WO2014112089A1 - 計算機システム、及びプログラム - Google Patents
計算機システム、及びプログラム Download PDFInfo
- Publication number
- WO2014112089A1 WO2014112089A1 PCT/JP2013/050860 JP2013050860W WO2014112089A1 WO 2014112089 A1 WO2014112089 A1 WO 2014112089A1 JP 2013050860 W JP2013050860 W JP 2013050860W WO 2014112089 A1 WO2014112089 A1 WO 2014112089A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- user
- computer
- computer environment
- simulation
- environment
- Prior art date
Links
- 238000012795 verification Methods 0.000 claims abstract description 7
- 238000004088 simulation Methods 0.000 claims description 203
- 238000004891 communication Methods 0.000 claims description 21
- 230000006378 damage Effects 0.000 claims 4
- 230000010076 replication Effects 0.000 abstract 1
- 230000004044 response Effects 0.000 description 27
- 238000000034 method Methods 0.000 description 23
- 230000005540 biological transmission Effects 0.000 description 21
- 238000011161 development Methods 0.000 description 13
- 230000006870 function Effects 0.000 description 11
- 230000008569 process Effects 0.000 description 9
- 239000011159 matrix material Substances 0.000 description 7
- 230000007246 mechanism Effects 0.000 description 7
- 238000012545 processing Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 230000006399 behavior Effects 0.000 description 3
- 238000004364 calculation method Methods 0.000 description 3
- 238000013461 design Methods 0.000 description 3
- 239000000284 extract Substances 0.000 description 2
- 238000003860 storage Methods 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 230000002776 aggregation Effects 0.000 description 1
- 238000004220 aggregation Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000001934 delay Effects 0.000 description 1
- 230000006866 deterioration Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000007257 malfunction Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 230000007704 transition Effects 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/125—Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5061—Partitioning or combining of resources
- G06F9/5077—Logical partitioning of resources; Management or configuration of virtualized resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1095—Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/34—Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3228—One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2111/00—Details relating to CAD techniques
- G06F2111/02—CAD in a network environment, e.g. collaborative CAD or distributed simulation
Definitions
- the present invention relates to a computer system, and more particularly to a system technology used in a development environment for executing a simulation in which a plurality of simulators cooperate.
- This embedded system is composed of a mechanism that configures the control target, hardware that performs control calculations based on physical quantities received from the mechanism, and outputs control values to the mechanism, and software that operates on the hardware.
- System For example, in an automobile embedded system, it refers to an engine to be controlled, an electronic device such as a microcomputer for controlling the engine, and software operating on the electronic device. Since the behavior of software included in an embedded system strongly depends on the configuration of the mechanism and hardware to be controlled, it is necessary to analyze the behavior that combines the mechanism, hardware, and software.
- Patent Document 1 is a patent application filed earlier by the present inventors as a method for unifying this development environment.
- Patent Document 1 it is possible to provide a co-simulation executed on a centralized computer environment for a single group of users.
- the embedded system industry such as automobiles
- multiple companies are responsible for the components that make up one product, and the company located in the upper level (hereinafter referred to as OEM) that is responsible for system assembly combines these parts. It has a hierarchical structure.
- Hierarchical structures are complex, and there is a case where a single component supplier (hereinafter referred to as a supplier) has a plurality of delivery destinations. Such a hierarchical part structure is also applied to the co-simulation of the product.
- delivering software hereinafter referred to as a model
- a model that simulates the operation of the component to the OEM is necessary to protect technical confidentiality, improve the operating environment, and cost. Realization is difficult.
- the object of the present invention is to solve the above-mentioned problems, and to make it possible to solve both the problem of concealing the internal structure and execution environment of software that simulates the operation of product components from the user, and the solution of network delay. And providing a program.
- a computer system comprising: User A and user B computer environments each having a software asset connected via a communication path, the user B computer environment being a copy of the software asset owned by the user B computer environment, and the user A
- a computer system configured to realize cooperative simulation by transmitting a virtual computer environment including a requested simulation model to the computer environment of user A.
- a network and a computer environment of a user A having software assets connected to the network A computer environment of a user B having software assets connected to a network, the computer environment of the user B being a copy of software assets owned by the computer environment of the user B and a simulation requested by the user A to the user B
- a virtual computer generation unit that generates a virtual computer environment including a model, and the computer environment of user A performs a co-simulation using the virtual computer environment received from user B's computer environment and user A's software assets
- a computer system Provide a computer system.
- the program is executed in a computer environment.
- the copy of the software asset of the user B and the user A A virtual computer environment including a simulation model requested by the user B is received, a co-simulation is executed using the virtual computer environment and the software assets of the user A, and the co-simulation executed on the computer environment of the user A is executed.
- a program is provided that generates an authentication key using the execution state and the usage status of the copy of the software asset of user B.
- FIG. 2A showing an example of a model configuration of a co-simulation environment is shown in FIG. FIG. 2B showing an example of elements necessary for execution of the environment simulation
- FIG. 3 schematically showing an example of the configuration of the cooperative simulation across companies, and the simulator internal time at the time of cooperative simulation.
- FIG. 2A is a diagram illustrating a configuration example including a plurality of models such as ECU (Engine Control Unit) models 0203 and 0205, an engine model 0204, and a brake model 0206 in a cooperative simulation environment.
- the model means software that simulates the operation of a component of a product such as an automobile.
- the simulators that can be used differ depending on the mechanical and hardware configurations of the engine and brakes to be simulated, and the simulation models already created for a specific simulator are stored. Therefore, a cooperative simulation at the entire product level by interconnection of different types of simulators is performed with the configuration shown in FIG. 2A.
- FIG. 2B shows an example of elements necessary for executing the simulation.
- a collaborative simulation in which models A, B, and C supplied by suppliers a, b, and c move together, when models A and C are executed on simulator X0207 and model B is executed on simulator Y0208, suppliers a and c
- the supplier b needs to have a license for the simulator X and the license for the simulator Y.
- the license server 0209 needs to have both licenses of the simulators X and Y. This means that for OEMs that need to combine various models, the environment construction cost for collaborative simulation increases.
- FIG. 3 shows an example of the configuration of the simulator, the computer to be executed, and the network when this structure is constructed.
- the data exchange between the simulators X, Y, W, Z, P, and Q in the computer environments 0100, 0101, and 0102 of each of the company A, the company B, and the company C is through a communication path 0107 that is a network such as the Internet. Done. This causes a problem that the simulation throughput is limited by the communication delay of the communication path 0107 such as the Internet.
- the data exchange period 0401 by the inter-simulator synchronous communication corresponds to the interval of the synchronization period t0 in FIG. 4, but its length is proportional to the network delay between the simulators.
- Network delay is roughly proportional to the geographical distance between two connected points. In the case of geographically distant locations, unless the network uses a dedicated line, the delay is in the hundreds of milliseconds through the Internet. If this happens, the simulation execution time of several milliseconds will add a communication delay of several hundred milliseconds in addition to the execution time of the simulator, so the simulation speed will decrease, and no matter how fast the simulator environment is used, it will be limited. Only test cases can be executed.
- the computer environment necessary for the co-simulation requested by the supplier side computer environment is constructed on the virtual computer as Company B and Company C virtual computer environments 0110 and 0109, and the OEM side
- the unified computer environment on the supplier side is brought to the OEM side. While sending, a method of virtually maintaining the logical division of the computer environment between the supplier and the OEM can be considered.
- the synchronous communication between simulators which has been performed via the Internet with a large communication delay, can be limited to the internal network 0115 on the OEM side with a short physical distance and a small communication delay. It will be possible to perform a very fast simulation.
