Patent Application
20240367610
This disclosure is related to the field of the authentication of electric motors, and may find use in vehicular applications, but may also be used in other applications.
Vehicles and other products increasingly rely upon electric motors as a source of torque during operation. For example, electric motors may provide rotational torque to the wheels of a vehicle, and/or may provide rotational torque to other components of a vehicle, such as a door locking mechanism, door opening mechanism, steering assist mechanism, window opening mechanism, sun roof opening mechanism, etc. Typically, such an electric motor is paired with an external controller that provides control signals to the electric motor, such as, for example, a request for torque communicated from a gas pedal of a vehicle to an electric motor.
When such an electric motor or its external controller fails, it is desirable for the manufacturer of the vehicle to have a way to ensure that the failed component is replaced with a suitable replacement component (instead of an unsuitable or counterfeit component) so as to ensure proper and safe operation of the vehicle. It is also desirable to prevent the theft of vehicles employing electric motors as sources of torque—for example, to prevent a thief from attaching a controller under their control to an electric motor that provides rotational torque to the wheels of the vehicle and thereby acquiring control of those motors and the ability to drive the vehicle, or, as another example, to prevent a thief from attaching a controller under their control to an electric motor providing rotational torque to a motor of a door locking mechanism of the vehicle and thereby acquiring control of that motor and the ability to unlock the door.
A secure authentication system between electric motors and their external controllers is therefore needed so as to help ensure that the appropriate electric motor is being used with the appropriate external controller.
An electric motor drive system includes an external controller and an electric motor unit including a motor and motor electronics. The external controller is configured to perform an authentication process by: establishing secure encrypted communication with the motor electronics; sending an authentication request to the motor electronics over the secure encrypted communication; receiving an authentication response from the motor electronics; and verifying the motor as an authorized part based on the authentication response. The motor electronics are configured to perform the authentication process by: establishing the secure encrypted communication with the external controller; receiving the authentication request from the external controller; generating the authentication response; and sending the authentication response to the external controller. The external controller is further configured to enable control of the motor only after successful authentication.
The motor electronics may include at least one switch electrically connected between at least one power phase line and a respective phase winding of the motor. The external controller may be configured to send a switch enable command to the motor electronics after successful authentication. The motor electronics may be configured to close the at least one switch in response to the switch enable command.
The external controller may be configured to: poll the motor electronics for a status of the at least one switch; receive a response indicating the at least one switch has been closed; and begin operation of the motor in response to the received response.
The external controller may include a microcontroller. The motor electronics may include a microcontroller. The microcontroller of the external controller and the microcontroller of the motor electronics may be configured to perform the authentication process therebetween. The microcontroller of the external controller may be configured to instruct the microcontroller of the motor electronics to cause the at least one switch to electrically couple the at least one power phase line to the motor in response to success of the authentication process.
The authentication process may include: the motor electronics transmitting communications to the external controller by modulating a voltage on at least one power phase line; and the external controller transmitting communications to the motor electronics by modulating the voltage on the at least one power phase line.
The authentication process may include: the external controller sending an expected authentication request to the motor electronics; and the external controller receiving an expected authentication response from the motor electronics.
The secure encrypted communication may be established over dedicated communication wires between the external controller and the motor electronics.
The authentication process may be performed by the external controller and motor electronics at each motor start.
The motor electronics may include an authentication circuit that is a discrete specific purpose hardware element for performing the authentication process.
The authentication circuit may be a STSAFE-A110 device.
The authentication process may be performed by a microcontroller of the motor electronics using a crypto library.
The crypto library may be an X-CUBE-CRYPTOLIB library.
A method of performing an authentication process to authenticate an electric motor unit includes: establishing, by an external controller, secure encrypted communication with motor electronics of the electric motor unit; sending, by the external controller, an authentication request to the motor electronics over the secure encrypted communication; receiving, by the external controller, an authentication response from the motor electronics; verifying, by the external controller, a motor of the electronic motor unit as an authorized part based on the authentication response; and enabling control of the motor by the external controller only after successful authentication.
The authentication process may include: transmitting communications by the motor electronics to the external controller by modulating a voltage on at least one power phase line; and transmitting communications by the external controller to the motor electronics by modulating the voltage on the at least one power phase line.
