EP2232366A2 - Verfahren, system und simulations- bzw. analysemodell zur datenverarbeitung - Google Patents

Verfahren, system und simulations- bzw. analysemodell zur datenverarbeitung

Info

Publication number
EP2232366A2
EP2232366A2 EP09796652A EP09796652A EP2232366A2 EP 2232366 A2 EP2232366 A2 EP 2232366A2 EP 09796652 A EP09796652 A EP 09796652A EP 09796652 A EP09796652 A EP 09796652A EP 2232366 A2 EP2232366 A2 EP 2232366A2
Authority
EP
European Patent Office
Prior art keywords
data
simulation
user
analysis model
data object
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP09796652A
Other languages
German (de)
English (en)
French (fr)
Inventor
Ralf MÜNZENBERGER
Matthias DÖRFEL
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inchron GmbH
Original Assignee
Inchron GmbH
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inchron GmbH filed Critical Inchron GmbH
Publication of EP2232366A2 publication Critical patent/EP2232366A2/de
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines

Definitions

  • the present invention relates to a method, a system and a simulation or analysis model for data processing, in particular for pre-processing of data before the provision of the data to a user of the data for further processing of the data at the user of the data.
  • the invention relates to a computer-based method and simulation or analysis model for data processing.
  • the object of the present invention is to encapsulate and conceal the details necessary for the analysis or simulation of the overall system so that, apart from the intended results, no further information about the subsystem of the other party is disclosed. This object can be achieved by the subject matter in the independent claims.
  • the present invention solves the above object and provides a computerized method for preprocessing data prior to providing the data to a user
  • the method comprises the steps of: a) selecting, by the data provider, at least a portion of the data from the total data to be provided to the user for further processing in dependence on at least one predetermined criterion that the user fulfills; (b) to make the selected data non - visible in such a way that, despite the non - disclosure of the selected data, the selected
  • the data preferably represents one or more software components.
  • the data is preferably one or more software components of a complex embedded system.
  • the interfaces of the hidden software component can remain visible to the user.
  • the data user preferably checks the real-time capability of the one or more software components.
  • the data provider and the data user are thus able to provide only a part of the complex embedded system at a time, but to use the complete system through interaction of the individual parts.
  • the non-visualization of the selected data in step b) enables the data user to obtain results by performing the overall data without being able to view the data in its entirety.
  • the user criterion can be a license dongle.
  • the data preferably represent a simulation and / or analysis model.
  • the selected data may preferably represent one or more task models.
  • the selected data is preferably made invisible by encryption.
  • the steps a) and b) can also be carried out at the data user, the original data user preferably now being regarded as the data provider and the original data provider as the data user.
  • This iteration can be repeated several times.
  • the data are preferably in XML, UML, C, C ++, Matlab / Simulink script, Python, Pascal, Fortran or Basic format.
  • a computer system for performing the method of pre-processing data prior to providing the data to a user of the data for further processing the data with the user of the data.
  • the computer system has a selection device for selection by the data provider of at least part of the data from the entire data to be provided to the user for further processing as a function of at least one predetermined criterion that the user fulfills.
  • the computer system has a unit for not visualizing the selected data in such a way that, despite the non-visualization of the selected data, the selected data remain further executable after the user has made it available.
  • a computerized method for simulating and / or analyzing an overall system having at least two parts comprises the steps of: receiving data representing one or more of the parts of the overall system from one or more data providers, the data being preprocessed by at least one data provider in accordance with a method according to the method described above; Joining, by the data user, the received data to form the overall system; and analysis and / or simulation of the overall system by the data user.
  • the data user for forming the overall system in step b) preferably adds own data to the received data, which represent a further part of the overall system.
  • the data may represent one or more software components.
  • the data is preferably one or more software components of a complex embedded system.
  • the interfaces of the hidden software component preferably remain visible to the user.
  • the data preferably represent a simulation and / or analysis model.
  • the selected data preferably represent one or more task models.
  • a digital storage medium having a program for performing the method described above.
  • a simulation and / or analysis model includes a first data object that controls access to the further data objects, a second data object that forms the outer interface of the simulation and / or analysis model, a third data object, which contains the contents of the simulation and / or analysis model as further processable data, and a fourth data object, which contains the simulation and / or analysis model as a prepared executable simulation.
  • the first data object preferably controls the access of the user of the simulation and / or analysis model to the interface information of the second data object, to the further processable data of the third data object and to the prepared executable simulation of the fourth data object taking into account predetermined access authorization information.
  • the predetermined conditional access information in the first data object may be stored on a license dongle.
