JP7292222B2 - Authorization-related information management system and authorization-related information management method - Google Patents

Description

The present invention relates to an authorization-related information management system and an authorization-related information management method.

Japanese Patent Application Laid-Open No. 2002-200000 describes a vehicle design support device configured to solve the problem of requiring a great deal of labor in the process of designing a vehicle to check whether the design complies with laws and regulations. there is The vehicle design support device includes legal regulation information storage means for storing information on laws and regulations relating to each member to be attached to the vehicle, means for inputting vehicle shape information that defines the shape of the vehicle, and information about the member to be attached to the vehicle. means for inputting member shape information that determines the shape and mounting position of the member; reading member-related legal regulation information regarding the member from the legal regulation information storage means; and an output unit that changes the display format of the member according to the determination result of the determination unit.

JP-A-2005-173761

In recent years, due to the advancement of wireless communication technology, vehicle providers such as automobile manufacturers can access the ECU (Electronic Control Unit) installed in the vehicle via OTA (OTA: Over The Air) at the time of manufacturing the vehicle or after the sale. ), etc., and can be updated (performance change, function change, function addition, etc.). As a result, vehicle providers will be able to develop, produce, and sell vehicles in anticipation of the addition of autonomous driving functions in the future. It is thought that it will increase rapidly.

In view of this situation, WP29 (World Forum for Harmonization of Vehicle Regulations) is promoting the formulation of international standards for updating software. In WP29, for example, the impact of software updates on vehicle type approval should be evaluated and the results documented. etc.), and the concept of defining a number aggregated by distinguishing by version level one or more software installed in an in-vehicle system that has undergone type approval (hereinafter referred to as "authorization management information". ), and submit information such as traceability information and evidence related to software updates at the request of the authorities.

When the above system is started, the vehicle provider will be required to analyze the impact on type approval when updating the software embedded in many devices installed in the vehicle, and It is necessary to efficiently and reliably perform tasks such as obtaining traceability information and evidence that need to be reported.

However, most of the devices installed in vehicles are usually supplied from device suppliers such as suppliers to vehicle suppliers (OEMs), while legal information related to software such as traceability information is managed by the suppliers. Therefore, when dealing with the above system, it is expected that complicated work will occur for associating legal requirements for type approval, etc., managed by the vehicle provider with software-related information.

In addition, when the software embedded in the equipment installed in the vehicle is updated, the vehicle provider is required to test (verify) in order to obtain legal approval. It is necessary to have a mechanism for efficiently performing work such as identifying the software and model that will be used (there are cases where common software is embedded in different models of vehicles), preparing the test environment, conducting the test, and obtaining evidence. becomes.

In the above Patent Document 1, it is determined whether or not a member attached to a vehicle satisfies the regulation conditions included in member-related legal regulation information. There is no disclosure of a technique for comprehensively managing managed information or a technique for efficiently conducting tests for obtaining legal approval.

The present invention has been made in view of such a background, and provides an authorization-related information management system and an authorization-related information management method that support work performed when updating software incorporated in equipment installed in a vehicle. intended to

One of the present inventions for achieving the above object is an information processing system for managing information related to legal approval of software installed in equipment installed in a vehicle, which meets requirements for obtaining legal approval for the vehicle. is associated with a regulation ID that is information that specifies a regulation that defines a regulation, and stores equipment requirement specifications that are information on the specifications that the regulation requires of the equipment, and information on the traceability of the equipment that is associated with the equipment requirement specifications and the traceability information includes a software ID that specifies software to be installed in the device, the regulation ID corresponding to the device requirement specifications associated with the acquired traceability information, and the generating authorization management information that is information that associates one or more of the software IDs included in the traceability information; manages authorization information that is information that associates the authorization management information and the traceability information; Test information, which is information about the test performed on the software at the time of authorization, is managed in association with the authorization management information.

In addition, the problems disclosed by the present application and their solutions will be clarified by the description of the mode for carrying out the invention and the drawings.

Advantageous Effects of Invention According to the present invention, it is possible to assist work performed when updating software incorporated in equipment mounted on a vehicle.

FIG. 3 is a diagram for explaining authorization information, which is information relating to type approval of a vehicle; 1 is a diagram showing a schematic configuration of an authorization-related information management system; FIG. It is an example of an information processing device that constitutes an equipment supplier system or a vehicle supplier system. It is an example of vehicle configuration information. It is an example of vehicle configuration information. Example of test history information It is an example of test vehicle information. This is an example of defect information. FIG. 10 is a flowchart for explaining authorization-related information generation processing; FIG. 4 is a flowchart for explaining software update processing; It is an example of an authorization-related information search screen.

BEST MODE FOR CARRYING OUT THE INVENTION Hereinafter, embodiments of the present invention will be described with reference to the drawings. In the following description, the same or similar configurations may be denoted by common reference numerals, and redundant description may be omitted.

In the following description, "regulations" refers to laws (laws, government ordinances, regulations, etc.) that must be complied with in order for a vehicle to be certified as to whether it satisfies safety standards such as type certification. Also, the laws and regulations are not limited to those of Japan, but also include the laws and regulations of the export destination (destination country) of the vehicle.

