公开(公告)号：US11048828B2

公开(公告)日：2021-06-29

申请号：US16614452

申请日：2019-05-14

Applicant: ENIGMATOS LTD.

Inventor： Charly Bitton ,  Alexander Fok ,  Eyal Kamir ,  Yoni Malka ,  Orit Fredkof ,  Liran Zwickl ,  Meni Dali ,  Uriel Friedman

IPC: G06F21/85 ,  G06N20/00 ,  G06F21/64 ,  H04L12/40

Abstract: Systems and methods for identifying the source of a message transmitted on the CAN bus of a vehicle, by creating a unique signature for each ECU. The system is further configured to detest malicious activities on a CAN bus system having a given physical configuration. The signature of an ECU is created based on the non-linearity of the CAN bus, by determining from at least one pulse of a read message a training-signature that includes a pair of sub-signatures: a rising-sub-signature of the rising response, and a falling-sub-signature of the falling response, as viewed by said message generating ECU. By reading a plurality of messages from the ECUs operationally integrated on the CAN bus system, a classification & prediction methodology is used to create, for each message generating ECU, from the respective training-signatures, a unique ECU-signature.

公开(公告)号：US11036853B2

公开(公告)日：2021-06-15

申请号：US16618934

申请日：2018-08-01

Applicant: ENIGMATOS LTD.

Inventor： Eyal Kamir ,  Alexander Fok ,  Yaniv Tuchman ,  Avi Bitton ,  Uriel Friedman ,  Meni Dali ,  Yoni Malka

IPC: G06F21/55 ,  B60R25/30 ,  H04L12/40 ,  H04L29/08 ,  G06N20/00 ,  B60R16/023 ,  G06F17/17 ,  G06F21/56 ,  G06F21/71 ,  G06N5/04

Abstract: A system for preventing cyber security attacks over the CAN bus of a vehicle, from carrying out their plot. The system includes a teleprocessing device that is provided with the message identifier of at least one ECU to be blocked. The teleprocessing device is configured to read the message identifier of CAN messages, to thereby identify the at least one ECU to be blocked. Upon determining that the vehicle is under a cyber security attack, the ECU blocking device is activated. Upon identifying that a message was transmitted by the at least one ECU to be blocked, then during the CAN bus ‘bit monitoring’ process, before the at least one ECU to be blocked reads back the transmitted signal, the ECU blocking device alters one or more bits of the transmitted signal, to thereby force the message to be an erroneous CAN message.

公开(公告)号：US11218476B2

公开(公告)日：2022-01-04

申请号：US16767986

申请日：2019-01-11

Applicant: ENIGMATOS LTD.

Inventor： Eyal Kamir ,  Alexander Fok ,  Orit Fredkof ,  Avi Bitton ,  Yehonatan shlomo Malka ,  Charly Bitton ,  Liran Zwickel ,  Uriel Friedman ,  Meni Dali

IPC: G06F7/04 ,  H04L29/06 ,  G07C5/00

Abstract: The present disclosure relates to a system for authenticating a computerized sub-system of a vehicle, comprising: (A) at the vehicle: (a) a tele-processor configured to periodically record during a period T1 a flow of messages over a bus of the vehicle's sub-system, and to transmit periodically every period T2 the recorded flow of messages to a remote server via a transceiver; (B) at a remote authentication server: (b) a transceiver configured to receive each of said recorded flow of messages; (c) a profile generator configured to generate from each of said flow of messages a temporary profile; and (d) a comparator configured to compare each of said temporary profiles with a final profile which was previously created based on one or more of flows of messages within the vehicle's bus.

公开(公告)号：US11068590B2

公开(公告)日：2021-07-20

申请号：US16621874

申请日：2018-08-01

Applicant: ENIGMATOS LTD.

Inventor： Eyal Kamir ,  Alexander Fok ,  Yaniv Tuchman ,  Avi Bitton ,  Uriel Friedman ,  Meni Dali ,  Yoni Malka

IPC: H04L29/06 ,  G06F21/55 ,  B60R25/30 ,  H04L12/40 ,  H04L29/08 ,  G06N20/00 ,  B60R16/023 ,  G06F17/17 ,  G06F21/56 ,  G06F21/71 ,  G06N5/04

Abstract: A system for detecting malicious hardware on a data communication network, such as a vehicle CAN bus, is provided. The system includes a teleprocessing device, an AC signal generating device, and an impedance measuring device. In a preliminary step, a set of impedance measurements of N reference AC signals is formed, and a threshold value is set. The signal generating device injects a set of N AC signals into the network bus and the bus impedance for each of the N frequencies is measured, where a set of impedance values of N RT-signals is formed. Then, each of the impedance values of the RT-signals and the impedance values of the respective reference AC signal are statistically compared, to thereby form a set of N comparison-results. Upon determining that any of the impedance values of the RT-signals is greater than the threshold, an alert is activated.