Methods are provided for securely loading software objects into an electronic control unit. The methods include receiving a first software object comprising a second level public key certificate, a first encryption signature and a first set of software. Once the first software object is received, validating the first second level public key is validated with the embedded root public key, the first encryption signature with the first second level public key certificate, and the first set of software with the first encryption signature. When the first set of software is valid, then the first second level public key certificate and the first set of software are stored to non-volatile memory. Once stored, a consecutive software object is received comprising only a consecutive encryption signature and a consecutive set of software from the programming source. The consecutive encryption signature is validated with the stored second level public key certificate, and the consecutive set of software is validated with the consecutive encryption signature.
Legal claims defining the scope of protection, as filed with the USPTO.
1. A method for loading multiple software objects into a computing device containing an embedded public root key and a stored first second level public key certificate when there is a different subsequent second level public key certificate associated with a second software object being loaded, the method comprising: receiving a first software object comprising a first second level public key certificate, an encryption signature and a first set of software from a programming source; determining that the second software object received is associated with the subsequent second level public key certificate that is different than the first second level public key certificate; when the subsequent second level public key certificate is the same as the first second level public key certificate, then validating the encryption signature associated with the second software object with the first second level public key certificate and writing the second software object to a non-volatile memory of the computing device; when the subsequent second level public key certificate is different from the stored first second level public key certificate, then validating the subsequent second level public key certificate with the embedded public root key; validating the encryption signature using the subsequent second level public key certificate; validating the second software object with their encryption signatures; and when the second software object is valid, then storing the subsequent second level public key certificate to the non-volatile memory and writing the second software object to a non-volatile memory.
2. The method of claim 1 , wherein the embedded public root key is an asynchronous public encryption key.
3. A vehicle comprising: an electronically controlled device; an electronic control unit (ECU) configured to control the electronically controlled device, the ECU containing an embedded public root key and a stored first second level public key certificate; and a boot loader, the boot loader configured to load software into the ECU when there is a different subsequent second level public key certificate associated with a second software object being loaded by: receiving a first software object comprising a first second level public key certificate, an encryption signature and a first set of software from a programming source; determining that the second software object received is associated with the subsequent second level public key certificate that is different than the first second level public key certificate; when the subsequent second level public key certificate is the same as the first second level public key certificate, then validating the encryption signature associated with the second software object with the first second level public key certificate and writing the second software object to a non-volatile memory of the computing device; when the subsequent second level public key certificate is different from the stored first second level public key certificate, then validating the subsequent second level public key certificate with the embedded public root key; validating the encryption signature using the subsequent second level public key certificate; validating the second software object with their encryption signatures; and when the second software object is valid, then storing the subsequent second level public key certificate to the non-volatile memory and writing the second software object to a non-volatile memory.
4. The vehicle of claim 3 , wherein the embedded public root key is an asynchronous public encryption key.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
May 29, 2013
February 23, 2016
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.