GB2572925A - Device managment system, device managment method. Information processing device, device, and program - Google Patents

Device managment system, device managment method. Information processing device, device, and program Download PDF

Info

Publication number
GB2572925A
GB2572925A GB1910795.2A GB201910795A GB2572925A GB 2572925 A GB2572925 A GB 2572925A GB 201910795 A GB201910795 A GB 201910795A GB 2572925 A GB2572925 A GB 2572925A
Authority
GB
United Kingdom
Prior art keywords
information
distributed ledger
updating
management
activation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
GB1910795.2A
Other versions
GB201910795D0 (en
Inventor
Takenoshita Koyo
Kojo Atsushi
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Uhuru Corp
Original Assignee
Uhuru Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to JP2019054461A priority Critical patent/JP6656446B1/en
Application filed by Uhuru Corp filed Critical Uhuru Corp
Publication of GB201910795D0 publication Critical patent/GB201910795D0/en
Publication of GB2572925A publication Critical patent/GB2572925A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/14Details of searching files based on file metadata
    • G06F16/148File search processing
    • G06F16/152File search processing using file content signatures, e.g. hash values
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce, e.g. shopping or e-commerce
    • G06Q30/01Customer relationship, e.g. warranty
    • G06Q30/018Business or product certification or verification
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation, e.g. computer aided management of electronic mail or groupware; Time management, e.g. calendars, reminders, meetings or time accounting
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/20Product repair or maintenance administration
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/901Indexing; Data structures therefor; Storage structures
    • G06F16/9024Graphs; Linked lists

Abstract

A distributed ledger registers manufacturing process information, activation information or information about updates to a device, such as an Internet of things (IoT) device. The distributed ledger may be a blockchain such as Ethereum (RTM) or a directed acyclic graph (DAG) such as a tangle. Manufacturing information may include a device ID, component ID, manufacturing line ID and manufacturing time information indicating when a component was inserted into the device. Activation or updating information may include a device ID, verification time information indicating when the device was activated or updated, a hash value of a file used to activate or update the device, and the device’s digital signature. The manufacturing, activation or update information may be registered in the distributed ledger during the manufacturing, activation or update process, respectively. Update information may also be registered in the distributed ledger at predetermined times. Storing device information in a distributed ledger prevents falsification of the information and allows anyone to check its trustworthiness. For example, the device may be a camera 1606-1608 in a human tracking system 1600. A distributed ledger 1602 records information about the camera’s manufacture, activation or updates to provide an evidentiary record of the camera’s reliability.

Description

DEVICE MANAGEMENT SYSTEM, DEVICE MANAGEMENT METHOD, INFORMATION PROCESSING DEVICE, DEVICE, AND PROGRAM BACKGROUND OF THE INVENTION

Field of the Invention [0001] The present invention relates to a device management system, a device management method, an information processing device, a device, and a program.

Description of Related Art [0002] In recent years, technologies for connecting Internet of things (loT) devices such as sensors, cameras, and household electrical appliances to networks and controlling the loT devices or utilizing data from the loT devices have been widely used as loT has spread. When loT devices are utilized, the loT devices are required to be reliable. Information for guaranteeing reliability of loT devices, for example, includes manufacturing information, such as components which are used and places in which the loT devices are manufactured. The information for guaranteeing reliability is similarly required for all other devices without being limited to loT devices.

[0003] In the invention disclosed in Japanese Unexamined Patent Publication No. 2014-146722, in a management device for a semiconductor device, information regarding a manufacturing condition or the like for a process of manufacturing a semiconductor device is recorded in a database in association with a fingerprint pattern formed on the semiconductor device. In this configuration, as it is more difficult to artificially rewrite a fingerprint pattern formed in the semiconductor device, the reliability of information of the semiconductor device increases.

[0004] In the technology disclosed in Japanese Unexamined Patent Publication No. 2014-146722, information regarding a semiconductor device is checked (traced) by a database. At that time, however, an electron microscope for observing a fingerprint pattern formed on the semiconductor device is necessary. Therefore, when the electron microscope is not prepared, a fingerprint pattern can be checked only in a special environment without knowing whether the fingerprint pattern is falsified. In the technology disclosed in Japanese Unexamined Patent Publication No . 2014-146722, a case in which information regarding the database is rewritten is not considered.

SUMMARY OF THE INVENTION [0005] The invention provides a device management system, a device management method, an information processing device, a device, and a program capable of improving device reliability. [0006] According to an aspect of the invention, a device management system includes: a distributed ledger; registration means for registering at least one piece of information in the distributed ledger among manufacturing information which is information regarding a process of manufacturing a device, activation information which is information regarding a process of activating the device, and updating information which is information regarding a process of updating the device; and information reading means for reading the information registered in the distributed ledger.

[0007] Further features of the present invention will become apparent from the following description of exemplary embodiments with reference to the attached drawings.

BRIEF DESCRIPTION OF THE DRAWINGS [0008] Fig. 1 is a block diagram illustrating a configuration of a device management system according to a first embodiment of the invention.

[0009] Fig. 2 is a block diagram illustrating IcT devices managed by the device management system 1 illustrated in Fig.

.

[0010] Fig. 3 is a block diagram illustrating a configuration of a terminal device which is an example of an information processing device 2 illustrated in Fig. 1.

[0011] Fig. 4 is a block diagram illustrating a configuration of a device which is an example of an loT device 5 illustrated in Fig. 2.

[0012] Fig. 5 is a diagram illustrating a configuration in which an example of a distributed ledger technology is applied in the device management system 1 illustrated in Fig.

1.

[0013] Fig. 6 is a diagram illustrating a tangle which is an example of a distributed ledger on which information regarding a management target device is registered in the device management system 1 illustrated in Fig. 1.

[0014] Fig. 7 is a block diagram illustrating a configuration related to registration of manufacturing information of the devices managed by the device management system 1 illustrated in Fig. 1.