The method may further include: sending, by the external controller, a switch enable command to the motor electronics after successful authentication; and closing, by the motor electronics, at least one switch electrically connected between at least one power phase line and a respective phase winding of the motor in response to the switch enable command. The sending of the switch enable command may be performed by a microcontroller of the external controller instructing a microcontroller of the motor electronics to cause the at least one switch to electrically couple the at least one power phase line to the motor in response to success of the authentication process.
The authentication request sent by the external controller may be an expected authentication request, and the authentication response received from the motor electronics may be an expected authentication response.
The secure encrypted communication may be established over dedicated communication wires between the external controller and the motor electronics.
The method may further include performing the authentication process at each start of the motor.
The authentication process may be performed using an authentication circuit of the motor electronics that is a discrete special purpose hardware element.
The authentication process may be performed by a microcontroller of the motor electronics using a crypto library that is an X-CUBE-CRYPTOLIB library.
The following disclosure enables a person skilled in the art to make and use the subject matter disclosed herein. The general principles described herein may be applied to embodiments and applications other than those detailed above without departing from the spirit and scope of this disclosure. This disclosure is not intended to be limited to the embodiments shown, but is to be accorded the widest scope consistent with the principles and features disclosed or suggested herein.
Now described with reference to
The external controller 20 includes a power supply circuit 21, which generates a power signal PWR from power provided by a battery voltage (not shown), the power signal PWR being intended for use by the electric motor unit 30 to generate rotational torque. The power supply circuit 21 also generates a digital power signal Vdd for powering a microcontroller 22 and data interface 23 within the external controller 20.
The electric motor unit 30 includes a motor shell carrying an electric motor 37 and motor electronics 31 for powering and controlling the electric motor 37 based upon the power signal PWR, and based upon encrypted communications received from the data interface 23 of the external controller 20. The electric motor 37 may be a 3-phase brushless DC motor.
The motor electronics 31 includes a power management circuit 32, which includes a DC/DC converter that converts the power signal PWR to a bus voltage which is, in turn, converted by an inverter of a power stage 36 to produce a 3-phase drive signal for driving the electric motor 37. The motor electronics 31 also include a data interface 33 for interfacing with the data interface 23 of the external controller 20. A control unit 34 within the motor electronics 31 includes a microcontroller for communicating with the external controller 20 via the data interface 33, and for generating one or more control signals Ctrl for the power stage 36 based upon those communications. The electric motor 37 generates a feedback signal Fbk for use by the control unit 34, such as for use by the control unit 34 to determine motor speed.
The communications sent by the external controller 20 to the electric motor unit 30 are encrypted by the external controller 20 and decrypted by the control unit 34 of the motor electronics 31, and the communications sent by the electric motor unit 30 to the external controller 20 are encrypted by the control unit 34 of the motor electronics 31 and decrypted by the microcontroller 22 of the external controller 20.
To provide security, upon activation of the vehicle into which the electric motor drive system 10 is incorporated (e.g., a driver holding a key-fob paired to the vehicle enters the vehicle and instructs the vehicle to activate), the microcontroller 22 of the external controller 20 initiates and establishes secure encrypted communication with the control unit 34 inside the motor shell 30 its data interface 33, over dedicated communication wires. Once secure encrypted communication between the microcontroller 22 and the control unit 34 is established, the microcontroller 22 attempts to authenticate the motor 37 by sending an authentication request to the control unit 34. If the authentication request sent by the microcontroller 22 to the control unit 34 is an expected authentication request, and if the control unit 34 returns the expected authentication response, then the motor 37 is considered to be authenticated and is therefore verified to be an authorized part. At this point, the external controller 20 can begin control of the motor 37, such as for causing the vehicle to become driveable.
Security is provided by the electric motor drive system 10 in two ways. First, authentication is not performed until the secure encrypted communication is established between the controller 20 and the control unit 34-since an unauthorized part may be unable to establish the secure encrypted communication (e.g., due to a lack of being able to use the expected encryption protocol, etc), this first step removes the possibility of certain unauthorized motor units 30 and certain unauthorized controllers 20 from being able to communicate with one other, meaning that the motor 37 cannot be operated. The authentication adds a second level of security, since authentication is not achieved unless the authentication request sent by the microcontroller 22 of the external controller 20 to the control unit 34 of the motor unit 30 is an expected authentication request, and unless the control unit 34 returns the expected authentication response to the microcontroller 22.
