A secure start system for an autonomous vehicle (AV) can include a compute stack and a communications router. The communications router can include an encrypted router drive and an input interface to receive a boot-loader that includes a basic decryption key to decrypt the encrypted router drive and enable network communications with a backend system. The secure start system can utilizes a tunnel key from the backend system to establish a private communications session with a backend data vault, and retrieve a set of decryption keys from the backend data vault, via the private communications session, to decrypt a plurality of encrypted drives of the AV.

Systems and methods for protecting and preventing unauthorized transfer or downloading of recorded train event data for use in a train event recording system of a train. A train event recording system and an authenticated data storage device are also disclosed. According to one preferred and non-limiting embodiment, provided is a system for protecting recorded train event data, the system including at least one external memory device having encrypted authentication data stored thereon, the encrypted authentication data including authentication data encrypted with at least one first key.

A secure start system for an autonomous vehicle (AV) can detect startup of the AV and transmit credentials to a backend system. When the credentials are authenticated, the secure start system can receive a tunnel key from the backend system. Using the tunnel key, the secure start system can establish a private communications session with a backend vault of the backend system and retrieve a set of decryption keys from the backend vault. Using the set of decryption keys, the secure start system can verify and decrypt a cryptographically signed, encrypted, and compressed file system for execution by a compute stack of the AV—where execution of the file system by the compute stack enables autonomous operation of the AV.

Methods and systems for facilitating communications between a vehicle and a service provider are provided. A first address of a vehicle communication device and a second address of a service provider communication device are obtained at a remote location that is remote to both the vehicle and the service provider. A set of keys, including a first key and a second key, is generated at the remote server. The first key is for use by the vehicle in establishing communications with the service provider, and the second key is for use by the service provider in establishing communications with the vehicle. The first key is provided to the vehicle, and the second key is provided to the service provider.

The present disclosure is directed to systems and methods associated with a communication infrastructure. The communication infrastructure includes a vehicle integration platform that includes a plurality of application programming interfaces configured to facilitate message communication among clients. The communication infrastructure includes a registration authority system configured to receive certificate signing requests from the clients and to generate client-specific credentials for establishing a predetermined time period of ability for client authentication within the vehicle integration platform. The communication infrastructure includes a certificate authority system configured to normalize requests received from the clients via the registration authority system such that the client-specific credentials are established according to an approved hierarchy of licensing certificates. The communication infrastructure includes a security library accessible by each of the clients and by components of the vehicle integration platform. The security library is configured to provide implementation logic for signing messages and implementation logic for validating messages.

A method for providing secure connection between vehicles. A unique pair of digitally signed public key and private key is provided to each vehicle, along with additional vehicle-related data. A certificate number is generated for each vehicle and the public key, the certificate number and the attributes of the vehicle is signed by a trusted certificate generating authority. Before communicating with a second vehicle, the first vehicle sends its unique certificate to a second vehicle; the second vehicle verifies the authenticity of received unique certificate number and visible attributes by a camera. If the attributes are verified successfully, the second vehicle sends its unique certificate number to the first vehicle, along with a secret key, which is valid for the current session only. Then the first vehicle verifies the authenticity of received certificate of the second vehicle and attributes by a camera that captures visible attributes of the second vehicle.

The efficiency of commercial vehicle operations can be facilitated by using a blockchain. The blockchain can be used to track commercial operators and provide a logistical network for swapping operators. An operator identity for an initial operator of a vehicle and a route limitation indicating operator restrictions with respect to a route can be recorded in a blockchain database. Using a vehicle operation history retrieved from the blockchain database for the initial operator, a time frame for operation of the vehicle by the initial operator can be determined based on the route limitation and the vehicle operation history. An operator swap event at a swap location can be coordinated so that control of the vehicle can be transferred from the initial operator to a subsequent operator based on the time frame. The operator swap event and a subsequent operator identity can be recorded in the blockchain database.

An information management system, in which each of a plurality of vehicles is configured to record information using a block chain. Each of the plurality of vehicles includes: a communication unit including an antenna and configured to be connectable to an internet through the antenna; a storage unit configured to store the information in a form of the block chain; and a processor and a memory coupled to the processor. The processor is configured to perform: recording the information in the storage unit.

A system and method for securely providing a mobile device with a cryptographic key in a vehicle. The method includes generating a cryptographic key pair that includes a first and second cryptographic keys. One of the keys is used to create a scannable image which is then incorporated into a label that is displayed in the vehicle, either as a physical label mounted in the vehicle or via a display screen within the vehicle. The label containing the scannable image can then be read by a mobile device at the vehicle, thereby providing the one key to the mobile device for use in sending communications to the vehicle.

A device may determine a price of a product based on first information concerning attributes of the product, and provide the price for display by a user device. The device may generate first hash values based on the first information, where a particular first hash value is associated with a particular attribute, and generate a first bit-string that includes the plurality of first hash values. The device may generate second hash values based on second information concerning the attributes of the product, where a particular second hash value is associated with the particular attribute. The device may generate a second bit-string that includes the second hash values, and determine a change to the particular attribute based on the first bit-string and the second bit-string. The device may determine a new price of the product based on the change, and provide the new price for display by the user device.