[0015] Fig. 8 is a flowchart illustrating a process related to registration of manufacturing information of devices managed by the device management system 1 illustrated in Fig. 1.

[0016] Fig. 9 is a block diagram illustrating a configuration related to registration of activation information of the devices managed by the device management system 1 illustrated in Fig. 1.

[0017] Fig. 10 is a flowchart illustrating a process related to registration of activation information regarding the devices managed by the device management system 1 illustrated in Fig . 1.

[0018] Fig. 11 is a block diagram illustrating a configuration of registration of updating information of the devices managed by the device management system 1 illustrated in Fig. 1.

[0019] Fig. 12 is a flowchart illustrating a process related to registration of updating information of the devices managed by the device management system 1 illustrated in Fig.

1.

[0020] Fig. 13 is a flowchart illustrating a process of registering the updating information of the devices managed by the device management system 1 illustrated in Fig. 1 at predetermined times.

[0021] Fig. 14 is a block diagram illustrating a configuration in which a device manufacturing distributed ledger 101 and a device change history distributed ledger 102 are referred to in the device management system 1 illustrated in Fig. 1.

[0022] Fig. 15 is a flowchart illustrating a process of referring to the device manufacturing distributed ledger 101 and the device change history distributed ledger 102 in the device management system 1 illustrated in Fig. 1.

[0023] Fig. 16 is a block diagram illustrating a configuration of Example 1 in which the device management system according to the invention is applied.

[0024] Fig. 17 is a block diagram illustrating a configuration of Example 2 in which the device management system according to the invention is applied.

DESCRIPTION OF THE EMBODIMENTS [0025] Embodiments of a device management system according to the invention will be described with reference to the drawings .

(First embodiment) [0026] Fig. 1 is a block diagram illustrating a configuration of a device management system according to a first embodiment of the invention. A device management system 1 according to the embodiment is configured by connecting a plurality of information processing devices 2 via a network 3. The network 3 is, for example, a peer-to-peer (P2P) network. The network 3 may be a wired network or may be a wireless network. The network 3 is, for example, an Internet network. The device management system 1 uses a distributed ledger technology. Each of the plurality of information processing devices 2 forms a node in the distributed ledger technology. In the device management system 1 according to the embodiment, a tangle of IOTA is used as a distributed ledger, but the invention is not limited thereto and another distributed ledger may be used. For example, a blockchain of Ethereum may be used as a distributed ledger .

[0027] Fig. 2 is a block diagram illustrating IcT devices managed by the device management system 1 illustrated in Fig.

1. The device management system 1 performs management of loT devices 5. The loT devices 5 are connected to the information processing device 2 via the network 4. The information processing device 2 performs operation control of the loT devices 5. The network 4 may be a wired network or may be a wireless network. The network 4 is, for example, an Internet network. The loT devices 5 may be any sensors that detect existing change amounts such as natural phenomena such as temperature, humidity, pressure, an amount of light, or volume or a movement speed and acceleration of a direction or a position of an object. The loT devices 5 may be cameras capable of imaging a periphery. The loT devices 5 may be any products such as household electronic apparatus such as an air conditioner, an automobile, and a robot. In the device management system 1 according to the embodiment, devices to be managed are the loT devices, but the invention is not limited thereto. In the device management system according to the invention, devices not connected to a network may be managed. The loT devices 5 may be devices that form nodes in the distributed ledger technology.

[0028] Fig. 3 is a block diagram illustrating a configuration of a terminal device which is an example of an information processing device 2 illustrated in Fig. 1. The information processing device 2 may be a device generally called a PC (personal computer) or may be a device called a workstation, a mainframe, or a supercomputer. The information processing device 2 may be a device called a smartphone or a tablet. The information processing device 2 may be any of various devices having a function specific to the device, such as a sensor function or a camera function in addition to a computer function Here, a configuration of the terminal device 11 which is an example of the information processing device 2 will be described The terminal device 11 includes a processing unit 12 that performs various processes, an input/output unit 13 through which an operant performs input and output, a storage unit 14 that stores various kinds of data or a program operated in the processing unit 12, and a communication unit 15 that performs communication via networks 3 and 4. The terminal device 11 may be a device that is managed by the device management system 1 according to the embodiment. All devices which can be connected to the Internet are loT devices which are management targets of the device management system 1 according to the embodiment. [0029] The processing unit 12 is an arithmetic device called a Central Processing Unit (CPU) or an Micro Processing Unit (MPU). The processing unit 12 executes a program stored in the storage unit 14. The input/output unit 13 is an input/output device such as a keyboard, a mouse, or a display. The storage unit 14 may be any existing storage device such as a Random Access Memory (RAM) , a Read Only Memory (ROM) , a hard disk, a magnetic storage device, or an optical storage device. The plurality of information processing devices 2 may all have the same configuration or each device may have a different configuration from the other devices.

[0030] Fig. 4 is a block diagram illustrating a configuration of a device which is an example of the loT device 5 illustrated in Fig. 2. The device 16 includes a processing unit 17 that performs various processes, a device function execution unit 18 that performs a function specific to the device, a storage unit 19 that stores various kinds of data and a program operating in the processing unit 17, and a communication unit 20 that performs communication via the network 4. The processing unit 17 is an arithmetic device such as a CPU or an MPU. The processing unit 17 executes a program stored in the storage unit 19. The storage unit 14 may be any existing storage device such as a RAM, a ROM, a hard disk, a magnetic storage device, or an optical storage device. The plurality of ToT device 5 may all have the same configuration or each device may have a different configuration from the other devices .

