipher text and a first counter used to generate the first cipher text to a receiving device for decryption. The sending device subsequently generates a second counter for generating second cipher text. The sending device sends a second message including the second cipher text and intermediate state data corresponding to a change between the first counter second counter to the receiving device for decryption. The intermediate state data are represented by a smaller number of bits than the first counter. The method enables improved counter mode encrypted communication in networks that lose one or more intermediate messages between the first message and the second message.Type: ApplicationFiled: March 14, 2013Publication date: September 18, 2014Applicant: Robert Bosch GmbHInventors: Jorge Guajardo Merchan, Attila A. Yavuz, Benjamin Glas, Markus Ihle, Hamit Hacioglu, Karsten Wehefritz
-
Patent number: 8792508Abstract: A subscriber of a communication system includes a microprocessor, at least two communication controllers and a peripheral bus. The microprocessor is connected to the communication controllers via the peripheral bus and is also connected via the communication controllers respectively to a communication link of the communication system, via which messages are transmitted. In order to optimize the gateway functionality within the subscriber, a provision is made that at least one of the communication controllers has an active interface via which the communication controller is connected to the peripheral bus and has a logic circuit for independently implementing a gateway functionality.Type: GrantFiled: October 4, 2006Date of Patent: July 29, 2014Assignee: Robert Bosch GmbHInventors: Markus Ihle, Tobias Lorenz, Jan Taube
-
Patent number: 8732374Abstract: A subscriber node of a communication system, a communication system and a method for transmitting a message in the communication system. The message is transmitted from a first subscriber node of the communication system via a data bus of the communication system to a second subscriber node of the communication system. An application program of the first subscriber node files the message, that is to be sent, in a message memory, from where it is retrieved by a communication controller, upon a sending command of the application program, and is transmitted via the data bus.Type: GrantFiled: March 5, 2009Date of Patent: May 20, 2014Assignee: Robert Bosch GmbHInventors: Florian Hartwich, Marc Schreier, Franz Bailer, Markus Ihle, Tobias Lorenz, Christian Horst
-
Patent number: 8571044Abstract: A gateway for data transfer between serial buses, including multiple communication modules that are each provided for connection of one serial bus, and that carry out a conversion between data packets and data words, a bus master that, via an internal control bus, controls a word-based transfer of data via an internal data bus between two communication modules, the bus master applying a source address via a source address bus to an internally transmitting first communication module, and a destination address via a separate destination address bus to an internally receiving second communication module, data received in data packets by the first communication module via a first serial bus connected thereto being transferred from the first communication module directly without buffering, in word-based fashion in one or more data words, via the internal data bus to the second communication module, which delivers these transferred data, in data packets, via a second serial bus connected to the second communicationType: GrantFiled: April 17, 2007Date of Patent: October 29, 2013Assignee: Robert Bosch GmbHInventors: Markus Ihle, Tobias Lorenz, Jan Taube
-
Patent number: 8484390Abstract: A method for controlling access to data of a message memory, and a message handler of a communications module having a message memory, in which data are input or output in response to an access; the message memory being connected to a first buffer configuration and a second buffer configuration, and the data being accessed via the first or the second buffer configuration; in the message handler, at least one first finite state machine being provided which controls the access to the message memory via the first buffer configuration, and at least one second finite state machine being provided which controls the access via the second buffer configuration, the at least one first finite state machine and the second finite state machine making access requests; and a third finite state machine being provided which assigns access to the message memory to the at least one first and the second finite state machine as a function of their access requests.Type: GrantFiled: June 29, 2005Date of Patent: July 9, 2013Assignee: Robert Bosch GmbHInventors: Florian Hartwich, Christian Horst, Franz Bailer, Markus Ihle
-
Patent number: 8484383Abstract: FlexRay communication controller for connecting FlexRay communication lines to a FlexRay network member assigned to the FlexRay communication controller, whereby said FlexRay communication controller encloses some parts as there are at least a message handler, a message memory, a first buffer memory structure for connecting said message memory to said FlexRay network member and a second buffer memory structure for connecting said message memory to said FlexRay communication lines, whereby all the parts are functioning together to connect said FlexRay communication lines to said FlexRay network member and said FlexRay communication controller is constructed in such a way that said functioning is controlled by the contents of a variety of registers located onto said FlexRay communication controller.Type: GrantFiled: August 4, 2005Date of Patent: July 9, 2013Assignee: Robert Bosch GmbHInventors: Florian Hartwich, Thomas Wagner, Christian Horst, Franz Bailer, Markus Ihle
-
MEMORY MODULE FOR SIMULTANEOUSLY PROVIDING AT LEAST ONE SECURE AND AT LEAST ONE INSECURE MEMORY AREA
Publication number: 20130128664Abstract: A memory module has at least one secure and at least one insecure memory area, separate write/read electronic units for each of the memory areas and at least one shared analog circuit part such as a voltage supply circuit for supplying the write/read electronic units and/or the memory areas.Type: ApplicationFiled: October 21, 2010Publication date: May 23, 2013Inventors: Markus Ihle, Axel Aue, Robert Szerwinski, Oliver Bubeck, Jamshid Shokrollahi, Jan Hayek -
Publication number: 20130117578Abstract: In a method for verifying a memory block of a nonvolatile memory, at a first point in time, a first authentication code for the memory block is determined while using a secret keyword and is stored in an authentication code memory table, and at a second point in time, for the verification, a second authentication code for the memory block is determined while using the secret keyword and is compared to the first authentication code and the memory block is verified if the first authentication code and the second authentication code agree.Type: ApplicationFiled: February 7, 2011Publication date: May 9, 2013Inventors: Markus Ihle, Oliver Bubeck, Jamshid Shokrollahi, Jan Hayek