The disclosure is of a device and a method of securing machinery supporting controller area network protocol from diagnostics based attacks, by enforcing a diagnostic policy mapping diagnostics requests and their sub-function to associated vehicle states, for example by using a table of diagnostic function identifiers and associated valid vehicle states. When a diagnostic request and Sub-Function are marked valid for the vehicle state, the diagnostic operation is valid. When a diagnostic request and Sub-Function are marked not valid for the vehicle state, the diagnostic operation is not valid, and aborted.
G06F 21/55 - Detecting local intrusion or implementing counter-measures
B60R 16/023 - Electric or fluid circuits specially adapted for vehicles and not otherwise provided forArrangement of elements of electric or fluid circuits specially adapted for vehicles and not otherwise provided for electric for transmission of signals between vehicle parts or subsystems
2.
DETECTION OF AN AUDIO DEEP FAKE AND NON-HUMANS SPEAKER FOR AUDIO CALLS
A computer implemented system for authenticating an audio conversation occurring between a human target and an unknown speaker. The system adjusts messages sent to the speaker to include characteristics that evoke different responses in bots controlling vocoders to generate deepfakes than are evoked in humans. By analyzing these responses, harms from deepfake threats can be avoided by turning the tools used by deepfake generating bots against those very bots.
G10L 17/26 - Recognition of special voice characteristics, e.g. for use in lie detectorsRecognition of animal voices
G10L 17/02 - Preprocessing operations, e.g. segment selectionPattern representation or modelling, e.g. based on linear discriminant analysis [LDA] or principal componentsFeature selection or extraction
G10L 17/04 - Training, enrolment or model building
There is provided a system for updating a device, comprising: at least one processor executing a code for: obtaining an indication of a source file installed on the device representing a first version of the file, obtaining an indication of a target file for installation on the device representing a second version of the file, feeding the source file and the target file into a machine learning model, obtaining a combination of a plurality of configuration parameters as an outcome of the machine learning model, feeding the source file, the target file, and the combination of the plurality of configuration parameters into an update generator, obtaining a delta file from the update generator, and sending the delta file to the device for local installation and upgrade of the source file to the target file by a differential delta applier.
A method of central vehicle monitoring and maintenance, the method comprising using a server computer, for: monitoring a plurality of vehicles using a plurality of generic-vehicle- function monitors, each generic-vehicle-function monitor configured to receive monitoring data of a respective one of a plurality of predefined generic vehicle functions, and to communicate with the monitored vehicles, for receiving the monitoring data from vehicle-side agents associated with vehicle parts used for the generic vehicle function, detecting a technical issue in at least one of the vehicles based on the monitoring data received by at least one of the generic- vehicle-function monitors, and initiating a control operation based on the detecting.
A vehicle comprising at least one short-range digital communication network interface (local-network interface) and at least one hardware processor is disclosed. The hardware processor is configured to respond to a request for a verified local-time value by receiving at least one local-time value from at least one other hardware processor via the local-network interface when failing to access a reliable time source. The hardware processor then computes a semi-reliable local-time value using the at least one local-time value and executes at least one secure operation subject to an outcome of at least one test applied to the semi-reliable local-time value.
A vehicle charging station, comprising: a charging processor configured for, when a vehicle is connected to the charging station: sending to the vehicle a request for at least one power level value; and in response to receiving the at least one power level value from the vehicle: computing an expected amount of time for charging at least one battery of the vehicle; computing an expected amount of time for executing an update of digital data of the vehicle, where the expected amount of time includes an amount of time for reverting the update; and subject to identifying that the update time is less than the charging time according to a time comparison test, sending the vehicle an instruction to execute the update while charging the at least one battery.
Disclosed herein are methods and systems for training and using a neural network to evaluate vulnerability of software packages, comprising using a plurality of training samples each associating one of a plurality of software packages with one of a plurality of vulnerabilities identified by one of a plurality of validators to training the neural network to compute a probability of presence of one or more of the plurality of vulnerabilities in each of the plurality of software packages and outputting the trained neural network. The validators may include expert knowledge, heuristics, rule-based models as well as machine learning and deep learning models. The trained neural network may be then applied to compute a probability of presence of one or more of the vulnerabilities in one or more previously unseen software packages based on a feed of vulnerabilities identified in the previously unseen software package(s) by the plurality of validators.
A configurable computerized device comprising at least one hardware processor configured for executing a code for updating modified non-volatile memory content. Modifying the memory content is by: accessing data change information indicative of at least one modification applied to identified non-volatile memory content, where applying the at least one modification to the identified non-volatile memory content produces the modified non-volatile memory content used by the at least one hardware processor while executing a plurality of firmware computer instructions; and updating the modified non-volatile memory content, comprising: computing reconstructed memory content using the modified non-volatile memory content and the data change information such that the reconstructed memory content is identical to the identified non-volatile memory content; and computing new non-volatile memory content using the reconstructed memory content and at least one memory update instruction associated with the identified non-volatile memory content.
A method, a system and a computer readable medium of vehicle-to-vehicle messaging. The method, system and computer readable medium are using a server computer that receives sensor data from a plurality of vehicle computers of respective vehicles being driven, and collects the received sensor data, detects a spatiotemporal match between at least two of the vehicle computers, using the collected sensor data and tries to establish a messaging channel between at least two of the vehicle computers having the detected spatiotemporal match.
