公开(公告)号：WO2019086429A1

公开(公告)日：2019-05-09

申请号：PCT/EP2018/079667

申请日：2018-10-30

Applicant: ABB SCHWEIZ AG

Inventor： FRANKE, Carsten ,  WIDMER, Theo ,  LOCHER, Thomas ,  PIGNOLET, Yvonne-Anne

IPC: G06F21/62

CPC classification number: G06F21/6227 ,  G06F2221/21 ,  G06F2221/2101

Abstract: The present invention relates to a method for analysing a log (10) of a device or a plurality of devices of a first entity (1), the method comprising:generating an encrypted log (11) by encrypting said log (10) on at least one device of the first entity (1); generating at least an encrypted query (16) by encrypting said query (16) on at least one device for analysing the log (10); transferring said encrypted log (11) and said encrypted query (16) from said first entity (1) to a second entity (2); analysing said encrypted log (11) on said second entity (2) by using the encrypted query (16) and generating (20) an encrypted analysis result (21); transferring said encrypted analysis result (21) from said second entity (2) to said first entity (1); and decrypting (22) said encrypted analysis result (21) on said first entity (1), wherein said decrypted analysis result (23) can be verified by said first entity (1).

公开(公告)号：WO2017194469A1

公开(公告)日：2017-11-16

申请号：PCT/EP2017/060918

申请日：2017-05-08

Applicant: ABB SCHWEIZ AG

Inventor： SCHNEIDER, Johannes ,  HARVAN, Matus ,  OBERMEIER, Sebastian ,  LOCHER, Thomas ,  PIGNOLET, Yvonne-Anne

IPC: H04L9/00

CPC classification number: H04L9/008 ,  H04L2209/46 ,  H04L2209/76

Abstract: The invention relates to a method for aggregation of a performance indicator of a device comprising the steps of: concatenating a respective first data item to a plurality of second data items in the device; encrypting the plurality of concatenated second data items relevant for computing the performance indicator using a first encryption key in the device, wherein the first encryption key is based on an additive homomorphic encryption scheme; sending the encrypted concatenated second data items to a computation cluster; computing the performance indicator on the computation cluster using the encrypted concatenated second data items and computing an aggregate value regarding the performance indicator by summing up the encrypted concatenated second data items; sending the aggregate value to a server of a service provider of the device; decrypting the aggregate value using a second encryption key on the server of the service provider; and verifying the decrypted result by checking whether the decrypted sum computed by summing up the encrypted concatenated second data items comprises a predetermined value. The present invention also relates to a corresponding system and corresponding computer program product comprising one or more computer readable media having computer executable instructions for performing the steps of the method.

Abstract translation: 本发明涉及一种用于设备的性能指示符的聚合的方法，包括以下步骤：将相应的第一数据项连接到设备中的多个第二数据项; 使用设备中的第一加密密钥加密与计算性能指标相关的多个连接的第二数据项，其中第一加密密钥基于加性同态加密方案; 将加密的连结的第二数据项发送到计算集群; 使用所述经加密的连结的第二数据项来计算所述计算群集上的所述性能指标，并且通过将所述经加密的连结的第二数据项目相加来计算关于所述性能指标的汇总值; 将聚合值发送到设备的服务提供商的服务器; 使用服务提供商的服务器上的第二加密密钥来解密聚合值; 以及通过检查通过对加密的连接的第二数据项进行求和而计算出的解密总和是否包括预定值来验证解密结果。 本发明还涉及相应的系统和相应的计算机程序产品，其包括具有用于执行该方法的步骤的计算机可执行指令的一个或多个计算机可读介质。

公开(公告)号：WO2017137507A1

公开(公告)日：2017-08-17

申请号：PCT/EP2017/052905

申请日：2017-02-09

Applicant: ABB SCHWEIZ AG

Inventor： SCHNEIDER, Johannes ,  HARVAN, Matus ,  OBERMEIER, Sebastian ,  LOCHER, Thomas ,  PIGNOLET, Yvonne-Anne

IPC: G06F21/14 ,  G06F21/12

CPC classification number: G06F21/14 ,  G06F21/125

Abstract: A method of automatically generating secure code (12, 26) comprises: receiving source code (22) and security constraints (24) for the source code (22), the security constraints (24) encoding, to what extent a variable (44) in the source code (22) is considered secure; and generating secure code (12, 26) from the source code (22) and the security constraints (24) by replacing non-secure operations (46) in the source code (22), which operate on the variables (44) considered as secure, with secure operations (46a); wherein a secure operation (46a) is an operation, which, when applied to at least one encrypted variable (44), generates an encrypted result, which, when decrypted, is the result of the non-secure operation (46) applied to the not encrypted variable (44).