- a virtual machine exchanged between a supplier and an OEM includes a requested model, a software group necessary for executing the model, and a company B license server 0117, C required for executing the software.
- Software assets such as license providing software such as the company license server 0116 are included. Since these may be illegally used in the OEM computer environment, the virtual computer needs to be set so that these software assets operate only while the supplier permits it.
- FIG. 9 is a diagram showing the classification of software assets managed by the computer system studied above.
- a computer system includes one or more software assets 900.
- the computer system performs calculation by temporarily occupying one or more of the software assets.
- the software asset 900 is divided into a software asset 902 used by the user for the collaborative simulation and a software asset 901 not used.
- the software asset 902 used for the cooperative simulation is the supplier.
- the software asset 904 that should not be used simultaneously with the collaborative simulation on the side, and the software asset 901 that is not used for the collaborative simulation becomes the software asset 903 that should not be used simultaneously with the collaborative simulation on the OEM side.
- the software asset 904 has the same meaning as the software asset 906 to be consumed by the authentication query matching unit on the supplier side, which is executed on the supplier side and described in detail in the following embodiment. This has the same meaning as the software asset 905 to be consumed by the authentication query generation unit executed on the OEM side, which will be described in detail later.
- the above is a computer system that realizes a collaborative simulation environment as a computer system according to an embodiment of the present invention described below.
- the computer environment of the user B who is the supplier side collects and constructs software assets required for the collaborative simulation requested from the OEM side which is the user A in the virtual computer environment,
- the virtual computer environment file is sent to the computer environment of user A, and the computer environment of user A receives and executes the virtual computer environment.
- the authentication key is generated based on the combination information of the software assets that cannot be used simultaneously in the computer environment of the user B and the user A, and the operation information of the software executed in the computer environment of the user A. Generated and exchanged the generated authentication key in the computer environment between user B and user A to authenticate the validity of the use of software assets. Only when authentication was successful, the virtual computer continued to run and failed. At this time, the configuration file of the virtual computer is deleted from the computer environment of the user A.
- key authentication is performed using a software asset that should be prohibited from use simultaneously with collaborative simulation in the computer environment of user B and a software asset that should be prohibited from use simultaneously with collaborative simulation in the computer environment of user A.
- key authentication is performed using a software asset that should be prohibited from use simultaneously with collaborative simulation in the computer environment of user B and a software asset that should be prohibited from use simultaneously with collaborative simulation in the computer environment of user A.
- a program, unit, or function software executed by a processing unit in each computer environment is referred to as a program, unit, or function.
- a computer system that realizes cooperative simulation is realized by connecting computer environments of a plurality of operators, for example, Company A, Company B, Company C, etc. via a network such as the Internet.
- the computer environment of company A may be referred to as the computer environment of user A
- the other computer environments of company B, company C, etc. may be referred to as the computer environment of user B.
- FIG. 1 shows an example of the overall configuration of the computer system of the first embodiment.
- the computer system according to the first embodiment realizes a collaborative simulation using software assets owned by a plurality of business companies or a plurality of remote bases connected by a communication path such as the Internet or a dedicated line. It is a computer system for.
- the present embodiment is a computer system, which includes user A and user B computer environments each having software assets connected via a communication path, and the user B computer environment is the user B computer environment.
- 1 is an embodiment of a computer system configured to realize a collaborative simulation by transmitting a virtual computer environment including a copy of software assets owned by the user A and a simulation model requested by the user A to the computer environment of the user A.
- a configuration example is shown in which A company performs cooperative simulation among three companies using software assets of B company and C company.
- 0100, 0101, and 0102 indicate the computer environments of Company A, Company B, and Company C
- 0107 indicates the communication path.
- Company B and Company C are the suppliers who provide software assets to Company A, so they are called suppliers.
- Company A combines the software assets of Company B, Company C, and Company C, and executes collaborative simulation. Therefore, it is called OEM.
- OEM the types of software assets provided to Company A are different between Company B and Company C, the same system components are used.
- a company is positioned as a master user who is the execution subject of the cooperative simulation, and B company and C company are positioned as slave users who are subordinate positions in the cooperative simulation.
- the computer environments of Company A, Company B, and Company C constituting such a computer system can be realized by ordinary computers.
- the computer environment of company A is the computer environment of user A
- the computer environment of company B or C is the computer environment of user B.
- FIG. 12 shows an example of a computer configuration that realizes such a computer environment.
- a processor 1201 as a processing unit in a computer 1200
- a controller 1202 a memory 1203 as a storage unit for storing data and programs
- an accelerator 1204 and the like are connected to a network interface 1205 by an internal bus, and the network interface From 1205, it is connected to a communication path 0107 such as the Internet.
- DB databases
- an input / output unit such as a display and a keyboard can be added as necessary. is there.
- the processor 1201 of the computer 1200 realizes a computer environment, a virtual computer environment, and the like as described below by processing various programs.
- the supplier side collects software assets necessary for the collaborative simulation in the virtual computer environment, sends it to the OEM side, and performs the collaborative simulation inside the OEM side computer environments 0101 and 0102. Do. For this reason, in the computer environment 0100 on the OEM side, its own software assets and the supplier's virtual computer environments 0109 and 0110 are connected through the internal network 0115.
- the virtual computer environments 0109 and 0110 of each supplier are connected to the computer environments 0101 and 0102 on the supplier side using the communication line 0107 by the virtual environment operation agent 0108 in the computer environment 0100 on the OEM side.
- the virtual machine environments 0109 and 0110 of the supplier use software asset copies 0111 and 0112 connected to the OEM software asset 0103 and the internal network 0115, and the supplier software asset. It is configured by a simulation execution agent 0114 that controls the cooperative simulation, in other words, activates a part of the cooperative simulation, and an authentication query generation unit 0113 that authenticates the software asset usage authority with the supplier side.
- the supplier-side computer environments 0101 and 0102 include a virtual computer generation unit 0104 that generates a virtual computer environment to be sent to the OEM-side computer environment 0100, and an authentication query matching unit 0105 that performs authentication of software asset use authority from the OEM side.
- Software resources 0103b and 0103c which are the original software assets copied to the virtual machine environments 0110 and 0109 sent to the OEM side.
- 6A and 6B are used to explain the flow of cooperative simulation and key authentication managed by the computer system of this embodiment.
- the steps from 0600 to 0608, 0612 to 0613, 0615 to 0616, 0619 to 0620 are the supplier-side computer environment 0101, 0102, and the other steps 0601, 0609 to 0611, 0614, 0617 to 0618 are OEM. It is executed in the side computer environment 0100.
- 6A and 6B are illustrated separately in the former stage and the latter stage for the convenience of illustration, and are connected at the circles A, B, and C, respectively.
- the supplier computer environment 0101, 0102 waits for a cooperative simulation execution request from the OEM computer environment 0100.
- a combination of models for which the cooperative simulation is performed in advance between the OEM and the supplier, and an identifier uniquely determined for a combination of models used in a certain cooperative simulation is given in advance. It shall be.
- step 0610 when a co-simulation execution request is issued from the OEM side to one or a plurality of suppliers and received in each supplier-side computer environment 0101, 0102, the supplier-side computer environment 0101, 0102 is Proceed to step 0602.
- the supplier-side computer environment analyzes the contents of the received cooperative simulation execution request, and acquires an identifier corresponding to the combination of models used in the above-described cooperative simulation. Then, a combination of models used in the cooperative simulation is acquired based on the identifier.
- the following steps 603, 604, and 605 are processed based on the information.
- an authentication query matching unit 0105 that operates in the supplier-side computer environments 0101 and 0102 is generated as a simulation model that uses all software assets used in the cooperative simulation.
