US 7,386,735 B2 | ||
Method for securing the authenticity of hardware and software in a networked system | ||
Peter Eitel, Brunnthal (Germany); Guido Heidt, Landsberg/Lech (Germany); and Uwe Retzow, München (Germany) | ||
Assigned to Siemens AG, Munich (Germany) | ||
Filed on Aug. 15, 2002, as Appl. No. 10/219,602. | ||
Application 10/219602 is a continuation of application No. PCT/EP01/01055, filed on Feb. 01, 2001. | ||
Claims priority of application No. 00103075 (EP), filed on Feb. 15, 2000. | ||
Prior Publication US 2003/0079141 A1, Apr. 24, 2003 | ||
Int. Cl. G06F 11/30 (2006.01); G06F 12/14 (2006.01); H04L 9/32 (2006.01) |
U.S. Cl. 713—194 [726/1; 726/2; 726/22; 726/26; 726/34] | 10 Claims |
1. A networked system, comprising:
an internal system bus;
a first remotely located system component and a second remotely located system component, the first and the second system
components being remotely located from each other, the first remotely located system component and the second remotely located
system component each comprising a hardware and a software module and the first remotely located system component and the
second remotely located system component being connected via the internal system bus;
wherein each of the first remotely located system component and the second remotely located system component stores an authentication
feature for a hardware module or an integrity securing feature for a software module;
an internal central testing module attached to the internal system bus and connected to the first remotely located system
component and the second remotely located system component only via the internal system bus, the internal central testing
module being adapted to centrally test the authentication features and/or the integrity securing features, the central testing
including a data exchange between the internal central testing module and a respective remotely located system component wherein
the internal central testing module has stored the authentification features or the integrity securing features from the first
remotely located system component and the second remotely located system component and wherein the internal central testing
module is implemented to centrally test the authentication features or the integrity securing features stored in the first
remotely located system component and the second remotely located system component by using the authentication features or
the integrity securing features of each of the first and the second remotely located system components stored in the internal
central testing module in response to
a request from the internal central testing module,
a request from the first remotely located system component or from the second remotely located system component,
powering down or switching off the internal system, or
in specific time intervals during operation, and
an input/output interface for accessing data and functions of the internal system from an external entity having access rights,
the internal system comprising the internal system bus, the first and the second remotely located system components and the
internal central testing modules,
wherein the input/output interface is implemented within the internal central testing module,
wherein the input/output interface forms the only external accessing possibility to the internal system, and
wherein the internal central testing module is further implemented in order to perform an authentication of the external entity
performing an external access and a testing of the access rights of the external entity performing an external access to the
internal system, wherein the external access to the internal system is only performable via the input/output interface.
|