  • At least one of the access authorization information of the further processable data of the third data object and the executable data of the fourth data object is encrypted.
  • the first data object preferably denies the user's access to the further processable data of the third data object, but allows the user's access to the prepared executable simulation of the fourth data object, thereby rendering the simulation and / or analysis model non-visual and / or further processable for the user but is made executable.
  • At least part of the further-processable data of the third data object describes the dynamic time behavior of the simulation and / or analysis model.
  • the further-processable data of the third data object can have a source code and the prepared executable simulation of the fourth data object can be generated by generating a simulation model, as described, for example, in WO 2007/051634 A2.
  • the source code of the third data object is preferably in XML, UML, C, C ++, Matlab / Simulink script, Python, Pascal, Fortran or Basic format.
  • the executable data of the fourth data object may be in an intermediate representation or precompiled form.
  • the prepared executable simulation of the fourth data object can be integrated in a software environment of the user into an executable overall model.
  • the simulation and / or analysis model preferably forms a hierarchically ordered part of a superordinate simulation and / or analysis model.
  • the simulation and / or analysis model preferably forms a model or submodel of an embedded system.
  • At least part of the contents of the simulation and / or analysis model is assigned to at least one task of a control unit as further processable data of the third data object and of the executable data of the fourth data object.
  • the simulation and / or analysis model can be used for real-time analysis.
  • the method according to the present invention couples the user's own content with the encrypted content that is thereby encrypted unplanned environments and simulations are usable.
  • DRM Digital Rights Management
  • the AUTOSAR standard provides for the exchange of XML files that describe parts, modules and entire systems. However, the sender always reveals all information about his component and can not restrict the transfer or the purpose of use.
  • the export is a special process that generates a special description from a project at a party 1, which can be imported again at a party 2.
  • the parts of the project marked as hidden by party 1 are completely visible in party 1, but in party 2 only as black box.
  • party 2 may be an analysis or simulation of the But does not see any details within the parts of the project marked as hidden by party 1.
  • the import of a project takes place in a tool that creates a simulatable or analyzable project.
  • the sender marked as hidden parts are then visible as a black box and usable, but not visible.
  • a black box that has an interface definition that allows it to connect to the rest of the system. This includes a (hidden) simulation or analysis model that can be used. Inner details of the black box are not visible.
  • the user can select for which recipient an element marked as hidden should be usable. Only these users can use the imported project in a simulation or analysis. The recipient list of items that the user has already received (imported) as hidden can no longer be changed (especially not supplemented).
  • the recipient can be a single installation of a tool or a license dongle.
  • the single installation corresponds to a personalized receiver while the commitment to the license dongle corresponds in particular to a complete enterprise in the case of a network license.
  • the recipient To select a recipient for an export, the recipient must generate a corresponding cryptographic key and send it to the sender. The sender must include this key in his system accordingly.
  • the relationships between senders and recipients form a network of trust relationships, which can be compared to the Network of Trust of PGP / GnuPG.
  • encryption always implies the use of recognized cryptographic techniques. It can use asymmetric algorithms (DSA, RSA), symmetric algorithms (AES) and hash algorithms (SHA).
  • DSA asymmetric algorithms
  • AES symmetric algorithms
  • SHA hash algorithms
  • Step 1 At the contractor
  • the overall system is created by the contractor.
  • a project is defined that contains the required processors and their shading.
  • task models are defined for its part of the software components to be developed. Task models are also created for the software components of the client in accordance with the specification in the invitation to tender. The interaction of the software components and their real-time properties can be tested on the contractor's side by suitable scenarios.
  • the contractor marks the task models of his software components as hidden and exports the project.
  • the generated file contains all parts that are not marked as hidden and those that are marked as hidden in an encrypted form that only the intended recipient can process. This file is then preferably transmitted from the client to the contractor.
  • Step 2 At the client
  • the client imports the transmitted file into his tool.
  • the parts of the system that were not marked as hidden are just as visible and editable to him as if he had entered them himself in the project. Parts that have been marked as hidden and for which they have been designated as authorized recipients are visible as black boxes. These parts are reduced to their interface definitions.
  • the simulation or analysis is possible by a stored model, which is not further visible.
  • the client can now examine the system.
  • Each part, even the parts marked as hidden, can be replaced by own task models of any degree of abstraction. It makes sense to refine the system parts corresponding to its system components with more precise task models. He can then check the correct function of the project by simulation or analysis.
  • the refined parts are then marked as hidden.