- step 604 as the simulation model required by the OEM side, all the differences between the software assets not used in the collaborative simulation, that is, the software assets introduced into the OEM computer environment 0100 and the set of software assets used in the collaborative simulation are used.
- An authentication query generation unit 0113 that operates on the OEM side is generated as a simulation model.
- the authentication query generation unit operating in the OEM-side computer environment generates an authentication key by using a copy of the user B software asset that is not used in the collaborative simulation executed in the user A computer environment.
- the authentication query collation unit operating in the supplier computer environment collates using part or all of the supplier software assets used in the cooperative simulation executed in the OEM computer environment.
- Step 0605 a virtual machine environment in which all the software assets are introduced that can operate all models used in the co-simulation is generated. Alternatively, if an already created one is cached, the virtual machine environment is used.
- the virtual computer environment in which the authentication query generation unit 0113 generated in step 604 is introduced to the virtual computer environment generated in the previous step 0605 is changed to a virtual computer environment operation agent 0108 in the OEM computer environment 0100. Send to.
- a specific implementation example of the above five steps will be described later in detail with reference to FIG.
- step 0607 the supplier-side computer environment 0101, 0102 starts a simulation using the authentication query matching unit 0105 generated in step 0603. Then, it waits for reception of an inquiry query from the OEM computer environment 0100 (step 0608).
- the virtual environment operation agent 0108 receives the received virtual computer environment 0109, 0110 starts executing.
- the simulation execution agent 0114 is started and the model for the supplier side of the co-simulation is started.
- the model on the OEM side of the co-simulation is already started at the step 0601, and the supplier side Since waiting for the response of the model, the co-simulation is automatically started and data recording starts (step 0609).
- the virtual environment operation agent 0108 activates the authentication query generation unit 0113.
- the authentication query generation unit 0113 generates a bit string of a certain length based on the simulation execution time, the virtual machine environment identifier, etc. at a certain simulation time determined at the time of generation, and uses this as an inquiry query for the supplier side It transmits to the authentication query collation unit 0105 of the computer environments 0101 and 0102 (step 0610).
- the authentication query generation unit 0105 waits for an authentication query to be transmitted from the OEM computer environment 0100, and during that time, the cooperative simulation in the OEM computer environment 0100 is continued (step 0611).
- the authentication query matching unit 0105 on the supplier side that has been in the standby state of the inquiry query from step 0608 Upon receiving the inquiry query, the authentication query matching unit 0105 on the supplier side that has been in the standby state of the inquiry query from step 0608 generates a bit string having a length based on the simulation execution time and the like included therein. It transmits to the authentication query production
- the authentication query generation unit 0113 of the OEM-side computer environment 0100 Upon receipt of the authentication query, the authentication query generation unit 0113 of the OEM-side computer environment 0100 extracts the internal state from the simulation model constituting the authentication query generation unit 0113 based on the information included in the authentication query, and supplies the response as a response query to the supplier. It transmits to the authentication query collation part 0105 of the side computer environment (step 0614).
- the authentication query matching unit 0105 When the authentication query matching unit 0105 receives the response query in the supplier-side computer environment 0101, 0102, the authentication query matching unit 0105 detects the internal state of the simulation model included in the query and the simulation model included in the authentication query matching unit 0105. Compare the states and determine if it is the expected value. The determination result is transmitted to the virtual environment operation agent 0108 of the OEM-side computing environment 0100 (Step 0615 and Step 0616).
- the determination result received by the virtual environment operation agent 0108 of the OEM-side computing environment 0100 is acceptable, the co-simulation is continued, the process returns to step 0610, and the authentication flow is repeated from the generation of the inquiry query again. If not, it is determined that the license has been illegally used, and the virtual environment operation agent 0108 discards the virtual machine environments 0109 and 0110 that are performing the cooperative simulation, and forcibly stops the cooperative simulation.
- the inquiry query generated in step 0610 becomes an invariant value, so the authentication flow is determined to be unacceptable and the virtual machine environment is discarded, so the first co-simulation
- the virtual machine environments 0109 and 0110 transmitted from the supplier side are deleted from the OEM side computer environment 0100 regardless of the result.
- a method for destroying a virtual machine environment a method of destroying a file system inside the virtual machine environment can be considered in addition to a method of using a function of a virtual OS (Operating System) manager used for constructing a virtual machine environment.
- the system can use either method.
- step 616 On the other hand, if the result of the authentication flow is determined to be acceptable after step 616 on the supplier side, it is necessary to continue the collaborative simulation and the key authentication flow. Therefore, the process returns to step 0608 and waits for an inquiry query again. do. If the result is unsuccessful, the simulation included in the authentication query matching unit 0105 being executed in the supplier computer environment is stopped (step 0619). Thereafter, the authentication query matching unit 0105 generated for the co-simulation is discarded, and the process returns to step 600 to return to the OEM-side co-simulation request waiting state.
- FIG. 7 is a diagram showing details of an example of the internal structure of the virtual machine environments 0109 and 0110 sent to the OEM computer environment 0100 in the computer system of this embodiment shown in FIG. .
- virtual environment operation agents 0108 are introduced into the OEM computer environment 0100 by the number of suppliers or the number of suppliers that execute cooperative simulation with the OEM.
- the virtual environment operation agent 0108 is constructed by the following four components.
- a virtual computer receiving unit 0712 that receives a virtual computer environment transmitted from the supplier side, a virtual computer start command 0713 for starting the virtual computer environment after reception of the virtual computer receiving unit, and a supplier-side computer environment
- a virtual machine that receives a request from the key transmission / reception unit 0715 and the key transmission / reception unit 0715 that exchanges the key when performing key authentication, stops the simulation executed inside the virtual machine environment, and discards the virtual machine environment.
- the virtual machine start command 0713 and the virtual machine discard command 0714 are connected to the virtual machine controller 0706 that manages the operation in this virtual machine environment in order to start and stop the virtual machine and destroy the files constituting the virtual machine. Yes.
- the virtual machine controller 706 can use the functions of existing virtual machine software as they are.
- a simulation execution agent 0114 Inside the virtual machine environment 0110, there are a simulation execution agent 0114, an authentication query generation unit 0113, a replica 0111 of the whole or a subset of software assets on the supplier side, and a co-simulation 0700 on the supplier side.
- This co-simulation 0700 is connected to a co-simulation 0701 on an OEM or other supplier virtual machine using an inter-simulator interface 0704.
- the authentication query generation unit 0113 includes an inquiry query generation program 0702 and a query matching program 0703.
- the inquiry query generation program 0702 receives the output of the simulation execution time acquisition command 0710 of the simulation execution agent 0114, generates an inquiry query, and sends it to the key transmission / reception unit 0711 of the simulation execution agent 0114.
- the query verification program 0703 receives the authentication query sent from the key transmission / reception unit 0711, generates a response query using the internal state of the query verification program 0703, and transmits it to the key transmission / reception unit 0711.
- both the supplier-side cooperative simulation 0700 and the query query generation program 0702 and the query matching program 0703 that constitute the authentication query generation unit 0113 are simulators that operate using a copy of the whole or a subset of the supplier-side software assets. It is a program.
- a user on the OEM side illegally uses the supplier side software asset by using a copy of the supplier side software asset that is not used in the cooperative simulation executed in the computer environment 0100 on the OEM side. Can be prohibited.
- the simulation execution agent 0114 is a component that controls the operations of the supplier side co-simulation 0700 and the authentication query generation unit 0113, and includes the following three components.
- the simulation start command 0708 is linked with the virtual machine start command 0713 of the virtual environment operation agent 0108, and the execution is started with the start of the virtual machine environment as a trigger. That is, when the virtual machine environment is executed, the cooperative simulation is automatically started.
