Abstract: A system for establishing a wireless connection between a mobile device and a vehicle includes a human-machine interface (HMI), a vehicle communication system, where the vehicle communication system includes a wireless connection transceiver, a speaker, a microphone, a controller in electrical communication with the HMI, the vehicle communication system, the speaker, and the microphone. The controller is programmed to activate a wireless connection mode of the controller based at least in part on a signal from the microphone and transmit a vehicle wireless connection identifier using the speaker. The controller is further programmed to confirm a vehicle wireless connection passcode using at least one of the speaker and the microphone and establish a wireless connection between the mobile device and the controller using the wireless connection transceiver in response to confirming the vehicle wireless connection passcode.

Abstract: A system comprises a computer including a processor and a memory. The memory includes instructions such that the processor is programmed to: receive, at a device driver, an Ethernet frame from an Automotive Open System Architecture (AUTOSAR) communication stack, determine, at the device driver, whether the Ethernet frame is a spoofed Ethernet frame, and transmit a cancelation command to at least one layer of the AUTOSAR communication stack when the device driver determines the Ethernet frame is spoofed.

Abstract: The present application relates to a method and apparatus for intelligent wireless protocol optimization including storing, in a memory, a first customer key and a second customer key, receiving, by a processor, a secret key, decrypting, by the processor, the secret key using a first customer key to extract a master key, provisioning, by the processor, an electronic control unit in response to the master key, and deleting, by the processor, the second customer key in response to the provisioning of electronic control unit in response to the master key.

Abstract: The present application relates to a method and apparatus for providing fault tolerant provisioning verification for cryptographic keys including receiving, via an interface, a first security key, a second security key, and a first verification data generated in response to the first security key and the second security key, coupling, by a processor, the first security key and the second security key to an electronic controller, receiving, by the processor, a second verification data generated by the electronic controller in response to the first security key and the second security key, and marking, by the processor, the controller as provisioned in response to the first verification data matching the second verification data.

Abstract: A method to perform secure boot procedure using a multi-stage security verification is provided. The procedure includes, within a microcontroller, referring to a table to identify a first defined memory region including code useful to start-up application programming of the microcontroller, wherein the application programming is operable to provide a function of the microcontroller to the vehicle, and a second defined memory region, including programming and data useful to operation of the application programming of the microcontroller. The procedure further includes, within a first stage, verifying authenticity of contents of the first region and starting-up the application programming of the microcontroller based upon verifying the authenticity of the contents of the first region.

Abstract: The present application relates to a method and apparatus for providing fault tolerant provisioning verification for cryptographic keys including receiving, via an interface, a first security key, a second security key, and a first verification data generated in response to the first security key and the second security key, coupling, by a processor, the first security key and the second security key to an electronic controller, receiving, by the processor, a second verification data generated by the electronic controller in response to the first security key and the second security key, and marking, by the processor, the controller as provisioned in response to the first verification data matching the second verification data.

Abstract: The present application relates to a method and apparatus for intelligent wireless protocol optimization including storing, in a memory, a first customer key and a second customer key, receiving, by a processor, a secret key, decrypting, by the processor, the secret key using a first customer key to extract a master key, provisioning, by the processor, an electronic control unit in response to the master key, and deleting, by the processor, the second customer key in response to the provisioning of electronic control unit in response to the master key.

Abstract: Authentication methods, systems and computer readable storage medium are provided. In an embodiment, an authentication method includes obtaining from an authentication template a first template portion, including an encoding of features, and a second template portion, including an identification of a location in the first template portion that is not usable. The method further includes revising the first template portion by setting a value at the location to a selected value to form a revised first template portion. Also, the method includes creating an authentication codeword from the revised first template portion and from public recovery data. The method further includes performing an error correction process to generate a corrected authentication codeword from the authentication codeword and from the second template portion and decoding the corrected authentication codeword.

Abstract: A system and method for personalization of security features of a vehicle. The system includes a memory having computer readable instructions and one or more processors for executing the computer readable instructions, the computer readable instructions controlling the one or more processors to perform operations. The operations include detecting a person in a cabin of a vehicle. At least one adjustable vehicle setting is detected in relation to the person in the cabin of the vehicle. The adjustable vehicle setting is compared to a stored adjustable vehicle setting in a first user profile. Operation of the vehicle by the person in the cabin of the vehicle is enabled based on the comparison and a permitted level of access from the first user profile.

Abstract: An impairment detection system is provided and includes an emitter, first and second beam selectors, a reference reflector, a sensor and a control module. The emitter is configured to emitter a first light signal. The first beam selector is configured to forward the first light signal to a touch probe. The reference reflector is configured to reflect the first light signal received from the first beam selector to generate a second reflected signal. The second beam selector is configured to receive (i) a first reflected signal from the touch probe based on reflection of the first light signal on an area of a person, and (ii) the second reflected signal. The sensor is configured to receive from the second beam selector the first reflected signal and the second reflected signal. The control module is configured to determine an impairment level of the person based on an output of the sensor.

