	US 12,483,421 B2
	Embedded system support for secure time-aware authentication, acting and sensing devices
Jan Grießbach, Hamburg (DE); Ahmad Al Houry, Hamburg (DE); Markus Hinkelmann, Halstenbek (DE); and Nicolas Harmen Lehment, Munich (DE)
Assigned to NXP B.V., Eindhoven (NL)
Filed by NXP B.V., Eindhoven (NL)
Filed on Apr. 29, 2022, as Appl. No. 17/733,700.
Prior Publication US 2023/0353382 A1, Nov. 2, 2023
Int. Cl. H04L 9/32 (2006.01)

CPC H04L 9/3247 (2013.01) [H04L 9/3215 (2013.01); H04L 9/3263 (2013.01); H04L 9/3297 (2013.01)]

19 Claims

1. A controller in a system, the controller comprising:

a device connected to a network; and

a secure sub-system connected to the device via a first wired connection, the secure sub-system configured to:

establish a trusted channel with a user certificate authority (CA) via a provisioning device;

receive application parameters from the user CA;

perform an identity check of the device with the user CA;

provision a timestamp or secure time server information based upon the timestamp or the secure time server information received from the user CA;

create a device identity for the device and provision the identity on the device, wherein the device identity includes one of a signature key to create a signature of sensor data from a sensor, an encryption key to encrypt the sensor data from the sensor, validation keys to verify an actuator command, and decryption keys to decrypt actuator data from an actuator; and

terminate the trusted channel after provisioning the timestamp or the secure time server information and creating the device identity for the device.