US Patent 9854442 Electronic control unit network security

A system and method of controlling access to a vehicle network that includes a plurality of electronic control units (ECUs) communicating over the network. The method carried out by the system operates a network of ECUs that include at least first and second ECUs in communication with each other over the network. The first ECU may be an external access point which can establish communication with an external device. The first ECU provides the external device with limited privilege access to the network. The method further includes detecting unauthorized escalated privilege access of the first ECU, and in response to the detection, at least partially restricting use of the first ECU as the external access point, thereby preventing external devices from using the first ECU for the limited privilege access to the network.