Abstract: A method for carrying out a secured startup sequence of a control unit, which includes a host that is configured to execute a loader program and one or multiple application programs, and a hardware security module (HSM) which includes a program memory and a data memory. The method includes a starting of the host and of the HSM; an authentication of the loader program by the HSM with the aid of a loader program signature stored in the program memory of the HSM; and, an execution of the loader program by the host if the authentication of the loader program is successful.

Abstract: A method for securely updating a control unit. The control unit includes a host configured to execute an update program and at least one application program, a memory, which contains the programs and data, and a hardware security module (HSM) which is configured to block and to unblock a write access to the memory. The method includes starting the host and the HSM; blocking the write access by the HSM; starting the update program; determining by the update program whether a request of a caller to carry out an update is present; if a request is present, checking an authorization of the caller by the HSM to carry out an update, the authorization of the caller being confirmed by a confirmation unit differing from the control unit; and if the caller is authorized, unblocking the write access and rewriting at least a portion of the memory by the update program.

Abstract: A method for carrying out a secured startup sequence of a control unit, which includes a host that is configured to execute a loader program and one or multiple application programs, and a hardware security module (HSM) which includes a program memory and a data memory. The method includes a starting of the host and of the HSM; an authentication of the loader program by the HSM with the aid of a loader program signature stored in the program memory of the HSM; and, an execution of the loader program by the host if the authentication of the loader program is successful.

Abstract: A method for securely updating a control unit. The control unit includes a host configured to execute an update program and at least one application program, a memory, which contains the programs and data, and a hardware security module (HSM) which is configured to block and to unblock a write access to the memory. The method includes starting the host and the HSM; blocking the write access by the HSM; starting the update program; determining by the update program whether a request of a caller to carry out an update is present; if a request is present, checking an authorization of the caller by the HSM to carry out an update, the authorization of the caller being confirmed by a confirmation unit differing from the control unit; and if the caller is authorized, unblocking the write access and rewriting at least a portion of the memory by the update program.

Abstract: A method for preventing an unauthorized operation of a vehicle, and an electronic hardware security module for implementing the method are provided. A vehicle immobilizer software is used therein, which is at least partially stored in the electronic hardware security module.

Abstract: In a method for cryptographically processing data which are exchanged between a first unit and a control unit, a derived key is used in this process, which is derived from a secret key and an identifier. The exchanged data are encrypted using the derived key, and the exchanged data are encrypted in a tool chain, which provides the identifier.

Abstract: A method for generating a secret in a network that has two or more users, which are connected in a data-transmitting manner via at least two transmission channel. For a network communication that is not used for a secret generation, the two users communicate via a first of the at least two transmission channels, and for at least a secret-relevant portion of a network communication that is used for of a secret generation, they communicate via another, second one of the at least two transmission channels.

Abstract: A method for authenticating a transmitter to a receiver, as well as for the protected transmission of messages; both the transmitter, as well as the receiver at least having a first common key; a random number, as well as at least one first partial code of a first code calculated from the random number with the aid of the first key from the receiver to the transmitter being transmitted in a synchronization message; the first partial code being checked by the transmitter; a first counter being generated by the transmitter; useful data, as well as a first partial counter of first counter and at least one second partial code of a second code calculated with the aid of a second key being transmitted by the transmitter to the receiver in a message; and the receiver checking the second partial code to verify the transmitter, as well as the transmitted message.

Abstract: In a method for cryptographically processing data which are exchanged between a first unit and a control unit, a derived key is used in this process, which is derived from a secret key and an identifier. The exchanged data are encrypted using the derived key, and the exchanged data are encrypted in a tool chain, which provides the identifier.

Abstract: In a method for operating a control unit using an electronic hardware security module, a secure layer is provided, which is assigned to the hardware security module and monitors the operation of the main computer unit. The secure layer switches to an operation under emergency conditions if a malfunction is present.

Abstract: A method for preventing an unauthorized operation of a vehicle, and an electronic hardware security module for implementing the method are provided. A vehicle immobilizer software is used therein, which is at least partially stored in the electronic hardware security module.

Abstract: A method for authenticating a transmitter to a receiver, as well as for the protected transmission of messages; both the transmitter, as well as the receiver at least having a first common key; a random number, as well as at least one first partial code of a first code calculated from the random number with the aid of the first key from the receiver to the transmitter being transmitted in a synchronization message; the first partial code being checked by the transmitter; a first counter being generated by the transmitter; useful data, as well as a first partial counter of first counter and at least one second partial code of a second code calculated with the aid of a second key being transmitted by the transmitter to the receiver in a message; and the receiver checking the second partial code to verify the transmitter, as well as the transmitted message.