In the following description, "incorporating software into a device" means recording (storing, writing, downloading, etc.) software in a storage device of the device. Also, "to manage information" means to store (memorize) information in a database or the like and manage it in a state in which operations such as retrieval, update, and deletion are possible.

In the following description, "traceability" may be abbreviated as "traceability". Further, in the following explanation, "evidence" refers to evidence that a vehicle provider submits to authorities (Ministry of Land, Infrastructure, Transport and Tourism, etc.) for type certification.

In the following description, a vehicle provider (a vehicle manufacturer such as an automobile manufacturer, a vehicle sold by an automobile dealer, an after-sales service provider such as an automobile maintenance company, etc.) is referred to as a "vehicle provider." Equipment installed in the vehicle (ECU (Electronic Control Unit)
), server devices, etc.) is called a “device supplier”. However, both the vehicle provider and the equipment supplier are defined for the convenience of explanation, and the management entity and operation entity of various configurations described below are not necessarily limited.

In the following description, information for which the creator is not specified is set by a user's input operation or an existing information processing system, for example.

<Authorization information>
First, in order to receive type certification (legal approval) for vehicles, information managed by vehicle suppliers and equipment suppliers regarding software embedded in equipment such as ECUs (Electronic Control Units) installed in vehicles (hereinafter referred to as " (referred to as “authorization information 6”) will be described.

FIG. 1 is a diagram for explaining authorization information 6. As shown in FIG. As shown in the figure, the authorization information 6 includes authorization management information 21, regulation requirement information 22, and vehicle requirement specifications 23, which are information managed by the vehicle provider 2 side. The authorization information 6 also includes equipment requirement specifications 31, design documents 32, and programs 33, which are information managed by the equipment suppliers 3A-3C. The authorization information 6 is managed for each model of vehicle and for each regulation relating to authorization.

Of these, the authorization management information 21 includes information indicating the correspondence between authorized regulations and software related to the authorization. Specifically, the authorization management information 21 includes a regulation ID, which is an identifier of a regulation, and an identifier that is newly assigned each time an authorization for the regulation is performed due to updating of software (an identifier that distinguishes each authorization). ) and one or more software IDs that are software identifiers. Also, the software ID includes information (name, etc.) specifying the type of software and version information. As described above, the authorization management information 21 consists of a combination of a regulation ID, an authorization sequence ID, and one or more software IDs (name + version information). can.

In the example shown in the figure, the first three digits of "R79" in "R790001" are the legal ID ("R79" in the law "UN-R79 Uniform Regulations Concerning Approval of Vehicles for Steering Systems 5.6.2.2.5.") , "0001" in the last 4 digits is the approval sequence ID (a number indicating that it is the first approval for the applicable regulation), "Steer ver.1", "ADAS ver.1", "Meter ver.1"' is the software ID.

The legal requirement information 22 includes information indicating the content required by legal regulations for authorization. In the same figure, as legal requirement information 22, "If the driver does not hold the steering control after a maximum of 15 seconds, an optical warning shall be given.", "After a maximum of 30 seconds, the driver If control is not retained, an audible warning shall be given in addition to the above signals."

The vehicle specification requirement 23 includes information indicating the content of vehicle specifications required by laws and regulations upon approval. In the same figure, as vehicle requirement specifications 23, "If the driver does not hold the steering control after a maximum of 15 seconds, an optical warning shall be given." If control is not retained, an audible warning shall be given in addition to the above signals."

The device requirement specification 31 includes information indicating the details of the specifications of devices mounted on the vehicle that are required by law for approval. In the same figure, as the equipment requirement specifications 31, "detect (15 seconds)", "detect (30 seconds)", and "notify ADAS", which are the equipment requirement specifications 31 of the "steering ECU", "Receiving notification", "Requesting display", and "Sounding", device requirement specification 31 of "ADAS ECU", device requirement specification 3 of "meter ECU"
1, "receiving display request" and "displaying".

The design document 32 includes various types of information (basic design document, detailed design document, test specifications, test results, etc.) regarding the design of the device. In the figure, as design documents 32, "Xxx design document" managed by device supplier 3A, "Yyy design document" managed by device supplier 3B, and "Xzz design document" managed by device supplier 3C are exemplified. are doing.

The program 33 is information (source code, object code, binary code (substantial code, execution module), etc.) relating to a software program installed in the device. In the figure, as the program 33, source code with file names "Xxx1.c" and "Xxx2.c" managed by the equipment supplier 3A, and "Yyy1.c" and "Yyy2.c" managed by the equipment supplier 3B. , and source codes with file names of "Zzz1.c" and "Zzz2.c" managed by the equipment supplier 3C.

<Authorization related information management system>
Next, an information processing system (hereinafter referred to as "authorization-related information management system 1") shown as one embodiment will be described.

FIG. 2 shows a schematic configuration of the authorization-related information management system 1. As shown in FIG. The authorization-related information management system 1 includes a vehicle provider system 100, which is an information processing system managed by the vehicle provider 2, and one or more information processing systems, which are managed by the individual equipment suppliers 3A to 3C. It includes an equipment supplier system 200 , a test vehicle management device 300 and a software distribution device 400 .

