1. Statement of the Technical Field
The present invention relates to the field of event data recorders, and more particularly to the secure logging of vehicle data in a tamper-proof event data recorder.
2. Description of the Related Art
Event data recorders have always been an important component of transportation safety. Most notably, event data recorders, referred to among the general lay public as xe2x80x9cblack boxesxe2x80x9d, have performed admirably in the context of aviation flight safety. In that regard, black box technology has proven to be a critical component in reconstructing the events leading to an aviation accident. In consequence of the use of black box technology, the root cause of airplane disasters have been determined and important changes have resulted in the aviation industry.
Event data recorders have performed similarly in the context of automotive safety. Specifically, in 1974, the United States National Highway Traffic Safety Administration (NHTSA) equipped over one-thousand automobiles with analog event data recorders in an effort store crash data for future analysis. Since 1974, both the United States National Transportation and Safety Board (NTSB) and the Office of Technology Assessment have studied the widespread use and resulting advantages of event data recorders in passenger vehicles. The keen interest in event data recorders exhibited by government bureaucrats no doubt has encouraged private research and development in the field which has resulted in more than a few domestic and foreign patents which relate to capturing of vehicular event data.
For example, U. S. Pat. No. 6,246,934 to Otake et al. for VEHICULAR DATA RECORDING APPARATUS AND METHOD relates to the recording of running data regarding a vehicle into a memory in an overwrite manner when the running data needs to be recorded. If the vehicle enters an abnormal state, such as a crash or the like, the apparatus prevents the recording, and retains the running data recorded up to that moment in the memory. The data can be retrieved for subsequent analysis simply by accessing the memory subsequent to the crash.
Similarly, U. S. Pat. No. 6,067,488 to Tano for VEHICLE DRIVING RECORDER, VEHICLE TRAVEL ANALYZER AND STORAGE MEDIUM teaches the sequential measurement and storage in memory of angular velocity data and acceleration data of a vehicle, along with time information. If a shock due to a crash occurs at the vehicle, a given time period is set for further data storage. When the time period expires, the data storage into the memory is stopped. Thus, the memory holds at least the angular velocity data and the acceleration data for the set time period after the detection of the occurrence of a shock and for a given time period before detection of the occurrence of the shock. Once again, the crash data can be accessed directly through a communication port.
In recent years, the perceived importance of event data recording has risen dramatically in concert with an equally significant rise in insurance claims and civil litigation relating to vehicular accidents. In the past five years alone, the NTSB has promulgated rules which require the use of event data recorders at least on the bus and truck industry. Though the NTSB has yet to mandate the use of equivalent devices in all passenger vehicles, public pressure is mounting for just such a requirement. Still, many in the public fear the privacy implications of mandated xe2x80x9cblack boxxe2x80x9d technology. Notwithstanding, to satisfy evidentiary requirements set forth according to the legal system, the contents of an event data recorder must be verifiably secure so as to constitute evidence of the state of a vehicle before, during and after a car accident.
Though most issued patents teach an unsecured mode of accessing event data in a vehicularly mounted event data recorder, some of the technology described among a handful of issued patents suggest some tamper-proofing. For instance, U. S. Pat. No. 5,471,193 to Peterson et al. for TAMPER-RESISTANT VEHICLE EVENT RECORDER relates to a tamper-resistant vehicle event recorder having a combustible film on a polymeric substrate. Responsive to a vehicular event, an ignition mechanism can ignite the combustible film so as to prevent the re-recording of data on the film. As a result, an imprint of the accident data can be preserved on the film.
Several private initiatives also have considered the problem of securing event data gathered by an event data recorder during the course of a vehicular event. One such private initiative, Independent Witness, Inc. of Salt Lake City, Utah, United States, provides a solution consisting of two principal components: a black box configured to record the date, time, direction, impact severity and acceleration profile responsive to a car accident; and, an accident severity and injury potential database which can store the data recorded by the black box to a database and can be compared against the accident data of other accidents. By collecting accident data across multiple accidents, the force of an accident can be directly correlated to xe2x80x9cinjury potentialxe2x80x9d. Nevertheless, the solution proposed by IWI does not provide for a secure chain of custody of accident data from accident to database. Specifically, nothing prevents a third party from tampering with the accident data prior to the downloading of the accident data from the black box to the database.
The present invention is a secure event data recording system configured for use in a passenger vehicle. The secure event data recording system can include an event data recorder; a memory device coupled to the event data recorder and configured to store event data processed in the event data recorder; and, an input/output port communicatively linked to the memory device through which read/write access can be provided to the memory device. Significantly, a tamper proof sealing mechanism can be provided which bars access to the memory device, the event data recorder and the input/output port without causing an irreparable breach of the tamper proof sealing mechanism.
The system also can include a vehicle interface disposed between the event data recorder and the vehicle. In particular, the vehicle interface can provide access to sensing devices in the vehicle. The system also can include a read only output communicatively linked to the memory device through which read only access can be provided to the memory device without causing an irreparable breach of the tamper proof sealing mechanism. In this way, event data can be accessed in those circumstances where the integrity of the event data need not be certified.
A method of providing certified vehicle event data in response to the occurrence of a vehicle event can include installing an event data recorder in a vehicle belonging to a vehicle owner/operator and applying a tamper proof sealing mechanism to the event data recorder. A report of a vehicle event involving said vehicle can be retrieved. Subsequently, the event data recorder can be accessed in the vehicle and it can be determined whether the tamper proof sealing mechanism has been breached. If the tamper proof sealing mechanism has not been breach, event data can be extracted from the event data recorder and the integrity of the extracted event data can be certified to an evaluating authority.