Disclosed herein are methods and devices for mitigating Bluetooth (BT) based attacks, using a BT proxy device comprising a first and a second BT interfaces. The BT proxy device is configured to identify a first BT device and a second BT device connected to each other via a BT link, transmit a BT link disconnect to the first and second BT devices while using the device name of the second and first BT devices respectively, use the device name of the second BT device to connect to the first BT device via the first BT interface, use the device name of the first BT device to connect to the second BT device via the second BT interface, intercept BT packets exchanged between the first and the second BT devices, and detect one or more potential attack vectors based on analysis of one or more of the intercepted BT packets.
A method and apparatus for log files of data compression are disclosed. The method comprising: classifying each of a plurality of lines in a plurality of the log files of data with at least two levels hierarchy clustering comprising identifying a plurality of strings repeated in the plurality of lines of the plurality of log files of data. Creating a table matching each of the plurality of strings to a unique value. Creating a vector encoding the unique value matched to each of the plurality of strings using the table. Assigning each of the encoded unique values in the vector, a security relevance score according to the classification of the plurality of lines; and selecting a subset of the encoded unique values such that the encoded unique values in the vector are filtered according to the security relevance score of each unique value.
G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
G06F 21/54 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by adding security routines or objects to programs
H03M 7/30 - CompressionExpansionSuppression of unnecessary data, e.g. redundancy reduction
Disclosed herein are system and methods for authenticating vehicles based on trust established within a community of vehicles using a distributed ledger associating an identifier of each vehicle with a respective public key uniquely assigned to the respective vehicle. When a vehicle requests to establish a communication session with another party, which may be another vehicle or a service system, the vehicle may transmit its identifier and a message signed using its respective private key from which its public key is derived. In response, to authenticate the vehicle, the other party may communicate with one or more trusted vehicles which may verify the vehicle is genuinely associated with the public key by decoding the message using the public key retrieved from their local copy of the distributed ledger. The other party may then establish the communication session or refuse it based on the whether the verification is successful or not.
There is provided a system for updating each of a plurality of mobile devices, comprising: at least one processor executing a code for: obtaining metadata from an end device without an updating agent deployed thereon, selecting an update server from a plurality of update servers according to the metadata, obtaining, from the update server, an indication of update code for installation on the end device, and updating the end device with the update code.
A method, system, and computer program product for anomaly detection using embedding space representation of system states. An anomaly detection model is trained using an anomaly detection algorithm and a plurality of reference vectors obtained using an embedding space representation process configured for mapping to a single point vector in an embedding space each of a plurality of system state snapshots comprised in a training dataset and each capturing during a defined time window a plurality of features of each process operating in the system. Responsive to receiving a testing dataset comprising one or more system state snapshots, one or more vectors in the embedding space are obtained using the embedding space representation process for mapping each system state snapshot in the testing dataset, and the anomaly detection model is used to determine whether a vector of the one or more vectors being indicative of a cyber-attack on the system.
The disclosure is of a device and a method of securing machinery supporting controller area network protocol from diagnostics based attacks, by enforcing a diagnostic policy mapping diagnostics requests and their sub-function to associated vehicle states, for example by using a table of diagnostic function identifiers and associated valid vehicle states. When a diagnostic request and Sub-Function are marked valid for the vehicle state, the diagnostic operation is valid. When a diagnostic request and Sub-Function are marked not valid for the vehicle state, the diagnostic operation is not valid, and aborted.
A computer implemented system for authenticating an audio conversation occurring between a human target and an unknown speaker. The system adjusts messages sent to the speaker to include characteristics that evoke different responses in bots controlling vocoders to generate deepfakes than are evoked in humans. By analyzing these responses, harms from deepfake threats can be avoided by turning the tools used by deepfake generating bots against those very bots.
Examples are disclosed for methods and mechanisms to address Base Transceiver Stations (BTSes) attempting to hijack Mobile Stations (MSes) in wireless communication networks. In some example methods, a record having values for a set of features associated with an MS and a BTS of a wireless communication net may be processed. A score for the record may be calculated, for example based on a machine-learning model pertaining to the set of features, and a determination may be made as to whether the record demonstrates an anomalous condition based upon the score. The set of features may include at least one feature based on a measured power of the BTS.
Techniques for detecting anomalies or cyber attacks on a vehicle. A computer-implemented method for anomaly or attack detection includes determining, using a first model, a first predicted value of a first variable message associated with a vehicle, determining, using a second model, a second predicted value of the first variable message associated with the vehicle, determining, based on a difference between an actual value of the first variable message and the first predicted value of the first variable message and on a difference between the actual value of the first variable message and the second predicted value of the first variable message, a vector, and determining, using a third model, an output value based on the vector, the output value corresponding to at least one of a likelihood that an anomaly or an attack is occurring or a type of the anomaly or the attack.
G06F 21/56 - Computer malware detection or handling, e.g. anti-virus arrangements
G07C 5/08 - Registering or indicating performance data other than driving, working, idle, or waiting time, with or without registering driving, working, idle, or waiting time
19.