Vehicle provider system 100, equipment supplier system 200, test vehicle management device 300, and software distribution device 400 are all configured using one or more information processing devices. Equipment provider system 200 and vehicle provider system 100 are communicably connected. Also, the test vehicle management device 300 and the software distribution device 400 are communicably connected to the vehicle provider system 100 . Communication between these devices includes, for example, WAN (Wide Area Network), LAN (Local Area Network), Internet, leased line,
It is carried out via communication infrastructure such as various public communication networks.

The test vehicle management device 300 performs information processing (management of information related to the configuration of the test vehicle, reservation processing of the test vehicle, etc.) regarding provision of the test vehicle, which is a vehicle used when performing a test (verification) regarding approval of the vehicle. .

The software distribution device 400 communicates with a gateway device and a server device mounted on the vehicle, and performs processing related to distribution of software to devices mounted on the vehicle. The software distribution device 400 also communicates with the vehicle provider system 100 to perform various types of information processing (management of information on jigs used for incorporation, jig reservation, jig software, etc.).

FIG. 3 shows a hardware configuration example of an information processing device (computer) that constitutes the vehicle provider system 100, the equipment supplier system 200, the test vehicle management device 300, and the software distribution device 400. As shown in FIG. As shown in the figure, the illustrated information processing apparatus 10 includes a processor 11 , a main storage device 12 , an auxiliary storage device 13 , an input device 14 , an output device 15 and a communication device 16 . These are communicably connected via communication means such as a bus (not shown).

For example, an operating system, a device driver, a file system, a DBMS (DataBase Management System) (relational database, NoSQL, etc.), etc. may be installed in the information processing apparatus 10 .

The information processing apparatus 10 is, for example, a desktop personal computer, an office computer, a mainframe, a mobile communication terminal (smartphone, tablet, wearable terminal, notebook personal computer, or the like).

The information processing device 10 may be implemented using virtual information processing resources such as a cloud server provided by a cloud system, for example. It may be provided as a cloud service.

The processor 11 is, for example, a CPU (Central Processing Unit), an MPU (Micro Processing Unit), a GPU (Graphics Processing Unit), an AI (Artificial Intelligence) chip, an FPGA (Field Programmable Gate Array), an ASIC (Application Specific Integrated Circuit), or the like. is configured using

The main storage device 12 is a device that stores programs and data, and is, for example, a ROM (Read
Only Memory), RAM (Random Access Memory), non-volatile memory (NVRAM (Non Volatile RAM)), and the like.

The auxiliary storage device 13 is, for example, an SSD (Solid State Drive), a hard disk drive, an optical storage device (CD (Compact Disc), DVD (Digital Versatile Disc), etc.), a storage system, an IC card, an SD card, or an optical recording device. They are a read/write device for a recording medium such as a medium, a storage area of a cloud server, and the like. Programs and data can be read into the auxiliary storage device 13 via a recording medium reading device or the communication device 16 . Auxiliary storage device 1
Programs and data stored (stored) in 3 are read into main memory 12 as needed.

The input device 14 is an interface that receives input from the outside, and includes, for example, a keyboard, mouse, touch panel, card reader, voice input device, and the like.

The output device 15 is an interface for outputting various information such as processing progress and processing results. The output device 15 is, for example, a display device (liquid crystal monitor, LCD (Liquid Crystal Display), graphic card, etc.) that visualizes the above various information, a device (audio output device (speaker, etc.)) that converts the above various information into sound. , a device (printing device, etc.) that converts the above various information into characters. The output device 15 constitutes a user interface together with the input device 14 .

For example, the information processing device 10 may be configured to input and output information with other devices (smartphones, tablets, notebook computers, various types of mobile information terminals, etc.) via the communication device 16 .

Communication device 16 implements communication with other devices. The communication device 16 is a wireless or wired communication interface that realizes communication with other devices via the communication network 5. Examples of the communication device 16 include a NIC (Network Interface Card), a wireless communication module, and a USB (Universal Interface Card). Serial Bus) module, serial communication module, etc.

Returning to FIG. 2, functions of each system and each device will be described. As shown in the figure, the vehicle provider system 100 includes an information management unit 111, a vehicle information management unit 112, a regulation information management unit 113, an information integration unit 114, an authorization management information generation unit 115, an authorization related information management unit 116, A software update management unit 117 , a test-related information management unit 118 , and a defect information management unit 119 are provided. These functions are realized by the processor 11 of the information processing device 10 constituting the vehicle provider system 100 reading and executing a program stored in the main storage device 12, or by the hardware of the information processing device 10 ( FPGA, ASIC, AI chip, etc.).

The information management unit 111 receives traceability information 30 (to be described later) sent from the device supplier system 200 and manages it. The information management unit 111 also manages the vehicle requirement specifications 23 and the equipment requirement specifications 31 shown in FIG. 1 in association with the regulation ID.

