| CPC H04L 9/3255 (2013.01) [H04L 9/0825 (2013.01); H04L 9/085 (2013.01); H04L 67/12 (2013.01); H04L 2209/84 (2013.01)] | 14 Claims |
|
1. A method of validating security of a vehicle, wherein an in-vehicle network of the vehicle is partitioned into predefined zones and each of the predefined zones is provided with a plurality of ECUs that are classified into at least one of primary ECUs or secondary ECUs, further wherein each predefined zone comprises a zone master ECU associated with each of the plurality of ECUs of the corresponding predefined zone, the method comprising:
requesting, by an authentication system integrated in a zone master ECU of a predefined zone, pre-allocated signed unique cryptographic key shares from a plurality of primary ECUs associated with the zone master ECU, when there is an authentication requirement in an in-vehicle network;
computing, by the authentication system, a first unique signature of the predefined zone using a predefined number (K-1) of the pre-allocated signed unique cryptographic key shares received from the plurality of primary ECUs;
verifying, by the authentication system, validity of the computed first unique signature using a public key, to authenticate each of the plurality of primary ECUs in the predefined zone; and
providing, by the authentication system, the verified first unique signature to a vehicle master ECU associated with the zone master ECU of each predefined zone, to enable the vehicle master ECU to activate safety functionalities associated with each of the plurality of primary ECUs of each predefined zone.
|