Abstract: A cable gland including an entry component including an inner surface with an abutment, a backnut removably attachable to the entry component, a cavity extending through the entry component and the backnut, and a grounding device configured to rest against the abutment, the grounding device including a rim, an inner edge, and a plurality of fingers extending inward and downward from the inner edge, wherein the grounding device is comprised of a conductive material, such as spring steel.

Abstract: Methods, apparatus, and systems for session key generation for AV operation are disclosed. In an embodiment, a vehicle service subscriber system generates an entropy. The vehicle service subscriber system is associated with a vehicle service subscriber. The vehicle service subscriber system transmits a synchronization message to a vehicle service provider system associated with at least one vehicle. The synchronization message includes the entropy. The vehicle service subscriber system receives a salt from the vehicle service provider system. The vehicle service subscriber system verifies that the salt was generated using the entropy. The vehicle service subscriber system calculates session keys using the salt. The vehicle service subscriber system receives a protected message from the vehicle service provider system. The vehicle service subscriber system authenticates the protected message using the session keys. The protected message is used to provide a ride involving the at least one vehicle.

Abstract: Among other things, techniques are described for provisioning and authentication of devices in vehicles. In one aspect, a device in a vehicle establishes a communication session with a network server that manages provisioning of devices corresponding to an enterprise associated with the vehicle. The device receives instructions from the network server to generate cryptographic keys, and in response, generates a public and private key pair. The device sends, to the network server, a certificate signing request that includes the public key and an identifier of the device. In response, the device receives a digital security certificate for the device, and a security certificate of a signing certificate authority. The device authenticates the security certificate of the certificate authority using a known enterprise root certificate, and upon successful authentication, stores the device security certificate and the security certificate of the signing certificate authority.

Abstract: An electrical conduit body assembly is provided. The assembly includes a body portion, a cover, and a movable connection. The movable connection connects the body portion and the cover to one another so that the cover can be moved with respect to the body portion between an open state and a closed state in a manner that prevents the cover from being misplaced or disassociated from the body portion.

Abstract: This disclosure describes a cyber-security protocol for validating messages being exchanged between two devices of an autonomous vehicle. The protocol includes the independent generation of multiple encryption or session keys by both devices. The encryption keys are generated based on a random number provided by each device. In some embodiments, the random numbers can be accompanied by a shared secret key installed on both devices that can help prevent an unauthorized device from creating a shared set of encryption keys with one of the devices. Including a hash generated using one of the encryption keys and a message sequence counter value in each message can help prevent the injection of previously transmitted messages as a means of disturbing operation of the autonomous vehicle.

Abstract: A method of protecting confidentiality of air-gapped logs comprises: generating, during a first log processing cycle, a data processor key and a drive encryption key, wherein the data processor key and the drive encryption key are unique to a log drive mounted to at least one computer processor; wrapping the drive encryption key with the computer processor key; storing the drive encryption key wrapped by the computer processor key in a database, where the database is mapped to data uniquely identifying the log drive; wrapping the drive encryption key with a default key that is known to at least one originator device; wiping the log drive; and writing the drive encryption key wrapped by the default key to the log drive. Some methods described also include a method of processing logs by an originator. Systems and computer program products are also provided.

Abstract: Among other things, we describe systems and method for implementing data security in an autonomous vehicle system. The systems and methods can include inter-process communication security via key management, in which asymmetric cryptography and other validation techniques are used to validate data received from sensors. The systems and method can also include penetrative testing, in which valid sensor inputs are modified and transmitted throughout a distributed network through one or more sensors.

Abstract: Among other things, techniques are described for managing power of electronic devices of a vehicle. For example, a vehicle includes a power source, a power distribution unit configured to control power to at least one electronic device from the power source, a first processor configured for communicating power commands to the power distribution unit, wherein the power distribution unit includes a second processor configured to execute the computer executable instructions stored in computer-readable medium for carrying out operations including adjusting a power distribution from the vehicle power source to the electronic device in accordance with policy data.

Abstract: Methods, systems and apparatus for session key calculation for autonomous vehicle operation are disclosed. A vehicle service provider system broadcasts a first salt to at least one vehicle service subscriber system. The vehicle service provider system is associated with at least one vehicle. The vehicle service provider system receives a synchronization message from the at least one vehicle service subscriber system. The synchronization message includes an entropy. The vehicle service provider system generates a second salt based on the first salt and the entropy. The vehicle service provider system calculates session keys based on the second salt. The vehicle service provider system sends an update to the at least one vehicle service subscriber system. The update includes the second salt for decrypting protected messages using the session keys. The protected messages are used to provide a ride involving the at least one vehicle. Other embodiments may be described or claimed.

Abstract: Enclosed are embodiments for authenticating point cloud data. In an embodiment, a method of authenticating point cloud data comprises: generating, with at least one processor, a point cloud packet, the point cloud packet comprising a header portion and a data section, the data section comprising a plurality of blocks, each block comprising point cloud data; generating, with the at least one processor, a message sequence number (MSN); storing, with the at least one processor, the MSN in the data section; generating, with the at least one processor, a message authentication code (MAC) on the data section; storing the MAC in the point cloud packet; and transmitting, with the at least one processor, the point cloud packet to a receiving device.