Abstract: Authentication methods, systems and computer readable storage medium are provided. In an embodiment, an authentication method includes obtaining from an authentication template a first template portion, including an encoding of features, and a second template portion, including an identification of a location in the first template portion that is not usable. The method further includes revising the first template portion by setting a value at the location to a selected value to form a revised first template portion. Also, the method includes creating an authentication codeword from the revised first template portion and from public recovery data. The method further includes performing an error correction process to generate a corrected authentication codeword from the authentication codeword and from the second template portion and decoding the corrected authentication codeword.

Abstract: Methods, systems and computer readable storage medium for privacy-enhanced biometric access are provided. In an embodiment, a method for providing privacy-enhanced biometric access includes receiving, by a central processor, a biometric token request associated with a request for access rights by a user. The biometric token request includes a hashed value of an enrollment input and a blinded version of a first portion of an enrollee biometric template. The method for providing privacy-enhanced biometric access further includes generating, by the central processor, a signed token from the hashed value and the blinded version of the first portion of the enrollee biometric template.

Abstract: A system and method of wireless communication between a location-based wireless communications device and a vehicle, the method including the steps of: detecting when the vehicle is within an operating range of the location-based wireless communications device; establishing a short-range wireless communication (SRWC) connection between the location-based wireless communications device and the vehicle, wherein the SRWC connection is carried out over at least a first frequency band that enables a multi-Gbps data transfer rate; and transferring data between the location-based wireless communications device and the vehicle over the SRWC connection.

Abstract: A method and apparatus that authenticate an application are provided. The method includes connecting an authentication application on the first device to a second application of a second device on a second address and port in response to receiving a first request on a first address and port from the second application, receiving a second request including a signed certificate of the second device, determining whether the signed certificate is valid, in response to determining the signed certificate is valid, displaying a screen to accept request if the signed certificate is unapproved, and performing a function if the request is accepted.

Abstract: A system and method of wireless communication between a location-based wireless communications device and a vehicle, the method including the steps of: detecting when the vehicle is within an operating range of the location-based wireless communications device; establishing a short-range wireless communication (SRWC) connection between the location-based wireless communications device and the vehicle, wherein the SRWC connection is carried out over at least a first frequency band that enables a multi-Gbps data transfer rate; and transferring data between the location-based wireless communications device and the vehicle over the SRWC connection.

Abstract: A method of transmitting data within a vehicle includes: storing two copies of a data message; constructing at an electronic control unit (ECU) a serial bus message that includes one copy of the data message and a message authentication code (MAC) created using a secret key stored at the ECU, a MAC algorithm, and a different copy of the data message; transmitting the serial bus message to a receiving ECU over a vehicle bus; authenticating the serial bus message at the receiving ECU using a copy of the key stored at the receiving ECU by creating a copy of the MAC from the data message included in the serial bus message and the copy of the key; comparing the MAC from the serial bus message with the copy of the MAC created at the receiving ECU; and rejecting or accepting the data message based on the comparison.

Abstract: Embodiments include methods, systems and computer readable storage medium for privacy-enhanced biometric access enrollment. The method includes receiving, by a processor, a biometric signing request (BSR) associated with a request for access rights from a user, wherein the BSR comprises hashed biometric data. The method further includes generating, by the processor, a first biometric signature using at least a portion of the BSR. The method further includes generating, by the processor, a second biometric signature based on at least a portion of the BSR. The method further includes generating, by the processor, an authorization token based on at least the first biometric signature and the second biometric signature. The method further includes sending, by the processor, the authorization token to one or more access control entities or a user computing device for conveyance to the one or more access control entities for authentication.

Abstract: An impairment detection system is provided and includes an emitter, first and second beam selectors, a reference reflector, a sensor and a control module. The emitter is configured to emitter a first light signal. The first beam selector is configured to forward the first light signal to a touch probe. The reference reflector is configured to reflect the first light signal received from the first beam selector to generate a second reflected signal. The second beam selector is configured to receive (i) a first reflected signal from the touch probe based on reflection of the first light signal on an area of a person, and (ii) the second reflected signal. The sensor is configured to receive from the second beam selector the first reflected signal and the second reflected signal. The control module is configured to determine an impairment level of the person based on an output of the sensor.

Abstract: A relay attack deterrence system includes a mobile platform including a plurality of mobile platform transmitter components and a mobile platform receiver component provided therein. The system further includes a fob device having a fob receiver component, a fob transmitter component, and a motion sensor component configured to produce motion information. The fob device is configured to receive, at the fob receiver component, one or more first signals from at least one of the plurality of mobile platform transmitter components and to selectably transmit, to the mobile platform receiver component, a second signal based on the motion information and position information derived from the one or more first signals.

Abstract: Methods and systems are provided for bypassing an authenticity check for a secure control module. In one embodiment, a method includes: receiving authenticity data from a secure source, wherein the authenticity data includes a signature and an identifier that is unique to the control module; programming the control module with the authenticity data; and bypassing the authenticity check of a control program of the control module based on the authenticity data.