UPDATING NON-VOLATILE MEMORY IN A COMPUTER CONTROLLED DEVICE
A configurable computerized device comprising at least one hardware processor configured for executing a code for updating modified non-volatile memory content. Modifying the memory content is by: accessing data change information indicative of at least one modification applied to identified non-volatile memory content, where applying the at least one modification to the identified non-volatile memory content produces the modified non-volatile memory content used by the at least one hardware processor while executing a plurality of firmware computer instructions; and updating the modified non-volatile memory content, comprising: computing reconstructed memory content using the modified non-volatile memory content and the data change information such that the reconstructed memory content is identical to the identified non-volatile memory content; and computing new non-volatile memory content using the reconstructed memory content and at least one memory update instruction associated with the identified non-volatile memory content.
Disclosed herein are methods and systems for training and using a neural network to evaluate vulnerability of software packages, comprising using a plurality of training samples each associating one of a plurality of software packages with one of a plurality of vulnerabilities identified by one of a plurality of validators to training the neural network to compute a probability of presence of one or more of the plurality of vulnerabilities in each of the plurality of software packages and outputting the trained neural network. The validators may include expert knowledge, heuristics, rule-based models as well as machine learning and deep learning models. The trained neural network may be then applied to compute a probability of presence of one or more of the vulnerabilities in one or more previously unseen software packages based on a feed of vulnerabilities identified in the previously unseen software package(s) by the plurality of validators.
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
Disclosed herein are systems and methods for detecting potential malicious attacks in vehicles operational environment using staged Machine Learning (ML), comprising creating a plurality of features vectors each comprising a plurality of features extracted from vehicle operational data generated by a plurality of devices deployed in one or more vehicles which is indicative of operation of the one or more vehicles, detecting, in real-time, a plurality of anomaly feature vectors using one or more unsupervised ML models applied to the plurality of feature vectors, identifying, in real-time, one or more potential cyberattack events using one or more supervised ML models applied to the plurality of anomaly feature vectors, and generating an alert indicative of the one or more potential cyberattack events.
H04W 4/40 - Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
B60R 16/023 - Electric or fluid circuits specially adapted for vehicles and not otherwise provided forArrangement of elements of electric or fluid circuits specially adapted for vehicles and not otherwise provided for electric for transmission of signals between vehicle parts or subsystems
G06N 3/044 - Recurrent networks, e.g. Hopfield networks
Disclosed herein are methods and devices for mitigating Bluetooth (BT) based attacks, using a BT proxy device comprising a first and a second BT interfaces. The BT proxy device is configured to identify a first BT device and a second BT device connected to each other via a BT link, transmit a BT link disconnect to the first and second BT devices while using the device name of the second and first BT devices respectively, use the device name of the second BT device to connect to the first BT device via the first BT interface, use the device name of the first BT device to connect to the second BT device via the second BT interface, intercept BT packets exchanged between the first and the second BT devices, and detect one or more potential attack vectors based on analysis of one or more of the intercepted BT packets.
A method and apparatus for log files of data compression are disclosed. The method comprising: classifying each of a plurality of lines in a plurality of the log files of data with at least two levels hierarchy clustering comprising identifying a plurality of strings repeated in the plurality of lines of the plurality of log files of data. Creating a table matching each of the plurality of strings to a unique value. Creating a vector encoding the unique value matched to each of the plurality of strings using the table. Assigning each of the encoded unique values in the vector, a security relevance score according to the classification of the plurality of lines; and selecting a subset of the encoded unique values such that the encoded unique values in the vector are filtered according to the security relevance score of each unique value.
Disclosed herein are system and methods for authenticating vehicles based on trust established within a community of vehicles using a distributed ledger associating an identifier of each vehicle with a respective public key uniquely assigned to the respective vehicle. When a vehicle requests to establish a communication session with another party, which may be another vehicle or a service system, the vehicle may transmit its identifier and a message signed using its respective private key from which its public key is derived. In response, to authenticate the vehicle, the other party may communicate with one or more trusted vehicles which may verify the vehicle is genuinely associated with the public key by decoding the message using the public key retrieved from their local copy of the distributed ledger. The other party may then establish the communication session or refuse it based on the whether the verification is successful or not.
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 29/02 - Communication control; Communication processing
A method of generating a delta instructions record for updating a source database in-place, comprising obtaining a plurality of source data items contained in a plurality of cells of a plurality of tables organized in tuples and columns, creating a column oriented source stream serializing the source data items by concatenating a source data item of each cell of each column to a preceding source data item of a cell preceding the respective cell in the respective column, obtaining a plurality of target data items contained tables of a target database comprising data item(s) changed compared to the source database, creating a column oriented target stream serializing the plurality of target data items, delta instructions for applying changes detected between the source database and the target database by comparing between the source stream and the target stream, and outputting the delta instructions record to device(s) for updating their source database.
A method, system, and computer program product for anomaly detection using embedding space representation of system states. An anomaly detection model is trained using an anomaly detection algorithm and a plurality of reference vectors obtained using an embedding space representation process configured for mapping to a single point vector in an embedding space each of a plurality of system state snapshots comprised in a training dataset and each capturing during a defined time window a plurality of features of each process operating in the system. Responsive to receiving a testing dataset comprising one or more system state snapshots, one or more vectors in the embedding space are obtained using the embedding space representation process for mapping each system state snapshot in the testing dataset, and the anomaly detection model is used to determine whether a vector of the one or more vectors being indicative of a cyber-attack on the system.