- the simulation stop command 0709 is linked with the virtual machine discard command 0714 of the virtual environment operation agent 0108, and is implemented to safely stop the co-simulation 0700 before the virtual machine environment 0110 is destroyed.
- the simulation execution time acquisition command 0710 is a program that outputs the simulation execution time used in the inquiry query generation program 0702, and manages any, all, or all of the simulators executing the supplier side co-simulation 0700. It is possible to acquire the execution time of the co-simulation managed by the inter-simulator interface.
- the above is the function of the components that make up the simulation execution agent 0114.
- FIG. 8 shows an example of detailed configurations of the authentication query matching unit 0105 and the virtual computer generation unit 0104 of the supplier-side computer environments 0101 and 0102 and the connection between the OEM-side computer environments 0100.
- these are the cooperative simulation request receiving unit 0802, the virtual computer generating unit 0104, the authentication query matching unit 0105, the supplier-side software asset 0805, the virtual computer template database (DB) 0804, The virtual machine template introduction software DB0803 is configured.
- the supplier-side software asset 0805 corresponds to the previous software assets 103b and 103c.
- the co-simulation request receiving unit 0802 receives the co-simulation execution request transmitted from the co-simulation execution instruction transmission unit 0800 of the OEM virtual environment operation agent 0108, and extracts the co-simulation identifier to be executed described in the query. To the virtual machine generation unit 0104.
- the virtual computer generation unit 0104 has a function of generating a virtual computer environment capable of realizing the desired co-simulation desired by the OEM-side computer environment 0100, and further generating a program for authenticating the right to use the software. 10 components including two DBs Consists of.
- the software asset utilization hash generation unit 0816 receives the identifier of the cooperative simulation configuration desired by the OEM output from the cooperative simulation request reception unit 0802, and generates a bit string of a certain length called a software asset utilization hash value.
- the virtual machine selection unit 0817 generates a set of software necessary for executing the cooperative simulation based on the identifier of the cooperative simulation configuration desired by the OEM. Based on the set value, the virtual machine template introduction software DB0803 is searched. Then, the installed software group held by the virtual machine template introduction software DB 0803 is searched for data that completely includes the collective intelligence, and the corresponding virtual machine template name is acquired.
- the virtual machine selection unit 0817 searches the virtual machine template DB 0804 with the virtual machine template name acquired above, and acquires the corresponding virtual machine template. If the corresponding virtual machine template is not found, the virtual machine selection unit 0817 generates a virtual machine environment including all software necessary for executing the co-simulation, and the data is stored in the virtual machine template DB and the virtual machine template introduction software DB 0803. And use the new virtual machine environment.
- the obtained virtual machine templates are copied into two, one output to the transmission virtual machine generator 0811 and the other to the local virtual machine generator 0810.
- the virtual machine template DB 0804 is a database that stores files constituting a virtual machine that is a template of a virtual machine used for collaborative simulation and key authentication. Each virtual machine template is given a unique identifier, and is set in the database with the virtual machine configuration file entity or its file path. Each virtual machine template has one or more software assets and one simulation execution agent installed.
- the inquiry query generation program generation unit 0812 generates an inquiry query generation program using the cooperation simulation request and the software asset use hash value, and transmits the inquiry query generation program to the transmission virtual computer generation unit 0811.
- the query matching program generation unit 0813 generates a query matching program using the software asset utilization hash value, and transmits it to the transmission virtual computer generation unit 0811.
- the key authentication program generation unit 0814 generates a key authentication program using the software asset utilization hash value, and transmits the generated key authentication program to the local virtual machine generation unit 0810.
- the query response program generation unit 0815 generates an inquiry query response program using the software asset utilization hash value, and transmits it to the local virtual computer generation unit 0810.
- the transmission virtual computer generation unit 0811 inserts an inquiry query generation program and a query matching program into the virtual computer template generated by the virtual computer generation unit 0104 to create an authentication query generation unit, and creates an OEM-side computer environment 0100. This is transmitted to the virtual machine receiving unit 0800 in the virtual environment operation agent 0108.
- the local virtual machine generation unit 0810 inserts the key authentication program 0819 and the query response program 0820 into the virtual machine template generated by the virtual machine generation unit 0104, and sends them to the authentication query matching unit 0105 as the local virtual machine 0818. Start running.
- the key authentication program 0819 and the query response program 0820 operate as a simulation program using software assets, and exchange authentication keys with the OEM computer environment 0100 via the key transmission unit 0821.
- FIG. 10 is a diagram showing a specific example of a process for generating four programs for generating / collating authentication keys that can be used in the authentication flow described in FIG. This process is divided into five components. Steps 1000 to 1008 which are key generation common parts for generating parts common to the four programs, and steps 1010 and 1011 corresponding to the query query generation program generation unit 0812. , Step 1020 to step 1023 corresponding to the key authentication program generation unit 0814, step 1030 to step 1033 corresponding to the query response program generation unit 0815, and step 1040 to step 1042 corresponding to the query matching program generation unit 0813. .
- Step 1000 A list of software assets installed in the virtual machine used for the cooperative simulation on the OEM side is acquired from the virtual machine template introduction software DB0803. This list is defined as L.
- Step 1001 Based on the acquired list L and the current time, a plurality of random number seeds that are commonly used in subsequent steps are generated.
- Step 1002 A natural number N (128 ⁇ N ⁇ 1024) is generated using one random number seed value.
- a matrix of size N ⁇ N is defined, and the matrix elements are randomly selected from 0, 1, and 2 to be initialized.
- Step 1003 A unit matrix of size N ⁇ N is defined.
- Step 1004 The logical sum of each element of the matrix generated in step 1002 and step 1003 is taken to obtain one matrix R.
- a directed graph G having N vertices with the matrix R as an adjacent matrix is defined.
- the number of elements in the list L is defined as K.
- Step 1006 Divide G into K subgraphs.
- Step 1007) A list of subgraphs and a vertex set included in each subgraph are acquired and defined as SL and VSL, respectively.
- Step 1008 A set of branches connecting two vertices included in a different subgraph is defined as a cut, and a list of cuts between the subgraphs is defined as KL.
- Step 1010 In the inquiry query generation program generation unit 0812, a counter circuit that overflows with the time of the random number seed value and a program that outputs a simulation time at the time of overflow are generated.
- Step 1011 A program in which the program generated in step 1010 is mounted on an appropriate software asset included in L is stored as an inquiry query generation program.
- Step 1020 In the key authentication program generation unit 0814, first, a list of software assets to be consumed on the supplier side in the list is acquired and defined as L1. (Step 1021) An associative list in which one software asset included in L1 is associated with one or a plurality of SL elements is generated as AL0.
- Step 1022 A simulation model that constructs a binary counter that regards a set of vertices included in each element of VSL as a bit, regards a directional branch between vertices included in the same VSL as a wiring, and operates on a corresponding software asset on AL0 Generate as A cut portion in the graph G, that is, a directional branch straddling each element of the VSL is connected as if it is an interface connection between simulations.
- Step 1023 A program constructed in step 1022 in which a plurality of simulation models are connected by inter-simulator connection is stored as a key authentication program.
- Step 1030 In the query response program generation unit 0813, a list of software assets to be consumed on the OEM side in the list is acquired and defined as L2, and the number of elements is defined as M.
- Step 1031 A program for generating positive numbers from 1 to M (M ⁇ 1) / 2 at random is generated with the simulation time as an input.
- Step 1032 A program in which the program generated in the previous step is mounted on an appropriate software asset included in L2 is stored as an inquiry query response program.
