An automobile device receives first data from one or more transmitters located in an automobile. A random access preamble is transmitted on an uplink carrier to a base station in response to a pre-defined condition being met based on at least one of the following: the first data; a value of an internal timer; and a user input. A first message is transmitted to a network server via the base station over a bearer. The first message is configured to trigger establishment of a connection to the network server. A second message is received from the network server via the base station over the bearer. The second message is configured to cause transmission of the first data to the network server. The first data is transmitted to the base station via an established bearer.

A method of operating a system, wherein the system comprises a plurality of components, the method comprising: maintaining a distributed ledger, wherein the distributed ledger comprises data records, wherein each data record stores information concerning one or more respective components of the plurality of components; at least one component of the plurality of components processing the information stored in one or more respective data records of the distributed ledger to determine whether the system meets one or more respective security criteria; and one or both of: (i) the at least one component performing a respective first action if the at least one component determines that the system meets the one or more respective security criteria; and (ii) the at least one component performing a respective second action if the at least one component determines that the system does not meet the one or more respective security criteria.

A CAN device is provided with an encryption function and a decryption function. The encryption function allows messages to be encrypted and put onto a CAN bus. The decryption function allows the messages on the CAN bus to be decrypted. The encryption and decryption functions share keys which change over the course of time.

A communication device stores a first secret key and a first public key, and the on-vehicle authentication device stores a second secret key, a second public key and a signature verification key. The on-vehicle authentication device acquires the first public key, verifies the authenticity of the electronic signature using a signature verification key, encrypts the second public key using the authentic first public key and transmits the encrypted second public key. The communication device receives the encrypted second public key, decrypts the encrypted second public key using the first secret key, encrypts the first public key using the decrypted second public key. The on-vehicle authentication device receives the encrypted first public key, decrypts the encrypted first public key using the second secret key, and authenticates that the communication device is an authentic device when the decrypted first public key has been determined to be authentic.

Improved pseudonym certificate management is provided for connected vehicle authentication and other applications. Temporary revocation of a certificate is enabled. With respect to Security Credential Management Systems (SCMS), pre-linkage values can be employed. The pre-linkage values can be encrypted using homomorphic encryption. Other embodiments are also provided.

The invention relates to a method (100) for securing a communication between a mobile communication apparatus (10) and a vehicle (5), in particular for authentication at a passive access system of the vehicle (5), wherein the vehicle (5) comprises at least one radio unit (20).

A key management method serves as an electronic control unit (ECU) in an onboard network system having a plurality of ECUs that perform communication by frames via a network. The method includes storing, in a first-type ECU, a shared key to be mutually shared with second-type ECUs, and executing encryption processing regarding a framed transmitted or received via the network, based on the shared key. The method further includes executing, by the first-type ECU, inspection of a security state of the shared key stored by the second type ECUs in a case where a vehicle is in at least one of the following particular states, including immediately after the vehicle is not driving and is entering the accessory-on state, immediately after the vehicle is not driving and the vehicle is entering the accessory-off state, and immediately after the vehicle engine is started.

Techniques are disclosed securely communicating traffic over a network. In some embodiments, an apparatus includes a first circuit having a local clock configured to maintain a local time value. The first circuit is configured to determine a synchronized time value based on the local time value, the synchronized time value being an expected time value of a reference clock. The first circuit is further configured to generate a first encryption key by calculating a key derivation function based on the synchronized time value and encrypt a portion of a packet using the first encryption key, the portion of the packet being to be communicated to a second circuit. In some embodiments, the apparatus further includes a first network node coupled to the first circuit and configured to communicate the packet to a second network node coupled to the second circuit and to include the synchronized time value in the packet.

Methods and systems for maintaining a distributed ledger and/or blockchain of transactions and/or events pertaining to autonomous vehicles and/or smart contracts are provided. One or more processors may monitor one or more sensors associated with an autonomous vehicle. Based upon the outputs of the sensors, a change in condition of the autonomous vehicle may be detected. The condition may relate to operation, or an operational state of the vehicle and/or a condition associated with a smart contract. The processors may generate a transaction describing the detected change in the condition of the vehicle. The transaction may be transmitted to an enforcement server. As a result, an up-to-date ledger of autonomous vehicle and/or smart contract transactions and/or events may be maintained.

A system for monitoring a component of an effect chain for an at least partially automated driving function of a motor vehicle. The system includes: a processor; one or more memory blocks, an input, set up to receive output data output by the component;

computer-executable instructions, executable by the processor in order to implement one or more enclaves, using the one or more memory blocks, the one or more enclaves including a certificate enclave, which is set up to create a certificate for the component of the effect chain; an output, set up to output the certificate to the component, the certificate enclave being set up to check the output data received following output of the certificate, on the basis of the certificate, in order to output a check result, and a trigger device, set up to trigger a security action based on the check result.