Abstract translation: 自动生成安全代码（12,26）的方法包括：接收源代码（22）的源代码（22）和安全约束（24），安全约束（24）编码， 源代码（22）中的变量（44）在多大程度上被认为是安全的; 以及通过替换源代码（22）中的非安全操作（46）来生成源代码（22）和安全约束（24）的安全代码（12,26） 安全，具有安全操作（46a）; 其中安全操作（46a）是当被应用于至少一个加密变量（44）时生成加密结果的操作，所述加密结果在被解密时是应用于所述非安全操作（46）的结果 没有加密变量（44）。

公开(公告)号：WO2020254852A1

公开(公告)日：2020-12-24

申请号：PCT/IB2019/055014

申请日：2019-06-17

Applicant: ABB SCHWEIZ AG

Inventor： KOZHAYA, David ,  SIVANTHI, Thanikesavan ,  PIGNOLET, Yvonne-Anne

IPC: H04L1/22

Abstract: The invention relates to a method and system for detecting and mitigating cabling issues with devices connected in industrial redundant networks. An agent runs on each device and generates information about traffic received at the corresponding device. The agent running on a node generates indicators of traffic received at each port, and error rates for traffic at each port. The agent running on a switch generates information about switch misconfiguration by collecting device identifiers for each port of the switch. The agents send the information to a network manager, which determines switch misconfigurations and wrong cabling from the received information. The network manager also mitigates cabling issues by sending a signal to the affected device(s) or sending a communication to mitigate the issue.

公开(公告)号：WO2018024658A1

公开(公告)日：2018-02-08

申请号：PCT/EP2017/069286

申请日：2017-07-31

Applicant: ABB SCHWEIZ AG

Inventor： SCHNEIDER, Johannes ,  HARVAN, Matus ,  OBERMEIER, Sebastian ,  LOCHER, Thomas ,  PIGNOLET, Yvonne-Anne

IPC: H04L9/08 ,  G06F11/14 ,  G06F21/62 ,  H04L9/32 ,  H04L29/06

Abstract: The invention relates to a method for storing data blocks from client devices (1, 4) to a cloud storage system (3), the method comprising the steps of: d) storing an encrypted first data block (2) and a challenge of the first data block (2) of a first client device (1) on the cloud storage system (3), e) determining if a hash of a second data block (5) of a second client device (4) stored on the cloud storage system (3) equals the hash of the first data block (2), f) if yes, transmitting the challenge of the first data block (2) from the cloud storage system (3) to the second client device (4), g) extracting, at the second client device (4), the bits at the positions or at the range contained in the challenge, hashing the extracted bits, encrypting the hashed bits with a public key of the first client device (1) or of the second client device (4) and uploading the encrypted bits from the second client device (4) to the cloud storage system (3), and h) storing the encrypted bits from the second client device (4) on the cloud storage system (3).

Abstract translation: 本发明涉及一种用于将来自客户端设备（1,4）的数据块存储到云存储系统（3）的方法，该方法包括以下步骤：d）将加密的第一数据块 （2）的挑战以及所述云存储系统（3）上的第一客户端设备（1）的第一数据块（2）的挑战，e）确定第二客户端设备（1）的第二数据块 （3）中的所述第一数据块（2）的挑战等于所述第一数据块（2）的散列，f）如果是，则将所述第一数据块（2）的挑战从所述云存储系统（3） 第二客户端设备（4），g）在第二客户端设备（4）处提取在挑战中包含的位置或范围处的比特，对提取的比特进行散列处理，用第一客户端设备（4）的公钥对散列的比特进行加密 客户端设备（1）或第二客户端设备（4），并且将来自第二客户端设备（4）的加密比特上传到云存储系统（3），以及h）将加密比特 在云存储系统（3）上来自第二客户端设备（4）的d位。

公开(公告)号：WO2017134269A1

公开(公告)日：2017-08-10

申请号：PCT/EP2017/052458

申请日：2017-02-03

Applicant: ABB SCHWEIZ AG

Inventor： SCHNEIDER, Johannes ,  HARVAN, Matus ,  OBERMEIER, Sebastian ,  LOCHER, Thomas ,  PIGNOLET, Yvonne-Anne

IPC: H04L9/00

CPC classification number: H04L9/008 ,  H04L2209/46 ,  H04L2209/76

Abstract: A method for evaluating data (28) is based on a computational model, the computational model comprising model data (26), a training function and a prediction function. The method comprises training the computational model by: receiving training data (22) and training result data (24) for training the computational model, and computing the model data (26) from the training data (22) and the training result data (24) with the training function. The method comprises predicting result data (30) by: receiving field data (28) for predicting result data (30); and computing the result data (30) from the field data (28) and the model data (26) with the prediction function. The training data (22) may be plaintext and the training result data (24) may be encrypted with a homomorphic encryption algorithm, wherein the model data (26) may be computed in encrypted form from the training data (22) and the encrypted training result data (24) with the training function. The field data (28) may be plaintext, wherein the result data (30) may be computed in encrypted form from the field data (28) and the encrypted model data (26) with the prediction function.

