Embodiments of this application provide a security protection method in an in-vehicle system and a device, relate to the field of internet of vehicles technologies, to deploy a first security protection module on an electronic control unit, deploy a second security protection module on a domain controller, and deploy a third security protection module on a gateway based on security level requirements of the gateway, the domain controller, and the electronic control unit, so that the gateway, the domain controller, and the electronic control unit have different security levels. A security level of the first security protection module is a first security level, a security level of the second security protection module is a second security level, and a security level of the third security protection module is a third security level.

An example operation includes one or more of receiving, via a first communication channel between a sending device and a recipient device, a first partial encryption key from the receiving device, receiving, via a second communication channel between the sending device and the recipient device, a second partial encryption key from the receiving device, wherein the second communication channel comprises a different communication medium than the first communication channel, generating a transport key based on the first partial encryption key and the second partial encryption key received via the first and second channels, and encrypting data based on the generated transport key and transmitting the encrypted data to the receiving device.

An affixable device can include a locking mechanism, a force-limiting mechanism, and a sensing mechanism. The locking mechanism can include an engagement component configured to disable the locking mechanism. The force-limiting mechanism can be configured to limit a locking force of the locking mechanism. The sensing mechanism can be coupled to the engagement component, and can be configured to determine that the force-limiting mechanism has limited the locking force of the locking mechanism. In response to determining the force-limiting mechanism limiting the locking force, the sensing mechanism can cause the engagement component to disable the locking mechanism.

A sensing device can include an accelerometer, a transceiver, and a computing device in communication with the accelerometer and transceiver. The computing device can transmit a first set of signals at a first power level to a remote device. The computing device can determine, via the accelerometer, a movement of the sensing device. The computing device can increase a power level for transmission from the first power level to a second power level in response to the movement. The computing device can transmit future signals at the second power level to the remote device.

A vehicle theft-prevention system can include a plurality of sensors configured to sense measurements proximate to a vehicle and a body configured to secure to a window of the vehicle. The body can include a wireless transceiver and at least one computing device coupled to the plurality of sensors and the wireless transceiver. The at least one computing device can be configured to receive, via the wireless transceiver, an indication to enter an armed mode from an unarmed mode. The at least one computing device can be configured to, in response to the indication, transition to the armed mode, wherein transitioning to the armed mode comprises setting a configuration of at least one property of a subset of the plurality of sensors.

In one aspect, a computer system for vehicle configuration verification, and/or detecting unauthorized vehicle modification may be provided. In some exemplary embodiments, the computer system may include a processor and a non-transitory, tangible, computer-readable storage medium having instructions stored thereon that, in response to execution by the processor, cause the processor to perform operations including: (1) receiving a vehicle image, including a vehicle identifier and at least one software module; (2) calculating a configuration hash value of the at least one software module; generating a first data block including the configuration hash value, a first index value, the vehicle identifier, and a digital signature; (3) storing the first data block in a memory; and/or (4) transmitting the first data block to any number of network participants using a distributed network to facilitate vehicle software configuration verification.

The present disclosure includes apparatuses, methods, and systems for using a local ledger block chain for secure updates. An embodiment includes a memory, and circuitry configured to receive a global block to be added to a local ledger block chain for validating an update for data stored in the memory, where the global block to be added to the local ledger block chain includes a cryptographic hash of a current local block in the local ledger block chain, a cryptographic hash of the data stored in the memory to be updated, where the current local block in the local ledger block chain has a digital signature associated therewith that indicates the global block is from an authorized entity.

A method of authenticated encryption and decryption includes generating a first digital signature with an encryption circuit of a first processor component. Concatenating the first digital signature to a plaintext message to generate a concatenated message. Encrypting the concatenated message into a ciphertext. Transmitting the ciphertext via a communications channel to a second processor component. Decrypting the ciphertext into a decrypted first digital signature and a decrypted plaintext message with a decryption circuit in the second processor component. Comparing, with the decryption circuit, the decrypted first digital signature with a second digital signature, thereby authenticating the decrypted plaintext message.

A computer-implemented method for establishing at least one low or zero emission traffic zone and for controlling and monitoring a dynamically operated drivetrain of hybrid vehicles passing through the at least one established low or zero emission traffic zone is provided. The method includes: acquiring data from air quality-sensitive sensors placed within a region including the at least one low or zero emission traffic zone to be established; operating a cloud-based service for evaluating the acquired data regarding air quality; wirelessly transmitting signals representative of a location and a shape of the at least one low or zero emission traffic zone to hybrid vehicles; operating vehicle-based mode transition means for at least initiating a change of a drivetrain mode of the hybrid vehicle to electric mode; generating a blockchain data block including data regarding the current position and the dynamically operated drivetrain of the hybrid vehicle; and adding the generated blockchain data block to a blockchain residing in a blockchain system.

Disclosed are methods, systems, and computer-readable medium for context-specific granular access to flight management system (FMS) SaaS using adaptive IAM. For instance, the method may include receiving, at one of a plurality of application programing interface (API) endpoints of a flight management system (FMS) software as a service (SaaS), a request from a client; determining whether the request is authorized; in response to determining the request is authorized, analyzing the request to determine a context of the request and determine whether the request includes an intent; transmitting a message to a particular functionality of the FMS SaaS based on the context and the intent; determining whether the client is associated with a subscription type; filtering a data stream from the FMS SaaS in accordance with the subscription type and the context; generating a response based on the filtered data stream; and transmitting the response to the client.