- Step 1040 In the query collation program generation unit 0815, M that is randomly extracted from SL elements is defined as SSL. An association list AL1 in which one software asset included in L2 is associated with each SSL element is generated. (Step 1041) Construct a binary counter that regards a set of vertices included in each element of SSL as a bit, and regards a directional branch between vertices included in the same SSL element as a wiring, It is generated as a simulation model that operates on the corresponding software asset on AL1. A cut portion in the graph G, that is, a directional branch straddling each element of the SSL is connected as an interface connection between simulations. (Step 1042) A program constructed in step 1041 in which a plurality of simulation models are connected by inter-simulator connection is stored as a query matching program.
- FIG. 11 shows an example of a transaction between the OEM side and the supplier side using the authentication key generated in FIG. (Step 1100)
- the execution time is acquired and sent to the key transmission / reception unit as an inquiry query.
- the overflowed counter continues to increment as long as the co-simulation continues.
- the processes after step 1100 are executed at regular intervals during the execution of the cooperative simulation.
- Step 1101 When the query response program receives the query, an authentication query generation function of the query response program is triggered.
- a constant M is defined when the function is generated.
- the value of the constant M corresponds to the number of software assets to be consumed on the OEM side described above.
- the authentication query generation function randomly selects one positive number in the range between 1 and m (m ⁇ 1) / 2 using the received query execution time as a seed, and defines it as a cut selection value.
- the result of adding this random number value to the received simulation execution time is defined as the target simulation time.
- the cut selection value and the target simulation time are paired and sent as an authentication query.
- Step 1102 The key authentication program shares the authentication query with the query response program.
- the key authentication program uses this to calculate the expected value of the response query that the OEM side is expected to return.
- a binary counter that is built into the key authentication program and runs across the simulator is operated until the target simulation time and stopped. Then, the value exchanged at that time of the inter-simulator interface corresponding to the cut selection value is acquired. This is temporarily stored as the expected value of the response query.
- Step 1103 When the query matching program receives the authentication query, the query matching program calculates a response query.
- the binary counter that is built into the query verification program and runs across the simulator is operated until the target simulation time and stopped. Then, the value exchanged at that time of the inter-simulator interface corresponding to the cut selection value is acquired. This is sent as a response query.
- Step 1104 When the key authentication program receives the response query transmitted from the query verification program, the key authentication program compares the response query expected value calculated in advance in step 1102 with the received response query, and transmits the result to the key transmission / reception unit on the OEM side.
- Step 1105 The key transmission / reception unit receives the comparison result of the response query, and if it matches, the simulation is continued, that is, the process returns to (Step 1100). If the results do not match or do not return for a certain period of time, the virtual machine discard command implemented in the virtual environment operation agent is executed to forcibly stop the simulation.
- the present invention can be applied to a computer system or a development system program in which a plurality of softwares operate at high speed.
- the virtual machine sent to the OEM side operates only under the usage conditions set in advance by the supplier, and the software is illegally used / replicated when the virtual machine that is running is erased and the virtual machine being executed is deleted. Can be prevented.
- this invention is not limited to the above-mentioned Example, Various modifications are included.
- the above-described embodiments have been described in detail for better understanding of the present invention, and are not necessarily limited to those having all the configurations described.
- the above-described configuration, function, processing unit, and the like have been described as an example of creating a program that realizes part or all of them. Needless to say, it can be realized with this.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Technology Law (AREA)