Abstract translation: 用于评估数据（28）的方法基于计算模型，计算模型包括模型数据（26），训练函数和预测函数。 该方法包括通过以下步骤来训练计算模型：接收用于训练计算模型的训练数据（22）和训练结果数据（24），并且从训练数据（22）和训练结果数据（24）计算模型数据（26） ）与训练功能。 该方法包括通过以下步骤预测结果数据（30）：接收用于预测结果数据（30）的现场数据（28）; 和利用预测函数从场数据（28）和模型数据（26）计算结果数据（30）。 训练数据（22）可以是明文的并且训练结果数据（24）可以用同态加密算法加密，其中模型数据（26）可以以加密形式从训练数据（22）和加密训练数据 结果数据（24）与训练功能。 现场数据（28）可以是明文，其中结果数据（30）可以利用预测函数以加密形式从现场数据（28）和加密模型数据（26）计算。

公开(公告)号：WO2017194476A1

公开(公告)日：2017-11-16

申请号：PCT/EP2017/060937

申请日：2017-05-08

Applicant: ABB SCHWEIZ AG

Inventor： LOCHER, Thomas ,  SCHNEIDER, Johannes ,  HARVAN, Matus ,  OBERMEIER, Sebastian ,  PIGNOLET, Yvonne-Anne

IPC: H04L9/30

CPC classification number: H04L9/0656 ,  H04L9/008 ,  H04L9/30 ,  H04L2209/08 ,  H04L2209/76

Abstract: The invention relates to a method computing a probabilistic encryption scheme for encrypting a data item in an electronic device comprising the steps of: computing a plurality of random bit strings in a computation cluster; sending the computed plurality of random strings to the electronic device; generating a random string (r E ) for using in the encryption scheme in the electronic device using a subset of the plurality of the random strings computed in the computation cluster and encrypting the data item using the random string computed in the electronic device. The present invention also relates to a corresponding system and corresponding computer program product comprising one or more computer readable media having computer executable instructions for performing the steps of the method.

Abstract translation: 本发明涉及一种计算用于加密电子设备中的数据项的概率加密方案的方法，包括以下步骤：计算计算集群中的多个随机比特串; 将所计算的多个随机串发送到电子设备; 使用在计算集群中计算的多个随机串的子集产生用于在电子设备中的加密方案中使用的随机串（r E），并使用计算出的随机串来加密数据项 在电子设备中。 本发明还涉及相应的系统和相应的计算机程序产品，其包括具有用于执行该方法的步骤的计算机可执行指令的一个或多个计算机可读介质。

公开(公告)号：EP3412000A1

公开(公告)日：2018-12-12

申请号：EP17702412.2

申请日：2017-02-03

Applicant: ABB Schweiz AG

Inventor： SCHNEIDER, Johannes ,  HARVAN, Matus ,  OBERMEIER, Sebastian ,  LOCHER, Thomas ,  PIGNOLET, Yvonne-Anne

IPC: H04L9/00

CPC classification number: G06K9/6257 ,  G06F15/18 ,  G06F17/18 ,  H04L9/008 ,  H04L9/0618 ,  H04L2209/46 ,  H04L2209/76

Abstract: A method for evaluating data (28) is based on a computational model, the computational model comprising model data (26), a training function and a prediction function. The method comprises training the computational model by: receiving training data (22) and training result data (24) for training the computational model, and computing the model data (26) from the training data (22) and the training result data (24) with the training function. The method comprises predicting result data (30) by: receiving field data (28) for predicting result data (30); and computing the result data (30) from the field data (28) and the model data (26) with the prediction function. The training data (22) may be plaintext and the training result data (24) may be encrypted with a homomorphic encryption algorithm, wherein the model data (26) may be computed in encrypted form from the training data (22) and the encrypted training result data (24) with the training function. The field data (28) may be plaintext, wherein the result data (30) may be computed in encrypted form from the field data (28) and the encrypted model data (26) with the prediction function.

公开(公告)号：EP3494662B1

公开(公告)日：2020-09-16

申请号：EP17745353.7

申请日：2017-07-31

Applicant: ABB Schweiz AG

Inventor： SCHNEIDER, Johannes ,  HARVAN, Matus ,  OBERMEIER, Sebastian ,  LOCHER, Thomas ,  PIGNOLET, Yvonne-Anne

IPC: H04L9/08 ,  G06F11/14 ,  G06F21/62 ,  H04L9/32 ,  H04L29/06 ,  G06F21/64

公开(公告)号：EP3455995A1

公开(公告)日：2019-03-20

申请号：EP17721185.1

申请日：2017-05-08

Applicant: ABB Schweiz AG

Inventor： SCHNEIDER, Johannes ,  HARVAN, Matus ,  OBERMEIER, Sebastian ,  LOCHER, Thomas ,  PIGNOLET, Yvonne-Anne

IPC: H04L9/00