The vehicle information management unit 112 stores information (model information, etc., hereinafter referred to as "vehicle configuration information") regarding the configuration of the vehicle, and the export destination of each vehicle type (shipment destination (destination country) of the vehicle). information (hereinafter referred to as "destination country information") and various other information (hereinafter referred to as "vehicle information 1121"). The vehicle information 1121 is managed in association with a model ID, which is information specifying the model of the vehicle. The vehicle information 1121 is referenced, for example, when the vehicle requirement specifications 23 and the device requirement specifications 31 are generated based on the regulation requirement information 22 .

4 and 5 show an example of the vehicle information 1121 (vehicle configuration information). FIG. 4 is a diagram schematically showing vehicle configuration information relating to the "steering ECU", "ADAS ECU", and "meter ECU". As shown in the figure, vehicle information 1121 exemplified includes that the "steering ECU" has a "detection function" and a "notification function", that information is notified from the "detection function" to the "notification function", and that the "notification function" is notified. ” to notify the “ADAS ECU”, the “ADAS ECU” to have the “receiving function”, the “request function”, and the “acoustic function”, and the “receiving function” to receive information from the “steering ECU”. receive and notify the "receiving function" to the "requested function", the "requested function" to the "acoustic function", and the "requested function" to the "meter ECU". "Display function" and "receiving function", "receiving function" receives information from "ADAS ECU", "receiving function"
It contains information indicating that the information is notified from the "display function".

FIG. 5 is another example of the vehicle information 1121 (vehicle configuration information). The exemplified vehicle information 1121 uses a model ID (for example, VIN (Vehicle Identification Number)) as an identifier assigned to each model of a vehicle as a root, a device ID as an identifier of the device mounted on the vehicle, and It has a structure in which processor IDs, which are identifiers of installed processors, and software IDs of software installed in the device are managed hierarchically (tree-like). The model ID, device ID, and software ID can be associated with each other according to the vehicle configuration information illustrated. In addition, since the model ID and the device ID are usually assigned to the information managed by the device suppliers 3A to 3C (the device requirement specification 31, the design document 32, and the program 33), these information and the vehicle information 1121 (vehicle configuration information).

Returning to FIG. 2, the regulatory information management unit 113 stores information (regulatory requirement information 22, templates of documents to be submitted to authorities, etc., hereinafter referred to as "regulatory information 1131") relating to regulations applicable to vehicle type approval. to manage. The regulation information management unit 113 manages regulation information not only for Japan but also for export destinations (destination countries) of vehicles other than Japan. From the legal information of the export destination specified by the destination country information 1122, it is possible to obtain information necessary for obtaining type approval at the export destination.

The test-related information management unit 118 stores information about tests performed in the past, such as during development and during previous maintenance, of devices installed in the vehicle (information about the history of tests performed in the past (hereinafter referred to as "test history information 1181 ) and information about the vehicle used in the test (hereinafter referred to as "test vehicle information 1182").

An example of the test history information 1181 is shown in FIG. The illustrated test history information 1181 has one or more items of test ID 811, test content 812, test vehicle configuration 813, authorization management information 814, jig used 815, tester 816, test result 817, and evidence 818. records.

Among the above items, the test ID 811 is set with a test ID, which is an identifier assigned to each test performed on the vehicle. Information indicating the content of the test is set in the test content 812 . In the test vehicle configuration 813, information indicating the configuration of the test vehicle (the model ID of the test vehicle, the device ID of the device mounted on the test vehicle, the software ID incorporated in the device, etc.) is set. The authorization management information 814 is set with the authorization management information 21 associated with the test. Information indicating the jig used for the test is set in the used jig 815 . The tester 816 is set with the name of the person who performed the test. Information indicating the result of the test is set in the test result 817 . The evidence 818 is set with the location and substance of the evidence acquired when the test was performed.

An example of the test vehicle information 1182 is shown in FIG. The exemplified test vehicle information 1182 is composed of one or more records having each item of model ID 821 , vehicle name 822 , and location 823 . One record of test vehicle information 1182 corresponds to one test vehicle.

Among the above items, the model ID 821 is set with the model ID of the vehicle. The name of the vehicle is set in the vehicle name 822 . Information indicating an arrangement base of the vehicle is set in the arrangement base 823 .

Returning to FIG. 2, the fault information management unit 119 manages information (hereinafter referred to as "failure information 1191") relating to faults that have occurred in equipment mounted on the vehicle. The defect information 1191 is created using, for example, a template of a document to be submitted to the authorities included in the regulation information 1131 . The software installed in the device is updated, for example, for the purpose of coping with the problems registered in the problem information 1191 . The defect information 1191 is used, for example, to present the details of the defect to the user during testing of the vehicle and to create evidence after the test is performed.

An example of the defect information 1191 is shown in FIG. The illustrated defect information 1191 includes defect ID 911, date and time 912, vehicle ID 913, vehicle name 914, model ID 915, motor model 916, content 917, device name 918, device ID 919, software name 921, software ID 922, travel distance 923, travel route. 924 , trouble manifestation point 925 , weather 926 , and supplementary information 927 .

