&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
          function printpage()
          {
          window.print()
          }
        </script>
<script type="text/javascript" src="https://components.uspto.gov/js/ais/40-patentsgazette.js"></script></head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=12395520.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 12,395,520 B1</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>Detection of abnormal operations in connected vehicles</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> Yi-Li Cheng,  Taipei (TW);  Chih-Kang Lu,  Taipei (TW);  Zhi-Wei Chen,  Taipei (TW); and  Yi-Ting Chen,  Taipei (TW)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  VicOne Corporation,  Tokyo (JP)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  VicOne Corporation,  Tokyo (JP)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on Mar.  20, 2023, as Appl. No. 18/186,741.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>H04L 9/40</b></i> (2022.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>H04L 63/1441</b></i> (2013.01)</td>
            <td class="table_data" align="right"><b>15 Claims</b></td>
          </tr>
        </table>
        <center><img src="US12395520-20250819-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root">1. A connected vehicle comprising:<div class="claim_text">a first electronic control unit (ECU) of a plurality of ECUs of the connected vehicle, the first ECU comprising a processor and a memory, the memory of the first ECU storing instructions that when executed by the processor of the first ECU cause the first ECU to constrain a first set of entities that are running in the first ECU to within a first security boundary that includes a first security gateway; and</div>
                <div class="claim_text">a second ECU of the plurality of ECUs of the connected vehicle, the second ECU comprising a processor and a memory, the memory of the second ECU storing instructions that when executed by the processor of the second ECU cause the second ECU to:<div class="claim_text">constrain a second set of entities that are running in the second ECU to within a second security boundary that includes a second security gateway;</div>
                  <div class="claim_text">receive all messages between entities that are transmitted across the first and second security boundaries over a connection that is not directly accessible to any entity of the first and second sets of entities, wherein the connection is between the first and second security gateways;</div>
                  <div class="claim_text">receive over the connection a target message for inspection, the target message being sent by a first entity of the first set of entities to a second entity of the second set of entities;</div>
                  <div class="claim_text">normalize a content of the target message to a target posture vector, the target posture vector indicating a current operation involving the second entity;</div>
                  <div class="claim_text">compare the target posture vector to a corresponding baseline posture vector, wherein the corresponding baseline posture vector indicates a known good operation involving the second entity;</div>
                  <div class="claim_text">determine a difference between the target posture vector and the corresponding baseline posture vector; and</div>
                  <div class="claim_text">take a corrective action against the target message in response to determining that the difference between the target posture vector and the corresponding baseline posture vector indicates a change in cybersecurity posture that is prohibited by a security policy.</div>
                </div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>