Abstract: The described techniques address issues associated with current implementations of debugging and tracing tools, which transmit trace data from tracing processes in an unencrypted form. The techniques include providing a secure means by which to convey the trace data instances outside of a monitored system utilizing an encryption scheme that leverages a number used only once (nonce) value for the encryption of the trace data instances. Advantageously, a time stamp value identified with one or more of the trace messages may be used to generate the nonce value to facilitate the encryption of the trace data instances.

Abstract: A chip device with a logic circuitry (105) protected by a randomized logic encryption based on a key (K) for preventing a designated usage of the logic circuitry (105) by an unauthorized user comprises: a physically unclonable function, PUF, (110), a storage (120), and a chip enabler (130) with one or more registers (132). The physically unclonable function, PUF, (110) is configured to generate a device-individual response (Re) based on a challenge (Ch). The storage (120) has stored the challenge (Ch) and a data element (C), the data element (C) being an encryption of the key (K) with the response (Re) of the PUF (110) as encryption key. The enabler (130) is configured to enable the logic circuitry (105) for the designated usage only, when the key (K) is transferred to the register(s) (132), the key (K) being a decryption of the data element (C) with the response (Re) as the encryption key.

Abstract: The present disclosure relates to an in-vehicle network end node and secure ways for the in-vehicle end node to access a server in order to off-load complex tasks from the in-vehicle end node thereby enhancing its function despite the scarce resources of the in-vehicle end node.

Abstract: The present disclosure relates to a server, a relay, and an in-vehicle end node that enable an efficient deployment of software updates for in-vehicle network end nodes.

Abstract: The described techniques address issues associated with current post-quantum cryptography (PQC) algorithms by providing a more efficient means of key expansion. Architectures are provided for both an accelerator and an expander, which may be implemented in accordance with any suitable type of cryptographic algorithm that utilizes key expansion, such as PQC algorithms, a key encapsulation mechanism (KEM) algorithm, a Digital Signature Algorithm (DSA), etc. The accelerator architecture enables portions of the expanded key to be generated only when required by a processing block, allowing for the reuse of memory, which allows for a reduction in memory size and thus a smaller footprint (i.e. physical size) compared to conventional architectures. The expander architecture reduces the required interactions and data transfers between the processing block and the key expansion block, thereby reducing the load on the processing block and system components, such as shared buses and bridges.

Abstract: A device may compute a cryptographic state based on a freshness value. The device may compute a successive cryptographic state based on a successive freshness value. The successive freshness value may be based on a freshness modifier in combination with the freshness value. The device may store the cryptographic state and the successive cryptographic state. The device may receive a message after the cryptographic state and the successive cryptographic state are stored. The device may identify the cryptographic state or the successive cryptographic state based on the freshness value or the successive freshness value. The device may perform a security operation based on the cryptographic state or the successive cryptographic state.

Abstract: A device may compute redundancy information based on plaintext. The device may determine modified additional data based on the redundancy information and the additional data. The device may encrypt the plaintext to obtain ciphertext. The device may compute a message authentication code based on the ciphertext and the modified additional data. The device may transmit a message including the ciphertext, the additional data, and the message authentication code.

Abstract: A security hardware device is configured to secure a control apparatus. The security hardware device includes a data security domain; a functional safety domain; a data security processor provided in the data security domain and is configured to secure data from unauthorized access or manipulation; a functional safety processor provided in the functional safety domain and is configured to detect functional errors and generate respective safety alerts in response to detecting the functional errors; and a monitoring processor configured to analyze the respective safety alerts provided by the functional safety processor for at least one pattern of safety alerts indicative of a security attack and generate a response signal in response to the respective safety alerts having at least one of the at least one pattern of safety alerts.

Abstract: The present disclosure relates to a server, a relay, and an in-vehicle end node that enable an efficient deployment of software updates for in-vehicle network end nodes.

Abstract: The described techniques address issues associated with current secure in-vehicle communication systems, which are required to generate subkeys per each encoded data transmission/reception. These encoded data transmissions/receptions may be in accordance with several different in-vehicle communication protocols, and the requirement of such protocols to generate the subkeys “on-the-fly” may lead to significant processing overhead and latency. The embodiments provided herein address the issue of subkey generation by using a predetermined function to pre-calculate and store the subkeys that are to be used for future encoded data message transmissions/receptions. In this way, the time and overhead required to generate the subkeys may be better and more efficiently managed.