Now described with reference to
Here, the electric motor unit 30′ includes a motor shell carrying the electric motor 37 (which here is a three-phase electric motor) and motor electronics 31′ for powering and controlling the electric motor 37 with the three power phase signal Phase U, Phase V, and Phase W, and based upon encrypted communications received from the data interface 23 of the external controller 20′. Note that the motor electronics 31′ include switches 46 electrically connected between the power phase signals Phase U, Phase V, and Phase W and respective phase windings of the electric motor 37, the switches 46 being controlled by control signals from the gate driver 48 (explained below). Namely, a switch S1 selectively electrically connects the power phase signal Phase U to a respective phase winding of the electric motor 37, a switch S2 selectively electrically connects the power phase signal Phase V to a respective phase winding of the electric motor 37, and a switch S3 selectively electrically connects the power phase signal Phase W to a respective phase winding of the electric motor 37.
Also here, the control unit 34′ includes a microcontroller 47 that receives encrypted communications via the data interface 33, and transmits encrypted communications via the data interface 33. The microcontroller 37 generates control signals for a gate driver 48 within the control unit 34′. The gate driver 48 generates a control signal Ctrl1 for the switch S1 (that causes the switch S1 to act as an open circuit or a short), a control signal Ctrl2 for the switch S2 (that causes the switch S2 to act as an open circuit or a short), and a control signal Ctrl3 for the switch S3 (that causes the switch S3 to act as an open circuit or a short).
As will be explained below, the microcontroller 47 of the control unit 34′ only causes the gate driver 48 to generate the control signals Crl1, Ctrl2, Ctrl3 that cause the switches S1, S2, and S3 to act as shorts to connect the power phase signals Phase U, Phase V, and Phase W to the phase windings of the motor 37 in response to encrypted communications received via the data interface 33 if the electric motor unit 30′ and the external controller 20′ have successfully performed an authentication process as described above.
To provide security, upon activation of the vehicle into which the electric motor drive system 10′ is incorporated (e.g., a driver holding a key-fob paired to the vehicle enters the vehicle and instructs the vehicle to activate), the microcontroller 22 of the external controller 20′ initiates and establishes secure encrypted communication with the microcontroller 47 of the control unit 34′, inside the motor shell 30′, via its data interface 33, over dedicated communication wires. Once secure encrypted communication between the microcontroller 22 and the microcontroller 47 of the control unit 34′ is established, the microcontroller 22 attempts to authenticate the motor 37 by sending an authentication request to the microcontroller 47. If the authentication request sent by the microcontroller 22 to the microcontroller 47 is an expected authentication request, and if the microcontroller 47 returns the expected authentication response, then the motor 37 is considered to be authenticated and is therefore verified to be an authorized part.
With authentication successfully performed, the microcontroller 22 of the external controller 20′ sends a switch enable command to the microcontroller 47 of the control unit 34′ using the secure encrypted communication channel established over the dedicated communication wires. The microcontroller 47 in turn causes the gate driver 48 to generate the control signals Ctrl1, Ctrl2, and Ctrl3 such as to cause the switches S1, S2, and S3 to close (e.g., act as shorts).
Thereafter the microcontroller 22 begins polling the microcontroller 47 over the encrypted communication channel with a request for the status of the switches S1, S2, and S3. Once the microcontroller 22 receives a response from the microcontroller 47 over the encrypted communication channel indicating that the switches S1, S3, and S3 have been closed such that the power phase signals Phase U, Phase V, and Phase W may be provided to the motor 37, the microcontroller 22 begins to the operate the inverter 50 and the motor 37 so as to enable the user to drive the vehicle. Should the microcontroller 22 not receive a response from the microcontroller 47 over the encrypted communication channel in response to its polling after a given period of time (e.g., the microcontroller 47 times out), the microcontroller 22 disables the inverter 50, and may report this to another component within the vehicle.
When the vehicle is deactivated (e.g., the driver holding the key-fob paired to the vehicle exits the vehicle and instructs the vehicle to deactivate), the microcontroller 22 deactivates the inverter 50 to stop the motor 37. Once the motor 37 has stopped, the microcontroller 22 then sends a command over the encrypted communication channel to disable the switches S1, S2, and S3, and the encrypted communication channel is closed. Upon reactivation of the vehicle, the encrypted communication channel is re-established and the authentication process is re-performed, as described above. Therefore, at each motor start, the encrypted communication channel must be established and the authentication process must be successfully performed.
