| CPC B60W 60/00188 (2020.02) [G06F 16/9566 (2019.01); G06N 20/00 (2019.01); H04L 12/40 (2013.01); H04L 2012/40215 (2013.01); H04L 2012/40273 (2013.01)] | 20 Claims |
|
9. A system comprising:
a processor configured to execute an in-vehicle Network Intrusion Detection System (NIDS) with an algorithm to monitor a set of Electronic Control Units (ECUs) and vehicle state elements by receiving a set of vehicle inputs about a vehicle's operating state;
in response to a determination about the vehicle's operating state, the processor configured to identify a trusted context of allowability to learn about network topologies and whitelisted messages contained in a vehicle platform-specific build, wherein the trusted context is based on a trusted window that is identified based on a vehicle mileage and a security access status associated with manufacturing;
the processor configured to create a vehicle-specific configuration containing a list of networks of topologies and whitelisted messages in use by the set of ECUs in the vehicle platform-specific build; and
the processor configured to prevent misconfiguring of at least one network in the list of network topologies and whitelisted messages of the vehicle-specific configuration in the vehicle platform outside the trusted context window based on results from an assessment of at least one security implication of a network of a topology and whitelist message contained in a list in use by the set of ECUs in the vehicle platform-specific build.
|