Patents by Inventor Kamil ZAWADZKI
Kamil ZAWADZKI has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11902300Abstract: An approach for monitoring a data transmission system that uses a data transmission means such as a vehicle bus or a vehicle network of a motor vehicle. This system includes a monitoring device that transmits a request message to a transmitting device and to a receiving device. The transmitting device generates a particular transmitter response on the basis of the request message, where the transmitter response is transmitted to the monitoring device. The receiving device generates a particular receiver response on the basis of the request message, where the receiver response is transmitted to the monitoring device. The monitoring device receives the transmitter response and the receiver response and checks compliance with a trigger condition which depends on the transmitter response and the receiver response, the compliance of which indicates an event relevant to monitoring.Type: GrantFiled: November 25, 2019Date of Patent: February 13, 2024Assignee: AUDI AGInventors: Markus Klein, Kamil Zawadzki, Changsup Ahn, Wolfgang Stadler, Karsten Schmidt
-
Publication number: 20240028773Abstract: Single-chip system, having multiple computing units, in particular computer cores and/or CPUs, at least one input/output unit, a memory unit, and an input/output control unit that coordinates the communication between the computing units and the at least one input/output unit, wherein the single-chip system further has an attack detection unit, produced as hardware, that is connected by means of a hardware signal connection to at least the input/output control unit as a component of the single-chip system and evaluates input signals received from the input/output control unit for a rule infringement in a set of attack detection rules, which rule infringement needs to be logged and/or responded to with at least one measure.Type: ApplicationFiled: September 19, 2023Publication date: January 25, 2024Applicant: AUDI AGInventors: Markus KLEIN, Kamil ZAWADZKI, Changsup AHN, Hans Georg GRUBER
-
Patent number: 11783093Abstract: Single-chip system, having multiple computing units, in particular computer cores and/or CPUs, at least one input/output unit, a memory unit, and an input/output control unit that coordinates the communication between the computing units and the at least one input/output unit, wherein the single-chip system further has an attack detection unit, produced as hardware, that is connected by means of a hardware signal connection to at least the input/output control unit as a component of the single-chip system and evaluates input signals received from the input/output control unit for a rule infringement in a set of attack detection rules, which rule infringement needs to be logged and/or responded to with at least one measure.Type: GrantFiled: October 16, 2018Date of Patent: October 10, 2023Assignee: AUDI AGInventors: Markus Klein, Kamil Zawadzki, Changsup Ahn, Hans Georg Gruber
-
Patent number: 11582189Abstract: A method for filtering communication data arriving from a communication partner via a communication connection, which provides access to at least one storage means of a receiving data processing device having at least one computation unit, in the data processing device, wherein PCI Express, in an interface unit, receiving the communication data, of the data processing device, a filter means, at least part of which is embodied as hardware, is used so that, according to configuration information, prescribed on the data processing device, containing at least one approval condition that rates the at least one property of the useful data contained in the communication data, only the communication data meeting at least one approval condition are forwarded from the interface unit to at least one further component of the data processing device.Type: GrantFiled: August 22, 2018Date of Patent: February 14, 2023Assignee: AUDI AGInventors: Changsup Ahn, Kamil Zawadzki, Markus Klein, Hans Georg Gruber
-
Patent number: 11531788Abstract: An approach for operating at least one touch-sensitive, flat input device of a complete device, the input device being connected via a message-based bus connection to a control device of the complete device, and messages containing touch datasets describing touch data events being transmitted to the control device, which evaluates the messages for input information for an application program implemented by the control device, wherein when a security function in the control device that queries sensitive input information is accessed, the touch datasets are transmitted from the input device to the control apparatus via the bus connection in encrypted form until the associated input process has ended.Type: GrantFiled: April 18, 2019Date of Patent: December 20, 2022Assignee: Audi AGInventors: Markus Klein, Kamil Zawadzki, Changsup Ahn, Tim Krämer, Mathias Bösl
-
Patent number: 11526602Abstract: A data-processing device includes a computing unit and an interface unit using a packet-based communication protocol, in particular PCI Express. The data-processing device also includes an intrusion detection unit that is connected via a signal connection to a filter device of the interface unit, and/or to a secure element, in the form of a Trusted Execution Environment, of an authentication arrangement related to the communication protocol. The intrusion detection unit evaluates input signals received via the signal connection for a rule infringement in a set of intrusion detection rules The filter device, at least part of which is hardware, is designed to forward only the communication data meeting an approval condition from the interface unit to an additional component of the data-processing device according to configuration information predetermined in the data-processing device and containing the approval condition.Type: GrantFiled: December 4, 2018Date of Patent: December 13, 2022Assignee: Audi AGInventors: Markus Klein, Kamil Zawadzki, Changsup Ahn, Hans Georg Gruber, Jürgen Lerzer, Christoph Dalke