The motor electronics 31′ are depicted as containing an authentication circuit 35 that is coupled to the microcontroller 47 of the control unit 34′. This authentication circuit 35 is a discrete specific purpose hardware element, which may perform the encryption/decryption and authentication at the electric motor drive system 10′ described above. As an example, the authentication circuit 50 may be a STSAFE-A110 device, produced and sold by STMicroelectronics.
This authentication circuit 35 is optional, and instead the encryption/decryption and authentication at the electric motor drive system 10′ described above may be performed by the microcontroller 47 using a crypto library, such as the X-CUBE-CRYPTOLIB library, produce and sold by STMicroelectronics.
Security is provided through this electric motor drive system 10′ in two ways. First, authentication is not performed until the secure encrypted communication is established between the controller 20′ and the control unit 34′-since an unauthorized part may be unable to establish the secure encrypted communication (e.g., due to a lack of being able to use the expected encryption protocol, etc.), this first step removes the possibility of certain unauthorized motor units 30′ and certain unauthorized controllers 20′ from being able to communicate with one other, meaning that the motor 37 cannot be operated. The authentication adds a second level of security, since authentication is not achieved unless the authentication request sent by the microcontroller 22 of the external controller 20′ to the control unit 34′ of the motor unit 30′ is an expected authentication request, and unless the control unit 34′ returns the expected authentication response to the microcontroller 22.
Now described with reference to
The gate driver 48′ of the control unit 34″ utilizes photovoltaic actuation to generate the control signals Ctrl1, Ctrl2, and Ctrl3. In particular, the gate driver 48′ includes: a first led LED1 and photovoltaic cell PV1 pair, with LED1 having its cathode coupled to a control signal PA1 from the microcontroller 47 through a resistor R1, and having its anode coupled to the digital power signal Vdd, and with the photovoltaic cell PV1 generating the voltage control signal Ctrl1 with respect to the source Source1 for the switch S1 when LED1 is activated such that the switch S1 is turned on when LED1 is activated; a second led LED2 and photovoltaic cell PV2 pair, with LED2 having its cathode coupled to a control signal PA2 from the microcontroller 47 through a resistor R2, and having its anode coupled to the digital power signal Vdd, and with the photovoltaic cell PV2 generating the voltage control signal Ctr2 with respect to the source Source2 for the switch S2 when LED2 is activated such that the switch S2 is turned on when LED2 is activated; and a third led LED3 and photovoltaic cell PV3 pair, with LED3 having its cathode coupled to a control signal PA3 from the microcontroller 47 through a resistor R3, and having its anode coupled to the digital power signal Vdd, and with the photovoltaic cell PV3 generating the control voltage signal Ctrl3 with respect to the source Source3 for switch S3 when LED3 is activated such that the switch S3 is turned on when LED3 is activated.
A further difference here over the electric motor drive system 10′ of
The microcontroller 22 of the external controller 20′ is responsible for generating the control signals Uh, Ul, Vh, VI, Wh, and W1 to control the transistors T1-T6 of the inverter 50′ in a desired way to cause the generation of the three power phase signals, Phase U, Phase V, and Phase W.
The electric motor drive system 10″ operates as does the electric motor drive system 10′ for establishing the encrypted communication channel and performing the authentication, with the exception being that the microcontroller 47 causes assertion of the control signals Ctrl1, Ctrl2, and Ctrl3 for the switches S1, S2, and S3 by asserting the control signals PA1, PA2, and PA3, which in turn cause LED1, LED2, and LED3 to turn on, in turn causing Ctrl1 to be asserted by PV1, Ctrl2 to be asserted by PV2, and Ctrl3 to be asserted by PV3. Notice that floating control voltages Ctrl1, Ctrl2, and Ctrl3 with respect to the source voltages Source1, Source2, and Source3 for the switches S1, S2, and S3 ensure turn-on of these switches when Ctrl1, Ctrl2, and Ctrl3 are asserted.
