Abstract: A system may include data processing hardware and memory hardware in communication with the data processing hardware. The memory hardware may store instructions that when executed on the data processing hardware cause the data processing hardware to perform operations. The operations include requesting, via a boot manager of a host module, a hardware security module (HSM) to verify an application software of the host module and configuring, via the verified application software, a memory protection unit (MPU) to at least one of no execute and no write for at least one area of a memory of the host module. The operations further include executing the application software with the HSM enabled.

Abstract: An electronic control unit (ECU), or node, is configured to use a single key for generating requests from a security peripheral for a MAC. The security peripheral includes the stored shared key. The security peripheral may further include a policy enabling it to detect if a request from the V-ECU is valid, in which case it generates a MAC. The security peripheral is also used to store information in a MAC Generate Allow List (MGAL). In some embodiments, the receiving nodes in a network receive data based on a security peripheral's response to a transmit nodes requests for a MAC. The receiving nodes use this knowledge to avoid being spoofed.

Abstract: An electronic control unit (ECU), or node, is configured to use a single key for generating requests from a security peripheral for a MAC. The security peripheral includes the stored shared key. The security peripheral may further include a policy enabling it to detect if a request from the V-ECU is valid, in which case it generates a MAC. The security peripheral is also used to store information in a MAC Generate Allow List (MGAL). In some embodiments, the receiving nodes in a network receive data based on a security peripheral's response to a transmit nodes requests for a MAC. The receiving nodes use this knowledge to avoid being spoofed.

Abstract: An electronic control unit (ECU), or node, is configured to use a single key for all virtual ECUs (V-ECUs) having a message to transmit. The ECU also may include a security peripheral that includes the stored shared key. The security peripheral may further include a policy enabling it to detect if a request from the V-ECU is valid, in which case it generates a MAC. The security peripheral is also used to store information in a MAC Generate Allow List (MGAL), which may define the policy about when the V-ECU can transmit. The ECU may include a crypto-engine, which stores shared keys from other nodes used to verify MACs transmitted by other nodes.

Abstract: A system includes a vehicle external to a back office portal. The back office portal is operational to generate a signed update mode record. The vehicle has multiple devices and a component. The component is in communication with the devices, and operational to receive the signed update mode record, verify that the signed update mode record is from the back office portal and was created for the component, erase credentials within the component that establish the component as valid to the plurality of devices in response to the verification of the signed update mode record, perform an irreversible action within the component, enter a software update mode, exit the software update mode, and reject each request from the plurality of devices to the component that relies on the credentials that were erased from the component.

Abstract: A method for performance tuning an electronic control unit (ECU). The performance tuning may include determining one or more tunable values stored on a tunable implementation memory of the ECU to specify tunable calibration data for one or more tunable calibration parameters selected for performance tuning and controlling an application software of the ECU to execute according to the tunable calibration data.

Abstract: A system for implementing a secure boot event includes a system on a chip (SoC). The SoC includes key hashes stored within one-time programmable memory. Each of the key hashes is configured for use with one of a plurality of candidate authentication key sets. The SoC further includes firmware stored within RAM. The firmware includes a secondary bootloader, a plurality of public keys, and corresponding signatures. The public keys and corresponding signatures are configured for use with one of the key sets. The SoC further includes a primary bootloader utilizing fuses stored within the programmable memory. The fuses activate a selected key hash based upon an ecosystem in which the system is to operate. The selected hash and a corresponding public key and signature define an active authentication key set. During the event, the primary bootloader utilizes the active authentication key set to authenticate a downloaded update to the firmware.

Abstract: A method and system for authenticating soft part updates to an electronic control unit (ECU) or other processing device is contemplated. The authenticating may include a back office providing authentication data to a programming tool whereupon the ECU interacts with the programming tool to authenticate the soft part updates. The authenticating may optionally include the ECU identifying whether the soft part update is to be authenticated according to different types of authentications.

Abstract: An apparatus includes a compute device having a microcontroller unit circuit, multiple processing circuits, and a backplane bus. Initial unsecured communications through the backplane bus are restricted. The microcontroller unit circuit is operational to authenticate the processing circuits with a plurality of processor attestations over a local area network bus based on a secure onboard communication protocol of an automotive open system architecture, a symmetric key, and a message authentication code. The processing circuits are operational to reply to the processor attestations over the local area network bus, and verify the microcontroller unit circuit based on the secure onboard communication protocol, the symmetric key, and the message authentication code received from the microcontroller unit circuit. Secure communications through the backplane bus among the processing circuits is enabled based on the authentications of the processing circuits and the verifications of the microcontroller unit circuit.

Abstract: Disclosed embodiments describe techniques for personal area network (PAN) enablement. PAIN connection uses an interconnection laminate substrate for connectivity of personal area network components. The interconnection laminate substrate may be flexible or rigid. In one preferred form of the invention, the interconnection laminate substrate is flexible. A plurality of personal area network components is provided. An interconnection laminate substrate is provided within a manufactured article (e.g., a soft good assembly), where the interconnection laminate substrate enables connectivity among the plurality of personal area network components, and where the interconnection laminate substrate comprises interconnection wiring encapsulated in at least one protective encapsulation layer, with the interconnection wiring being coupled to a plurality of exposed connectors.

