Abstract: A method of enhancing positioning of a moving vehicle based on visual identification of visual objects, comprising obtaining from a location sensor a global positioning and a movement vector of a moving vehicle, capturing one or more images using one or more imaging devices mounted on the moving vehicle to depict at least partial view of a surroundings of the moving vehicle, analyzing the image(s) to identify one or more visual objects having a known geographical position obtained according to the global positioning from a visual data record associated with a navigation map, analyzing the image(s) to calculate a relative positioning of the moving vehicle with respect to the identified visual object(s), calculating an enhanced positioning of the moving vehicle based on the relative positioning and applying the enhanced positioning to a navigation system of the moving vehicle.

Abstract: A method of generating a delta instructions record for updating a source database in-place, comprising obtaining a plurality of source data items contained in a plurality of cells of a plurality of tables organized in tuples and columns, creating a column oriented source stream serializing the source data items by concatenating a source data item of each cell of each column to a preceding source data item of a cell preceding the respective cell in the respective column, obtaining a plurality of target data items contained tables of a target database comprising data item(s) changed compared to the source database, creating a column oriented target stream serializing the plurality of target data items, delta instructions for applying changes detected between the source database and the target database by comparing between the source stream and the target stream, and outputting the delta instructions record to device(s) for updating their source database.

Abstract: Disclosed are methods and systems for detecting vital signs of occupants in vehicles, for example, the vehicle cabin. A signal unit transmits a radar signal to the occupant and receiving the radar signal reflected from the occupant. The reflected radar signal is analyzed with respect to vibration data of the vehicle, to produce a modified signal. The modified signal is analyzed to determine the vital signs of the occupant.

Abstract: Mechanisms and methods are provided for establishing vectors indicating the presence, in a first vehicle and second vehicle, of a super-set of vehicle features present across a fleet of vehicles. The first vehicle may be a reference vehicle. A distance function of the vectors may be calculated in order to establish a similarity score indicating the degree of similarity between the designs of the two vehicles. If the second vehicle is sufficiently similar to the reference vehicle, a software update may be recommended and applied.

Abstract: The present invention provides a security system, and methods useful for vehicle CAN bus communication mapping and attack originator identification, comprising: a CAN Bus Monitor, (CBM), configured to monitor the CAN bus communication comprising one or more frames, to and/or from at least one Electronic Control Unit, (ECU); a characterization module in communication with the CBM, configured to generate at least one characteristic for the monitored communication from each the ECU and at least one characteristic for each communication frame; (c) a comparator unit in communication with the characterization module, configured to compare one or more the characteristics of at least one frame against characteristics of each the ECU communication in order to detect at least one anomaly; and, (d) one or more Identification module in communication with the comparator, configured to identify at least one ECU originating an attack on the CAN bus.

Abstract: There is provided a computer implemented method of disabling a malicious electronic control unit (ECU) of a plurality of ECUs in communication with a controller area network (CAN) bus network, the method executed by a computing device in communication with the plurality of ECUs and the CAN bus network, the method comprising: detecting a malicious message transmitted by the malicious ECU over the CAN bus network, and injecting a plurality of bits over the CAN bus network to trigger a predefined plurality of errors for disabling the malicious ECU before the malicious ECU makes an additional attempt to retransmit an additional instance of the malicious message.

Abstract: A system of mitigating code weaknesses in a target code by adding micro functionality fixes. The system includes a mitigation module installed a memory chip of a device and a server for identifying a plurality of code weaknesses in a target code installed in a memory chip of a device and sending configuration instructions to the mitigation module, the configuration instructions comprising: a plurality of micro functionality fixes, and a plurality of code weakness locations each associated with one of the plurality of code weaknesses and one of the plurality of micro functionality fixes. The execution of the mitigation module by at least one processor of the device induces an installment of the plurality of micro functionality fixes in the plurality of code weakness locations.

Abstract: A method for processing signals of active sensor systems including processing an emitted signal to include at least one distinguishing feature, the emitted signal emitted by an active sensor system adapted to intercept a reflection of the emitted signal, and to analyze the reflection of the emitted signal for determining at least one parameter of at least one object located in a space, analyzing an intercepted portion to verify the at least one distinguishing feature in the intercepted portion, and processing the intercepted portion as the reflection of the emitted signal when the at least one distinguishing feature is verified.

Abstract: There is provided a method for identifying malicious activity that changes the integrity of data sent out from a vehicle, comprising: intercepting, by an output data monitoring agent that monitors data sent out from the vehicle to an external receiving computing unit using a communication interface in communication with a network; intercepting, by at least one sensor data monitoring agent that monitors sensor data outputted by at least one sensor associated with the vehicle; monitoring the integrity of the data sent out by the vehicle by analyzing the data collected by the output data monitoring agent with the sensor data collected by the at least one sensor data monitoring agent to identify a mismatch; and identifying an indication of malicious activity that changed the data sent out from the vehicle relative to the data sensed by the at least one sensor.

Abstract: A computer implemented method of updating software of embedded devices connected to a central dispatch device, comprising using one or more processors of a central dispatch device, the processor(s) are adapted for executing a code for obtaining a respective update package for one or more of a plurality of embedded devices which are operatively connected to the central dispatch device via a communication interconnection, transferring a transient update agent to the embedded device(s) and transferring the update package to the embedded device(s), the one or more embedded devices execute the transient update agent to apply the update package in the one or more embedded devices. The one or more embedded devices discard the transient update agent after the update package is applied.