A method of updating Electronic Control Units (ECUs) of vehicles using updates received via Vehicle to Vehicle (V2V) communication channels comprising receiving from nearby vehicle(s) via V2V communication channel(s), one or more of a plurality of update packages distributed for updating a plurality of ECUs deployed in a plurality of vehicles, each of the nearby vehicle(s) is within a reception area of the V2V communication channel(s), analyzing an identifier extracted from each update package to determine whether the update package is directed to ECU(s) of the vehicle, communicating via the V2V communication channel(s), in case of positive determination, with a subset of the vehicles each maintaining a local log associating each update package with a respective verification code to validate the verification code extracted from the update package according to a consensus of the subset and, in case of successful validation, initiating update of the ECU(s) using the update package(s).
G06F 11/07 - Responding to the occurrence of a fault, e.g. fault tolerance
G06F 11/14 - Error detection or correction of the data by redundancy in operation, e.g. by using different operation sequences leading to the same result
G06F 11/34 - Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
H04L 67/00 - Network arrangements or protocols for supporting network services or applications
H04W 4/46 - Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for vehicle-to-vehicle communication [V2V]
28.
Methods for prioritizing updates for vehicle fleets
Mechanisms and methods are provided for establishing vectors indicating the presence, in a first vehicle and second vehicle, of a super-set of vehicle features present across a fleet of vehicles. The first vehicle may be a reference vehicle. A distance function of the vectors may be calculated in order to establish a similarity score indicating the degree of similarity between the designs of the two vehicles. If the second vehicle is sufficiently similar to the reference vehicle, a software update may be recommended and applied.
Systems and methods for verifying wireless connections are provided. In one example, a method includes, at a computing system, responsive to initiating a wireless connection between a client device and a host device, generating a communication fingerprint of the client device based on at least one response characteristic of the client device, the at least one response characteristic based on a communication between the client device and the host device, the communication passing through each of a software layer of the client device and a hardware element of the client device. In this way, overall system security of a wireless connection between the host device and the client device may be increased.
H04W 4/80 - Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
Examples are disclosed for methods and mechanisms to address Base Transceiver Stations (BTSes) attempting to hijack Mobile Stations (MSes) in wireless communication networks. In some example methods, a record having values for a set of features associated with an MS and a BTS of a wireless communication net may be processed. A score for the record may be calculated, for example based on a machine-learning model pertaining to the set of features, and a determination may be made as to whether the record demonstrates an anomalous condition based upon the score. The set of features may include at least one feature based on a measured power of the BTS.
There is provided a computer implemented method of disabling a malicious electronic control unit (ECU) of a plurality of ECUs in communication with a controller area network (CAN) bus network, the method executed by a computing device in communication with the plurality of ECUs and the CAN bus network, the method comprising: detecting a malicious message transmitted by the malicious ECU over the CAN bus network, and injecting a plurality of bits over the CAN bus network to trigger a predefined plurality of errors for disabling the malicious ECU before the malicious ECU makes an additional attempt to retransmit an additional instance of the malicious message.
A method of enhancing positioning of a moving vehicle based on visual identification of visual objects, comprising obtaining from a location sensor a global positioning and a movement vector of a moving vehicle, capturing one or more images using one or more imaging devices mounted on the moving vehicle to depict at least partial view of a surroundings of the moving vehicle, analyzing the image(s) to identify one or more visual objects having a known geographical position obtained according to the global positioning from a visual data record associated with a navigation map, analyzing the image(s) to calculate a relative positioning of the moving vehicle with respect to the identified visual object(s), calculating an enhanced positioning of the moving vehicle based on the relative positioning and applying the enhanced positioning to a navigation system of the moving vehicle.
G01C 21/00 - NavigationNavigational instruments not provided for in groups
G01C 21/12 - NavigationNavigational instruments not provided for in groups by using measurement of speed or acceleration executed aboard the object being navigatedDead reckoning
G01C 21/28 - NavigationNavigational instruments not provided for in groups specially adapted for navigation in a road network with correlation of data from several navigational instruments
G01S 19/48 - Determining position by combining or switching between position solutions derived from the satellite radio beacon positioning system and position solutions derived from a further system
G06T 7/62 - Analysis of geometric attributes of area, perimeter, diameter or volume
G06T 7/70 - Determining position or orientation of objects or cameras
G06T 7/80 - Analysis of captured images to determine intrinsic or extrinsic camera parameters, i.e. camera calibration
G06V 20/56 - Context or environment of the image exterior to a vehicle by using sensors mounted on the vehicle
G06V 20/58 - Recognition of moving objects or obstacles, e.g. vehicles or pedestriansRecognition of traffic objects, e.g. traffic signs, traffic lights or roads
The present invention provides a security system, and methods useful for vehicle CAN bus communication mapping and attack originator identification, comprising: a CAN Bus Monitor, (CBM), configured to monitor the CAN bus communication comprising one or more frames, to and/or from at least one Electronic Control Unit, (ECU); a characterization module in communication with the CBM, configured to generate at least one characteristic for the monitored communication from each the ECU and at least one characteristic for each communication frame; (c) a comparator unit in communication with the characterization module, configured to compare one or more the characteristics of at least one frame against characteristics of each the ECU communication in order to detect at least one anomaly; and, (d) one or more Identification module in communication with the comparator, configured to identify at least one ECU originating an attack on the CAN bus.