[0031] The device function execution unit 18 is configured to perform a function specific to the device. When the device 16 is a sensor, the device function execution unit 18 includes a detection element that detects a target and a control unit that controls the detection element. When the device 16 is a camera, the device function execution unit 18 includes an image sensor that images surroundings, an image processing unit that performs image processing on a captured image obtained by the image sensor, and a control unit that controls the image sensor and the image processing unit. When the device 16 is an air conditioner, the device function execution unit 18 includes a driving unit that drives each configuration related to refrigeration cycle, a detection unit that detects temperature or humidity, and a control unit that controls the driving unit and the detection unit. When the device 16 is an automobile, the device function execution unit 18 includes a driving unit that drives each configuration related to driving of an automobile, a detection unit that detects a situation related to safety outside of the automobile, a situation related to comfort inside the automobile, or the like, and a control unit that controls the driving unit and the detection unit. When the device 16 is a robot, the device function execution unit 18 includes a driving unit that drives the robot, a detection unit that detects a surrounding situation of the robot, and a control unit that controls the driving unit and the detection unit. When the device 16 is a robot, ToT devices which are management targets of the device management system 1 according to the embodiment may be manufactured by the robot. In this way, ToT devices with higher reliability can be manufactured.

[0032] Fig. 5 is a diagram illustrating a configuration in which an example of a distributed ledger technology is applied in the device management system 1 illustrated in Fig. 1. The device management system 1 according to the embodiment includes full nodes that include a tangle which is an example of a distributed ledger, as nodes, and light wallets that have no tangle. The full node synchronizes the tangle which the full node has with the tangles which the other full nodes have. The light wallet is also called a light node . Here, the light wallet is called a light node. The light node places a small burden on an operation since the light node itself has no tangle and management or the like of the tangle is thus unnecessary. However, when the light node obtains information from the full node to operate, there is concern of slight delay occurring in a process due to a communication time. The full node has the burden of management of its own tangle, but no communication is necessary since the full node can operate without depending on another device by using the tangle that it has . In the device management system 1, charge may be paid between devices or for transmission and reception of information occurring between devices. A charge amount is small for transmission and reception of a small amount of information. However, by paying a charge amount in IOTA which is virtual currency, it is possible to construct a system appropriate for micropayment. The information processing device 2, the loT device 5, the terminal device 11, and the device 16 may be full nodes or light nodes.

[0033] Fig. 6 is a diagram illustrating a tangle which is an example of a distributed ledger on which information regarding a management target device is registered in the device management system 1 illustrated in Fig. 1. The tangle uses a directed acyclic graph (DAG). In the device management system 1 illustrated in Fig. 1, registering information in a distributed ledger includes recording a transaction (TX) in a tangle. When a new transaction is recorded, a proof of work (PoW) is executed. By using the tangle of IOTA as a distributed ledger, it is possible to accelerate a registration speed in the distributed ledger.

[0034] Fig. 7 is a block diagram illustrating a configuration related to registration of manufacturing information of the devices managed by the device management system 1 illustrated in Fig. 1. A device manufacturing distributed ledger 101 is a distributed ledger in which manufacturing information which is information regarding a process of manufacturing a device managed by the device management system 1 is registered. Hereinafter, the device managed by the device management system 1 will be referred to as a management target device. The device manufacturing distributed ledger 101 is a tangle which the full node included in the device management system 1 has. The terminal device 11 registers manufacturing information 16a in the device manufacturing distributed ledger 101. The manufacturing information 16a is a transaction in the device manufacturing distributed ledger 101. The manufacturing information 16a is information at the time of manufacturing of the management target device. The manufacturing information 16a is generated whenever a component included in the management target device is selected and assembled in the process of manufacturing the management target device. For example, when a circuit board A which is a component included in the management target device is selected and electronic components B (a CPU, a memory, and the like) are mounted on the circuit board A in the process of manufacturing the management target device, the manufacturing information 16a for the circuit board A is generated and the manufacturing information 16a for the electronic components B is generated for the management target device.

[0035] The manufacturing information 16a includes a device ID with which a management target device is able to be specified, a component ID with which a component included in the management target device is able to be specified, a manufacturing line ID with which a manufacturing line in which the component indicated by the component ID is inserted into the management target device is able to be specified, and manufacturing time information indicating a time at which the component indicated by the component ID is inserted into the management target device. The manufacturing information 16a is information in which the component ID, the manufacturing line ID, and the manufacturing time information are associated with the device ID. To specify a worker or a manufacturing device, the manufacturing line ID may include a worker staff ID or a manufacturing device (robot) ID.

[0036] Fig. 8 is a flowchart illustrating a process related to registration of manufacturing information of devices managed by the device management system 1 illustrated in Fig. 1. Fig. 8 illustrates a process performed by the terminal device 11. First, the processing unit 12 of the terminal device 11 detects whether there is newly generated manufacturing information 16a (step S801). A manufacturing staff member may operate the input/output unit 13 of the terminal device 11 and input the manufacturing information 16a to the terminal device 11. When a robot manufactures the management target device, the robot may input the manufacturing information 16a to the terminal device 11 via the communication unit 15 of the terminal device 11.

[0037] In step S801, when there is newly generated manufacturing information 16a, the processing unit 12 registers the manufacturing information 16a in the device manufacturing distributed ledger 101 (step S802) and ends the process. When there is no newly generated manufacturing information 16a in S801, the processing unit 12 ends the process directly. The terminal device 11 registering the information in the device manufacturing distributed ledger 101 may be one of the information processing device 2, the loT device 5, and the device 16 or may be the management target device. In general, the device manufacturing process is separated into a plurality of processes such as mounting, assembling, inspection, and the like of components. The manufacturing information 16a may be recorded for each process or may be recorded at least once in a final assembly and inspection process.