Now described with reference to
The rectifier 60 is comprises: a first diode DO1 having its anode connected to the power phase signal U at node N1 and its cathode connected to node N4; a second diode DO2 having its anode connected to ground and its cathode connected to node N1; a third diode DO3 having its anode connected to the power phase signal V at node N2 and its cathode connected to node N4; a fourth diode DO4 having its anode connected to ground and its cathode connected to node N2; a fifth diode DO5 having its anode connected to the power phase signal W at node N3 and its cathode connected to node N4; and a sixth diode D06 having its anode connected to ground and its cathode connected to node N3.
The power supply 61 includes: a zener diode DO7 having its anode connected to ground and its cathode connected to produce the regulated digital power signal Vdd; a capacitor C2 connected between the digital power signal Vdd and ground; a resistor R02 having a first terminal connected to the cathode of the diode D07 and a second terminal connected to a first terminal of a capacitor C1; the capacitor C1, which has its first terminal connected to the second terminal of the resistor R02 and its second terminal connected to ground; and a resistor R01 connected between the first terminal of the capacitor C1 and node N4.
The switches 46′ are n-channel transistors. In particular: switch S1 is an n-channel transistor having a drain connected to receive the power phase signal U, a source connected to a first phase winding of the electric motor 37, and a gate connected to receive the control signal U_EN from the MCU/gate driver 34′″; switch S2 is an n-channel transistor having a drain connected to receive the power phase signal V, a source connected to a second phase winding of the electric motor 37, and a gate connected to receive the control signal V_EN from the MCU/gate driver 34′″; and switch S3 is an n-channel transistor having a drain connected to receive the power phase signal W, a source connected to a third phase winding of the electric motor 37, and a gate connected to receive the control signal W_EN from the MCU/gate driver 34′″.
The communications circuit 62 includes: a resistor R06 connected between node N1 and node N2, a first phototransistor PT1 connected between nodes N2 and N3, and a first led LED01 having an anode connected to the digital power supply signal Vdd through a resistor R07 and a cathode connected to the MCU/gate driver 34′″ which is activated through a transmit signal MCU_Tx therefrom; and a second phototransistor PT2 having a first conduction terminal connected to the digital power supply signal Vdd through a resistor R05 and a second conduction terminal connected to ground, and a second led LED02 having an anode connected to node N1 through resistor R03 and a cathode connected to node N2 through resistor R04. Notice that the first conduction terminal of the phototransistor PT2 is also connected to the MCU/gate driver 34′″ to provide a receive signal MCU_Rx thereto.
Initially (for example, when the vehicle into which the electric motor unit 30′″ is activated), the inverter (which is within the external controller, for example inverter 50′ of
Then, half-duplex communication is established by the external controller first maintaining transistor T1 and T6 of the inverter on, and modulating transistor T4 of the inverter to send data, while maintaining the other transistors of the inverter as being off. This sends data because, when transistor T4 is turned on (while transistor T1 is on), a path for current flow is established from node N1, through resistor R03, into the anode of the led LED02, out the cathode of LED02, and through resistor R04 to ground through transistor T4. Thus, when transistor T4 is turned on, the led LED02 turns on, causing phototransistor PT2 to turn on and pull the receive signal MCU_Rx to ground. Consequently, by maintaining the transistor T1 and T6 on while modulating the transistor T4, the external controller can transmit one bit at a time to the MCU/gate driver 34′″.
For communication from the electric motor unit 30′″ back to the external controller, the external controller can maintain transistors T1 and T6 of the inverter on, and maintain the other transistors of the inverter as being off. Then, the MCU/gate driver 34′″ can modulate the transmit signal MCU_Tx. When led LED01 is turned on (while transistors T1 and T6 are on), a path for current flow is established from node N1, through resistor R06, through phototransistor PT1, to ground through transistor T6. Therefore, when the transmit signal MCU_Tx is asserted, causing LED01 to turn on and in turn causing phototransistor PT1 to turn on, and pulling down the voltage at node N2 (and thus the voltage at node V of the inverter) is pulled down to zero volts. Consequently, then transistors T1 and T6 of the inverter of the external controller are maintained as being on while the other transistors of the inverter are maintained as being off, the MCU/gate driver 34′″ can transmit one bit at a time to the external controller by modulating the transmit signal MCU_Tx.
With the way that the external controller and electric motor unit 30′″ can communicate having been explained, operation of the electric motor unit 30′″ to provide for security is now described. The initial communications from the external controller to the MCU/gate driver 34″ are to establish a secure encrypted communication channel between the external controller and the MCU/gate driver 34″.