H04W 12/122 - Counter-measures against attacksProtection against rogue devices
H04W 12/126 - Anti-theft arrangements, e.g. protection against subscriber identity module [SIM] cloning
H04W 12/128 - Anti-malware arrangements, e.g. protection against SMS fraud or mobile malware
H04W 4/48 - Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for in-vehicle communication
H04L 67/12 - Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
There is provided a computer implemented method of disabling a malicious electronic control unit (ECU) of a plurality of ECUs in communication with a controller area network (CAN) bus network, the method executed by a computing device in communication with the plurality of ECUs and the CAN bus network, the method comprising: detecting a malicious message transmitted by the malicious ECU over the CAN bus network, and injecting a plurality of bits over the CAN bus network to trigger a predefined plurality of errors for disabling the malicious ECU before the malicious ECU makes an additional attempt to retransmit an additional instance of the malicious message.
There is provided a method for identifying malicious activity that changes the integrity of data sent out from a vehicle, comprising: intercepting, by an output data monitoring agent that monitors data sent out from the vehicle to an external receiving computing unit using a communication interface in communication with a network; intercepting, by at least one sensor data monitoring agent that monitors sensor data outputted by at least one sensor associated with the vehicle; monitoring the integrity of the data sent out by the vehicle by analyzing the data collected by the output data monitoring agent with the sensor data collected by the at least one sensor data monitoring agent to identify a mismatch; and identifying an indication of malicious activity that changed the data sent out from the vehicle relative to the data sensed by the at least one sensor.
H04W 12/128 - Anti-malware arrangements, e.g. protection against SMS fraud or mobile malware
B60R 25/00 - Fittings or systems for preventing or indicating unauthorised use or theft of vehicles
H04L 67/12 - Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
H04W 12/00 - Security arrangementsAuthenticationProtecting privacy or anonymity
H04W 4/44 - Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for communication between vehicles and infrastructures, e.g. vehicle-to-cloud [V2C] or vehicle-to-home [V2H]
H04W 4/70 - Services for machine-to-machine communication [M2M] or machine type communication [MTC]
36.
Detection and prevention of a cyber physical attack aimed at sensors
A method for processing signals of active sensor systems including processing an emitted signal to include at least one distinguishing feature, the emitted signal emitted by an active sensor system adapted to intercept a reflection of the emitted signal, and to analyze the reflection of the emitted signal for determining at least one parameter of at least one object located in a space, analyzing an intercepted portion to verify the at least one distinguishing feature in the intercepted portion, and processing the intercepted portion as the reflection of the emitted signal when the at least one distinguishing feature is verified.
Disclosed are methods and systems for detecting vital signs of occupants in vehicles, for example, the vehicle cabin. A signal unit transmits a radar signal to the occupant and receiving the radar signal reflected from the occupant. The reflected radar signal is analyzed with respect to vibration data of the vehicle, to produce a modified signal. The modified signal is analyzed to determine the vital signs of the occupant.
B60W 40/08 - Estimation or calculation of driving parameters for road vehicle drive control systems not related to the control of a particular sub-unit related to drivers or passengers
A61B 5/0205 - Simultaneously evaluating both cardiovascular conditions and different types of body conditions, e.g. heart and respiratory condition
G01S 13/53 - Discriminating between fixed and moving objects or between objects moving at different speeds using transmissions of interrupted pulse modulated waves based upon the phase or frequency shift resulting from movement of objects, with reference to the transmitted signals, e.g. coherent MTi performing filtering on a single spectral line and associated with one or more range gates with a phase detector or a frequency mixer to extract the Doppler information, e.g. pulse Doppler radar
G01S 13/88 - Radar or analogous systems, specially adapted for specific applications
A method of generating a delta instructions record for updating a source database in- place, comprising obtaining a plurality of source data items contained in a plurality of cells of a plurality of tables organized in tuples and columns, creating a column oriented source stream serializing the source data items by concatenating a source data item of each cell of each column to a preceding source data item of a cell preceding the respective cell in the respective column, obtaining a plurality of target data items contained tables of a target database comprising data item(s) changed compared to the source database, creating a column oriented target stream serializing the plurality of target data items, delta instructions for applying changes detected between the source database and the target database by comparing between the source stream and the target stream, and outputting the delta instructions record to device(s) for updating their source database.
A method of updating Electronic Control Units (ECUs) of vehicles using updates received via Vehicle to Vehicle (V2V) communication channels comprising receiving from nearby vehicle(s) via V2V communication channel(s), one or more of a plurality of update packages distributed for updating a plurality of ECUs deployed in a plurality of vehicles, each of the nearby vehicle(s) is within a reception area of the V2V communication channel(s), analyzing an identifier extracted from each update package to determine whether the update package is directed to ECU(s) of the vehicle, communicating via the V2V communication channel(s), in case of positive determination, with a subset of the vehicles each maintaining a local log associating each update package with a respective verification code to validate the verification code extracted from the update package according to a consensus of the subset and, in case of successful validation, initiating update of the ECU(s) using the update package(s).
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
40.
