Processing

Please wait...

Settings

Settings

Goto Application

1. WO2018127816 - MODE-BASED CONTROLLER SECURITY AND MALWARE PREVENTION

Publication Number WO/2018/127816
Publication Date 12.07.2018
International Application No. PCT/IB2018/050047
International Filing Date 03.01.2018
IPC
G06F 21/55 2013.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55Detecting local intrusion or implementing counter-measures
H04L 29/06 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02Communication control; Communication processing
06characterised by a protocol
H04W 12/12 2009.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
WWIRELESS COMMUNICATION NETWORKS
12Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity
12Fraud detection
CPC
G06F 21/55
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55Detecting local intrusion or implementing counter-measures
H04L 2012/40215
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
12Data switching networks
28characterised by path configuration, e.g. local area networks [LAN], wide area networks [WAN]
40Bus networks
40208characterized by the use of a particular bus standard
40215Controller Area Network CAN
H04L 2012/40273
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
12Data switching networks
28characterised by path configuration, e.g. local area networks [LAN], wide area networks [WAN]
40Bus networks
40267Bus for use in transportation systems
40273the transportation system being a vehicle
H04L 63/101
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
10for controlling access to network resources
101Access control lists [ACL]
H04L 63/105
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
10for controlling access to network resources
105Multiple levels of security
H04L 63/14
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
14for detecting or protecting against malicious traffic
Applicants
  • KARAMBA SECURITY LTD. [IL]/[IL]
Inventors
  • DAVID, Tal Efraim Ben
  • HAREL, Assaf
  • DOTAN, Amiram
  • BARZILAI, David
Priority Data
62/441,76703.01.2017US
Publication Language English (EN)
Filing Language English (EN)
Designated States
Title
(EN) MODE-BASED CONTROLLER SECURITY AND MALWARE PREVENTION
(FR) SÉCURITÉ DE CONTRÔLEUR REPOSANT SUR UN MODE ET PRÉVENTION CONTRE UN LOGICIEL MALVEILLANT
Abstract
(EN)
In one implementation, a method for providing security on controllers includes detecting, by a given controller, an attempted security attack on the given controller; in response to detecting the attempted attack, entering a safe mode of operation for the given controller in which at least one process performed by the given controller is restricted such that the at least one process is performed only when a current context of the controller matches a permitted context that is associated with the given controller; in response to detecting the attempted attack, transmitting a safe mode alert to one or more other controllers; and for at least one of the one or more other controllers, in response to receiving the safe mode alert, entering a safe mode of operation for the other controller.
(FR)
Selon un mode de réalisation, l'invention concerne un procédé de fourniture d'une sécurité à des contrôleurs consistant à détecter, par un contrôleur donné, une tentative d'attaque de sécurité du contrôleur donné; en réponse à la détection de la tentative d'attaque, à entrer dans un mode d'exploitation sécurisé pour le contrôleur donné, dans lequel au moins un processus exécuté par le contrôleur donné est limité de façon à n'exécuter ledit processus que lorsqu'un contexte courant du contrôleur correspond à un contexte autorisé qui est associé au contrôleur donné; en réponse à la détection de la tentative d'attaque, à transmettre une alerte de mode sécurisé à un ou plusieurs autres contrôleurs; et pour au moins un contrôleur dudit ou desdits autres contrôleurs, en réponse à la réception de l'alerte de mode sécurisé, à entrer dans un mode d'exploitation sécurisé pour l'autre contrôleur.
Also published as
EP2018701067
Latest bibliographic data on file with the International Bureau