  • An export of the project by the client is expediently carried out in a version that corresponds to the refinement of the parts he marked as hidden parts of the previously imported version.
  • the client sends the exported project back to the contractor.
  • Step 3 Back to the contractor The contractor first loads the project that was originally exported and imports the file returned by the client. By subtracting the versions, the tool recognizes which changes have been made by the client and transfers these parts to the project. Task models are replaced by black boxes, which have been marked as hidden. Other refinements that have not been marked as hidden will also be applied.
  • the contractor carries out a simulation or analysis of the modified project and can thus assess the real-time capability of the entire system.
  • step 1 The parts that the contractor marked as hidden in step 1 are now visible again to the original creator. Details are visible and can be reviewed and changed.
  • controlloop Shown is a model that consists of two submodels.
  • the submodel named "controlloop" is not visible after the described invention
  • the XML tag ⁇ connection> corresponds to the second data object, which is the outer interface of the sub-simulation model, the XML tag ⁇ receivers> to the first data object, the the
  • the XML tag ⁇ data> with the ID 3 corresponds to the third data object, which contains the contents of the sub-simulation model as processable data for authorized users, and the tag ⁇ data> with the ID 4 corresponds to the fourth
  • Unpacking the encrypted data stream results in XML structures that are parsed again.
  • the user can not change attributes of the received data. This keeps the encrypted model consistent with the rest of the system. If the user saves such a project, the model will continue to be stored in encrypted form.
  • the actual data to be protected is encrypted with a randomly generated key.
  • the ciphertext forms the data in the ⁇ data> tag described above.
  • the key itself is encoded with the public key of the recipient according to an asymmetric encryption method. This is done individually for each recipient.
  • the list of the key of the data to be protected so enciphered for each receiver forms the content of the above-mentioned ⁇ receiver> tag.
  • the encrypted model and the list of encrypted keys are embedded as a record in the surrounding data format.
  • Access by the user to the decrypted data must not be possible.
  • the tool must take the appropriate measures.
  • FIG. 1 there is an overall system consisting of five components: A (4), B (5), C (10), D (11) and E (30).
  • the communication between the two processors takes place via a CAN bus (7).
  • Component A consists of the CPU-I (1) and several operating system tasks and interrupt service routines (2) and is generated by the data provider as a simulation model.
  • Component B consists of several operating system tasks (3) and is generated by the data provider as a simulation model.
  • Component C consists of the CPU-2 (6) and several operating system tasks and interrupt service routines (8) and is generated by the data provider as a simulation model.
  • Component D consists of several operating system tasks (9) and is generated by the data provider as a simulation model.
  • Component E consists of a CAN bus (7) and is generated by the data provider as a simulation model.
  • Data container A (12) contains the first (16), second (17), third (18) and fourth data object (19) of component A (4).
  • Data container B (13) contains the first (20), second (21), third data object (22) of component B (5).
  • Data container C (14) contains the first (23), second (24), third (25) and fourth data object (26) of component C (10).
  • Data container D (15) contains the first (27), second (28), third data object (29) of the component D (11).
  • Data container E (34) contains the first (31), second (32), third data object (33) of the component E (30).
  • User 1 is Data Provider and User for Component A and Data User for Component B.
  • User 2 is Data Provider of Components B and E and Data User of Components A, B, CD, and E.
  • User 3 is Data Provider. Provider of component C and D.
  • User 1 wants to investigate the behavior of subsystem 1 consisting of components A and B in a simulation.
  • the component B required for this purpose is made available to it by data provider 2 as data container B.
  • the access to the third data object (22) is regulated by the first data object (20). It can be viewed and simulated by data users 1.
  • User 2 wants to perform a simulation of the entire system. In addition to its own components B and E, it requires the component A from the data provider 1 and the components C and D from the data provider 3. The two components A and C are not visible to him and are respectively hidden by the data provider exported and made available.
  • Data provider 1 provides the fourth data object (19) of its component A and data provider 3 the fourth data object (26) of its component C for the simulation.
  • the third data objects of these two components are not visible - the access is controlled by the first data object.
  • the interfaces of the components A and C can be used for data users 2 in the simulation, since these are provided as second data objects.
  • Component D is visible to Data User 2 because it needs to see internal dynamic behavior for its analysis. Data provider 3 therefore allows it to view the third data object (29) - the access is controlled by the first data object (27).
  • the list of authorized data users for the fourth data objects may be empty, so that a fourth data object for the components B, D and E is not needed.
  • User 3 performs a simulation of the subsystem 2 consisting of the two components C and D. For this he needs no further components.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Debugging And Monitoring (AREA)
EP09796652A 2008-11-28 2009-11-27 Verfahren, system und simulations- bzw. analysemodell zur datenverarbeitung Withdrawn EP2232366A2 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102008059550 2008-11-28
PCT/EP2009/065972 WO2010060985A2 (de) 2008-11-28 2009-11-27 Verfahren, system und simulations- bzw. analysemodell zur datenverarbeitung