[0038] Fig. 9 is a block diagram illustrating a configuration related to registration of activation information of the devices managed by the device management system 1 illustrated in Fig. 1. The device change history distributed ledger 102 is a distributed ledger in which activation information 16b which is information regarding a process of activating the management target device is registered. The device change history distributed ledger 102 is a tangle which a full node included in the device management system 1 has. The device change history distributed ledger 102 may be the same distributed ledger as the device manufacturing distributed ledger 101. The terminal device 11 registers the activation information 16b in the device change history distributed ledger 102. The activation information 16b is a transaction in the device change history distributed ledger 102 The activation information 16b is information at the time of activation of the management target device. The management target device manufactured in the manufacturing process performs an activation process at the time of activation. In the activation process, the management target device is initialized and activated. In the embodiment, the management target device includes a ROM storing a program, a CPU executing the program stored in the ROM, and a secure element. The secure element may be a trusted platform module (TPM), a subscriber identity module (SIM), or a secure application module (SAM) with tamper resistance or another existing configuration may be installed. The secure element may not necessarily have tamper resistance as long as the secure element has a function capable of preserving a verification key of a digital signature. For example, a structure called Trustzone existing separately from a normal memory in the CPU may be used. When the process of activating the management target device is performed, the activation information 16b is generated.

[0039] The activation information 16b includes a device ID with which the management target device is able to be specified, verification time information indicating a time at which the process of activating the management target device is performed, a hash value of a file of data and a program used in the process of activating the management target device, and a digital signature for the management target device. The activation information 16b is information in which the verification time information, the hash value, and the digital signature are associated with the device ID.

[0040] Fig. 10 is a flowchart illustrating a process related to registration of activation information regarding the devices managed by the device management system 1 illustrated in Fig. 1. Fig. 10 illustrates a process performed by the terminal device 11. First, the processing unit 12 of the terminal device 11 detects whether there is newly generated activation information 16b (step S1001). The management target device may input the activation information 16b to the terminal device 11 via the communication unit 15 of the terminal device 11. The management target device may register the activation information 16b in the device change history distributed ledger 102.

[0041] In step S1001, when there is newly generated activation information 16b, the processing unit 12 registers the current activation information 16b in the device change history distributed ledger 102 (stepS1002) and ends the process When there is no newly generated activation information 16b in step S1001, the processing unit 12 ends the process directly. The terminal device 11 registering the information in the device change history distributed ledger 102 may be one of the information processing device 2, the loT device 5, and the device 16 or may be the management target device.

[0042] Fig. 11 is a block diagram illustrating a configuration of registration of updating information of the devices managed by the device management system 1 illustrated in Fig. 1. The device change history distributed ledger 102 is a distributed ledger in which updating information 16c which is information regarding a process of updating the management target device in addition to the activation information 16b is registered. The device change history distributed ledger 102 is a tangle which the full node included in the device management system 1 has. The terminal device 11 registers the updating information 16c in the device change history distributed ledger 102. The updating information 16c is a transaction in the device change history distributed ledger 102. The updating information 16c is information at the time of updating of the management target device. The management target device activated in the activation process performs an updating process of performing updating of a program during an operation. For example, the management target device receives a firmware patch, a program adding a new function in a function specific to the management target device, a program correcting bugs, and various kinds of data via the Internet and updates a program which is executed in the management target device by the received program or the like . In the embodiment, the management target device has firmware (FW) which is executed in the management target device and a file (File) of data used when a program executed in the management target device is executed. The firmware is also a kind of program. When the process of updating the management target device is performed, the updating information 16c is generated. The process of updating the management target device may include updating firmware or a configuration file of the management target device by, for example, the terminal device 11. In this case, the terminal device 11 registers the updating information 16c regarding the updating in the device change history distributed ledger 102. [0043] The updating information 16c includes a device ID with which the management target device is able to be specified, verification time information indicating a time at which the process of updating the management target device is performed, a hash value of a file of data and a program used in the process of updating the management target device, and a digital signature of the management target device. The updating information 16c is information in which the verification time information, the hash value, and the digital signature are associated with the device ID.

[0044] Fig. 12 is a flowchart illustrating a process related to registration of updating information of the devices managed by the device management system 1 illustrated in Fig. 1. Fig. 12 illustrates a process performed by the terminal device 11. First, the processing unit 12 of the terminal device 11 detects whether there is newly generated updating information 16c (step S1201) . The management target device may input the updating information 16c to the terminal device 11 via the communication unit 15 of the terminal device 11. The management target device may register the updating information 16c in the device change history distributed ledger 102.

[0045] When there is newly generated updating information 16c in step S1201, the processing unit 12 registers the current updating information 16c in the device change history distributed ledger 102 (step S1202) and ends the process. When there is no newly generated updating information 16c in step S1201, the processing unit 12 ends the process directly. The terminal device 11 registering the information in the device change history distributed ledger 102 may be one of the information processing device 2, the loT device 5, and the device 16 or may be the management target device.

[0046] Not only when there is new updating information 16c (the updating information 16c is updated) but also when the information is not updated, the terminal device 11 may register the updating information 16c indicating a current state of the management target device in the device change history distributed ledger 102 at predetermined times. The updating information 16c indicating the current state of the management target device includes a device ID with which the management target device is able to be specified, verification time information indicating a current time, a hash value of a file of data and a program currently executed in the management target device, and a digital signature of the management target device. The updating information 16c is information in which the verification time information, the hash value, and the digital signature are associated with the device ID.

[0047] Fig. 13 is a flowchart illustrating a process of registering the updating information of the devices managed by the device management system 1 illustrated in Fig. 1 at predetermined times. Fig. 13 illustrates a process performed by the terminal device 11. First, the processing unit 12 of the terminal device 11 checks whether a predetermined time has passed from the registration of the previous updating information 16c (step S1301) . The predetermined time determined in step S1301 may be decided in response to a frequency at which the management target device can be falsified The predetermined time may be constant or variable. The management target device may input the updating information 16c to the terminal device 11 via the communication unit 15 of the terminal device 11. The management target device may register the updating information 16c in the device change history distributed ledger 102.

