&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
          function printpage()
          {
          window.print()
          }
        </script>
<script type="text/javascript" src="https://components.uspto.gov/js/ais/40-patentsgazette.js"></script></head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=12069027.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 12,069,027 B2</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>Securing intra-vehicle communications via a controller area network bus system based on behavioral statistical analysis</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> H. Agustin Cozzetti,  Vallauris (FR)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  Fortinet, Inc.,  Sunnyvale, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  Fortinet, Inc.,  Sunnyvale, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on Mar.  22, 2019, as Appl. No. 16/361,521.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Prior Publication US 2020/0304467 A1, Sep.  24, 2020</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>H04L 29/06</b></i> (2006.01); <i><b>H04L 9/40</b></i> (2022.01); <i><b>H04L 12/40</b></i> (2006.01); <i><b>B60R 16/023</b></i> (2006.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>H04L 63/0245</b></i> (2013.01)&#xa0;[<i><b>H04L 12/40</b></i> (2013.01); <i>B60R 16/0231</i> (2013.01); <i>H04L 2012/40215</i> (2013.01); <i>H04L 2012/40273</i> (2013.01)]</td>
            <td class="table_data" align="right"><b>14 Claims</b></td>
          </tr>
        </table>
        <center><img src="US12069027-20240820-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root">1. A computer-implemented method comprising:<div class="claim_text">receiving, by one or more processors associated with a receiving node of a plurality of nodes coupled with a Controller Area Network (CAN) bus of a connected car, a data frame broadcast from a source node of the plurality of nodes;</div>
                <div class="claim_text">making a first determination, by the one or more processors, whether the receiving node is the intended recipient of the data frame;</div>
                <div class="claim_text">responsive to said first determination being affirmative:<div class="claim_text">making a second determination, by the one or more processors, whether an internal firewall node of the plurality of nodes has identified the data frame as a potentially malicious data frame; and</div>
                  <div class="claim_text">responsive to said second determination being affirmative, dropping the data frame and discontinuing processing of the data frame;</div>
                </div>
                <div class="claim_text">responsive to said first determination being negative or said second determination being negative, extracting, by the one or more processors, information from the data frame;</div>
                <div class="claim_text">analyzing coherence between the extracted information and historical information observed by the receiving node, wherein said analyzing coherence comprises analyzing coherence between the extracted information and a combination of (i) a current status of an environment in which the connected car is operating based on a current database and (ii) a status of the source node, using a local behavior database, wherein the current database includes historical information regarding one or more of (a) an identity of neighboring vehicles in proximity to the connected car, and (b) respective status associated with the neighboring vehicles within a predetermined amount of time, and wherein the local behavior database includes historical information regarding a sequence of communications observed by the receiving node; and</div>
                <div class="claim_text">responsive to a result of said analyzing coherence indicating the data frame is valid, updating, by the one or more processors, the historical information based on the data frame, otherwise discarding the data frame.</div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>