Publications (1)

Publication Number Publication Date
EP2232366A2 true EP2232366A2 (de) 2010-09-29

Family

ID=41694759

Family Applications (1)

Application Number Title Priority Date Filing Date
EP09796652A Withdrawn EP2232366A2 (de) 2008-11-28 2009-11-27 Verfahren, system und simulations- bzw. analysemodell zur datenverarbeitung

Country Status (8)

Country Link
US (1) US8661419B2 (zh)
EP (1) EP2232366A2 (zh)
JP (1) JP2012510656A (zh)
KR (1) KR101458579B1 (zh)
CN (1) CN102227714A (zh)
CA (1) CA2744891C (zh)
IL (1) IL213142A (zh)
WO (1) WO2010060985A2 (zh)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102339364A (zh) * 2010-07-26 2012-02-01 邹芬 一种使用非可见可变容量存储装置实现软件授权的方法
CN102467640B (zh) * 2010-11-05 2014-10-15 北大方正集团有限公司 功能定制方法和装置
US8931103B2 (en) * 2011-09-08 2015-01-06 International Business Machines Corporation Generating security permissions
CN103514331B (zh) * 2013-09-30 2016-08-31 西北工业大学 一种从Simulink模型转换至UML模型的方法
US10083071B2 (en) * 2014-12-30 2018-09-25 Battelle Memorial Institute Temporal anomaly detection on automotive networks
CN107408060B (zh) 2015-03-17 2020-10-16 华为技术有限公司 一种数据处理的方法及装置
KR101662137B1 (ko) * 2016-02-26 2016-10-05 주식회사 티맥스 소프트 다수의 데이터 객체들에 대한 트랜잭션을 설정하는 방법, 서버 및 컴퓨터 판독 가능한 기록 매체
CN106776326B (zh) * 2016-12-20 2020-07-28 中国农业银行股份有限公司 一种数据分析模型的建模方法及系统
CN106897585B (zh) * 2017-03-15 2019-12-13 北京深思数盾科技股份有限公司 软件许可管理方法、软件保护方法及装置

Family Cites Families (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6161051A (en) * 1998-05-08 2000-12-12 Rockwell Technologies, Llc System, method and article of manufacture for utilizing external models for enterprise wide control
AU2001241503A1 (en) * 2000-02-18 2001-08-27 Cedere Corporation Auto control of network monitoring and simulation
JP2002230359A (ja) * 2001-01-31 2002-08-16 Toyota Central Res & Dev Lab Inc シミュレーションモデル配信方法、シミュレーションモデル収集方法、プログラムおよび記録媒体
US20030004699A1 (en) * 2001-06-04 2003-01-02 Choi Charles Y. Method and apparatus for evaluating an integrated circuit model
US7152028B2 (en) * 2001-12-13 2006-12-19 Texas Instruments Incorporated Software development tool with embedded cache analysis
JP2003216502A (ja) * 2002-01-25 2003-07-31 Mazda Motor Corp シミュレーションシステムのセキュリティ装置、その方法、及びそのプログラム
US7334222B2 (en) * 2002-09-11 2008-02-19 International Business Machines Corporation Methods and apparatus for dependency-based impact simulation and vulnerability analysis
US7509246B1 (en) * 2003-06-09 2009-03-24 Altera Corporation System level simulation models for hardware modules
US7107567B1 (en) * 2004-04-06 2006-09-12 Altera Corporation Electronic design protection circuit
US7409652B1 (en) * 2004-06-04 2008-08-05 Altera Corporation Debuggable opaque IP
US20050289559A1 (en) * 2004-06-08 2005-12-29 Daniel Illowsky Method and system for vertical layering between levels in a processing unit facilitating direct event-structures and event-queues level-to-level communication without translation
US7487080B1 (en) * 2004-07-08 2009-02-03 The Mathworks, Inc. Partitioning a model in modeling environments
US7743361B2 (en) * 2004-09-20 2010-06-22 The Mathworks, Inc. Providing block state information for a model based development process
US8271964B2 (en) * 2005-05-16 2012-09-18 Microsoft Corporation Extensible software development services
US8234630B2 (en) * 2006-05-03 2012-07-31 The Mathworks, Inc. Calling an entity of a graphical model with a non-graphical entity and calling a non-graphical entity of a graphical model with a graphical entity
US8087007B2 (en) * 2006-05-08 2011-12-27 Assima Ltd. System and method for software prototype-development and validation and for automatic software simulation re-grabbing
DE102006031790A1 (de) * 2006-07-10 2008-01-17 Giesecke & Devrient Gmbh Abgesicherter Programmcode
US8079022B2 (en) * 2007-06-04 2011-12-13 Carbon Design Systems, Inc. Simulation of software
EP2223245B1 (en) * 2007-11-30 2011-07-20 Coventor, Inc. System and method for three-dimensional schematic capture and result visualization of multi-physics system models
JP5172585B2 (ja) * 2008-10-07 2013-03-27 インターナショナル・ビジネス・マシーンズ・コーポレーション オブジェクト・モデルに対するアクセスを制御するシステム、方法、およびプログラム