[0048] When the predetermined time has passed in step S1301, the processing unit 12 registers the current activation information 16b in the device change history distributed ledger 102 (step S1302) and ends the process. When the predetermined time has not passed in step S1301, the processing unit 12 ends the process directly. The terminal device 11 registering the information in the device change history distributed ledger 102 may be one of the information processing device 2, the loT device 5, and the device 16 or may be the management target device. Through the process illustrated in Fig. 13, countermeasurescan be taken against falsification in which a non-updated state is simulated despite the updating of the management target device, and thus a current situation of the management target device is correctly reflected in the device change history distributed ledger 102.

[0049] Fig. 14 is a block diagram illustrating a configuration in which a device manufacturing distributed ledger 101 and a device change history distributed ledger 102 are referred to in the device management system 1 illustrated in Fig. 1. In the device management system 1, for example, the terminal device 11 refers to the manufacturing information 16a registered in the device manufacturing distributed ledger 101, the activation information 16b registered in the device change history distributed ledger 102, and the updating information 16c registered in the device change history distributed ledger 102 .

[0050] Fig. 15 is a flowchart illustrating a process of referring to the device manufacturing distributed ledger 101 and the device change history distributed ledger 102 in the device management system 1 illustrated in Fig. 1. Fig. 15 illustrates a process performed by the terminal device 11. First, the terminal device 11 determines whether a process of checking reliability of the management target device has occurred (step S1501) . The process of checking reliability of the management target device includes, for example, a process of checking a state of the management target device when a certain suspicious motion occurs in a certain operation of the management target device. The process of checking the reliability of the management target device includes, for example, a process of checking reliability of the management target device when data from a certain management target device is used. The process of checking the reliability of the management target device includes, for example, a process of checking reliability of the management target device when a certain management target device is driven and controlled. The process of checking the reliability of the management target device includes, for example, a process of checking the state of the management target device when auditing or the like of a certain management device is necessary.

[0051] The t erminal device 11 ends the process directly when the process of checking the reliability of the management target device has not occurred in step S1501. When the process of checking the reliability of the management target device has occurred in step S1501, the terminal device 11 acquires in step S1502 the device ID used to specify which device is the management target device checking current reliability. The device ID may be acquired by inputting the device ID from the input/output unit 13, may be acguired by receiving the device ID from the outside via the communication unit 15, or may be acquired by reading the device ID from the storage unit 14. Further, in step S1502, the terminal device 11 reads the manufacturing information 16a with regard to the acquired device ID from the device manufacturing distributed ledger 101, reads the activation information 16b with regard to the acquired device ID from the device change history distributed ledger 102, and reads the updating information 16c with regard to the acquired device ID from the device change history distributed ledger 102 .

[0052] Subsequently, the terminal device 11 determines the manufacturing information 16a, the activation information 16b, and the updating information 16c read in step S1501 and checks the current reliability of the management target device (step S1503) . In step S1504, after control based on the current reliability of the management target device which is a determination result of step S1503 is performed, the process ends. For example, when the manufacturing information 16a read from the device manufacturing distributed ledger 101 includes information regarding components other than components scheduled at first, control in which the management target device is not used can be performed. For example, when the updating information 16c read from the device change history distributed ledger 102 includes information regarding irregular updating, control in which the management target device is not used can be performed. For example, when there is no suspicious point in the manufacturing information 16a, the activation information 16b, and the updating information 16c, control in which the management target device is used as a reliable device can be performed. The terminal device 11 performing the process of Fig. 15 may be one of the information processing device 2, the loT device 5, and the device 16 or may be the management target device. In this way, according to the embodiment, a traceable environment can be supplied to the management target device. According to the embodiment, a third party can be supplied with grounds for asserting that the management target device is a legitimate device.

[Example 1] [0053] Fig. 16 is a block diagram illustrating a configuration of Example 1 in which the device management system according to the invention is applied. This example is an example in which the device management system according to the invention is applied to a human tracking system that tracks human footprints. A human tracking system 1600 includes surveillance cameras 1606, 1607, and 1608 which are management target devices. Information regarding manufacturing, activation, and updating of the surveillance cameras 1 606, 1607 and 1608 is registered in a distributed ledger 1602 at all such time. The reliability of the surveillance cameras 1606, 1607, and 1608 is guaranteed by the distributed ledger 1602. The distributed ledger 1602 refers to a distributed ledger 1601 in which evidence which is grounds for qualification as a reliable device is registered.

[0054] A face image of a person 1605 is registered in the distributed ledger 1604. The surveillance cameras 1606, 1607, and 1608 acquire an action history of the person 1605 passing installation positions of the surveillance cameras 1606, 1607, and 1608 by matching face images registered in the distributed ledger 1604 with face images of the person captured by the cameras. The action history is registered in a distributed ledger 1603. When the action history is registered, reliability of imaging results of the surveillance cameras 1606 1607, and 1608 is ensured with reference to the distributed ledger 1602. In a shop 1609, an action pattern, a purchase tendency, or the like of the person 1605 can be analyzed and used for product purchase or product development with reference to the distributed ledger 1603.

[Example 2] [0055] Fig. 17 is a block diagram illustrating a configuration of Example 2 in which the device management system according to the invention is applied. This example is an example in which the device management system according to the invention is applied to a dangerous vehicle determination system that determines a dangerous driving vehicle. A dangerous vehicle determination system 1700 includes surveillance cameras 1705 and 1706 which are management target devices. The surveillance cameras 1705 and 1706 are mounted on a vehicle 1704. The surveillance camera 1705 performs forward imaging with respect to the vehicle 1704 and images a driving situation of a front traveling vehicle 1707. The surveillance camera 1706 performs rearward imaging with respect to the vehicle 1704 and images a driving situation of a rear traveling vehicle 1708. Information regarding manufacturing, activation, and updating of the surveillance cameras 1705 and 1706 is registered in a distributed ledger 1702 at all such time. The reliability of the surveillance cameras 1705 and 1706 is guaranteed by the distributed ledger 1702. The distributed ledger 1702 refers to a distributed ledger 1701 in which an evidence which is a ground for qualification as a reliable device is registered.