- Multimedia (AREA)
- Power Engineering (AREA)
- Debugging And Monitoring (AREA)
- Stored Programmes (AREA)
Abstract
Description
通信経路を介して接続される、それぞれソフトウェア資産を有するユーザA、及びユーザBの計算機環境を含み、ユーザBの計算機環境が、ユーザBの計算機環境が所有するソフトウェア資産の複製と、ユーザAが要求するシミュレーションモデルとを含む仮想計算機環境を、ユーザAの計算機環境に送信することにより、協調シミュレーションを実現する構成の計算機システムを提供する。
ネットワークに接続される、ソフトウェア資産を有するユーザBの計算機環境とを備え、ユーザBの計算機環境は、当該ユーザBの計算機環境が所有するソフトウェア資産の複製と、ユーザAがユーザBに要求するシミュレーションモデルとを含む仮想計算機環境を生成する仮想計算機生成部を備え、ユーザAの計算機環境は、ユーザBの計算機環境から受信した仮想計算機環境と、ユーザAのソフトウェア資産を用いて協調シミュレーションを行う構成の計算機システムを提供する。
図3に、この構造を構築した際のシミュレータと、実行する計算機と、そのネットワークの構成の一例を示す。この構造では、A社、B社、C社それぞれの計算機環境0100、0101、0102中のシミュレータX、Y、W、Z、P、Q間のデータ交換がインターネット等のネットワークである通信経路0107を通じて行われる。これによってシミュレーションのスループットがインターネット等の通信経路0107の通信遅延によって律速されてしまうという問題が発生する。
まず、ある計算機システムには1つ以上のソフトウェア資産900が含まれている。ユーザが協調シミュレーションを実行しようとした時、計算機システムはそのソフトウェア資産を一つ以上一時的に専有して計算を行う。この時、ユーザが協調シミュレーションに使用するソフトウェア資産902と、使用されないソフトウェア資産901にソフトウェア資産900は分割される。
第1の実施例に係る計算機システムは、インターネットまたは専用線等の通信経路によって接続されている、複数の事業社または、複数の遠隔拠点間で各自の持つソフトウェア資産を利用した協調シミュレーションを実現するための計算機システムである。本実施例は、計算機システムであって、通信経路を介して接続される、それぞれソフトウェア資産を有するユーザA、及びユーザBの計算機環境を含み、ユーザBの計算機環境が、当該ユーザBの計算機環境が所有するソフトウェア資産の複製と、ユーザAが要求するシミュレーションモデルとを含む仮想計算機環境を、ユーザAの計算機環境に送信することにより協調シミュレーションを実現する構成の計算機システムの実施例である。
図6A、6Bにおいて、0600から0608、0612から0613、0615から0616、0619から0620にステップはサプライヤ側計算機環境0101、0102で、その他の0601、0609から0611、0614、0617から0618のステップはOEM側計算機環境0100で実行される。なお、図6A、6Bは、図示の都合上、前段と後段に分離して図示したものであり、丸A、B、Cそれぞれにおいて連結する。
OEM側計算機環境0100にはまず、仮想環境操作エージェント0108が1またはこのOEMと協調シミュレーションを実行するサプライヤの数だけ導入されている。仮想環境操作エージェント0108は以下の4コンポーネントによって構築されている。
この協調シミュレーション0700はシミュレータ間インターフェイス0704を用いてOEMや他サプライヤ仮想計算機上の協調シミュレーション0701と接続されている。
以上がシミュレーション実行エージェント0114を構成するコンポーネントの機能である。
図8はサプライヤ側計算機環境0101、0102の認証クエリ照合部0105と仮想計算機生成部0104の詳細な構成の一例と、それらのOEM側計算機環境0100との接続を示す。
まず、ソフトウェア資産利用ハッシュ生成部0816は、協調シミュレーション要求受信部0802が出力する、OEMが望む協調シミュレーション構成の識別子を受取り、ソフトウェア資産利用ハッシュ値と呼ばれる、ある長さのビット列を生成する。
得られた仮想計算機テンプレートは2つにコピーされ、一つは送信用仮想計算機生成部0811に、もうひとつはローカル用仮想計算機生成部0810に出力される。
クエリ照合プログラム生成部0813はソフトウェア資産利用ハッシュ値を用いてクエリ照合プログラムを生成し、送信用仮想計算機生成部0811に送信する。
キー認証プログラム生成部0814はソフトウェア資産利用ハッシュ値を用いてキー認証プログラムを生成し、ローカル用仮想計算機生成部0810に送信する。
クエリ応答プログラム生成部0815はソフトウェア資産利用ハッシュ値を用いて問い合わせクエリ応答プログラムを生成し、ローカル用仮想計算機生成部0810に送信する。
上記の4コンポーネントの動作フローは後で図10を用いて詳説する。
これらのキー認証プログラム0819及びクエリ応答プログラム0820はソフトウェア資産を用いるシミュレーションプログラムとして動作し、キー送信部0821を仲介して、OEM側計算機環境0100との間との認証キーの交換を行う。
本プロセスは5つのコンポーネントに分かれており、4つのプログラムに対し共通な部品を生成するキー生成共通部分であるステップ1000からステップ1008と、問い合わせクエリ生成プログラム生成部0812に対応するステップ1010、ステップ1011、キー認証プログラム生成部0814に対応するステップ1020からステップ1023、クエリ応答プログラム生成部0815に対応するステップ1030からステップ1033、クエリ照合プログラム生成部0813に対応するステップ1040からステップ1042、によって構成される。
(ステップ1000)
OEM側での協調シミュレーションに用いる仮想計算機に導入されているソフトウェア資産のリストを仮想計算機テンプレート導入ソフトDB0803から取得する。このリストをLと定義する。
取得したリストLと現在時刻を元に後のステップで共通して利用される乱数シードを複数生成する。
(ステップ1002)
乱数シード値を一つ使い自然数N(128<N<1024)を生成する。サイズN×Nの行列を定義し、行列の要素を0、1、2からランダムに選び初期化する。
(ステップ1003)
サイズN×Nの単位行列を定義する。
ステップ1002とステップ1003で生成した行列の各要素の論理和を取り、一つの行列Rを得る。そして、この行列Rを隣接行列とする頂点数Nの有向グラフGを定義する。
(ステップ1005)
リストLの要素数をKと定義する。
(ステップ1006)
GをK個の部分グラフに分割する。
(ステップ1007)
部分グラフのリストと各部分グラフに含まれる頂点集合を取得し、それぞれSL、VSLと定義する。
(ステップ1008)
ことなる部分グラフに含まれる2つの頂点を接続する枝の集合をカットと定義し、各部分グラフ間のカットのリストをKLと定義する。上記の共通ステップで定義した、 SL、VSL、KL、N、Lを用いて以下のステップで実際にキー生成・照合プログラムを生成する。
問い合わせクエリ生成プログラム生成部0812において、乱数シード値の時間でオーバーフローするカウンタ回路とオーバーフロー時にシミュレーション時間を出力するプログラムを生成。
(ステップ1011)
ステップ1010で生成したプログラムをLに含まれる適当なソフトウェア資産上で実装させたプログラムを問い合わせクエリ生成プログラムとして保存する。
キー認証プログラム生成部0814において、まずリスト中のサプライヤ側で消費するべきソフトウェア資産のリストを取得し、L1と定義する。
(ステップ1021)
SLの要素一つまたは複数に対しL1に含まれるソフトウェア資産を一つ対応させた連想リストを生成しAL0とする。
VSLのそれぞれの要素に含まれる頂点集合をビットとみなし、同一VSLに含まれる頂点同士の有向枝を配線とみなしたバイナリカウンタを構築し、AL0上で対応するソフトウェア資産上で動作するシミュレーションモデルとして生成する。グラフG中のカットの部分、すなわちVSLの各要素をまたぐ有向枝を、シミュレーション間のインターフェイス接続であるとみなして接続する。
(ステップ1023)
ステップ1022で構築した、複数個のシミュレーションモデルがシミュレータ間接続によって接続されたプログラムをキー認証プログラムとして保存する。
クエリ応答プログラム生成部0813において、リスト中のOEM側で消費するべきソフトウェア資産のリストを取得しL2と定義し、その要素数をMと定義する。
(ステップ1031)
シミュレーション時間を入力とし1からM(M-1)/2までの正数をランダムに発生させるプログラムを生成する。
(ステップ1032)
前ステップで生成したプログラムをL2に含まれる適当なソフトウェア資産上で実装させたプログラムを問い合わせクエリ応答プログラムとして保存する。
クエリ照合プログラム生成部0815において、SLの要素からランダムにM個を抽出したものをSSLと定義する。SSLの各要素に対し、L2に含まれるソフトウェア資産一つを対応付けた連想リストAL1を生成する。
(ステップ1041)
SSLのそれぞれの要素に含まれる頂点集合をビットとみなし、同一のSSL要素に含まれる頂点同士の有向枝を配線とみなしたバイナリカウンタを構築し、
AL1上で対応するソフトウェア資産上で動作するシミュレーションモデルとして生成する。グラフG中のカットの部分、すなわちSSLの各要素をまたぐ有向枝を、シミュレーション間のインターフェイス接続であるとみなして接続する。
(ステップ1042)
ステップ1041で構築した、複数個のシミュレーションモデルがシミュレータ間接続によって接続されたプログラムをクエリ照合プログラムとして保存する。
(ステップ1100)
問い合わせクエリ生成プログラムに予め導入されている、 カウンタがオーバーフローした際に実行時間を取得して問い合わせクエリとしてキー送受信部に送信する。オーバーフローしたカウンタは協調シミュレーションが続く限り、引き続きインクリメントし続ける。これによってステップ1100以下の工程は協調シミュレーション実行中に一定周期で実行される。
クエリ応答プログラムが問い合わせクエリを受信すると、クエリ応答プログラムの認証クエリ生成関数がトリガされる。認証クエリ生成関数にはこの関数生成時に定数Mが定義されている。定数Mの値は前述したOEM側で消費されるべきソフトウェア資産の数に相当する。
(ステップ1102)
キー認証プログラムは認証クエリをクエリ応答プログラムと共有している。上記がステップ1101によって認証クエリが更新された場合、キー認証プログラムはこれを用いて、OEM側が返送してくることが期待される、応答クエリの期待値を算出する。キー認証プログラムに組み込まれた、シミュレータをまたぐバイナリカウンタをターゲットシミュレーション時間まで動作させ、停止する。そして、カット選択値に対応するシミュレータ間インターフェイスのその時点でやり取りしている値を取得する。これを応答クエリの期待値として一時保存される。
