Abstract: Systems and methods for ensuring data security. A MAC is computed sequentially for each selected message from a data log that contains at least two messages. To build a data block, a preset encryption key is used for a first message and an encryption key for the previous message is used for subsequent messages. A determination that the data log is compromised can be made based on MAC data block data and an independent calculation of a MAC.

Abstract: Disclosed systems and methods for enabling data to be transmitted between program modules based on compliance with rules, the method comprising: monitoring, by a security module executable by a processor, an interaction between a first program module and a second program module to determine whether the interaction complies with at least one rule, wherein the first program module is a source of data being exchanged with the second program module which is a recipient of the data, when the interaction does not comply with the at least one rule, modifying the data being exchanged between the source and the recipient of the data, and when the interaction complies with the at least one rule, allowing the data to be transmitted to the recipient.

Abstract: Disclosed systems and methods for monitoring an execution system of a programming logic controller (PLC), the method comprising: accessing, by a security module, the PLC execution system and dividing the code and data of the PLC execution system into a plurality of program modules; modifying, by the security module, data exchange interfaces of the program modules used for the interaction between the program modules and the resources of the operating system such that said interaction occurs through the security module, while a format of the data being exchanged complies with a format specified by the security module; and monitoring, by the security module, the execution of the PLC execution system, including monitoring the interaction of the program modules of the PLC execution system with each other and with the resources of the operating system.

Abstract: Disclosed are systems and methods for enabling transmission of data and commands between a mobile device and a vehicle. An exemplary method comprises connecting a security device to a vehicle and to a mobile device, the security device having a protected memory, verifying, by the security device, an authenticity of the mobile device, allowing, by the security device, transmission of data and commands between the mobile device and at least one actuating device of the vehicle when the mobile device is verified as being authentic, transmitting, by the security device, results of executions of commands from the at least one actuating device of the vehicle to the mobile device.

Abstract: Disclosed are systems and methods for securely controlling a vehicle using a mobile device. An exemplary method comprises authenticating, by a mobile device, a user attempting to perform commands controlling one or more vehicle systems of a coupled vehicle, retrieving profile information related to the user's preference associated with the coupled vehicle, establishing a connection between the mobile device and a security device of the coupled vehicle, authenticating the mobile device with the security device, forming, by the mobile device, commands to control the one or more vehicle systems based on command forming algorithms, the one or more vehicle systems comprising actuating devices of the vehicle and electronic systems of the vehicle, modifying the formed commands based on the profile information and safety information related to a location of the vehicle and transmitting the formed commands to the one or more vehicle systems via the security device to securely control the vehicle.

Abstract: Disclosed are systems and methods for generating rules for detecting and blocking attacks on electronics systems of a means of transportation. A security server receives log data having messages that were intercepted on the buses of the means of transportation around the time of a road traffic accident with the means of transportation. The security server detects computer attacks on the electronics systems and generates one or more rules that depend on one or more indicators of compromise, such as malicious messages used in a computer attack and information on at least one ECU that is a recipient of the malicious messages. The generated rules further specify actions for blocking subsequent computer attacks, such as blocking, modifying, or changing communications within the communications bus of the vehicle.

Abstract: Disclosed are systems and methods for detecting and blocking attacks on electronics systems of a means of transportation. A protection module intercepts messages being transmitted on the buses of the means of transportation and saves the intercepted messages, and also for each intercepted message at least one ECU of the means of transportation which is the recipient of that message. The protection module detects computer attacks on the electronics systems by applying one or more rules, which can be received from a security server, to the saved data in the log. The rules may depend on one or more indicators of compromise that include malicious messages used in a computer attack and information on at least one ECU that is a recipient of the malicious messages. The described system further blocks the computer attacks by blocking, modifying, or changing communications within the communications bus of the vehicle.

Abstract: Systems and methods for ensuring data security. A MAC is computed sequentially for each selected message from a data log that contains at least two messages. To build a data block, a preset encryption key is used for a first message and an encryption key for the previous message is used for subsequent messages. A determination that the data log is compromised can be made based on MAC data block data and an independent calculation of a MAC.

Abstract: A computer security architecture applies selected rules from among a set of rules defining one or more security policies to a given set of security context parameters to produce security verdicts, each representing whether a certain action requested by a subject entity is permissible. Each security policy is associated with a corresponding communication interface. A plurality of gateway engines are each associated with at least one of the subject entities and dedicated to interfacing with the security server. Each of the gateway engines carries out monitoring of requested actions by the associated subject entity and, for each requested action, identifies a security context. A security policy is determined for the requested action based on a corresponding security context, and a security verdict is obtained via a communication interface corresponding to the applicable security policy.

Abstract: A system and method is provided for changing parameter values of a computer system without changing security properties. An exemplary method includes receiving a request to change a system configuration of the computer system and identifying a parameter relating to system configurations based on the received request. Furthermore, based on the identified parameter, the method includes receiving instructions to change the identified at least one parameter and initiating a transaction to change the identified at least one parameter based on the received instructions. The initiated transaction is then analyzed to determine whether the change to the parameter will lower a security level of the computer system. If not, the method will execute the change of the identified parameter related to the system configuration.

Abstract: Disclosed are systems and methods for securely controlling a vehicle using a mobile device. An exemplary method comprises authenticating, by a mobile device, a user attempting to perform commands controlling one or more vehicle systems of a coupled vehicle, retrieving profile information related to the user's preference associated with the coupled vehicle, establishing a connection between the mobile device and a security device of the coupled vehicle, authenticating the mobile device with the security device, forming, by the mobile device, commands to control the one or more vehicle systems based on command forming algorithms, the one or more vehicle systems comprising actuating devices of the vehicle and electronic systems of the vehicle, modifying the formed commands based on the profile information and safety information related to a location of the vehicle and transmitting the formed commands to the one or more vehicle systems via the security device to securely control the vehicle.

