CONTROL UNIT SYSTEM

Abstract

A control unit system includes a control unit on which a rights management system is set up, access permission information being retrievably stored by the rights management system, functions in executable form being stored on further control units of the control unit system, at least one of the further control units being configured as a query control unit set up to execute these functions, or not, based on access permission information stored in the rights management system, characterized in that the control unit also includes a device management system that is configured to establish a connection with a server via a communication interface and to provide the rights management system with an update of the access permissions received from the server via this interface.

Claims

1-8. (canceled)

9. A control unit system comprising: a control unit on which a rights management system is set up and that includes a device management system that is configured to establish a connection with a server via a communication interface, wherein access permission information is retrievably stored by the rights management system and the device management system is configured to provide the rights management system with an update of access permissions received from the server via the interface; and control units storing executable functions and at least one of which is a query control unit that is configured to execute the functions depending on access permission information stored in the rights management system.

10. The control unit system of claim 9, wherein the query control unit is configured to inquire regarding the access permission information prior to receipt of the access permission information by the rights management system.

11. The control unit system of claim 9, wherein the rights management system is configured to update a list of stored access permissions according to the received update.

12. The control unit system of claim 9, wherein the device management system is configured to: keep a list of devices; receive, via the interface, information that is addressed to one of the devices on the list; identify the device; and provide the received information to the device.

13. The control unit system of claim 12, wherein the device management system is configured to receive existing access permission information from the rights management system and transmit the received existing access permission information to the server.

14. The control unit system of claim 9, wherein the rights management system is configured to transmit the access permission information to a content management system for storage in a memory, the content management system being configured to receive data and store the received data in the memory.

15. The control unit system of claim 14, wherein the content management system is configured to store the data in the memory in encrypted form using a hardware security module, only the hardware security module having access to the memory.

16. The control unit system of claim 9, wherein the control unit system is configured to store the access permission information in a memory of a control unit on which the rights management system is not set up.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

[0030] FIG. 1 shows a control unit system of a motor vehicle, according to an example embodiment of the present invention.

[0031] FIG. 2 shows a possible structuring of the access permission information, according to an example embodiment of the present invention.

[0032] FIG. 3 shows a possible access via the rights management system API, according to an example embodiment of the present invention.

[0033] FIG. 4 shows a possible creation, deletion, or modification of the access permission information via the rights management system API, according to an example embodiment of the present invention.

[0034] FIG. 5 shows another possible creation, deletion, or modification of the access permission information via the rights management system API, according to an example embodiment of the present invention.

DETAILED DESCRIPTION

[0035] FIG. 1 shows an example of a vehicle 1 that includes a control unit system, with a control unit 100 on which rights management system 20 and device management system 10 are stored. The control unit system also includes further control units 200, 300, 400, 500. Software functions 310, 410 are stored on control units 300, 400. For carrying out software functions 310, 410, the software functions transmit a query to the API of rights management system 20 and inquire whether access permission for carrying out this software function 310, 410 is present at that moment. Control units 300, 400 are logged in with device management system 10 and are addressable by same.

[0036] Software functions 310, 410 can be, for example, features that are already present in vehicle 1, but which must first be enabled by appropriate access permission. This can be, for example, a lane-keeping assistant that can be optionally acquired or enabled by the driver of vehicle 1.

[0037] Software functions 310, 410 can also be a function that is retroactively installable in vehicle 1. After function 310 is installed, it can be provided that function 310 is logged in with device management system 10.

[0038] After the query has been made to the API, the rights management system optionally asks, via an identity management system 510 stored in control unit 500, for the vehicle identification number and the driver identification number, which are transmitted by the control unit to rights management system 20.

[0039] Rights management system 20 checks whether the access permission for carrying out software function 310, 410 is present, and reports the result to software function 310, 410. For this purpose, rights management system 20 accesses memory 50 via content management system 30.

[0040] Content management system 30 and memory 50 are implemented on control unit 200, which is not control unit 100. Software functions 310, 410 also access memory 50 via content management system 30.

[0041] The access of content management system 30 to memory 50 takes place via hardware security module 40, which is likewise installed on control unit 200 and which ensures that the information on memory 50 is not impermissibly retrieved or modified by an attack.

[0042] Rights management system 20 is registered with device management system 10. Device management system 10 can establish a connection with vehicle-external server 600 via a connectivity interface. This connection is typically wireless, i.e., over-the-air. For example, the backend system for rights management system 600 is installed therein.

[0043] Rights management system 20 can provide device management system 10 with instantaneously stored access permission information. Device management system 10 transmits this instantaneously stored access permission information to server 600. Server 600 checks whether this access permission information corresponds to the version of the access permission information that is stored on server 600 at that moment. If this is not the case, server 600 transmits an update of the access permission information to device management system 10. Device management system 10 receives this update, identifies that rights management system 20 is the addressee for the update, and transmits the update to rights management system 20. Rights management system 20 carries out, via content management system 30, a corresponding update of the access permission information stored in memory 50.

[0044] It is understood by those skilled in the art that the present invention can be implemented in software, or in hardware, or in a mixed form made up of hardware and software.