A method for communicating data from a sensor device to an Electronic Control Unit using a single-wire bi-directional communication protocol includes providing a first key of the Electronic Control Unit to the sensor device, encrypting sensor data of the sensor device using the first key to determine encrypted data, and transmitting the encrypted data from the sensor device to the Electronic Control Unit.

A method for communicating data from a sensor device to an Electronic Control Unit using a single-wire bi-directional communication protocol includes providing a first key of the Electronic Control Unit to the sensor device, encrypting sensor data of the sensor device using the first key to determine encrypted data, and transmitting the encrypted data from the sensor device to the Electronic Control Unit.

Technologies for securely exchanging sensor information include an in-vehicle computing system of a vehicle to establish a trusted execution environment and a secure communication channel between the trusted execution environment and a corresponding trusted execution environment of a coordination server. A private key is bound to the trusted execution environment of the in-vehicle computing system. The in-vehicle computing system confirms the authenticity of the coordination server, receives sensor data generated by a sensor of the vehicle, and generates an attestation quote based on the trusted execution environment of the in-vehicle computing system. The in-vehicle computing system further transmits, to the coordination server over the secure communication channel, the sensor data, the attestation quote, and a cryptographically-signed communication signed with the private key.

A method at a computing device associated with a road user, the method including detecting actions of a second road user; checking the actions against rules associated with the computing device; determining that the actions of the second road user contravene the rules; and providing a report regarding the actions of the second road user.

Various embodiments of a system and method for secure, authenticated communication with one or more unmanned aerial vehicles (UAVs) are described herein. The system includes at least one computing system which is operable with instructions to: receive, from an unmanned aerial vehicle of one or more unmanned vehicles, a message; extract, from the message, an unmanned aerial vehicle serial number and a secret key; compute a hash of the secret key to generate a first hashed secret key; retrieve, from an internal database located on a non-transient memory of the at least one computing system, a second hashed secret key associated with the unmanned aerial vehicle serial number; and compare the first hashed secret key with the second hashed secret key to determine whether the message is valid.

Among other things, techniques are described for provisioning and authentication of devices in vehicles. In one aspect, a device in a vehicle establishes a communication session with a network server that manages provisioning of devices corresponding to an enterprise associated with the vehicle. The device receives instructions from the network server to generate cryptographic keys, and in response, generates a public and private key pair. The device sends, to the network server, a certificate signing request that includes the public key and an identifier of the device. In response, the device receives a digital security certificate for the device, and a security certificate of a signing certificate authority. The device authenticates the security certificate of the certificate authority using a known enterprise root certificate, and upon successful authentication, stores the device security certificate and the security certificate of the signing certificate authority.

A system for managing a digital resource vehicle within a distributed trust computing network, such as a blockchain network or the like. The digital resource vehicle monitors for occurrence of output-triggering events and in response to determining the occurrence of event, determines output recipients, distribution portions and initiates execution of the resource events. The distributed trust computing network ensures immutability of the digital resource vehicle and provides a source of truth for verification/validation of triggering events and resulting resource events.

A system for generating cryptographic material includes a cryptomaterial server and developer module. The cryptomaterial server has at least one cryptomaterial generator and a cryptomaterial distributor. The cryptomaterial generator is set up to generate cryptographic material by using specifications that can be predetermined via the developer module. The cryptomaterial server has a receiving part of a specification interface and the developer module has a corresponding sending part of the specification interface, which can be coupled directly or indirectly for the secure transmission of data. The developer module has a user interface or can be coupled directly or indirectly to one that is set up for an input of the specifications in abstract form. A transformation module automatically transforms the input specifications into a syntax of the cryptomaterial generator.

The present disclosure provides a communication network node for providing data to a distributed ledger, wherein the node has circuitry configured to: provide a user data management part for separating sensitive user data and non-sensitive user data, and provide the non-sensitive user data to the distributed ledger.

A system for securely provisioning a plurality of computerized devices of a tenant, is provided. The system includes a processor, and a computer storage medium including instructions that when executed by the processor cause the processor to perform operations. The operations include receiving provisioning requests from r the plurality of computerized devices needing certificates, each provisioning request indicating a tenant identifier identifying the tenant, and transmitting the provisioning requests to a set of security credential management system backend components based on the tenant identifier. The set of SCMS backend components includes enrollment certificate authorities operable to generate enrollment certificates, each provisioning request being transmitted to one of the one or more enrollment certificate authorities based on the tenant identifier of each provisioning request, and a pseudonym certificate authority operable to generate digital assets in response to receiving a provisioning request.