[0056] The driving situations or vehicle numbers of the front traveling vehicle 1707 and the rear traveling vehicle 1708 imaged by the surveillance cameras 1705 and 1706 are registered in a distributed ledger 1703. The surveillance cameras 1705 and 1706 can acquire a vehicle number of a vehicle which has been driven dangerously previously with reference to content previously registered in the distributed ledger 1703. The surveillance cameras 1705 and 1706 can notify a smartphone 1710 of a driver driving the vehicle 1704 or a navigation system 1709 mounted on the vehicle 1704 of concern of the front traveling vehicle 1707 or the rear traveling vehicle 1708 being dangerously driven by matching the vehicle number of the front traveling vehicle 1707 or the rear traveling vehicle 1708 which is being currently imaged with the vehicle number of the vehicle acquired from the distributed ledger 1703 and has been driven dangerously previously.

[0057] (1) According to the present invention, there is a device management system including a distributed ledger (the device manufacturing distributed ledger 101 or the device change history distributed ledger 102); registration means (S802, S1002, S1202, or S1302) for registering at least one piece of information in the distributed ledger among manufacturing information which is information regarding a process of manufacturing a device, activation information which is information regarding a process of activating the device, and updating information which is information regarding a process of updating the device; and information reading means (S1502) for reading the information registered in the distributed ledger. Thus, the device management system capable of improving reliability of the device is provided. By registering information regarding the device in the distributed ledger, the information can be kept from being falsified. When information is registered in a public distributed ledger, a system can be provided so that anybody can refer to information regarding the device. Thus, anybody can check reliability of the device.

[0058] (2) According to the present invention, the distributed ledger may be a tangle (see Fig. 6) . Thus, registration in the distributed ledger can be performed in real time. Unlike other distributed ledgers in which a fee is necessary at the time of registration, registration in the distributed ledger can be performed free of charge. It is possible to provide the scalable system. It is possible to provide the system with high affinity with micropayment in which virtual currency IOTA is used.

[0059] (3) According to the present invention, the manufacturing information may include a device ID with which the device is able to be specified, a component ID with which a component included in the device is able to be specified, a manufacturing line ID with which a manufacturing line in which the component indicated by the component ID is inserted into the device is able to be specified, and manufacturing time information indicating a time at which the component indicated by the component ID is inserted into the device, and the manufacturing information is information in which the component ID, the manufacturing line ID, and the manufacturing time information are associated with the device ID. Thus, it is possible to provide the system with the improved reliability at the time of manufacturing of the device.

[0060] (4) According to the present invention, the activation information can include a device ID with which the device is able to be specified, verification time information indicating a time at which the process of activating the device is performed, a hash value of a file used in the process of activating the device, and a digital signature by the device, and the activation information is information in which the verification time information related to the process of activating the device, the hash value related to the process of activating the device, and the digital signature are associated with the device ID. Thus, it is possible to provide the system with improved reliability at the time of activation of the device.

[0061] (5) According to the present invention, the updating information may include a device ID with which the device is able to be specified, verification time information indicating a time at which the process of updating the device is performed, a hash value of a file used in the process of updating the device, and a digital signature by the device, and the updating information is information in which the verification time information related to the process of updating the device, the hash value related to the process of updating the device, and the digital signature are associated with the device ID. Thus, it is possible to provide the system with improved reliability at the time of updating of the device. [0062] (6) According to the present invention, the digital signature may be a digital signature obtained by encrypting the hash value of the file with a private key. Thus, information regarding the device registered in the distributed ledger, the information can be further kept from being falsified.

[0063] (7) According to the present invention, the device may be an loT device. Thus, it is possible to improve the reliability of the loT device which is likely to be attacked by malware or the like at the time of access to the Internet. According to the present invention, even when a program controlling the loT device is rewritten by, for example, malware rewritten information is registered in the distributed ledger. Therefore, a current situation of the loT device can be known, and thus an operant can obtain a basis for decision when the operant determines whether to utilize the loT device.

[0064] (8) According to the present invention, there is a device management method of performing management of a device using a computer. The method includes: registering at least one piece of information in the distributed ledger among manufacturing information which is information regarding a process of manufacturing a device, activation information which is information regarding a process of activating the device, and updating information which is information regarding a process of updating the device; and reading the information registered in the distributed ledger. Thus, the device management method capable of improving reliability of the device is provided. By registering information regarding the device in the distributed ledger, the information can be kept from being falsified. When information is registered in a public distributed ledger, a system can be provided so that anybody can refer to information regarding the device. Thus, anybody can check reliability of the device.

[0065] (9) According to the invention, there is provided an information processing device including registration means for registering at least one piece of information in the distributed ledger among manufacturing information which is information regarding a process of manufacturing a device, activation information which is information regarding a process of activating the device, and updating information which is information regarding a process of updating the device. Thus, when the information processing device registers the information regarding the device in the distributed ledger, the information regarding the device can be kept from being falsified. It is possible to provide the information with high reliability.

[0066] (10) According to the invention, there is provided an loT device including registration means for registering at least one piece of information in the distributed ledger among manufacturing information which is information regarding a process of manufacturing a device, activation information which is information regarding a process of activating the device, and updating information which is information regarding a process of updating the device. Thus, when the loT device registers the information regarding the device in the distributed ledger, the information regarding the device can be kept from being falsified. It is possible to provide the information with high reliability.