-
Patent number: 11244082Abstract: The present disclosure relates to a one-chip system for a control device of a vehicle with at least one bus, at least one control unit connected to the at least one bus for controlling a peripheral device assigned to the at least one control unit and several processors connected to the at least one bus.Type: GrantFiled: November 19, 2018Date of Patent: February 8, 2022Assignee: Audi AGInventors: Markus Klein, Kamil Zawadzki, Changsup Ahn, Hans Georg Gruber
-
Publication number: 20220006822Abstract: An approach for monitoring a data transmission system that uses a data transmission means such as a vehicle bus or a vehicle network of a motor vehicle. This system includes a monitoring device that transmits a request message to a transmitting device and to a receiving device. The transmitting device generates a particular transmitter response on the basis of the request message, where the transmitter response is transmitted to the monitoring device. The receiving device generates a particular receiver response on the basis of the request message, where the receiver response is transmitted to the monitoring device. The monitoring device receives the transmitter response and the receiver response and checks compliance with a trigger condition which depends on the transmitter response and the receiver response, the compliance of which indicates an event relevant to monitoring.Type: ApplicationFiled: November 25, 2019Publication date: January 6, 2022Applicant: AUDI AGInventors: Markus KLEIN, Kamil ZAWADZKI, Changsup AHN, Wolfgang STADLER, Karsten SCHMIDT
-
Patent number: 11212118Abstract: The application relates to a method for checking the data transport across a first communication connection between two data processing devices, said first communication connection being realized between two first interface units, wherein the payload to be transferred can be divided into payload blocks and there is at least one second communication connection between the data processing devices, which is established by means of second interface units, and wherein, in order to implement a challenge-response authentication, a request requiring retrieval of randomly selected data units from identifiable, randomly selected payload blocks of the payload is sent as a challenge by an authentication unit to the first interface units by means of the second communication connection, an authentication assembly of each of the first interface units extracts the requested response data from the payload and transmits the same back to the authentication unit and a successful check is determined if the response data match.Type: GrantFiled: June 18, 2018Date of Patent: December 28, 2021Assignee: AUDI AGInventors: Markus Klein, Kamil Zawadzki, Changsup Ahn, Michael Schmailzl
-
Patent number: 10949552Abstract: An apparatus includes an authentication arrangement for a communication connection, using a communication protocol, between two data processing devices of the apparatus. The data processing devices each have an interface unit for the communication connection and a computation unit. The interface units each have an encryption/decryption device, where the encryption/decryption device is at least partially produced by hardware for encrypting at least some of the user data to be transmitted via the communication connection as part of the authentication arrangement. The encryption/decryption device can be applied in a communication layer of the communication protocol to the user data prepared for the physical user data transmission or to the physically received user data. Each data processing device has a security unit, implemented as dedicated hardware that the computation unit cannot access and/or in a manner logically isolated from the computation unit.Type: GrantFiled: July 5, 2018Date of Patent: March 16, 2021Assignee: Audi AGInventors: Changsup Ahn, Kamil Zawadzki, Markus Klein, Hans-Georg Gruber
-
Publication number: 20210073424Abstract: An approach for operating at least one touch-sensitive, flat input device of a complete device, the input device being connected via a message-based bus connection to a control device of the complete device, and messages containing touch datasets describing touch data events being transmitted to the control device, which evaluates the messages for input information for an application program implemented by the control device, wherein when a security function in the control device that queries sensitive input information is accessed, the touch datasets are transmitted from the input device to the control apparatus via the bus connection in encrypted form until the associated input process has ended.Type: ApplicationFiled: April 18, 2019Publication date: March 11, 2021Applicant: AUDI AGInventors: Markus KLEIN, Kamil ZAWADZKI, Changsup AHN, Tim KRÄMER, Mathias BÖSL
-
Publication number: 20200380175Abstract: The present disclosure relates to a one-chip system for a control device of a vehicle with at least one bus, at least one control unit connected to the at least one bus for controlling a peripheral device assigned to the at least one control unit and several processors connected to the at least one bus.Type: ApplicationFiled: November 19, 2018Publication date: December 3, 2020Applicant: Audi AGInventors: Markus KLEIN, Kamil ZAWADZKI, Changsup AHN, Hans Georg GRUBER
-