In the defect ID 911 of the above items, a defect ID, which is an identifier assigned to each defect that has occurred in the vehicle, is set. The date and time 912 is set with the date and time when the problem occurred. The vehicle ID 913 is set with a vehicle ID that is an identifier of the vehicle in which the problem has occurred (hereinafter referred to as "the vehicle"). The vehicle name 914 is set with the vehicle name of the vehicle. The model ID 915 is set with the model ID of the vehicle. The prime mover model 916 is set with the model of the prime mover of the vehicle. Information indicating the content of the defect is set in the content 917 . The device name 918 is set with the name of the device in which the problem has occurred (hereinafter referred to as “the device”). The device ID of the device is set in the device ID 919 .

The software name 921 is set with the name of the software installed in the device. The software ID 922 is set with the software ID of the software installed in the device. The traveled distance 923 is set to the total traveled distance of the vehicle. The travel route 924 is set with information indicating the travel route of the vehicle when the problem occurs. Information indicating the point at which the problem has manifested is set in the problem manifestation point 925 . The weather 926 is set with information indicating the weather when the problem occurred. The supplementary information 927 is set with supplementary information regarding the defect.

Returning to FIG. 2, the information integration unit 114 includes information managed in each of the vehicle provider system 100 and the equipment supplier system 200 (the information management unit 111, the vehicle information management unit 112, and the regulation information management unit 111) regarding vehicle authorization. section 113), the regulation ID is associated with the information that associates the regulation requirement information 22, the vehicle requirement specifications 23, the device requirement specifications 31, the design document 32, the program 33, and the regulation requirement information 22. Then, vehicle traceability information 40 is generated.

Authorization management information generation unit 115 generates authorization management information 21 based on information managed by information management unit 111 , vehicle information management unit 112 , and regulation information management unit 113 .

The test information generation unit 120 provides the authorization related information management unit 116 with information managed by the test related information management unit 188 (test history information 1181 and test vehicle information 1182).

The authorization-related information management unit 116 manages the authorization information 6 of the equipment mounted on each vehicle for each vehicle model. The authorization-related information management unit 116 associates and manages the vehicle traceability information 40 generated by the information integration unit 114 and the authorization management information 21 generated by the authorization management information generation unit 115 .

The authorization-related information management unit 116 also generates test information 41 based on the test history information 1181 and the test vehicle information 1182 provided from the test information generation unit 120, and transfers the generated test information 41 to the authorization management information 21. managed in association with The test information 41 includes, for example, information related to laws and regulations related to testing, information related to software used in testing, information related to test results, information related to test vehicles, information related to jigs used to record software in equipment during testing, and the like. including.

The software update management unit 117 performs processing related to updating the authorization management information 21 when software installed in equipment mounted on the vehicle is updated. The software update management unit 117 receives key information for designating software from a user (for example, an identifier of a function or class described in source code (hereinafter referred to as "function ID"), an update when the source code is updated, and so on. difference between the source code before and after the source code, regulation ID, etc.), identifies the authorization information 6 including the source code containing the received key information, and provides information on the identified authorization information 6 to the user.

By referring to the above information, the user can obtain, for example, information on various objects (models, equipment, software incorporated in equipment, laws and regulations, etc.) that need to be tested in order to obtain approval, and preparation for testing. and information on implementation (candidates of test vehicles that can be used for testing, candidates of alternative test vehicles if the optimal test vehicle cannot be used, jigs used for testing, test items performed during new vehicle development, etc.) Obtainable.

The software update management unit 117 updates the user's generate evidence (electronic or printed) for submission to authorities.

Next, functions of the equipment supplier system 200 will be described. As shown in the figure, the device supplier system 200 includes a traceability information management unit 211 and a traceability information conversion transmission unit 212 . These functions are realized by the processor 11 of the information processing device 10 constituting the equipment supplier system 200 reading out and executing a program stored in the main storage device 12, or by the hardware of the information processing device 10 ( FPGA, ASIC, AI chip, etc.).

The traceability information management unit 211 manages the device requirement specifications 31, the design document 32, and the program 33 (hereinafter referred to as "traceability information 30") shown in FIG. As described above, the information management unit 111 stores the device requirement specifications 31 in association with the regulation ID, and compares the stored device requirement specifications 31 with the device requirement specifications 31 included in the tracing information 30. Thus, the regulation ID, the regulation requirement information 22, and the vehicle requirement specification 23 can be associated with the traceability information 30. FIG.

The traceability information conversion transmission unit 212 converts the traceability information 30 managed by the traceability information management unit 211 into a data format (format) that can be accepted by the vehicle provider system 100, and transmits the traceability information 30 after conversion to the vehicle provider system. Send to 100. In this way, the traceability information conversion transmission unit 212 sends the traceability information 30 managed in a data format different from the data format that the vehicle provider system 100 can accept in each equipment supplier system 200 to the vehicle provider system 100 . is automatically converted into an acceptable data format and then transmitted to the vehicle provider system 100, the vehicle provider system 100 does not need to manage the data format of the traceability information 30 in each device supplier system 200. Therefore, the load on the vehicle provider system 100 can be reduced. During the above conversion and transmission, the device suppliers 3A to 3C automatically anonymize information that they want to anonymize (for example, part of the source code that they want to anonymize (function names, etc.)). or another code).