クエリ照合プログラムが認証クエリを受信すると、クエリ照合プログラムは応答クエリを算出する。クエリ照合プログラムに組み込まれた、シミュレータをまたぐバイナリカウンタをターゲットシミュレーション時間まで動作させ、停止する。そして、カット選択値に対応するシミュレータ間インターフェイスのその時点でやり取りしている値を取得する。これを応答クエリとして送信する。
キー認証プログラムはクエリ照合プログラムから送信された応答クエリを受信すると、ステップ1102で予め計算した応答クエリ期待値と、受信した応答クエリを比較し、その結果をOEM側のキー送受信部に送信する。
キー送受信部が応答クエリの比較結果を受信、一致の場合シミュレーションを続行する、すなわち(ステップ1100)に戻る。不一致または一定期間結果が帰らなかった場合は、仮想環境操作エージェントに実装された仮想計算機破棄コマンドを実行し、シミュレーションを強制的に停止する。
0101 B社計算機環境
0102 C社計算機環境
0103 A社ソフトウェア資産
0103b B社ソフトウェア資産
0103c C社ソフトウェア資産
0104 仮想計算機生成部
0105 認証クエリ照合部
0107 通信経路
0108仮想環境操作エージェント
0110 B社仮想計算機環境
0109 C社仮想計算機環境
0111 B社ソフトウェア資産複製
0112 C社ソフトウェア資産複製
0113 認証クエリ生成部
0114 シミュレーション実行エージェント
0115 内部ネットワーク
0700 サプライヤ側協調シミュレーション
0701 他仮想環境上の協調シミュレーション
0702 問い合わせクエリ生成プログラム
0703 クエリ照合プログラム
0704 シミュレータ間インターフェイス
0706 仮想計算機コントローラ
0708 シミュレーション起動用コマンド
0709 シミュレーション停止コマンド
0710 シミュレーション実行時間取得コマンド
0712 仮想計算機受信部
0713 仮想計算機起動コマンド
0714 仮想計算機破棄コマンド
0715 キー送受信部
0800 協調シミュレーション実行指示送受信部
0802 協調シミュレーション要求受信部
0803 仮想計算機テンプレート導入ソフトDB
0804 仮想計算機テンプレート用DB
0806 仮想計算機テンプレート
0807 キー送受信部
0808 クエリ応答プログラム
0809 キー認証プログラム
0810 ローカル用計算機生成部
0811 送信用仮想計算機生成部
0812 問い合わせクエリ生成プログラム生成部
0813 クエリ照合プログラム生成部
0814 キー認証プログラム生成部
0815 クエリ応答プログラム生成部
0816 ソフトウェア資産利用ハッシュ生成部
0817 仮想計算機選択部
0818 ローカル用仮想計算機
0819 キー認証プログラム
0820 クエリ応答プログラム
0821 キー送受信部
0900 ソフトウェア資産全体
0901 ある協調シミュレーションで利用されないソフトウェア資産
0902 ある協調シミュレーションで利用されるソフトウェア資産
0903 OEM側で本システムが空費するべきソフトウェア資産
0904 サプライヤ側で本システムが空費するべきソフトウェア資産
0905 認証クエリ生成部が消費するソフトウェア資産
0906 認証クエリ照合部が消費するソフトウェア
1200 コンピュータ
1201 プロセッサ
1202 コントローラ
1203 メモリ
1204 アクセラレータ
1205 ネットワークインタフェース
Claims (15)
- 計算機システムであって、
通信経路を介して接続される、それぞれソフトウェア資産を有するユーザA、及びユーザBの計算機環境を含み、
前記ユーザBの計算機環境が、当該ユーザBの計算機環境が所有する前記ソフトウェア資産の複製と、前記ユーザAが要求するシミュレーションモデルを含む仮想計算機環境を、前記ユーザAの計算機環境に送信することにより、協調シミュレーションを実現する、
ことを特徴とする計算機システム。 - 請求項1に記載の計算機システムであって、
前記シミュレーションモデルは、
前記ユーザAの計算機環境上で実行される前記協調シミュレーションの実行状態と、前記ユーザBのソフトウェア資産の複製の利用状況を元に認証キーを生成し、生成した前記認証キーを前記ユーザBに送信する認証クエリ生成部を含み、
前記ユーザBの計算機環境は、前記ユーザAの前記認証クエリ生成部から送信された前記認証キーを、前記ユーザAに対し許可した前記フトウェア資産の利用状況を元に照合する認証クエリ照合部を備える、
ことを特徴とする計算機システム。 - 請求項2に記載の計算機システムであって、
前記ユーザAの計算機環境は、
前記ユーザAが、前記ユーザBのソフトウェア資産を不正に利用していると判断された時に、前記仮想計算機環境を破壊し、前記協調シミュレーションを停止して前記ユーザAの計算機環境上からの消去を行う、
ことを特徴とする計算機システム。 - 請求項2に記載の計算機システムであって、
前記ユーザAの前記認証クエリ生成部は、
前記認証キーを、前記ユーザAの計算機環境上で実行される前記協調シミュレーションでは用いられていない、前記ユーザBのソフトウェア資産の複製を利用して生成する、
ことを特徴とする計算機システム。 - 請求項2に記載の計算機システムであって、
前記ユーザBの計算機環境の前記認証クエリ照合部は、
前記ユーザAの計算機環境上で実行される前記協調シミュレーションで用いられている、前記ユーザBのソフトウェア資産の一部または全体を用いて照合を実行する、
ことを特徴とする計算機システム。 - ネットワークと、
前記ネットワークに接続される、ソフトウェア資産を有するユーザAの計算機環境と、
前記ネットワークに接続される、ソフトウェア資産を有するユーザBの計算機環境とを備え、
前記ユーザBの計算機環境は、
当該ユーザBの計算機環境が所有する前記ソフトウェア資産の複製と、前記ユーザAが前記ユーザBに要求するシミュレーションモデルとを含む仮想計算機環境を生成する仮想計算機生成部を備え、
前記ユーザAの計算機環境は、
前記ユーザBの計算機環境から受信した前記仮想計算機環境と、前記ユーザAの前記ソフトウェア資産を用いて協調シミュレーションを実行する、
ことを特徴とする計算機システム。 - 請求項6に記載の計算機システムであって、
前記ユーザAの計算機環境は、
前記ユーザAの計算機環境で実行される前記協調シミュレーションの実行状態と、前記ユーザBのソフトウェア資産の複製の利用状況を元にして認証キーを生成する認証クエリ生成部を、前記シミュレーションモデルとして受信し、
前記ユーザBの計算機環境は、
前記ユーザAの計算機環境で動作する前記認証クエリ生成部から送信される前記認証キーを、前記ユーザAに対し許可した前記フトウェア資産の利用状況を用いて照合する認証クエリ照合部を備える、
ことを特徴とする計算機システム。 - 請求項7に記載の計算機システムであって、
前記ユーザAの計算機環境は、
前記認証クエリ照合部で、前記ユーザAが前記ユーザBのソフトウェア資産を不正に利用していると判定した場合、前記仮想計算機環境を破壊する破壊コマンドを生成する仮想環境操作エージェントを備え、
前記仮想環境操作エージェントが前記破壊コマンドを生成した場合、前前記ユーザAの計算機環境から前記協調シミュレーションを消去する、
ことを特徴とする計算機システム。 - 請求項7に記載の計算機システムであって、
前記ユーザAの計算機環境で動作する前記認証クエリ生成部は、
前記ユーザAの計算機環境で実行される前記協調シミュレーションでは用いられていない、前記ユーザBのソフトウェア資産の複製を利用して前記認証キーを生成する、
ことを特徴とする計算機システム。 - 請求項7に記載の計算機システムであって、
前記ユーザBの計算機環境で動作する前記認証クエリ照合部は、
前記ユーザAの計算機環境上で実行される前記協調シミュレーションで用いられている、前記ユーザBのソフトウェア資産の一部または全体を用いて照合を行う、
ことを特徴とする計算機システム。 - 計算機環境で実行されるプログラムであって、
ユーザAの計算機環境で、
ネットワークを介して、ユーザBのソフトウェア資産の複製と、前記ユーザAが前記ユーザBに要求するシミュレーションモデルとを含む仮想計算機環境を受信し、
前記仮想計算機環境と、前記ユーザAのソフトウェア資産とを用いて協調シミュレーションを実行し、
前記ユーザAの計算機環境上で実行される前記協調シミュレーションの実行状態と、前記ユーザBのソフトウェア資産の複製の利用状況とを用いて認証キーを生成する、
ことを特徴とするプログラム。 - 請求項11に記載のプログラムであって、
前記ユーザAの計算機環境で、
前記ユーザBの計算機環境で、前記ユーザAが前記ユーザBのソフトウェア資産を不正に利用していると判定した場合に、前記仮想計算機環境を破壊する破壊コマンドを生成し、
前記破壊コマンドに従い、前記ユーザAの計算機環境から前記協調シミュレーションを消去する、
ことを特徴とするプログラム。 - 請求項11に記載のプログラムであって、
前記ユーザAの計算機環境で、
前記認証キーを、前記ユーザAの計算機環境で実行される前記協調シミュレーションでは用いられていない、前記ユーザBのソフトウェア資産の複製を利用して生成する、
ことを特徴とするプログラム。 - 請求項11に記載のプログラムであって、
前記ユーザBの計算機環境で、
前記ユーザAの計算機環境から送信される前記認証キーを受信し、
前記ユーザAに対し許可した前記フトウェア資産の利用状況を用いて、
前記認証キーを照合する、ことを特徴とするプログラム。 - 請求項14に記載のプログラムであって、
前記ユーザBの計算機環境で、
前記ユーザAの計算機環境上で実行される前記協調シミュレーションで用いられている、前記ユーザBのソフトウェア資産の一部または全体を用いて照合を実行する、
ことを特徴とするプログラム。
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/JP2013/050860 WO2014112089A1 (ja) | 2013-01-17 | 2013-01-17 | 計算機システム、及びプログラム |
JP2014557256A JP5956613B2 (ja) | 2013-01-17 | 2013-01-17 | 計算機システム、及びプログラム |
US14/650,017 US20150370584A1 (en) | 2013-01-17 | 2013-01-17 | Computer system and program |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/JP2013/050860 WO2014112089A1 (ja) | 2013-01-17 | 2013-01-17 | 計算機システム、及びプログラム |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2014112089A1 true WO2014112089A1 (ja) | 2014-07-24 |
Family
ID=51209210
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2013/050860 WO2014112089A1 (ja) | 2013-01-17 | 2013-01-17 | 計算機システム、及びプログラム |