Once secure encrypted communication between the external controller and the MCU/gate driver 34′″ is established, the external controller attempts to authenticate the motor 37 by sending an authentication request to the MCU/gate driver 34′″. If the authentication request sent by the external controller to the MCU/gate driver 34′″ is an expected authentication request, and if the MCU/gate driver 34′″ returns the expected authentication response, then the motor 37 is considered to be authenticated and is therefore verified to be an authorized part.
With authentication successfully performed, the external controller sends a switch enable command to the MCU/gate driver 34′″ using the secure encrypted communication channel established over the wires carrying the power phase signals, Phase U, Phase V, and Phase W. Thereafter the external controller begins polling the MCU/gate driver 34′″ over the encrypted communication channel with a request for the switch enable acknowledgement. After acknowledging the successful reception of switch enable command, the MCU/gate driver 34″″ in turns generate the control signals U_En, V_En, and W_En such as to cause the transistors S1, S2, and S3 to close (e.g., act as shorts).
Once the external controller receives a response from the MCU/gate driver 34′″ over the encrypted communication channel indicating that the switches S1, S3, and S3 are being closed such that the power phase signals Phase U, Phase V, and Phase W may be provided to the motor 37′, the external controller activates the inverter output to the motor 37 so as to enable the user to drive the vehicle. Should the external controller not receive a response from the MCU/gate driver 34′″ over the encrypted communication channel in response to its polling after a given period of time (e.g., the MCU/gate driver 34′″ times out), the external controller disables its inverter, and may report this to another component within the vehicle.
When the vehicle is deactivated (e.g., the driver holding the key-fob paired to the vehicle exits the vehicle and instructs the vehicle to deactivate), the external controller deactivates its inverter. This means that the power supply 61 within the electric motor unit 30′″ is no longer able to generate the digital supply voltage Vdd, with the result being that the MCU/gate driver 34′″ turns off, the control signals U_En, V_En, and W_En decay, and the switches S1, S2, and S3 open. Upon reactivation of the vehicle, digital supply voltage Vdd is first generated as described above, the encrypted communication channel can then be re-established, and the authentication process can be re-performed, as described above. Therefore, at each motor start, the encrypted communication channel must be established and the authentication process must be successfully performed.
Security is provided through this electric motor drive system 10′″ in two ways. First, authentication is not performed until the secure encrypted communication is established between the external controller and the MCU/gate driver 34′″-since an unauthorized part may be unable to establish the secure encrypted communication (e.g., due to a lack of being able to use the expected encryption protocol, etc), this first step removes the possibility of certain unauthorized motor units 30″ and certain unauthorized external controllers from being able to communicate with one other, meaning that the motor 37 cannot be operated. The authentication adds a second level of security, since authentication is not achieved unless the authentication request sent by the external controller to the MCU/gate driver 34″ is an expected authentication request, and unless the MCU/gate driver 34′″ returns the expected authentication response to the external controller.
The electric motor driver systems 10′, 10″, and 10′″ described above provide for both theft protection, as well as protection against the use of counterfeit or unapproved parts. Theft protection is provided because only an approved external controller is capable of establishing the secure communication with the electric motor unit 30′, 30″, and 30′″ and successfully performing the authentication, as well as activating the switches S1, S2, and S3. Thus, an unauthenticated external controller is unable to cause operation of the motor (and likely does not include a suitable inverter to provide power to the motor). This means a counterfeit external controller will be unable to cause operation of the motor, so in addition to providing theft protection, an OEM external controller cannot be replaced with a counterfeit external controller for repairs. This also meant that a counterfeit motor will not be operated by an OEM external controller, since the authorization process will fail.
While the disclosure has been described with respect to a limited number of embodiments, those skilled in the art, having benefit of this disclosure, will appreciate that other embodiments can be envisioned that do not depart from the scope of the disclosure as disclosed herein. Accordingly, the scope of the disclosure shall be limited only by the attached claims.
This application is a continuation of U.S. application patent Ser. No. 17/383,547, filed Jul. 23, 2021, the content of which is incorporated by reference in its entirety.
| Number | Date | Country | |
|---|---|---|---|
| Parent | 17383547 | Jul 2021 | US |
| Child | 18774290 | US |
