| 发明名称 |
SECURING A SHARED SERIAL BUS |
| 摘要 |
A method for securing a serial bus shared by a control module and one or more subordinate electronic devices, the serial bus having a protocol specifying that messages on the serial bus have a source address and a destination address. The method comprises examining, by one or more processors of the control module, each message appearing on the serial bus that was not originated by the control module; identifying, by one or more processors of the control module, a suspect message that satisfies one or more suspect message criteria. The method includes updating, by one or more processors of the control module, an event metric, and testing to determine whether a threshold has been exceeded; and in the event the threshold has not been exceeded, initiating, by one or more processors of the control module, a co-transmission sufficient to disrupt consumption of the suspect message by a subordinate device. |
| 申请公布号 |
US2015363596(A1) |
申请公布日期 |
2015.12.17 |
| 申请号 |
US201414305015 |
申请日期 |
2014.06.16 |
| 申请人 |
International Business Machines Corporation |
发明人 |
DeCesaris Michael;Franke Jeffery M.;Whetzel John K. |
| 分类号 |
G06F21/55;G06F13/42 |
主分类号 |
G06F21/55 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method for securing a serial bus shared by a control module and one or more subordinate electronic devices, the serial bus having a protocol specifying that messages on the serial bus have a source address and a destination address, the method comprising:
examining, by one or more processors of the control module, each message appearing on the serial bus that was not originated by the control module; identifying, by one or more processors of the control module, a suspect message that satisfies one or more suspect message criteria, the suspect message criteria consisting of:
the source address of the message is the source address of the control module;the destination address of the message is an address other than the destination address of the control module; andthe message includes one or more invalid fields; updating, by one or more processors of the control module, an event metric, and testing to determine whether a threshold has been exceeded; and in the event the threshold has not been exceeded, initiating, by one or more processors of the control module, a co-transmission sufficient to disrupt consumption of the suspect message by a subordinate device. |
| 地址 |
Armonk NY US |