Publication number: 20200349268Abstract: An apparatus includes an authentication arrangement for a communication connection, using a communication protocol, between two data processing devices of the apparatus. The data processing devices each have an interface unit for the communication connection and a computation unit. The interface units each have an encryption/decryption device, where the encryption/decryption device is at least partially produced by hardware for encrypting at least some of the user data to be transmitted via the communication connection as part of the authentication arrangement. The encryption/decryption device can be applied in a communication layer of the communication protocol to the user data prepared for the physical user data transmission or to the physically received user data. Each data processing device has a security unit, implemented as dedicated hardware that the computation unit cannot access and/or in a manner logically isolated from the computation unit.Type: ApplicationFiled: July 5, 2018Publication date: November 5, 2020Applicant: AUDI AGInventors: Changsup AHN, Kamil ZAWADZKI, Markus KLEIN, Hans-Georg GRUBER
-
Publication number: 20200351106Abstract: The application relates to a method for checking the data transport across a first communication connection between two data processing devices, said first communication connection being realized between two first interface units, wherein the payload to be transferred can be divided into payload blocks and there is at least one second communication connection between the data processing devices, which is established by means of second interface units, and wherein, in order to implement a challenge-response authentication, a request requiring retrieval of randomly selected data units from identifiable, randomly selected payload blocks of the payload is sent as a challenge by an authentication unit to the first interface units by means of the second communication connection, an authentication assembly of each of the first interface units extracts the requested response data from the payload and transmits the same back to the authentication unit and a successful check is determined if the response data match.Type: ApplicationFiled: June 18, 2018Publication date: November 5, 2020Applicant: AUDI AGInventors: Markus KLEIN, Kamil ZAWADZKI, Changsup AHN, Michael SCHMAILZL
-
Publication number: 20200334355Abstract: A data-processing device includes a computing unit and an interface unit using a packet-based communication protocol, in particular PCI Express. The data-processing device also includes an intrusion detection unit that is connected via a signal connection to a filter device of the interface unit, and/or to a secure element, in the form of a Trusted Execution Environment, of an authentication arrangement related to the communication protocol. The intrusion detection unit evaluates input signals received via the signal connection for a rule infringement in a set of intrusion detection rules. The filter device, at least part of which is hardware, is designed to forward only the communication data meeting an approval condition from the interface unit to an additional component of the data-processing device according to configuration information predetermined in the data-processing device and containing the approval condition.Type: ApplicationFiled: December 4, 2018Publication date: October 22, 2020Applicant: AUDI AGInventors: Markus KLEIN, Kamil ZAWADZKI, Changsup AHN, Hans Georg GRUBER, Jürgen LERZER, Christoph DALKE
-
Patent number: 10783242Abstract: The disclosure relates to a method for protecting an operating system of a security system, which is stored in a working memory of a control device of a vehicle, against irregular modification.Type: GrantFiled: October 17, 2018Date of Patent: September 22, 2020Assignee: Audi AGInventors: Markus Klein, Kamil Zawadzki, Changsup Ahn, Hans-Georg Gruber
-
Publication number: 20200250301Abstract: The disclosure relates to a method for protecting an operating system of a security system, which is stored in a working memory of a control device of a vehicle, against irregular modification.Type: ApplicationFiled: October 17, 2018Publication date: August 6, 2020Applicant: AUDI AGInventors: Markus KLEIN, Kamil ZAWADZKI, Changsup AHN, Hans-Georg GRUBER
-
Publication number: 20200242276Abstract: Single-chip system , having multiple computing units, in particular computer cores and/or CPUs, at least one input/output unit, a memory uni, and an input/output control unit that coordinates the communication between the computing units and the at least one input/output unit, wherein the single-chip system further has an attack detection unit, produced as hardware, that is connected by means of a hardware signal connection to at least the input/output control unit as a component of the single-chip system and evaluates input signals received from the input/output control unit for a rule infringement in a set of attack detection rules, which rule infringement needs to be logged and/or responded to with at least one measure.Type: ApplicationFiled: October 16, 2018Publication date: July 30, 2020Applicant: Audi AGInventors: Markus KLEIN, Kamil ZAWADZKI, Changsup AHN, Hans Georg GRUBER
-
Publication number: 20200244624Abstract: A method for filtering communication data arriving from a communication partner via a communication connection, which provides access to at least one storage means of a receiving data processing device having at least one computation unit, in the data processing device, wherein PCI Express, in an interface unit, receiving the communication data, of the data processing device, a filter means, at least part of which is embodied as hardware, is used so that, according to configuration information, prescribed on the data processing device, containing at least one approval condition that rates the at least one property of the useful data contained in the communication data, only the communication data meeting at least one approval condition are forwarded from the interface unit to at least one further component of the data processing device.Type: ApplicationFiled: August 22, 2018Publication date: July 30, 2020Applicant: Audi AGInventors: Changsup AHN, Kamil ZAWADZKI, Markus KLEIN, Hans Georg GRUBER