<Description of processing>
Next, processing performed in the authorization-related information management system 1 will be described.

FIG. 9 is a flow chart for explaining the processing performed in vehicle provider system 100 (hereinafter referred to as "authorization related information generation processing S500"). The authorization-related information generation processing S500 will be described below with reference to FIG. At the start of the authorization-related information generation processing S500, the information management unit 111 manages the vehicle requirement specifications 23, the equipment requirement specifications 31, and the traceability information 30 (the traceability information 30 acquired from the equipment supplier system 200). It is assumed that there is It is also assumed that the vehicle information management unit 112 manages the vehicle information 1121 at the time of starting. It is also assumed that the regulation information management unit 113 manages the regulation information 1131 at the time of the above start. It is also assumed that the test related information management unit 118 manages the test history information 1181 and the test vehicle information 1182 at the time of the above start. It is also assumed that the defect information management unit 119 manages the defect information 1191 at the time of the above start.

As shown in the figure, first, the information integration unit 114 reads the information managed by the information management unit 111, the vehicle information management unit 112, and the regulation information management unit 113 (S511), and uses the equipment requirement specification as a key, The vehicle traceability information 40 is generated by associating the regulation ID, the regulation requirement information 22, and the vehicle requirement specification 23 with the traceability information 30 (S512).

In subsequent loop processes S513S to S513E, the authorization management information generating unit 115 generates authorization management information 21. FIG. The authorization management information generation unit 115 sequentially selects regulations (regulation IDs) of regulation information managed by the regulation information management unit 113 in each loop.

In the loop processing S513S to S513E, the authorization management information generation unit 115 first compares the currently selected regulation with the vehicle traceability information 40 managed by the authorization related information management unit 116 (S514). "Vehicle traceability information 40 related to software" is extracted (for example, vehicle traceability information 40 related only to hardware is excluded) (S515).

In loop processing S516S to S516E, the authorization management information generation unit 115 sequentially selects the vehicle traceability information 40 related to the currently selected regulation extracted in S515, and extracts the software ID included in the vehicle traceability information 40 currently selected. (S517).

When the above loop processing S513S to S513E ends, subsequently, the authorization management information generation unit 115 newly issues (issues) an authorization sequence ID for the currently selected regulation, and newly issues the authorization sequence ID for the currently selected regulation. A set with the obtained authorization sequence ID is generated (S518).

Subsequently, the authorization management information generation unit 115 generates authorization management information 21 by associating the set of the regulation ID and the authorization sequence ID generated in S517 with all the software IDs acquired in S517 (S519).

Subsequently, the authorization-related information management unit 116 associates all the vehicle traceability information 40 extracted in S515 with the authorization management information 21 generated in S519 and treats them as management targets. The authorization-related information management unit 116 also generates the test information 41 based on the information (the test history information 1181 and the test vehicle information 1182) provided by the test information generation unit 120, and uses the generated test information 41 as the authorization management information 21. They are associated and managed (S520).

FIG. 10 shows the vehicle provider system 100 when updating the software incorporated in the equipment.
10 is a flowchart for explaining processing (hereinafter referred to as “software update processing S600”) performed by the software update management unit 117 of FIG. The software update processing S600 will be described below with reference to FIG.

First, the software update management unit 117 receives the aforementioned key information from the user (S611).

In the subsequent loop processing S612A to S612E, the software update management unit 117 sequentially selects the vehicle traceability information 40 managed by the authorization related information management unit 116 (selects the vehicle traceability information 40 for each combination of model ID and regulation ID). do.

In the above loop processing, the software update management unit 117 first determines whether or not the selected vehicle traceability information 40 includes the key information received in S611 (S613). If key information is included (S613: YES), the process proceeds to S614. If the key information is not included (S613: NO), the process proceeds to S612E, the next vehicle traceability information 40 is selected, and loop processing is performed (S612S to S612E).

In S<b>614 , the software update management unit 117 acquires the authorization management information 21 associated with the selected vehicle traceability information 40 from the authorization related information management unit 116 .

Subsequently, the software update management unit 117 updates various information (legal regulations, legal requirement information 22, vehicle required specifications 23, equipment required specifications 31, design documents 32, programs 33, etc.) from the selected vehicle traceability information 40. Acquire (S615).

Subsequently, the software update management unit 117 acquires the test information 41 and the defect information 1191 associated with the authorization management information acquired in S614 (S616).

After loop processing S612A to S612E ends, the software update management unit 117 presents the acquired information to the user (outputs to the output device 15) for each model ID (S617).

The user confirms the presented information, and updates and tests the target software. The software update management unit 117 performs interactive processing with the user, performs registration of authorization management information, registration of test results, generation of evidence, and the like (S618).

FIG. 11 is an example of a screen presented (output) to the user by the software update management unit 117 in S617 of FIG. 10 (hereinafter referred to as "authorization-related information management screen 700").