Systems and methods for handling a vehicle ECU malfunction
According to an aspect of some embodiments of the present invention there is provided a vehicle mechanism for handling vehicle electronic control unit (ECU) malfunction, comprising: a first set of vehicle backup ECUs for operating in a backup vehicle driving mode comprising read-only firmware and disconnected from an interface with communication networks outside the vehicle, the vehicle backup ECUs providing at least basic driving related features of the vehicle including transmission and engine controllers to provide control of the vehicle; and a controller that switches from a standard vehicle driving mode operating according to a second set of standard vehicle ECUs to backup vehicle driving mode in response to a trigger indicative of malfunction of at least one ECU of the first set of vehicle ECUs.
A system of mitigating code weaknesses in a target code by adding micro functionality fixes. The system includes a mitigation module installed a memory chip of a device and a server for identifying a plurality of code weaknesses in a target code installed in a memory chip of a device and sending configuration instructions to the mitigation module, the configuration instructions comprising: a plurality of micro functionality fixes, and a plurality of code weakness locations each associated with one of the plurality of code weaknesses and one of the plurality of micro functionality fixes. The execution of the mitigation module by at least one processor of the device induces an installment of the plurality of micro functionality fixes in the plurality of code weakness locations.
G06F 21/00 - Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
G06F 8/75 - Structural analysis for program understanding
G06F 21/54 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by adding security routines or objects to programs
G06F 21/55 - Detecting local intrusion or implementing counter-measures
A computer implemented method of using a drone to provide update packages to embedded devices, comprising using one or more processors mounted on the drone for executing a code for maneuvering the drone to be in range of one or more wireless interfaces of each of a plurality of embedded devices, communicating with each embedded device through the wireless interface(s) to identify one or more attributes of each embedded device, selecting one of a plurality of update packages according to the identified attribute(s) and transmitting the selected update package to the each embedded device through the wireless interface(s).
A computer implemented method of updating software of embedded devices connected to a central dispatch device, comprising using one or more processors of a central dispatch device, the processor(s) are adapted for executing a code for obtaining a respective update package for one or more of a plurality of embedded devices which are operatively connected to the central dispatch device via a communication interconnection, transferring a transient update agent to the embedded device(s) and transferring the update package to the embedded device(s), the one or more embedded devices execute the transient update agent to apply the update package in the one or more embedded devices. The one or more embedded devices discard the transient update agent after the update package is applied.
There is provided a method for identifying malicious activity that changes the integrity of data sent out from a vehicle, comprising: intercepting, by an output data monitoring agent that monitors data sent out from the vehicle to an external receiving computing unit using a communication interface in communication with a network; intercepting, by at least one sensor data monitoring agent that monitors sensor data outputted by at least one sensor associated with the vehicle; monitoring the integrity of the data sent out by the vehicle by analyzing the data collected by the output data monitoring agent with the sensor data collected by the at least one sensor data monitoring agent to identify a mismatch; and identifying an indication of malicious activity that changed the data sent out from the vehicle relative to the data sensed by the at least one sensor.
H04L 29/06 - Communication control; Communication processing characterised by a protocol
H04L 29/08 - Transmission control procedure, e.g. data link level control procedure
H04W 4/44 - Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for communication between vehicles and infrastructures, e.g. vehicle-to-cloud [V2C] or vehicle-to-home [V2H]
A method of enhancing positioning of a moving vehicle based on visual identification of visual objects, comprising obtaining from a location sensor a global positioning and a movement vector of a moving vehicle, capturing one or more images using one or more imaging devices mounted on the moving vehicle to depict at least partial view of a surroundings of the moving vehicle, analyzing the image(s) to identify one or more visual objects having a known geographical position obtained according to the global positioning from a visual data record associated with a navigation map, analyzing the image(s) to calculate a relative positioning of the moving vehicle with respect to the identified visual object(s), calculating an enhanced positioning of the moving vehicle based on the relative positioning and applying the enhanced positioning to a navigation system of the moving vehicle.
G01C 21/32 - Structuring or formatting of map data
G01C 21/28 - NavigationNavigational instruments not provided for in groups specially adapted for navigation in a road network with correlation of data from several navigational instruments
G01C 21/00 - NavigationNavigational instruments not provided for in groups
G06T 7/80 - Analysis of captured images to determine intrinsic or extrinsic camera parameters, i.e. camera calibration
G06T 7/62 - Analysis of geometric attributes of area, perimeter, diameter or volume
G06T 7/70 - Determining position or orientation of objects or cameras
G06K 9/00 - Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
G01C 21/12 - NavigationNavigational instruments not provided for in groups by using measurement of speed or acceleration executed aboard the object being navigatedDead reckoning
G01S 19/48 - Determining position by combining or switching between position solutions derived from the satellite radio beacon positioning system and position solutions derived from a further system
46.
SYSTEMS AND METHODS FOR HANDLING A VEHICLE ECU MALFUNCTION
According to an aspect of some embodiments of the present invention there is provided a vehicle mechanism for handling vehicle electronic control unit (ECU) malfunction, comprising: a first set of vehicle backup ECUs for operating in a backup vehicle driving mode comprising read-only firmware and disconnected from an interface with communication networks outside the vehicle, the vehicle backup ECUs providing at least basic driving related features of the vehicle including transmission and engine controllers to provide control of the vehicle; and a controller that switches from a standard vehicle driving mode operating according to a second set of standard vehicle ECUs to backup vehicle driving mode in response to a trigger indicative of malfunction of at least one ECU of the first set of vehicle ECUs.
