Method for securing an automated system

Assignees

• THALES DIS FRANCE SAS · FR
• THALES DIS CPL CANADA INC. · CA

Inventors

• HongQian Karen Lu · Austin, US
• Michael Gardiner · Kuala Lumpur, MY

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L9/088
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A method for securing a system including a configuration subsystem and a production subsystem. The configuration subsystem is separate from the production subsystem that comprises a plurality of components, a gatekeeper and an entity secured with a first secret value. A generator hosted in the configuration subsystem selects a secret sharing scheme and generates, from an input parameter different from the first secret value, a set of secret shares using the secret sharing scheme. The generator uniquely assigns and securely sends a secret share extracted from the set to each of the components. The gatekeeper gets a subset of the secret shares from the components and constructs a second secret value from the subset using the secret sharing scheme. The gatekeeper computes the first secret value by applying a preset function to the second secret value, and then the gatekeeper unlocks access to the entity using the first secret value.