| CPC G06F 21/53 (2013.01) [G06F 2221/033 (2013.01); G06F 2221/2105 (2013.01); G06F 2221/2113 (2013.01)] | 23 Claims |
|
1. A method for operating a computing device for a control unit of a motor vehicle, the method comprising:
assigning at least one first program executable by a computing device to a non-trustworthy zone, wherein the computing device includes at least one processor core, wherein the computing device is configured to control an exchange of data between a connectivity zone and a security zone, the security zone including at least one component of the vehicle which is necessary to drive the vehicle and has an elevated relevance with regard to safety, and the connectivity zone including at least one component of the vehicle, whose operation requires communication outside of the vehicle but is not required to drive the vehicle and does not have an elevated relevance with regard to safety;
assigning at least one further program to a trustworthy zone;
assigning the component of the connectivity zone to the non-trustworthy zone; and
assigning the component of the security zone to the trustworthy zone;
wherein the computing device includes at least one storage device having at least one first buffer storage area to which exclusively the first program assigned to the non-trustworthy zone has only read and/or only write access, and at least one second buffer storage area to which exclusively the further program assigned to the trustworthy zone has only read and/or only write access, and at least one exchange buffer storage area which allows the first program of the non-trustworthy zone only write access and the further program of the trustworthy zone only read access.
|