Abstract: A computer-implemented method for processing data which are associated for example with a signal transmittable and/or transmitted via a bus system, for example of a vehicle, including: at least intermittent provision of reference data for a statistical model which characterizes at least one average of at least one characteristic of the signal on the basis of a first average determined, for example dynamically, over a predefinable unweighted first number of values for the characteristic, and at least intermittent modification of the reference data at least in part on the basis of a second average determined, for example dynamically, over a predefinable weighted second number of values for the characteristic.

Abstract: A computer-implemented method. The method includes recognizing the possibility of a manipulation of the software of a first component of a plurality of components of a vehicle electrical system of a vehicle in a central device for mitigating a manipulation of software. The central device for mitigating a manipulation is part of the vehicle electrical system, and is designed to mitigate a manipulation of software in each component of the plurality of components of the vehicle electrical system. The method further includes initiating a countermeasure for mitigating the manipulation of the software of the first component and carrying out the countermeasure for mitigating the manipulation of the software of the first component. The countermeasure includes changing a functionality of the first component and at least partially shifting the functionality of the first component to one or multiple other components of the plurality of components.

Abstract: A method for checking a message in a communication system, in which multiple users are connected to a communication medium and exchange messages via same. A time difference between points in time of reception of a message that is sent on the communication medium is ascertained at two different, predefined positions on the communication medium, and based on a comparison of the time to at least one reference time difference, it is determined whether the message originates from a verified user.

Abstract: A method for filtering security events of an intrusion detection system of a computer system with a plurality of computing units connected for data communication. The intrusion detection system is configured to detect security events and to classify them according to a plurality of event types; wherein a type-specific counter is initialized for each event type; and wherein, in response to a detection of a security event by the intrusion detection system, the type-specific counter corresponding to the detected security event is in each case incremented until a threshold value is reached, and the detected security event is discarded if the type-specific counter corresponding to the detected security event has reached the threshold value.

Abstract: A method for evaluating a signal that is, for example, transferred and/or receivable via a bus system. The method includes: ascertaining a first variable that characterizes a length of a bit sequence associated with the signal, for example, the bit sequence including n bits, where n is greater than or equal to one, and optionally ascertaining a second variable that characterizes a deviation of the length of the bit sequence from a reference bit sequence that includes n bits.

Abstract: A method, particularly a computer-implemented method, for determining information of a bus system that has a transmission medium via which signals are transmittable. The method includes: determining a first variable which characterizes a time difference between a first point in time and a second point in time, a signal output by a transmitter onto the transmission medium of the bus system reaching a first position relative to the transmission medium at the first point in time, and the signal output by the transmitter onto the transmission medium of the bus system reaching a second position relative to the transmission medium at the second point in time; evaluating the first variable, at least one time-to-digital converter device being used for determining the first variable.

Abstract: A computer system for providing a plurality of functions for a device, in particular for a vehicle, by separation of a plurality of zones. The computer system has a plurality of system modules configured to provide functions that are differently critical for the operational security of the device. A zone is a logically and/or physically delimitable unit in the computer system. A first zone is more trustworthy than a second, less trustworthy zone. The danger of a manipulation of a more trustworthy zone is less than of a less trustworthy zone. The first zone is assigned a first number of protective mechanisms and the second zone is assigned a second number of protective mechanisms. The first number of protective mechanisms protecting the first zone from manipulation to a greater extent than that to which the second number of protective mechanisms protects the second zone.

Abstract: A computer system for providing a plurality of functions for a device, in particular for a vehicle. The computer system has a plurality of system modules configured to provide functions that are differently critical for the operational security of the device. Each system module or a part of a system module is assigned to one zone of a plurality of zones, a zone being a logically and/or physically delimitable unit in the computer system. A first zone is more trustworthy than a second, less trustworthy zone, the danger of a manipulation of a more trustworthy zone being less than of a less trustworthy zone. A first, more critical function being provided by a system module of the first zone and a less critical function being provided by a system module of the second zone.

Abstract: A method for remote verification of the integrity of a computer program in a computing unit to be checked using a verification unit. The computer program is specified by a reference program code and is in the form of stored program code in the computing unit to be checked. The method includes: selecting, by the verification unit, a pair from a list of pairs in which each pair includes a random character string and a reference check value calculated using a check value function based on the random character string of the pair and the reference program code; transmitting the random character string of the pair to a validation unit; receiving a comparison check value calculated using the check value function based on the transmitted random character string and the stored program code; comparing the received comparison check value to the reference check value of the selected pair.

Abstract: A computer-implemented method. The method includes recognizing the possibility of a manipulation of the software of a first component of a plurality of components of a vehicle electrical system of a vehicle in a central device for mitigating a manipulation of software. The central device is part of the vehicle electrical system, and mitigates a manipulation of software in each component of the plurality of components. The method further includes initiating a countermeasure for mitigating the manipulation of the software of the first component by the central device; and carrying out the countermeasure for mitigating the manipulation of the software of the first component. The countermeasure for mitigating the manipulation includes a measure for preventing a repetition of the manipulation, which is selected based on an analysis of information concerning data traffic in the vehicle electrical system that took place before the possibility of a manipulation was recognized.