Apparatus, system and method useful for machine to machine (M2M) communication cyber-attack detection and prevention, are provided. An embedded security bridge (ESB), operatively connected to at least one proximal machine and at least one M2M module. The M2M module is in communication with at least one remote machine, and configured to enable communication between at least one remote machine and at least one proximal machine through the ESB. The ESB includes: one or more inspection units, configured for communication analysis for identifying communication and/or content suspicious as malicious, and, one or more decision units operatively connected to the inspection unit. The decision unit is configured to perform at least one action based on analysis of at least one inspection unit. The ESB is configured to detect by means of the inspection unit and prevent by means of the decision unit cyber-attacks on the proximal machine, the remote machine, or both.
A method, and system for carrying out the method, for in-place reorganization of content, organized according to an original organization scheme, which is stored in a non-volatile storage of a device, to a target organization scheme. The method includes obtaining instructions to reorganize the content to a defined target organization scheme. The method further includes (i) generating, based on the instructions and applying target organization logic to a virtual storage, a sequence of update commands for generating, in the non-volatile storage, at least one target storage unit organized according to the defined target organization scheme, and (ii) executing the update commands on the non-volatile storage. Potential write-before-read conflicts may be identified based on the sequence of update commands, and potential conflicts resolved by reordering, adding, deleting, altering commands, and/or backing up content. The instructions may include instructions to repartition the nonvolatile storage from an original partition layout to a defined target partition layout.
A method for in-place reorganization of contents stored in a non-volatile storage of a device and organized according to an original organization scheme having at least one original storage unit and on original organization logic associated therewith, to a target organization scheme having at least one target storage unit and a target organization logic associated therewith, includes: obtaining instructions to reorganize the contents in the non-volatile storage from the original organization scheme to a defined target organization scheme; generating, on the device, based on the instructions and the applying of the target organization logic to a virtual storage, a sequence of update commands for generating in the non-volatile storage the at least one target storage unit organized according to the target organization scheme; and executing the update commands on the non-volatile storage.
Methods and systems for in-place updating original content stored in a non-volatile storage device and for yielding updated content. Some of the described embodiments illustrate the possibilities for reduction in storage operations, storage blocks, and/or update package size. Some of the described embodiments include the writing of error recovery result(s) such as XOR result(s) which enable the recovery of data in case of an interruption of the update process. In some of the described embodiments, there is re-usage of a protection buffer containing content which is required in the update process.
H03M 13/00 - Coding, decoding or code conversion, for error detection or error correctionCoding theory basic assumptionsCoding boundsError probability evaluation methodsChannel modelsSimulation or testing of codes
G06F 11/14 - Error detection or correction of the data by redundancy in operation, e.g. by using different operation sequences leading to the same result
Method of updating an original version of content to a new version of content, in a non-volatile memory storage device, the method includes: providing a non-volatile content memory storage area arranged to accommodate a full version of content; providing an auxiliary memory area; performing, while at least part of the content memory storage area is not being updated, at least one pre-update operation corresponding to at least one in-place update operation applicable, in an in-place update, on the part of the content memory storage area; storing, while at least part of the content memory storage area is not being updated, at least one result of the performed at least one pre-update operation, on the auxiliary memory area; and performing an in-place update of the at least part of the content memory storage area utilizing the at least one result stored on the auxiliary memory area.
A method of updating an original version of content to a new version of content, in a non-volatile memory storage device is provided. The method comprising: providing a non-volatile content memory storage area; performing, while at least part of the content memory storage is being used, at least one in-place update operation that comprises writing at least one block of content associated with a particular version onto a corresponding block of content associated with a version other than the particular version; and performing, while the at least one in-place update operation occurs, a rendering process that comprises provision of requested content from the content memory storage area.
A method of in-place updating an original version of content to an updated version of content, in a non-volatile memory storage device, wherein the storage device comprises a non-paged part of the content, wherein the non-paged memory part includes an original update library, and wherein the storage device is being used in a normal mode of operation or in an update mode of operation, the method includes: obtaining an update package required for updating the original version of content to the updated version of content; obtaining a new update library; storing the new update library in a second non-volatile storage; and updating the original version of content to the updated version of content, in a non-volatile memory storage device, using the at least new update library and the update package.
A method of updating an original version of content to a new version of content, in a non-volatile memory storage device, the method includes: providing a non-volatile content memory storage area arranged to accommodate a full version of content; providing an auxiliary memory area; performing, while at least part of the content memory storage area is not being updated, at least one pre-update operation corresponding to at least one in-place update operation applicable, in an in-place update, on the part of the content memory storage area; storing, while at least part of the content memory storage area is not being updated, at least one result of the performed at least one pre-update operation, on the auxiliary memory area; and performing an in-place update of the at least part of the content memory storage area utilizing the at least one result stored on the auxiliary memory area.