Abstract: An apparatus has a communication bus, a first circuit, and a second circuit. The first circuit is operational to generate a package, calculate a check value of payload data in the package with a particular cyclic redundance check variant and an obfuscation type, store an encrypted check value in a footer of the package, store an encrypted obfuscation code in a header of the package, and transmit the package on the communication bus. The second circuit is operational to receive the package from the communication bus, decrypt the encrypted check value to determine the check value calculated by the first circuit, determine an obfuscation type from the encrypted obfuscation code, perform a payload verification of the payload data with the particular cyclic redundancy check variant with the obfuscation type applied and the check value, and signal that the payload data is valid in response to passage of the payload verification.

Abstract: An electronic control unit (ECU), or node, is configured to use a single key for all virtual ECUs (V-ECUs) having a message to transmit. The ECU also may include a security peripheral that includes the stored shared key. The security peripheral may further include a policy enabling it to detect if a request from the V-ECU is valid, in which case it generates a MAC. The security peripheral is also used to store information in a MAC Generate Allow List (MGAL), which may define the policy about when the V-ECU can transmit. The ECU may include a crypto-engine, which stores shared keys from other nodes used to verify MACs transmitted by other nodes.

Abstract: An electronic control unit (ECU), or node, is configured to use a single key for generating requests from a security peripheral for a MAC. The security peripheral includes the stored shared key. The security peripheral may further include a policy enabling it to detect if a request from the V-ECU is valid, in which case it generates a MAC. The security peripheral is also used to store information in a MAC Generate Allow List (MGAL). In some embodiments, the receiving nodes in a network receive data based on a security peripheral's response to a transmit nodes requests for a MAC. The receiving nodes use this knowledge to avoid being spoofed.

Abstract: A system for implementing a secure boot event includes a system on a chip (SoC). The SoC includes key hashes stored within one-time programmable memory. Each of the key hashes is configured for use with one of a plurality of candidate authentication key sets. The SoC further includes firmware stored within RAM. The firmware includes a secondary bootloader, a plurality of public keys, and corresponding signatures. The public keys and corresponding signatures are configured for use with one of the key sets. The SoC further includes a primary bootloader utilizing fuses stored within the programmable memory. The fuses activate a selected key hash based upon an ecosystem in which the system is to operate. The selected hash and a corresponding public key and signature define an active authentication key set. During the event, the primary bootloader utilizes the active authentication key set to authenticate a downloaded update to the firmware.

Abstract: Disclosed embodiments describe techniques for personal area network (PAN) enablement. PAIN connection uses an interconnection laminate substrate for connectivity of personal area network components. The interconnection laminate substrate may be flexible or rigid. In one preferred form of the invention, the interconnection laminate substrate is flexible. A plurality of personal area network components is provided. An interconnection laminate substrate is provided within a manufactured article (e.g., a soft good assembly), where the interconnection laminate substrate enables connectivity among the plurality of personal area network components, and where the interconnection laminate substrate comprises interconnection wiring encapsulated in at least one protective encapsulation layer, with the interconnection wiring being coupled to a plurality of exposed connectors.

Abstract: Disclosed embodiments describe techniques for physiological analysis. The physiological analysis is based on the use of a wearable sensor array. A plurality of sensors and conductors is coupled to a compression garment, where the compression garment has stretchable portions that stretch, e.g., in a single dimension. The garment can include a shirt, a sports bra, or a vest. Associated on-board electronics are mounted to at least one of the compression garment and the hub and electrically connected to the hub and generate a physiological profile, based on at least one output from each of the sensors. At least one aspect of the physiological profile is communicated to a processor configured to analyze the at least one aspect and generate an assessment based on the analysis.

Abstract: A method for securing an electronic control unit (ECU). The method may include generating a granular security control adjustment authorization ticket (G-SCAAT) for securing the ECU according to a plurality of security parameters determined based on to a role selected for a corresponding user. The G-SCAAT may include security values to be used in controlling the ECU to operate according to the security parameters.

Abstract: A method for performance tuning an electronic control unit (ECU). The performance tuning may include determining one or more tunable values stored on a tunable implementation memory of the ECU to specify tunable calibration data for one or more tunable calibration parameters selected for performance tuning and controlling an application software of the ECU to execute according to the tunable calibration data.

Abstract: A method for securing an electronic control unit (ECU). The method may include generating a granular security control adjustment authorization ticket (G-SCAAT) for securing the ECU according to a plurality of security parameters determined based on to a role selected for a corresponding user. The G-SCAAT may include security values to be used in controlling the ECU to operate according to the security parameters.

Abstract: The present application relates to a method and apparatus for intelligent wireless protocol optimization including storing, in a memory, a first customer key and a second customer key, receiving, by a processor, a secret key, decrypting, by the processor, the secret key using a first customer key to extract a master key, provisioning, by the processor, an electronic control unit in response to the master key, and deleting, by the processor, the second customer key in response to the provisioning of electronic control unit in response to the master key.