[0067] (11) According to the invention, there is provided a program causing a computer to function as registration means for registering at least one piece of information in the distributed ledger among manufacturing information which is information regarding a process of manufacturing a device, activation information which is information regarding a process of activating the device, and updating information which is information regarding a process of updating the device. Thus, the program capable of improving reliability of the device is provided. By registering information regarding the device in the distributed ledger, the information can be kept from being falsified. When information is registered in a public distributed ledger, a program can be provided so that anybody can refer to information regarding the device. Thus, anybody can check reliability of the device.

[0068] (12) According to the invention, in the program, the distributed ledger may be a tangle. Thus, registration in the distributed ledger can be performed in real time. Unlike other distributed ledgers in which a fee is necessary at the time of registration, registration in the distributed ledger can be performed free of charge. It is possible to provide the scalable program. It is possible to provide the program with high affinity with micropayment in which virtual currency IOTA is used.

[0069] (13) According to the invention, in the program, the manufacturing information may include a device ID with which the device is able to be specified, a component ID with which a component included in the device is able to be specified, a manufacturing line ID with which a manufacturing line in which the component indicated by the component ID is inserted into the device is able to be specified, and manufacturing time information indicating a time at which the component indicated by the component ID is inserted into the device, and the manufacturing information is information in which the component ID, the manufacturing line ID, and the manufacturing time information are associated with the device ID. Thus, it is possible to provide the program with improved reliability at the time of manufacturing of the device.

[0070] (14) According to the invention, in the program, the activation information may include a device ID with which the device is able to be specified, verification time information indicating a time at which the process of activating the device is performed, a hash value of a file used in the process of activating the device, and a digital signature by the device, and the activation information is information in which the verification time information related to the process of activating the device, the hash value related to the process of activating the device, and the digital signature are associated with the device ID. Thus, it is possible to provide the program with improved reliability at the time of activation of the device.

[0071] (15) According to the invention, in the program, the updating information may include a device ID with which the device is able to be specified, verification time information indicating a time at which the process of updating the device is performed, a hash value of a file used in the process of updating the device, and a digital signature by the device, and the updating information is information in which the verification time information related to the process of updating the device, the hash value related to the process of updating the device, and the digital signature are associated with the device ID. Thus, it is possible to provide the program with improved reliability at the time of updating of the device. [0072] (16) According to the invention, in the program, the registration means may register the manufacturing information in the distributed ledger when the device is manufactured through the manufacturing process. Thus, it is possible to provide the program with improved reliability at the time of manufacturing of the device.

[0073] (17) According to the invention, in the program, the registration means may register the activation information in the distributed ledger when the device is activated through the activation process. Thus, it is possible to provide the program with improved reliability at the time of activation of the device.

[0074] (18) According to the invention, in the program, the registration means may register the updating information in the distributed ledger when the device is updated through the updating process. Thus, it is possible to provide the program with improved reliability at the time of updating of the device.

[0075] (19) According to the invention, in the program, the registration means may register the updating information in the distributed ledger for each predetermined time. Thus, it is possible to check a situation of the device for each predetermined time and it is possible to provide the program with improved reliability of the device.

[0076] While the present invention has been described with reference to exemplary embodiments, it is to be understood that the invention is not limited to the disclosed exemplary embodiments. The scope of the following claims is to be accorded the broadest interpretation so as to encompass all such modifications and equivalent structures and functions.

[0077] This application claims the benefit of Japanese Patent Application No . 2019-054461, filed March22 2019, which is hereby incorporated by reference wherein in its entirety.

Claims (19)

