| CPC G06F 12/1458 (2013.01) [G06F 21/445 (2013.01); G06F 21/604 (2013.01); G06F 21/72 (2013.01); G06F 2221/2103 (2013.01)] | 13 Claims |
|
1. A method for securely updating a control unit, which includes a host that is configured to execute an update program and at least one application program, a memory, which contains programs and data, and a hardware security module (HSM) configured to block and to unblock a write access to the memory, the method comprising the following steps:
starting the host and the HSM, wherein the control unit including the host, the memory, and the HSM, is situated in a vehicle;
blocking, by the HSM, the write access to the memory;
starting the update program;
determining by the update program whether a request of a caller to carry out an update is present;
determining the request to the present, and based on the request being present, checking by the HSM, an authorization of the caller to carry out the update, the authorization of the caller being confirmed by a confirmation unit including a computer processor, wherein the confirmation unit is external to the vehicle, wherein the caller identifies itself to the confirmation unit, the HSM checking the authorization using a challenge-response authentication, the HSM issuing a challenge, and the confirmation unit confirming the authorization to the HSM by responding to the issued challenge with a response; and
establishing during the check of the authorization that the caller is authorized, and unblocking, by the HSM, the write access to the memory and re-writing at least a portion of the memory by the update program.
|