Abstract: A network node may receive a control plane message. The control plane message may include an indication that the control plane message is a control plane message, an indication that the control plane message is associated with security, an indication of a security key to be associated with a secure zone (SZ) of an in-vehicle communication network, and an indication of a freshness value. The network node may perform a cryptographic operation for a data plane message associated with the SZ using the security key.

Abstract: A controller may receive a set of messages provided by one or more network nodes included in an in-vehicle communication network. The controller may determine a security pattern associated with generating a tunnel frame including the set of messages. The controller may identify one or more messages from the set of messages based on the security pattern. The controller may compute a tunnel frame message authentication code (TMAC) based on one or more characteristics of the one or more messages. The controller may generate the tunnel frame, the tunnel frame including the TMAC and the set of messages.

Abstract: The present disclosure relates to a vehicle, a device, a computer program and a method for loading data, e.g., during a boot-up process. The method includes a reception of at least one character string for the verification of data. The method further includes a verification of data, wherein the verification of data includes a comprehensive check of the entire character string. The method further provides for a loading of data based on the check of the character string.

Abstract: The present disclosure relates to authenticity and data security for bus-based communication networks in a vehicle. The present disclosure teaches a protocol frame, a sender on data link layer, and a receiver on data link layer providing such authenticity and data security as well as a communication network in a vehicle employing the protocol frame, the sender and the receiver according to the present disclosure.

Abstract: A controller may receive a message provided by a network node included in an in-vehicle communication network. The controller may identify one or more characteristics of the message, the one or more characteristics indicating at least one of a message type of the message, a security property of the message, or a secure zone (SZ) associated with the message. The controller may determine a priority of the message based at least in part on the one or more characteristics. The controller may provide the message to an output buffer based at least in part on the priority of the message, the output buffer being one of a plurality of output buffers.

Abstract: An electronic anomaly detection unit for use in a vehicle includes an input component for capturing an input variable, wherein the input variable contains state information for at least one component of the vehicle, a memory component for storing state values based on the input variable, a selection component for selecting selected state values from the stored state values, an association component for associating the selected state values with predefined values, wherein the predefined values define a normal state of the component of the vehicle, and a decision component for deciding whether there is an anomalous behavior in the at least one component of the vehicle, based on the association, wherein one or more of the input component, the memory component, the selection component, the association component and the decision component are implemented in hardware.

Abstract: A redundancy system includes a first computational device and a second computational device each configured to receive at least one input and to generate a first output and a second output, respectively, based on the at least one input; a random sequence generator configured to generate a random bit sequence; a random delay selector configured to determine a random delay based on the random bit sequence; a first random delay circuit configured to delay outputting the at least one input to the first computational device based on the random delay; a second random delay circuit configured to delay outputting the second output based on the random delay; and a fault detection circuit configured to receive the first output and the delayed second output, and to generate a comparison result based on comparing the first input to the delayed second output.

Abstract: A device is suggested for processing input data including a hardware accelerator generating a first hash value based on a first portion of the input data and a second hash value based on a second portion of the input data, wherein the first hash value is generated based on a first configuration of the hardware accelerator and wherein the second hash value is generated based on a second configuration of the hardware accelerator. Also, a method for operating such device is provided.

Abstract: The present disclosure relates to authenticity and data security for bus-based communication networks in a vehicle. The present disclosure teaches a protocol frame, a sender on data link layer, and a receiver on data link layer providing such authenticity and data security as well as a communication network in a vehicle employing the protocol frame, the sender and the receiver according to the present disclosure.

Abstract: A sender device includes: a first sequence generator configured to generate a first sequence of bits having a bit pattern that incudes first bit values and second bit values; a first parsing processor configured to receive a first plurality of data blocks and the first sequence of bits, and select a first subset of data blocks and a second subset of data blocks from the first plurality of data blocks based on the bit pattern; an encryption processor configured to encrypt the selected first subset of data blocks received from the first parsing processor to generate encrypted data blocks and output the encrypted data blocks to an output terminal that is configured to output the encrypted data blocks and the selected second subset of data blocks as unencrypted data blocks from the sender device.