A method for monitoring operation of a controller area network (CAN) comprising a plurality of nodes. The method comprises measuring a voltage associated with a CAN message transmitted on the network, determining a message signature in dependence on the measured voltage, and comparing the message signature with a node signature to determine the authenticity of the CAN message. One or more actions may be taken in dependence on the determined authenticity.

Systems and methods for managing a compromised autonomous vehicle server are described herein. A processor may obtain an indication of a first server configured to control an autonomous vehicle being compromised. The autonomous vehicle may have previously been provisioned with a first public key. The first public key may be paired with a first private key. A processor may compile command information. The command information may include a command for the autonomous vehicle and a digital certificate of a second server configured to control the autonomous vehicle in the event of the first server being compromised. The digital certificate may include a second public key and may be signed with the first private key. The command may be signed with a second private key associated with the second server. The second private key may be paired with the second public key.

The present disclosure includes apparatuses, methods, and systems for using a local ledger block chain for secure updates. An embodiment includes a memory, and circuitry configured to receive a global block to be added to a local ledger block chain for validating an update for data stored in the memory, where the global block to be added to the local ledger block chain includes a cryptographic hash of a current local block in the local ledger block chain, a cryptographic hash of the data stored in the memory to be updated, where the current local block in the local ledger block chain has a digital signature associated therewith that indicates the global block is from an authorized entity.

A sender configured to participate in an in-vehicle network is configured to receive a request for transmitting a payload and generate, in response, a first header in a transport layer and/or a network layer. The sender is further configured to access a key of k bytes length and to generate an authentication tag using the key and at least the first header as additional authentication data. The authentication tag serves to indicate an authenticity of a first frame on the transport and/or network layer as an original frame sent from the sender to a receiver. The sender is configured to generate the first frame comprising the first header, a transport layer payload, and the authentication tag and forward the first frame to the data link layer. The data link layer generates a second frame on the data link layer and transmits the second frame to the in-vehicle network.

A method for the at least assisted crossing of a junction by a motor vehicle. The method includes: receiving signals from the surroundings, which represent surroundings of the motor vehicle that at least partially include a junction, generating remote control signals for remotely controlling a lateral guidance and/or longitudinal guidance of the motor vehicle based on the signals from the surroundings in such a way that when remotely controlling the lateral guidance and/or longitudinal guidance of the motor vehicle based on the remote control signals, the motor vehicle crosses the junction in an at least assisted manner, outputting the generated remote control signals. A device, a computer program, and a machine-readable memory medium, are also described.

Embodiments described herein provide systems and methods to prevent, or provide a countermeasure, to a co-existence attack, for example, that may occur in a Security Credential Management System (SCMS) where both regular butterfly key (RBK) protocol and unified butterfly key (UBK) protocol are supported. Embodiments described herein provide, support, employ, or implement hardware acceleration for a Hardware Security Module (HSM), for example, for cryptographic operations (e.g., block ciphers, digital signature schemes, and key exchange protocols).

A method includes: receiving, by a computing device of a first vehicle, a command from a host device; in response to receiving the command, storing a new device secret in memory; generating, by the computing device using the new device secret, a triple comprising an identifier, a certificate, and a public key; and sending, by the computing device, the triple to a second vehicle, where the second vehicle is configured to verify an identity of the first vehicle using the triple.

An information processing system includes a pickup source determiner configured to determine an interior of a vehicle, a building, or a facility used by a user of a predetermined pickup service, as a pickup source of a package in response to a request for picking up the package from a user terminal of the pickup service.

Disclosed is a vehicular update system including a communication device configured to communicate between a server and a controller included in a vehicle, a memory, and a controller configured to, (i) when a public key set including a root public key for verifying a root signature is stored in the memory, acquire the root signature from the server and verify root metadata based on the acquired root signature and the root public key of the public key set pre-stored in the memory, and configured to, (ii) when the public key set is not stored in the memory, acquire, from the server, root metadata including a public key set and a root signature obtained by performing a digital signature on a hash value of the public key set using a root private key, verify the root metadata based on the root public key of the acquired root metadata and the root signature, and store the public key set.

Provided is a process, including: accessing, with a processor of an embedded computing device, immutable executable code stored in read-only memory of the embedded computing device; executing, with the processor of the embedded computing device, instructions of the immutable executable code that retrieve, from the read-only memory, a network-layer address of a tamper-evident, immutable data repository and an application-layer address of firmware of the embedded computing device stored in the tamper-evident, immutable data repository; executing, with the processor of the embedded computing device, instructions of the immutable executable code that, using the network-layer address and the application-layer address, download the firmware of the embedded computing device from the tamper-evident, immutable data repository; and executing, with the processor of the embedded computing device, instructions of the immutable executable code that store the downloaded firmware in re-writeable memory of the embedded computing device.