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
None *

Also Published As

Publication number Publication date
US8661419B2 (en) 2014-02-25
CN102227714A (zh) 2011-10-26
CA2744891C (en) 2015-10-27
KR101458579B1 (ko) 2014-11-07
IL213142A0 (en) 2011-07-31
WO2010060985A3 (de) 2010-07-29
US20110258709A1 (en) 2011-10-20
IL213142A (en) 2016-02-29
CA2744891A1 (en) 2010-06-03
WO2010060985A2 (de) 2010-06-03
JP2012510656A (ja) 2012-05-10
KR20110099120A (ko) 2011-09-06

Similar Documents

Publication Publication Date Title
WO2010060985A2 (de) Verfahren, system und simulations- bzw. analysemodell zur datenverarbeitung
DE69905705T2 (de) Intelligentes sicherheitsverwaltungsverfahren und -system
EP3012761B1 (de) Schutz von softwaremodellen
DE602004009354T2 (de) Registrierung bzw. Unter-registrierung eines Servers für die Verwaltung digitaler Rechte in einer Architektur zur Verwaltung digitaler Rechte
DE60207812T2 (de) Verfahren und vorrichtung zum dynamischen zuweisen von benutzungsrechten zu digitalen werken
DE602004011282T2 (de) Versenden einer Herausgeber-Benutzungslizenz off-line in einem digitalen Rechtesystem
DE60307736T2 (de) Serverarchitektur für sichere Plug-ins in digitalen Rechteverwaltungsssystemen
DE69736310T2 (de) Erzeugung und Verteilung digitaler Dokumente
DE69730321T2 (de) Verfahren und vorrichtung zum schützen von daten mit mehreren auf datenelementebene anwendbaren verschlüsselungsstufen
DE112011103164T5 (de) Datenverteilungsvorrichtung, Datenverteilungssystem, Client-Vorrichtung, Datenverteilungsverfahren, Datenempfangsverfahren, Programm und Datenträger,
EP2502176B1 (de) Verfahren und vorrichtung zum zugreifen auf steuerungsdaten gemäss einer bereitgestellten rechteinformation
DE102009017221A1 (de) Information-Rights-Management
DE112012004247T5 (de) Passives Überwachen virtueller Systeme unter Verwendung einer erweiterbaren Indexierung
DE10304412A1 (de) Elektronisch signierte Dokumente mit Prüfsoftware
DE60221861T2 (de) Server mit dateiverifikation
EP3407237B1 (de) Klassenbasiertes verschlüsselungsverfahren
EP1010052B1 (de) Verfahren zur steuerung der verteilung und nutzung von software-objekten bei vernetzten rechnern
WO2021069621A1 (de) Verfahren zum sicheren ausführen eines workflows in einem computersystem
DE102007008948B4 (de) Verfahren und System zur Verfügungstellung digitaler Inhalte
DE202012101671U1 (de) Sichere elektronische Unterzeichnung von Information
DE102016207145A1 (de) Steuersystem für eine Verarbeitung von Bilddaten
EP2187282B1 (de) Verfahren zum Betreiben einer Anlage unter Verwendung von gegen unberechtigte Verwendung gesicherten Daten
EP2184705A1 (de) Verfahren, System und Gerät zum Verarbeiten von Rechten
DE102005049510B4 (de) Verfahren zum Verwalten eines Sicherheitssystems
WO2010026151A1 (de) Verfahren zur einräumung einer zugriffsberechtigung auf ein rechnerbasiertes objekt in einem automatisierungssystem, computerprogramm und automatisierungssystem

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20100819

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO SE SI SK SM TR

AX Request for extension of the european patent

Extension state: AL BA RS

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: INCHRON GMBH

DAX Request for extension of the european patent (deleted)
17Q First examination report despatched

Effective date: 20140203

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20170802