Country Status (3)
Country | Link |
---|---|
US (1) | US20150370584A1 (ja) |
JP (1) | JP5956613B2 (ja) |
WO (1) | WO2014112089A1 (ja) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2017107555A (ja) * | 2015-12-11 | 2017-06-15 | インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Machines Corporation | ソフトウェア・コンテナ中のソフトウェアの識別を決定するための方法、システム、およびプログラム |
JP2018032392A (ja) * | 2016-08-26 | 2018-03-01 | 株式会社日立製作所 | 複数のシミュレータを含むシミュレーション |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11343243B2 (en) | 2017-08-23 | 2022-05-24 | Corsha, Inc. | Machine-to-machine streaming authentication of network elements |
US10992651B2 (en) | 2017-08-23 | 2021-04-27 | Corsha, Inc. | Streaming authentication using chained identifiers |
US11080387B1 (en) * | 2020-03-16 | 2021-08-03 | Integrity Security Services Llc | Validation of software residing on remote computing devices |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2011016327A1 (ja) * | 2009-08-07 | 2011-02-10 | 株式会社日立製作所 | 計算機システム、プログラム及びシミュレーションに使用する計算資源を割り当てる方法 |
JP2011086014A (ja) * | 2009-10-14 | 2011-04-28 | Hitachi Ltd | 疑似環境提供システム |
JP2012118674A (ja) * | 2010-11-30 | 2012-06-21 | Internatl Business Mach Corp <Ibm> | クライアント上で実行されるアプリケーションのローカル環境を共有可能にする方法、並びにそのサーバ及びコンピュータ・プログラム |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070174429A1 (en) * | 2006-01-24 | 2007-07-26 | Citrix Systems, Inc. | Methods and servers for establishing a connection between a client system and a virtual machine hosting a requested computing environment |
WO2010097090A2 (en) * | 2009-02-25 | 2010-09-02 | Aarhus Universitet | Controlled computer environment |
-
2013
- 2013-01-17 US US14/650,017 patent/US20150370584A1/en not_active Abandoned
- 2013-01-17 WO PCT/JP2013/050860 patent/WO2014112089A1/ja active Application Filing
- 2013-01-17 JP JP2014557256A patent/JP5956613B2/ja not_active Expired - Fee Related
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2011016327A1 (ja) * | 2009-08-07 | 2011-02-10 | 株式会社日立製作所 | 計算機システム、プログラム及びシミュレーションに使用する計算資源を割り当てる方法 |
JP2011086014A (ja) * | 2009-10-14 | 2011-04-28 | Hitachi Ltd | 疑似環境提供システム |
JP2012118674A (ja) * | 2010-11-30 | 2012-06-21 | Internatl Business Mach Corp <Ibm> | クライアント上で実行されるアプリケーションのローカル環境を共有可能にする方法、並びにそのサーバ及びコンピュータ・プログラム |
Non-Patent Citations (1)
Title |
---|
YASUHIRO ITO: "Virtual HILS: Efficient software validation by entire system virtualization", IPSJ SIG NOTES HEISEI 22 NENDO ?6?, 15 April 2011 (2011-04-15) * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2017107555A (ja) * | 2015-12-11 | 2017-06-15 | インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Machines Corporation | ソフトウェア・コンテナ中のソフトウェアの識別を決定するための方法、システム、およびプログラム |
JP2018032392A (ja) * | 2016-08-26 | 2018-03-01 | 株式会社日立製作所 | 複数のシミュレータを含むシミュレーション |
Also Published As
Publication number | Publication date |
---|---|
JP5956613B2 (ja) | 2016-07-27 |
JPWO2014112089A1 (ja) | 2017-01-19 |
US20150370584A1 (en) | 2015-12-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP7162677B2 (ja) | 特に適合性追跡用の、データを供給するためのコンピュータ実装方法 | |
CN109639406B (zh) | 基于区块链和ipfs的高效信任解决方法 | |
JP7065956B2 (ja) | 機器を制御および/またはモニターするための方法および制御システム | |
KR102618665B1 (ko) | 블록체인을 사용한 버전 이력 관리 | |
CN109714348B (zh) | 基于区块链实现的权限处理方法、装置、设备和介质 | |
JP5956613B2 (ja) | 計算機システム、及びプログラム | |
CN111543031A (zh) | 用于控制和/或监控装置的方法和控制系统 | |
CN111651770B (zh) | 一种基于云计算的安全仿真计算系统及存储介质 | |
CN111492355A (zh) | 用于控制和/或监控装置的方法和控制系统 | |
CN112313908A (zh) | 用于控制和/或监控装置的方法和控制系统 | |
CN114626088A (zh) | 基于算法互联的隐私计算平台的任务处理方法及装置 | |
CN115422598A (zh) | 一种基于git系统的cad图纸版本管理方法 | |
CN111869165B (zh) | 用于控制和/或监控装置的方法和控制系统 | |
Demichev et al. | Business process engineering for data storing and processing in a collaborative distributed environment based on provenance metadata, smart contracts and blockchain technology | |
US20140157216A1 (en) | Managing model checks of sequential designs | |
CN109690550B (zh) | 数字资产架构 | |
KR102294569B1 (ko) | 블록체인 네트워크를 구축할 수 있는 블록체인 관리시스템 | |
Banoth et al. | A survey on decentralized application based on blockchain platform | |
Kirstein et al. | Blockchain for trustworthy publication and integration of Linked Open Data | |
JP7238632B2 (ja) | 制御システム、制御装置、および管理方法 | |
Reed et al. | BULWARK: A Framework to Store IoT Data in User Accounts | |
KR102393537B1 (ko) | 신뢰실행환경에 기반한 소프트웨어 라이선스 관리 방법 및 시스템 | |
US11188687B2 (en) | Rule compliance checking and design generation with rule access security | |
JP7477907B2 (ja) | 情報提供システム、情報提供方法及び情報提供プログラム | |
EP3975026A1 (en) | Method and system for managing asset data in an industrial network |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 13871335 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2014557256 Country of ref document: JP Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: 14650017 Country of ref document: US |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 13871335 Country of ref document: EP Kind code of ref document: A1 |