A method of updating an original version of content to a new version of content, in a non-volatile memory storage device is provided. The method comprising: providing a non-volatile content memory storage area; performing, while at least part of the content memory storage is being used, at least one in-place update operation that comprises writing at least one block of content associated with a particular version onto a corresponding block of content associated with a version other than the particular version; and performing, while the at least one in-place update operation occurs, a rendering process that comprises provision of requested content from the content memory storage area.
A method of in-place updating an original version of content to an updated version of content, in a non-volatile memory storage device, wherein the storage device comprises a non-paged part of the content, wherein the non-paged memory part includes an original update library, and wherein the storage device is being used in a normal mode of operation or in an update mode of operation, the method includes: obtaining an update package required for updating the original version of content to the updated version of content; obtaining a new update library; storing the new update library in a second non-volatile storage; and updating the original version of content to the updated version of content, in a non-volatile memory storage device, using the at least new update library and the update package.
Method and apparatus for in-place updating an old version of a file stored on a storage device to form a new version, wherein the old version includes blocks. The form of the old version is determined for indicating at which end of the old version free space is located, as well as determining whether an update package is a corresponding update package for the form. If the update package is a corresponding update package, blocks in the old version are updated according to the update package, giving rise to a new version having an alternative form, where free space in the new version is at an opposite end to the old version.
Method and apparatus for generating an update package. The update package is capable of in-place updating an old version to a new version wherein the old and new versions are stored in a storage device. The method includes inserting update commands into the update package, wherein the update commands allow updating the old version to the new version. The method further includes checking the update commands for determining whether they create at least one conflict, and if so, selecting one conflict out of the at least one conflict, wherein content overridden in said one conflict requires protection. A protection command allowing protection of the content before it is being overridden and a restoration command allowing restoration of the content with the protected content after it was overridden are also inserted into the update package.
Methods and systems for in-place updating original content stored in a non-volatile storage device and for yielding updated content. Some of the described embodiments illustrate the possibilities for reduction in storage operations, storage blocks, and/or update package size. Some of the described embodiments include the writing of error recovery result(s) such as XOR result(s) which enable the recovery of data in case of an interruption of the update process. In some of the described embodiments, there is re-usage of a protection buffer containing content which is required in the update process.
G06F 11/14 - Error detection or correction of the data by redundancy in operation, e.g. by using different operation sequences leading to the same result
60.
Methods and systems for updating content including a compressed version
An original version of content is in-place updated to an updated version in a non-volatile storage device including blocks, by obtaining an update package, copying the original version to volatile memory, and updating the original version to provide an uncompressed updated version. The methods may also include compressing the uncompressed updated version so as to independently or interdependently compress each amount of uncompressed updated content and writing the compressed updated version in place of the original version in the storage device. Each of the independently compressed amounts may be written to a separate storage blocks.
Methods and systems for in-place updating an original version of content to an updated version in a non volatile storage device including blocks, where the original version and/or the updated version are compressed on the storage device.
Method and system for in-place updating original content of an original version stored in a non-volatile storage device and for yielding updated content of an updated version. At least part of content of each one of n (n>1) blocks of the original version is modified in the updated version. The non-volatile storage device includes blocks. The method includes obtaining an update package. It also includes performing m block storage operations, wherein each block storage operation includes writing content to a block in the non-volatile storage device. The block storage operations include update block storage operations storing updated content of the updated version in the non-volatile storage device, while the updated content is generated in accordance with at least the update package, wherein 2<=m<2n.
Method and system for in-place updating original content of an original version stored in a non-volatile storage device and for yielding updated content of an updated version. Wherein at least part of content of each one of n (nᡶ1) blocks of the original version are modified in the updated version. The non-volatile storage device includs blocks. The method includes obtaining an update package. It also includes performing m block storage operations, wherein each block storage operation includes writing content to a block in the non-volatile storage device. The block storage operations include update block storage operations storing updated content of the updated version in the non-volatile storage device, while the updated content is generated in accordance with at least the update package. Wherein 2ឬ=mឬ2n.
Method and system for updating a stored version of content stored in a storage device using an update package. The update package that includes update commands is adapted for updating an original version of content to an updated version. The updating is carried out in accordance with an update sequence. The method includes determining direction of the updating. If the direction is indicative of forward then the method forward-updates the stored version to the updated version in accordance with the update sequence. If the direction is indicative of roll-back, the method generates a roll-back update sequence opposite to the update sequence and rolls-back the stored version to the original version in accordance with the roll-back update sequence.
A system and method for updating versions of content stored in a storage device. The system includes an update module for obtaining a conversion element and a small delta, and a converted old items generator for generating converted old items by applying the conversion element to items of an old version. The system further includes a data entries generator for generating data entries based on the modified data entries and on the converted old item, and a new version generator for generating a new version of content by applying the commands and the data entries to the old version.
A system for generating a compact update package between an old version of content and a new version of content. The system includes a conversion element generator for generating a conversion element associated with the old version and new version. A modified version generator for generating a modified version including applying the conversion element to the old versions. An update package generator for generating the compact update package. The compact update package includes the conversion element and a modified delta based on the modified version and the new version.
A system for generating a compact update package between an old version of content and a new version of content. The system includes a conversion element generator for generating a conversion element associated with the old version and new version. A modified version generator for generating a modified version including applying the conversion element to the old versions. An update package generator for generating the compact update package. The compact update package includes the conversion element and a modified delta based on the modified version and the new version.
patents