As shown in FIG. 7, the illustrated authorization-related information management screen 700 has a key information input column 711 , a search result display column 712 , a test-related information display column 713 , and various menu display columns 714 .

When the user inputs key information in the key information input field 711 and operates the search button 7111, the software update management unit 117 receives the key information (S611).

The software update management unit 117 displays the model ID corresponding to the selected vehicle traceability information 40, the authorization management information 21 acquired in S614, and the information acquired in S615 in the display column 712 of the search results (the information may be provided as a link).

The user can obtain information related to the updated software (configuration of related software, information related to related regulations, related design documents, etc.) from the information provided via the search result display field 712. In addition, it is possible to check the impact of updating the software. In addition, it is possible to check the influence of updating software across model IDs and regulation IDs.

The software update management unit 117 displays the test information 41 and the defect information 1191 related to the authorization management information 21 acquired in S616 in the test-related information display field 713 . The user can access information provided via the test-related information display field 713 (test content, tester, test vehicle, location of test vehicle, configuration of test vehicle, jigs used in test, defect information, etc.). useful information on preparing and conducting tests on updated software can be obtained, and the tests can be conducted efficiently.

Further, as shown in the figure, a vehicle reservation button 7131, a jig reservation button 7132, and a setup button 7133 are provided in the display field 713 of the test-related information.

For example, by operating the vehicle reservation button 7131, the user can reserve a test vehicle (specify the date and time, specify the place of implementation, specify the vehicle type (model), specify an alternative vehicle in the event that an appropriate test vehicle cannot be secured, etc.). designation, etc.). When the vehicle reservation button 7131 is operated, the software update management unit 117 transmits the test information 41 corresponding to the authorization management information 21 being displayed to the test vehicle management device 300 . Upon receiving the test information 41 , the test vehicle management device 300 performs reservation processing for the test vehicle based on the test information 41 and transmits the result (information on the reservation) to the software update management section 117 . When the software update management unit 117 receives the result, it presents the content (reservation status, etc.) to the user.

In addition, the user can reserve jigs to be used in the test (specify date and time, type and number of jigs, etc.) by operating a jig reservation button 7132, for example. When the jig reservation button 7132 is operated, the software update management unit 117 transmits the test information 41 (information about the jig) corresponding to the authorization management information 21 being displayed on the software distribution device 400 to the software distribution device 400 . . Upon receiving the test information 41 , the software distribution device 400 performs jig reservation processing based on the test information 41 and transmits the result (information on reservation) to the software update management unit 117 . When the software update management unit 117 receives the result, it presents the content (reservation status, etc.) to the user.

Also, when the user operates, for example, the setup button 7133, setup work necessary for testing (eg, transmission of the program to the software distribution device 400, loading of the program to the jig, etc.) is automatically performed. When the setup button 7133 is operated, the software update management unit 117 updates the program corresponding to the software ID of the authorization management information 21 being displayed and the test information 41 associated with the authorization management information 21 being displayed. The program specified from the information about the software that is stored is transmitted to the software distribution device 400 . When the software distribution apparatus 400 receives the program, it writes the received program to each installation destination device.

As shown in the figure, a various information registration button 7141 and an evidence generation button 7142 are provided in the display field 714 of various menus. By operating the various information registration button 7141, the user registers new information (authorization management information 21, vehicle traceability information 40, and test information 41) corresponding to the software to be updated (authorization-related information management unit 116 registration). When the user operates an evidence generation button 7142, for example, the software update management unit 117 automatically generates and outputs evidence (electronic data or printed matter) regarding the updated software.

As described above, the authorization-related information management system 1 of the present embodiment manages the authorization management information 21 and the vehicle traceability information 40 in association with each other, and stores the test information 41, which is information about tests performed on software for authorization. It is managed in association with the authorization management information 21 . By systematically managing the vehicle traceability information 40 and the test information 41 in association with the authorization management information 21 in this way, it becomes possible to search for the information contained therein using appropriately set key information. , the user can easily search for information (regulations related to testing, software used for testing, past test results, test vehicles, information on jigs used for testing, defect information, etc.) can be done. Therefore, the user can efficiently carry out tasks such as identifying software to be tested, preparing a test environment, conducting a test, and obtaining evidence. In addition, by obtaining information in advance on the scope of impact of software updates and necessary testing, users can adjust testing methods to avoid duplicate testing and optimize test schedules. , it is possible to reduce the number of test vehicles used.

Although the embodiments of the present invention have been described in detail above, the present invention is not limited to the embodiments described above, and includes various modifications and equivalent configurations within the scope of the appended claims. be For example, the above-described embodiments have been described in detail for easy understanding of the present invention, and the present invention is not necessarily limited to those having all the described configurations. Also, part of the configuration of one embodiment may be replaced with the configuration of another embodiment. Also, the configuration of another embodiment may be added to the configuration of one embodiment. Moreover, other configurations may be added, deleted, or replaced with respect to a part of the configuration of each embodiment.

