Protection of software models
First Claim
1. An encryption method for encrypting a software model having software components of a technical system, a control unit or a system controlled or regulated by the control unit, the encryption method comprising:
- generating, by a processor, a public key and a master key;
generating, by the processor, a decryption structure that includes a definition of at least two component groups of the software components of the software model for decryption by at least two devices, the at least two component groups structuring different functional parts of the software model to perform a task when respectively decrypted by the at least two devices;
at least partially encrypting, by the processor, the at least two component groups of the software components of the software model via the public key as specified by the decryption structure;
at least partially integrating, by the processor, the decryption structure into the encrypted software model; and
generating, by the processor, at least two secret keys via the master key by respectively including therein the definition of the at least two component groups of the software components of the software model such that when the encrypted software model is distributed to each of at least two devices having respective secret keys that each include the definition of a corresponding component group of the software components of the software model, the at least two component groups are only individually decryptable via the respective secret keys,wherein each of the at least two secret keys is distinct from each other, andwherein the decryption structure is generated by assigning attributes to the software components and defining the at least two component groups from those software components to which at least one specific attribute was assigned.
2 Assignments
0 Petitions
Accused Products
Abstract
An encryption method is provided that has a software model of a technical system, the model including software components is encrypted by a public key and a decryption structure, wherein the latter includes definitions of component groups of the software model. The decryption structure is integrated at least partially into the encrypted software model. Correspondingly, in a decryption method according to the invention, via a secret key that likewise comprises definitions of component groups, only the particular component groups are decrypted whose definitions the secret key includes in agreement with the definitions of the encrypted software model. The definitions of the secret key can be extended after the fact by a key extension, so that additional component groups can be decrypted with an extended secret key.
21 Citations
18 Claims
-
1. An encryption method for encrypting a software model having software components of a technical system, a control unit or a system controlled or regulated by the control unit, the encryption method comprising:
-
generating, by a processor, a public key and a master key; generating, by the processor, a decryption structure that includes a definition of at least two component groups of the software components of the software model for decryption by at least two devices, the at least two component groups structuring different functional parts of the software model to perform a task when respectively decrypted by the at least two devices; at least partially encrypting, by the processor, the at least two component groups of the software components of the software model via the public key as specified by the decryption structure; at least partially integrating, by the processor, the decryption structure into the encrypted software model; and generating, by the processor, at least two secret keys via the master key by respectively including therein the definition of the at least two component groups of the software components of the software model such that when the encrypted software model is distributed to each of at least two devices having respective secret keys that each include the definition of a corresponding component group of the software components of the software model, the at least two component groups are only individually decryptable via the respective secret keys, wherein each of the at least two secret keys is distinct from each other, and wherein the decryption structure is generated by assigning attributes to the software components and defining the at least two component groups from those software components to which at least one specific attribute was assigned. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A decryption method for decrypting a software model comprising software components of a technical system, a control unit or a system controlled or regulated by the control unit, the decryption method comprising:
-
decrypting, by a processor of a decryption unit, the software model encrypted at an encryption using an encryption method that comprises; generating, by a processor of the encryption unit, a public key and a master key; generating, by the processor of the encryption unit, a decryption structure that includes a definition of at least two component groups of the software components of the software model for decryption by at least two devices, the at least two component groups structuring different functional parts of the software model to perform a task when respectively decrypted by the at least two devices; at least partially encrypting, by the processor of the encryption unit, the at least two component groups of the software components of the software model via the public key as specified by the decryption structure; at least partially integrating, by the processor of the encryption unit, the decryption structure into the encrypted software model; and generating, by the processor of the encryption unit, at least two secret keys via the master key by respectively including therein the definition of the at least two component groups of the software components of the software model such that when the encrypted software model is distributed to each of at least two devices having respective secret keys that each include the definition of a corresponding component group of the software components of the software model, the at least two component groups are only individually decryptable via the respective secret keys, wherein each of the at least two secret keys is distinct from each other, wherein the decryption structure is generated by assigning attributes to the software components and defining the at least two component groups from those software components to which at least one specific attribute was assigned, and wherein in the decryption method, each of the at least two component groups is only decrypted when the decryption structure at least partially integrated into the encrypted software model defines the each of the at least two component groups and the at least two secret keys include the definition of the each of the at least two component groups. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A non-transitory computer readable medium storing an electronic data set comprising:
-
a software model that comprises software components of a technical system, a control unit or a system controlled or regulated by the control unit, the software model having been encrypted at an encryption unit using an encryption method that comprises; generating, by a processor of the encryption unit, a public key and a master key; generating, by the processor of the encryption unit, a decryption structure that includes a definition of at least two component groups of the software components of the software model for decryption by at least two devices, the at least two component groups structuring different functional parts of the software model to perform a task when respectively decrypted by the at least two devices; at least partially encrypting, by the processor of the encryption unit, the at least two component groups of the software components of the software model via the public key as specified by the decryption structure; at least partially integrating, by the processor of the encryption unit, the decryption structure into the encrypted software model; and generating, by the processor of the encryption unit, at least two secret keys via the master key by respectively including therein the definition of the at least two component groups of the software components of the software model such that when the encrypted software model is distributed to each of at least two devices having respective secret keys that each include the definition of a corresponding component group of the software components of the software model, the at least two component groups are only individually decryptable via the respective secret keys, wherein the data set is designed such that the encrypted software model is decryptable, wherein each of the at least two secret keys is distinct from each other, and wherein the decryption structure is generated by assigning attributes to the software components and defining the at least two component groups from those software components to which at least one specific attribute was assigned.
-
-
17. An encryption unit configured to encrypt a software model comprising software components of a technical system, a control unit or a system controlled or regulated by the control unit, the encryption unit comprising:
-
a processor; and a memory, wherein the processor and the memory are configured to; generate a public key and a master key; generate a decryption structure that includes a definition of at least two component groups of the software components of the software model for decryption by at least two devices, the at least two component groups structuring different functional parts of the software model to perform a task when respectively decrypted by the at least two devices; at least partially encrypt the at least two component groups of the software components of the software model via the public key as specified by the decryption structure; at least partially integrate the decryption structure into the encrypted software model; and generate at least two secret keys via the master key by respectively including therein the definition of the at least two component groups of the software components of the software model such that when the encrypted software model is distributed to each of at least two devices having respective secret keys that each include the definition of a corresponding component group of the software components of the software model, the at least two component groups are only individually decryptable via the respective secret keys, wherein each of the at least two secret keys is distinct from each other, and wherein the decryption structure is generated by assigning attributes to the software components and defining the at least two component groups from those software components to which at least one specific attribute was assigned.
-
-
18. A decryption unit configured to decrypt a software model comprising software components of a technical system, a control unit or a system controlled or regulated by the control unit, the decryption unit comprising:
-
a processor; and a memory, wherein the processor and the memory of the decryption unit are configured to decrypt the software model encrypted at an encryption using an encryption method that comprises; generating, by a processor of the encryption unit, a public key and a master key; generating, by the processor of the encryption unit, a decryption structure that includes a definition of at least two component groups of the software components of the software model for decryption by at least two devices, the at least two component groups structuring different functional parts of the software model to perform a task when respectively decrypted by the at least two devices; at least partially encrypting, by the processor of the encryption unit, the at least two component groups of the software components of the software model via the public key as specified by the decryption structure; at least partially integrating, by the processor of the encryption unit, the decryption structure into the encrypted software model; and generating, by the processor of the encryption unit, at least two secret keys via the master key by respectively including therein the definition of the at least two component groups of the software components of the software model such that when the encrypted software model is distributed to each of at least two devices having respective secret keys that each include the definition of a corresponding component group of the software components of the software model, the at least two component groups are only individually decryptable via the respective secret keys, wherein each of the at least two secret keys is distinct from each other, wherein the decryption structure is generated by assigning attributes to the software components and defining the at least two component groups from those software components to which at least one specific attribute was assigned, and wherein the processor and the memory of the decryption unit are configured such that each of the at least two component groups is only decrypted when the decryption structure at least partially integrated into the encrypted software model defines the each of the at least two component groups and the at least two secret keys include the definition of the each of the at least two component groups.
-
Specification