1. A device management system comprising:
a distributed ledger;
registration means for registering at least one piece of information in the distributed ledger among manufacturing information which is information regarding a process of manufacturing a device, activation information which is information regarding a process of activating the device, and updating information which is information regarding a process of updating the device; and information reading means for reading the information registered in the distributed ledger.
2. The device management system according to claim 1, wherein the distributed ledger is a tangle.
3. The device management system according to claim 1 or 2, wherein the manufacturing information includes a device ID with which the device is able to be specified, a component ID with which a component included in the device is able to be specified, a manufacturing line ID with which a manufacturing line in which the component indicated by the component ID is inserted into the device is able to be specified, and manufacturing time information indicating a time at which the component indicated by the component ID is inserted into the device, and the manufacturing information is information in which the component ID, the manufacturing line ID, and the manufacturing time information are associated with the device ID.
4. The device management system according to any one of claims 1 to 3, wherein the activation information includes a device ID with which the device is able to be specified, verification time information indicating a time at which the process of activating the device is performed, a hash value of a file used in the process of activating the device, and a digital signature of the device, and the activation information is information in which the verification time information related to the process of activating the device, the hash value related to the process of activating the device, and the digital signature are associated with the device ID.
5. The device management system according to any one of claims 1 to 4, wherein the updating information includes a device ID with which the device is able to be specified, verification time information indicating a time at which the process of updating the device is performed, a hash value of a file used in the process of updating the device, and a digital signature of the device, and the updating information is information in which the verification time information related to the process of updating the device, the hash value related to the process of updating the device, and the digital signature are associated with the device ID.
6. The device management system according to claim 4 or 5, wherein the digital signature is a digital signature obtained by encrypting the hash value of the file with a private key.
7. The device management system according to any one of claims 1 to 6, wherein the device is an loT device.
8. A device management method of performing management of a device using a computer, the method comprising:
registering at least one piece of information in a distributed ledger among manufacturing information which is information regarding a process of manufacturing a device, activation information which is information regarding a process of activating the device, and updating information which is information regarding a process of updating the device; and reading the information registered in the distributed ledger .
9. An information processing device comprising:
registration means for registering at least one piece of information in a distributed ledger among manufacturing information which is information regarding a process of manufacturing a device, activation information which is information regarding a process of activating the device, and updating information which is information regarding a process of updating the device.
10. An loT device comprising:
registration means for registering at least one piece of information in a distributed ledger among manufacturing information which is information regarding a process of manufacturing a device, activation information which is information regarding a process of activating the device, and updating information which is information regarding a process of updating the device.
11. A program causing a computer to function as registration means for registering at least one piece of information in a distributed ledger among manufacturing information which is information regarding a process of manufacturing a device, activation information which is information regarding a process of activating the device, and updating information which is information regarding a process of updating the device.
12 .
distributed
The program ledger is a according to claim 11, wherein the tangle .
13 .
The program according to claim 11 or 12, wherein the manufacturing information includes a device ID with which the device is able to be specified, a component ID with which a component included in the device is able to be specified, a manufacturing line ID with which a manufacturing line in which the component indicated by the component ID is inserted into the device is able to be specified, and manufacturing time information indicating a time at which the component indicated by the component ID is inserted into the device, and the manufacturing information is information in which the component ID, the manufacturing line ID, and the manufacturing time information are associated with the device ID.
14. The program according to any one of claims 11 to
13, wherein the activation information includes a device ID with which the device is able to be specified, verification time information indicating a time at which the process of activating the device is performed, a hash value of a file used in the process of activating the device, and a digital signature of the device, and the activation information is information in which the verification time information related to the process of activating the device, the hash value related to the process of activating the device, and the digital signature are associated with the device ID.
15. The program according to any one of claims 11 to
14, wherein the updating information includes a device ID with which the device is able to be specified, verification time information indicating a time at which the process of updating the device is performed, a hash value of a file used in the process of updating the device, and a digital signature of the device, and the updating information is information in which the verification time information related to the process of updating the device, the hash value related to the process of updating the device, and the digital signature are associated with the device ID.
16. The program according to any one of claims 11 to
15, wherein the registration means registers the manufacturing information in the distributed ledger when the device is manufactured through the manufacturing process.
17. The program according to any one of claims 11 to
16, wherein the registration means registers the activation information in the distributed ledger when the device is activated through the activation process.
18. The program according to any one of claims 11 to
17, wherein the registration means registers the updating information in the distributed ledger when the device is updated through the updating process.
19. The program according to any one of claims 11 to
18, wherein the registration means registers the updating information in the distributed ledger at predetermined times.
GB1910795.2A 2019-03-22 2019-07-29 Device managment system, device managment method. Information processing device, device, and program Pending GB2572925A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2019054461A JP6656446B1 (en) 2019-03-22 2019-03-22 Device management system, device management method, information processing apparatus, and program

Publications (2)

Publication Number Publication Date
GB201910795D0 GB201910795D0 (en) 2019-09-11
GB2572925A true GB2572925A (en) 2019-10-16

Family

ID=67982985

Family Applications (1)

Application Number Title Priority Date Filing Date
GB1910795.2A Pending GB2572925A (en) 2019-03-22 2019-07-29 Device managment system, device managment method. Information processing device, device, and program

Country Status (3)

Country Link
JP (1) JP6656446B1 (en)
GB (1) GB2572925A (en)
WO (1) WO2020195746A1 (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2014146722A (en) * 2013-01-30 2014-08-14 Hitachi High-Technologies Corp Management device of semiconductor device, and microscope

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3959299B2 (en) * 2002-04-24 2007-08-15 株式会社東芝 Supervisory control device

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2014146722A (en) * 2013-01-30 2014-08-14 Hitachi High-Technologies Corp Management device of semiconductor device, and microscope

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
(POPOV), 30 April 2018 (version 1.4.3), "The Tangle", IOTA Foundation, [online], Available from: https://www.iota.org/research/academic-papers [Accessed 20 August 2019] *

Also Published As

Publication number Publication date
GB201910795D0 (en) 2019-09-11
JP6656446B1 (en) 2020-03-04
JP2020154954A (en) 2020-09-24
WO2020195746A1 (en) 2020-10-01

Similar Documents

Publication Publication Date Title
EP3014514B1 (en) Zero-day discovery system
US20170147810A1 (en) Determining source of side-loaded software using signature of authorship
JP2018514478A (en) Autonomous transport aircraft, automated delivery systems, methods for controlling autonomous transport aircraft, automated delivery methods, and computer program products for controlling autonomous transport aircraft (autonomous delivery of goods)
US9886583B2 (en) Systems, methods, and apparatus to enhance the integrity assessment when using power fingerprinting systems for computer-based systems
US9992025B2 (en) Monitoring installed applications on user devices
JP6709845B2 (en) Systems, methods and devices for intrusion detection and analysis using power characteristics such as side channel information
US10235524B2 (en) Methods and apparatus for identifying and removing malicious applications
US9973517B2 (en) Computing device to detect malware
US9639699B1 (en) Detecting non-human users on computer systems
US20180060571A1 (en) Method and system for preventing and detecting security threats
US10701091B1 (en) System and method for verifying a cyberthreat
US9584543B2 (en) Method and system for web integrity validator
US9712553B2 (en) System and method for developing a cyber-attack scenario
KR101558715B1 (en) System and Method for Server-Coupled Malware Prevention
Mylonas et al. Smartphone sensor data as digital evidence
Dumitraş et al. Toward a standard benchmark for computer security research: The Worldwide Intelligence Network Environment (WINE)
Sikder et al. A survey on sensor-based threats to internet-of-things (iot) devices and applications
US10218697B2 (en) Use of device risk evaluation to manage access to services
Caballero et al. Measuring pay-per-install: the commoditization of malware distribution.
KR102150742B1 (en) Automatic fraudulent digital certificate detection
EP3035635B1 (en) System and method for evaluating cyber-attacks on aircraft
US20180089436A1 (en) Methods And Apparatus To Facilitate Blockchain-based Boot Tracking
US10284375B2 (en) Trust service for a client device
JP2016534479A (en) Automatic detection during malware runtime
JP2017157926A (en) Information processing unit and program