In addition, each configuration, function, processing unit, processing means, etc. described above may be realized by hardware, for example, by designing a part or all of them with an integrated circuit, and the processor realizes each function. It may be realized by software by interpreting and executing a program.

Information such as programs, tables, files, etc. that realize each function is recorded on storage devices such as memory, hard disk, SSD (Solid State Drive), or IC (Integrated Circuit) card, SD card, DVD (Digital Versatile Disc) Can be stored on media.

Control lines and information lines indicate those considered necessary for explanation, and do not necessarily indicate all control lines and information lines necessary for implementation. In practice, it can be considered that almost all configurations are interconnected.

1 authorization-related information management system 2 vehicle provider 3A to 3C equipment supplier 6 authorization information 10 information processing device 21 authorization management information 22 legal requirement information 23 vehicle requirement specification 30 tracing information 31 equipment requirement Specification, 32 Design document, 33 Program, 40
vehicle trace information 41 test information 100 vehicle provider system 300 test vehicle management device 400 software delivery device 111 information management unit 112 vehicle information management unit 1121 vehicle information 113 regulation information management unit 1131 regulation information 114 information integration unit 115 authorization management information generation unit 116 authorization related information management unit 118 test related information management unit 1181 test history information 1182 test vehicle information 119 defect information management unit 1191 defect information 120 test information generation Unit, 200 Device supplier system, 211 Traceability information management unit, 212 Traceability information conversion transmission unit, S500
Authorization-related information generation processing, S600 Software update processing

Claims (10)

An information processing system for managing information relating to legal approvals for software embedded in equipment installed in a vehicle,
storing a device requirement specification, which is information related to the specifications required of the device by the law, in association with a law ID, which is information specifying a law that defines the requirements for obtaining legal approval for a vehicle;
Acquiring traceability information that is information about the traceability of the equipment associated with the equipment requirement specifications;
The traceability information includes a software ID that identifies software installed in the device,
generating authorization management information that is information that associates the regulation ID corresponding to the device requirement specifications associated with the acquired traceability information with one or more of the software IDs included in the traceability information; ,
managing authorization information that is information that associates the authorization management information and the traceability information;
managing test information, which is information about a test performed on the software at the time of authorization, in association with the authorization management information;
Authorization-related information management system. The authorization-related information management system according to claim 1,
The test information includes information on regulations, information on the software used in the test, information on the results of the test, information on a test vehicle that is a vehicle used in the test, and information on the software to the equipment during the test. Including at least one of the information about the jig used to record the
Authorization-related information management system. The authorization-related information management system according to claim 1,
The regulation ID includes information identifying the regulation and version information given for each authorization,
the software ID includes information specifying the type of the software and version information;
Authorization-related information management system. The authorization-related information management system according to claim 1,
generating and managing a plurality of said authorization information for each combination of one or more types of vehicles, one or more of said devices, and one or more of said regulations;
Authorization-related information management system. The authorization-related information management system according to claim 4,
the traceability information includes a program of the software;
Receiving key information specifying the program,
identifying one or more of the authorization information containing the accepted key information;
outputting the test information associated with the authorization management information of the identified authorization information;
Authorization-related information management system. The authorization-related information management system according to claim 5,
The test information includes information about a test vehicle that is a vehicle used for the test,
communicably connected to a test vehicle management device, which is an information processing device that manages information relating to provision of the test vehicle;
transmitting information about the test vehicle in the test information associated with the authorization management information of the specified authorization information to the test vehicle management device;
receiving information about the reservation of the test vehicle set based on the test information from the test vehicle management device;
outputting information about the received reservation;
Authorization-related information management system. The authorization-related information management system according to claim 5,
The test information includes information about the software used for the test,
communicatively connected to a software distribution device, which is an information processing device that performs processing related to incorporation of software into the device;
transmitting to the software distribution device a program identified from the information about the software in the test information associated with the authorization management information in the identified authorization information;
Authorization-related information management system. The authorization-related information management system according to claim 5,
The test information includes information on jigs used to record the software on the device during the test,
communicatively connected to a software distribution device, which is an information processing device that performs processing related to incorporation of software into the device;
transmitting information about the jig in the test information associated with the authorization management information in the identified authorization information to the software distribution device;
Authorization-related information management system. The authorization-related information management system according to claim 5,
The key information is the identifier of the function described in the program, or the code of the difference from the program before the update when the program is updated.
Authorization-related information management system. The information processing device
A step of storing device requirement specifications, which are information relating to specifications required by the laws and regulations for devices mounted on the vehicle, in association with a regulation ID, which is information specifying the regulations that define the requirements for obtaining legal approval for the vehicle. ,
Acquiring traceability information, which is information about the traceability of the device associated with the device requirements specification and includes a software ID that identifies software installed in the device;
generating authorization management information that is information that associates the regulation ID corresponding to the device requirement specification associated with the obtained traceability information with one or more of the software IDs included in the traceability information; step,
a step of managing authorization information that is information that associates the authorization management information and the traceability information;
a step of managing test information, which is information about a test performed on the software at the time of authorization, in association with the authorization management information;
authorization related information management method.

Images