Abstract: Methods, apparatus, and systems for session key generation for AV operation are disclosed. In an embodiment, a vehicle service subscriber system generates an entropy. The vehicle service subscriber system is associated with a vehicle service subscriber. The vehicle service subscriber system transmits a synchronization message to a vehicle service provider system associated with at least one vehicle. The synchronization message includes the entropy. The vehicle service subscriber system receives a salt from the vehicle service provider system. The vehicle service subscriber system verifies that the salt was generated using the entropy. The vehicle service subscriber system calculates session keys using the salt. The vehicle service subscriber system receives a protected message from the vehicle service provider system. The vehicle service subscriber system authenticates the protected message using the session keys. The protected message is used to provide a ride involving the at least one vehicle.

Abstract: Among other things, techniques are described for controlling power of electronic devices of a vehicle. For example, a vehicle includes a power source, a power distribution unit configured to control power to at least one electronic device from the power source, a first processor configured for communicating power commands to the power distribution unit. The power distribution unit comprises a second processor configured to execute computer executable instructions stored in computer-readable medium for carrying out operations including adjusting a power distribution from the vehicle power source to the at least one electronic device based on a power command received from the first processor.

Abstract: Among other things, we describe systems and method for implementing data security in an autonomous vehicle system. The systems and methods can include inter-process communication security via key management, in which asymmetric cryptography and other validation techniques are used to validate data received from sensors. The systems and method can also include penetrative testing, in which valid sensor inputs are modified and transmitted throughout a distributed network through one or more sensors.

Abstract: A system including an assembly arranged in at least one of a seat and a steering wheel of a vehicle and a measurement circuit. The assembly includes a sensor and a heater arranged adjacent to the sensor. The measurement circuit is configured to output an excitation signal to the measurement circuit and the assembly and measure a resonant frequency of the measurement circuit and the assembly in response to the excitation signal. The measurement circuit is configured to determine a capacitance value based on the resonant frequency and determine whether a body part is in proximity to the sensor based on the capacitance value.

Abstract: Embodiments are disclosed for secure safety-critical system log. In an embodiment, a method comprises: obtaining data to be added to a log; creating an entry for the data; and adding the entry to a sequence of chained entries in the log, wherein: the sequence of chained entries includes a number of data entries and a number of sentinels interleaved with the number of data entries, wherein each data entry in the chain of entries is appended to an error-detecting code computed for the entry and a previously computed error-detecting code of a preceding data entry or an error-detecting root, and each sentinel in the chain of entries includes an error-detecting code computed for the sentinel and a previously computed error-detecting code of a preceding data entry or the error-detecting root, and each sentinel includes a previously computed and encrypted blockchain value of a preceding sentinel or a blockchain root value.

Abstract: Among other things, techniques are described for provisioning and authentication of devices in vehicles. In one aspect, a device in a vehicle establishes a communication session with a network server that manages provisioning of devices corresponding to an enterprise associated with the vehicle. The device receives instructions from the network server to generate cryptographic keys, and in response, generates a public and private key pair. The device sends, to the network server, a certificate signing request that includes the public key and an identifier of the device. In response, the device receives a digital security certificate for the device, and a security certificate of a signing certificate authority. The device authenticates the security certificate of the certificate authority using a known enterprise root certificate, and upon successful authentication, stores the device security certificate and the security certificate of the signing certificate authority.

Abstract: Among other things, systems and techniques are described for LiDAR (Light Detection and Ranging) safeguards. A described technique includes receiving, at a LiDAR's spinning unit from the base unit, a command to activate a laser; obtaining, at the spinning unit, a measurement from a sensor to detect rotation of the spinning unit in the rotational plane; determining, at the spinning unit, whether a rotational speed of the spinning unit is greater than or equal to a minimum rotational speed threshold based on the measurement; and activating, at the spinning unit, the laser to produce output in response to the command based on a determination that the rotational speed of the spinning unit is greater than or equal to the minimum rotational speed threshold.

Abstract: Among other things, techniques are described for controlling power of electronic devices of a vehicle. For example, a vehicle includes a power source, a power distribution unit configured to control power to at least one electronic device from the power source, a first processor configured for communicating power commands to the power distribution unit. The power distribution unit comprises a second processor configured to execute computer executable instructions stored in computer-readable medium for carrying out operations including adjusting a power distribution from the vehicle power source to the at least one electronic device based on a power command received from the first processor.

Abstract: Among other things, techniques are described for managing power of electronic devices of a vehicle. For example, a vehicle includes a power source, a power distribution unit configured to control power to at least one electronic device from the power source, a first processor configured for communicating power commands to the power distribution unit, wherein the power distribution unit includes a second processor configured to execute the computer executable instructions stored in computer-readable medium for carrying out operations including adjusting a power distribution from the vehicle power source to the electronic device in accordance with policy data.

Abstract: Among other things, techniques are described for provisioning and authentication of devices in vehicles. In one aspect, a device in a vehicle establishes a communication session with a network server that manages provisioning of devices corresponding to an enterprise associated with the vehicle. The device receives instructions from the network server to generate cryptographic keys, and in response, generates a public and private key pair. The device sends, to the network server, a certificate signing request that includes the public key and an identifier of the device. In response, the device receives a digital security certificate for the device, and a security certificate of a signing certificate authority. The device authenticates the security certificate of the certificate authority using a known enterprise root certificate, and upon successful authentication, stores the device security certificate and the security certificate of the signing certificate authority.