Abstract: Disclosed are systems and methods for secure control of automotive systems using mobile devices. An exemplary method comprises: connecting a vehicle, as a peripheral device, to a mobile device, which acts as a master device, via a security device of the vehicle, wherein the security device provides secure transmission of data and commands between the vehicle and the mobile device; receiving, by the mobile device, via the security device, from one or more measurement devices of the vehicle, measurement data from one or more automotive systems of the vehicle; based on the received measurement data, forming by the mobile device control commands for actuating devices of the vehicle, wherein the control commands enable and/or regulate operation of the actuating devices of the vehicle; and transmitting, by the mobile device, via the security device, the control commands to the actuating devices of the vehicle.

Abstract: Disclosed systems and methods for monitoring an execution system of a programming logic controller (PLC), the method comprising: accessing, by a security module, the PLC execution system and dividing the code and data of the PLC execution system into a plurality of program modules; modifying, by the security module, data exchange interfaces of the program modules used for the interaction between the program modules and the resources of the operating system such that said interaction occurs through the security module, while a format of the data being exchanged complies with a format specified by the security module; and monitoring, by the security module, the execution of the PLC execution system, including monitoring the interaction of the program modules of the PLC execution system with each other and with the resources of the operating system.

Abstract: Disclosed are systems and method for trusted presentation of information on an untrusted user device. An exemplary system includes a secure portable device which can be connected to the untrusted user device and configured to: receive data from the untrusted user device; analyze the received data to identify therein information intented for display to the user via the untrusted user device; generate a video stream containing at least part of the information intended for display to the user; generate and insert into the video stream one or more protection elements that serve to authenticate the information being outputted in the video stream; and transmit the generated video stream to the user device.

Abstract: Disclosed are systems and methods for secure control of automotive systems using mobile devices. An exemplary method comprises: connecting a vehicle, as a peripheral device, to a mobile device, which acts as a master device, via a security device of the vehicle, wherein the security device provides secure transmission of data and commands between the vehicle and the mobile device; receiving, by the mobile device, via the security device, from one or more measurement devices of the vehicle, measurement data from one or more automotive systems of the vehicle; based on the received measurement data, forming by the mobile device control commands for actuating devices of the vehicle, wherein the control commands enable and/or regulate operation of the actuating devices of the vehicle; and transmitting, by the mobile device, via the security device, the control commands to the actuating devices of the vehicle.

Abstract: A computer security architecture applies selected rules from among a set of rules defining one or more security policies to a given set of security context parameters to produce security verdicts, each representing whether a certain action requested by a subject entity is permissible. Each security policy is associated with a corresponding communication interface. A plurality of gateway engines are each associated with at least one of the subject entities and dedicated to interfacing with the security server. Each of the gateway engines carries out monitoring of requested actions by the associated subject entity and, for each requested action, identifies a security context. A security policy is determined for the requested action based on a corresponding security context, and a security verdict is obtained via a communication interface corresponding to the applicable security policy.

Abstract: A computer security architecture applies selected rules from among a set of rules defining one or more security policies to a given set of security context parameters to produce security verdicts, each representing whether a certain action requested by a subject entity is permissible. Each security policy is associated with a corresponding communication interface. A plurality of gateway engines are each associated with at least one of the subject entities and dedicated to interfacing with the security server. Each of the gateway engines carries out monitoring of requested actions by the associated subject entity and, for each requested action, identifies a security context. A security policy is determined for the requested action based on a corresponding security context, and a security verdict is obtained via a communication interface corresponding to the applicable security policy.

Abstract: A computer security architecture applies selected rules from among a set of rules defining one or more security policies to a given set of security context parameters to produce security verdicts, each representing whether a certain action requested by a subject entity is permissible. Each security policy is associated with a corresponding communication interface. A plurality of gateway engines are each associated with at least one of the subject entities and dedicated to interfacing with the security server. Each of the gateway engines carries out monitoring of requested actions by the associated subject entity and, for each requested action, identifies a security context. A security policy is determined for the requested action based on a corresponding security context, and a security verdict is obtained via a communication interface corresponding to the applicable security policy.

Abstract: Disclosed are systems, methods and computer program products for selecting interprocess communication mechanism. In one aspect, the system collects information about resources used by two or more processes involved in an interprocess communication in which a first process can transfer data to a second process using one of a synchronous and asynchronous data transfer methods; analyzes the collected information to determine which data transfer method achieves at least one of minimizing time of the data transfer between processes, maximizing utilization of resources used for the data transfer, minimizing standstill time during the data transfer, minimizing effect of other processes of the operating system on the data transfer; and based on the determination, selects one of the synchronous or asynchronous method of interprocess communication to transfer the data between the first and second processes.

Abstract: Disclosed are systems, methods and computer program products for selecting interprocess communication mechanism. In one aspect, the system collects information about resources used by two or more processes involved in an interprocess communication in which a first process can transfer data to a second process using one of a synchronous and asynchronous data transfer methods; analyzes the collected information to determine which data transfer method achieves at least one of minimizing time of the data transfer between processes, maximizing utilization of resources used for the data transfer, minimizing standstill time during the data transfer, minimizing effect of other processes of the operating system on the data transfer, and based on the determination, selects one of the synchronous or asynchronous method of interprocess communication to transfer the data between the first and second processes.