Abstract: A computer-implemented method. The method comprises analyzing a communication, secured by one or more cryptographic methods, between a first component of a plurality of components of an on-board network of a vehicle and a central device for mitigating a software manipulation. The central device for mitigating a manipulation is part of the on-board network and is designed for software mitigation in each of the plurality of components of the on-board network. The method further comprises identifying the possibility of a manipulation of the software of the first component in the central device for mitigating a software manipulation, based on the analysis of the communication, and initiating a countermeasure to mitigate the manipulation of the software of the first component by way of the central device for mitigating a manipulation.

Abstract: A computer-implemented method. The method includes recognizing the possibility of a manipulation of the software of a first component of a plurality of components of a vehicle electrical system of a vehicle in a central device for mitigating a manipulation of software. The central device for mitigating a manipulation is part of the vehicle electrical system, and is designed to mitigate a manipulation of software in each component of the plurality of components of the vehicle electrical system. The method further includes initiating a countermeasure for mitigating the manipulation of the software of the first component and carrying out the countermeasure for mitigating the manipulation of the software of the first component. The countermeasure includes changing a functionality of the first component and at least partially shifting the functionality of the first component to one or multiple other components of the plurality of components.

Abstract: A computer-implemented method for detecting the possibility of a manipulation of the software of a first component of a multiplicity of components of an onboard network of a vehicle in a central device for mitigating a manipulation of software. The central device for mitigating a manipulation is part of the onboard network and configured for the mitigation of software in each of the multiplicity of components of the onboard network. The method includes the initiation of a countermeasure for mitigating the manipulation of the software of the first component by the central device for mitigating a manipulation and the implementation of the countermeasure for mitigating the manipulation of the software of the first component. The countermeasure against the manipulation includes resetting the software of the first component using a security module of the first component and/or an unalterable module of the first component.

Abstract: A computer-implemented method. The method includes recognizing the possibility of a manipulation of the software of a first component of a plurality of components of a vehicle electrical system of a vehicle, initiating a countermeasure for mitigating the manipulation of the software of the first component, and carrying out the countermeasure for mitigating the manipulation of the software of the first component. The countermeasure includes activating a write lock and/or read lock of a memory of the first component. In some examples, the recognition and the initiation may be carried out in a central device for mitigating a manipulation of software. The central device for mitigating a manipulation is part of the vehicle electrical system and is designed to mitigate a manipulation of software in each component of the plurality of components of the vehicle electrical system.

Abstract: A method for authenticating a message transmitted via a communication channel, including the following: sampling recurring signal edges within a data frame of the message, sampling values being obtained with a start time that is offset between the signal edges, reconstructing an average signal characteristic of a part of the message from the sampling values, calculating signal-technical properties of the data frame from the signal characteristic, and the message is authenticated based on the properties.

Abstract: A computer-implemented method for processing data which are associated for example with a signal transmittable and/or transmitted via a bus system, for example of a vehicle, including: at least intermittent provision of reference data for a statistical model which characterizes at least one average of at least one characteristic of the signal on the basis of a first average determined, for example dynamically, over a predefinable unweighted first number of values for the characteristic, and at least intermittent modification of the reference data at least in part on the basis of a second average determined, for example dynamically, over a predefinable weighted second number of values for the characteristic.

Abstract: A method for detecting the possibility of an intrusion into a bus system. The bus system includes a plurality of components which are able to transmit messages in the bus system. The method includes ascertaining a number of messages that are transmitted by a first component of the plurality of components in a specific time period; determining whether the number of messages in the specific time period satisfies a predefined first criterion; and detecting the possibility of an intrusion if the number of messages does not satisfy the predefined first criterion.

Abstract: A method for checking a message in a communication system, in which multiple users are connected to a communication medium that includes two signal lines and exchange messages via same. A time difference between points in time of reception of a message that is sent on the communication medium is ascertained at two different, predefined positions on the communication medium, and based on a comparison of the time difference to at least one reference time difference, it is determined whether the message originates from a verified user. During the ascertainment of the time difference at the two positions, in each case a difference signal is formed from signals that have resulted on the two signal lines due to the message.

Abstract: A computer-implemented method which identifies the possibility of manipulation of the software of a first component of a plurality of components of an on-board network of a vehicle in a central device for mitigating software manipulation. A central device for mitigating manipulation is designed to mitigate software manipulation in each of the plurality of components in the on-board network. The method includes initiation of a countermeasure for mitigating manipulation of the first component by the central device for detecting and mitigating manipulation.

Abstract: A computer-implemented method for intercepting an intrusion into a bus system. The method includes detecting, by way of an intrusion detection system, a frame sent by a further node of the bus system on a bus of the bus system as an intrusion into the bus system; sending data on a receive line of a node device in order to manipulate a signal, which corresponds to the frame arriving over the bus, on the receive line, the receive line being arranged between a transceiver and a controller of the node device. A node device and a bus system for intercepting an intrusion into the bus system, are also described.