This application claims the priority of German patent document 101 40 721.1, filed 27 Aug. 2001, the disclosure of which is expressly incorporated by reference herein.
The invention is directed to a method of providing software for use by a control unit of a vehicle, such as a motor vehicle or motorcycle.
Control units for motor vehicles normally have a sequence control which is controlled by software. After the manufacture of the control unit by the company producing the vehicle or by a supplier, the software is stored in the control unit, and is maintained there after the unit is mounted. As a result, the software can be exchanged or altered only in a damaging manner.
It is therefore an object of the present invention to improve the software/hardware combination, particularly of a motor vehicle or of a passenger car.
According to the invention, this object is achieved by signing software provided for use by a control unit of a vehicle (particularly of a motor vehicle or motorcycle). A public-key method is used to protect against falsification by using the secret or private key of a software signature site. In particular, the public-key method uses a special pair of keys, specifically a secret private key and a public key complementary to the latter.
As an alternative or in addition, in another embodiment of the invention, a software signature certificate is generated using the public key of the software signature site and the secret key of a control entity (a so-called trust center) within the framework of a public-key method.
As a further alternative or addition, a control entity certificate or trust center certificate may be generated by using the secret key of the control entity.
According to another embodiment of the invention clearing code data may be signed by using the secret key of a clearing code site within the framework of a public-key method.
According to another embodiment of the invention, a clearing code site signature certificate may be generated by using the secret code of the control entity—the trust center—within the framework of a public-key method. In addition, the trust center certificate may be stored in the control unit in a manner protecting it against a falsification and/or an exchange, as in a protected memory, a memory area, or the like. The clearing code site signature certificate, the software signature certificate, the clearing code data and their signature as well as the software and its signature may be stored in the control unit.
As an alternative or in addition, it is provided in another embodiment of the invention that the software signature certificate has one or more validity restrictions, such as, in particular, a restriction to one or more control unit types.
Similarly, the clearing code site signature certificate may also have one or more validity restrictions, such as, in particular, a restriction to a certain control unit which is specified, for example, by means of a number, identification, or the like, invariably stored in this control unit, or the vehicle identification number.
As an alternative or in addition, it is provided in another embodiment of the invention that the software signature certificate is checked for integrity within the framework of a public-key method, while using the public key of the trust center.
The signed software may be checked for integrity within the framework of a public-key method, by using the public key of the software signature site contained in the software signature certificate. Correspondingly, the clearing code site signature certificate may be checked for integrity within the framework of a public-key method using the public key of the trust center.
The signed clearing code data may be checked for integrity within the framework of a public-key method using the public key of the clearing code site contained in the clearing code site signature certificate.
As a further alternative or in addition, the control unit may be equipped with a sequence controlled microprocessor which carries out one of the above-described methods using the public-key method.
Other objects, advantages and novel features of the present invention will become apparent from the following detailed description of the invention when considered in conjunction with the accompanying drawings.