Abstract: There is provided a computer implemented method of disabling a malicious electronic control unit (ECU) of a plurality of ECUs in communication with a controller area network (CAN) bus network, the method executed by a computing device in communication with the plurality of ECUs and the CAN bus network, the method comprising: detecting a malicious message transmitted by the malicious ECU over the CAN bus network, and injecting a plurality of bits over the CAN bus network to trigger a predefined plurality of errors for disabling the malicious ECU before the malicious ECU makes an additional attempt to retransmit an additional instance of the malicious message.

Abstract: Methods, systems, and devices manipulate operation of at least one electronic control unit (ECU) connected to a controller area network (CAN) bus. The at least one ECU includes at least one error counter, by counting errors associated with at least one ECU. The manipulating is based on generating and broadcasting via the CAN at least one bit stream destined to at least one ECU, thereby manipulating at least one ECU status, determined by the ECU error counter and querying for its status state.

Abstract: A method of enhancing positioning of a moving vehicle based on visual identification of visual objects, comprising obtaining from a location sensor a global positioning and a movement vector of a moving vehicle, capturing one or more images using one or more imaging devices mounted on the moving vehicle to depict at least partial view of a surroundings of the moving vehicle, analyzing the image(s) to identify one or more visual objects having a known geographical position obtained according to the global positioning from a visual data record associated with a navigation map, analyzing the image(s) to calculate a relative positioning of the moving vehicle with respect to the identified visual object(s), calculating an enhanced positioning of the moving vehicle based on the relative positioning and applying the enhanced positioning to a navigation system of the moving vehicle.

Abstract: Apparatus, system and method useful for machine to machine (M2M) communication cyber-attack detection and prevention, are provided. An embedded security bridge (ESB), operatively connected to at least one proximal machine and at least one M2M module. The M2M module is in communication with at least one remote machine, and configured to enable communication between at least one remote machine and at least one proximal machine through the ESB. The ESB includes: one or more inspection units, configured for communication analysis for identifying communication and/or content suspicious as malicious, and, one or more decision units operatively connected to the inspection unit. The decision unit is configured to perform at least one action based on analysis of at least one inspection unit. The ESB is configured to detect by means of the inspection unit and prevent by means of the decision unit cyber-attacks on the proximal machine, the remote machine, or both.

Abstract: According to an aspect of some embodiments of the present invention there is provided a vehicle mechanism for handling vehicle electronic control unit (ECU) malfunction, comprising: a first set of vehicle backup ECUs for operating in a backup vehicle driving mode comprising read-only firmware and disconnected from an interface with communication networks outside the vehicle, the vehicle backup ECUs providing at least basic driving related features of the vehicle including transmission and engine controllers to provide control of the vehicle; and a controller that switches from a standard vehicle driving mode operating according to a second set of standard vehicle ECUs to backup vehicle driving mode in response to a trigger indicative of malfunction of at least one ECU of the first set of vehicle ECUs.

Abstract: A computer implemented method of using a drone to provide update packages to embedded devices, comprising using one or more processors mounted on the drone for executing a code for maneuvering the drone to be in range of one or more wireless interfaces of each of a plurality of embedded devices, communicating with each embedded device through the wireless interface(s) to identify one or more attributes of each embedded device, selecting one of a plurality of update packages according to the identified attribute(s) and transmitting the selected update package to the each embedded device through the wireless interface(s).

Abstract: According to an aspect of some embodiments of the present invention there is provided a vehicle mechanism for handling vehicle electronic control unit (ECU) malfunction, comprising: a first set of vehicle backup ECUs for operating in a backup vehicle driving mode comprising read-only firmware and disconnected from an interface with communication networks outside the vehicle, the vehicle backup ECUs providing at least basic driving related features of the vehicle including transmission and engine controllers to provide control of the vehicle; and a controller that switches from a standard vehicle driving mode operating according to a second set of standard vehicle ECUs to backup vehicle driving mode in response to a trigger indicative of malfunction of at least one ECU of the first set of vehicle ECUs.

Abstract: A computer implemented method of updating software of embedded devices connected to a central dispatch device, comprising using one or more processors of a central dispatch device, the processor(s) are adapted for executing a code for obtaining a respective update package for one or more of a plurality of embedded devices which are operatively connected to the central dispatch device via a communication interconnection, transferring a transient update agent to the embedded device(s) and transferring the update package to the embedded device(s), the one or more embedded devices execute the transient update agent to apply the update package in the one or more embedded devices. The one or more embedded devices discard the transient update agent after the update package is applied.

Abstract: A computer implemented method of using a drone to provide update packages to embedded devices, comprising using one or more processors mounted on the drone for executing a code for maneuvering the drone to be in range of one or more wireless interfaces of each of a plurality of embedded devices, communicating with each embedded device through the wireless interface(s) to identify one or more attributes of each embedded device, selecting one of a plurality of update packages according to the identified attribute(s) and transmitting the selected update package to the each embedded device through the wireless interface(s).

Abstract: A method, and system for carrying out the method, for in-place reorganization of content, organized according to an original organization scheme, which is stored in a non-volatile storage of a device, to a target organization scheme. The method includes obtaining instructions to reorganize the content to a defined target organization scheme. The method further includes (i) generating, based on the instructions and applying target organization logic to a virtual storage, a sequence of update commands for generating, in the non-volatile storage, at least one target storage unit organized according to the defined target organization scheme, and (ii) executing the update commands on the non-volatile storage. Potential write-before-read conflicts may be identified based on the sequence of update commands, and potential conflicts resolved by reordering, adding, deleting, altering commands, and/or backing up content.