SECURITY ARCHITECTURE FOR INTERCONNECTED DIGITAL ENGINEERING AND CERTIFICATION ECOSYSTEM

20240419833

18/821647

August 30, 2024

Methods, systems, and apparatus, including computer programs encoded on computer storage media, for securely certifying products in an ecosystem. In some implementations, a digital platform receives a user request to access digital models. The digital platform determines whether the user is authorized to access the digital models. In response, the digital platform generates a transaction request to send to a location of the digital models, wherein the transaction request comprises data identifying operations to perform using the digital models. The digital platform transmits, to the location of the digital models, the generated transaction request that causes execution of the operations. The digital platform receives data representative of a result of the operations performed. The digital platform provides, to a user interface of the user device, the data representative of the result. The digital platform audits the data related to the transaction request and the data representative of the result.

1. A computer-implemented method comprising: receiving, by a digital platform, a request to access one or more models, the request comprising a location of the one or more models; determining, by the digital platform, that a user that transmitted the request is authorized to access the one or more models; in response to determining that the user is authorized to access the one or more models, transmitting, by the digital platform and to the location of the one or more models, a transaction request that causes execution of one or more operations using the one or more models; providing, by the digital platform, data representative of a result of the execution of the one or more operations; maintaining, by the digital platform, an auditable record of data related to the received request, the transaction request, and the data representative of the result of the one or more operations performed using the one or more models; and providing, by the digital platform and to a user device of the user, data stored in the auditable record.

2. The computer-implemented method of claim 1, wherein maintaining the auditable record further comprises maintaining, by the digital platform, the auditable record of metadata, the metadata comprising one or more other transactions performed against the one or more models.

3. The computer-implemented method of claim 2, wherein the metadata comprises, for each of the one or more other transactions, a model owner identifier (ID), a user ID, access rights of a corresponding user, a device ID, a time for performing a corresponding transaction, data representing a network, a task ID, and a tool ID.

4. The computer-implemented method of claim 1, further comprising: analyzing, by the digital platform and from the auditable record, a series of transactions for completing a previous request; determining, by the digital platform, one or more criteria for the series of transactions to satisfy completing the previous request; determining, by the digital platform, the series of transactions do not satisfy the one or more criteria for completing the previous request; in response to determining the series of transactions do not satisfy the one or more criteria, generating, by the digital platform, one or more recommendations for modifying the series of transactions in order to satisfy the criteria for completing the request; and transmitting, by the digital platform and to the user device of the user, the one or more recommendations for the user to review for a subsequent request.

5. The computer-implemented method of claim 1, wherein transmitting, by the digital platform and to the location of the one or more models, the transaction request comprises transmitting, by the digital platform and to a cloud network that stores the location of the one or more models, the transaction request that causes execution of the one or more operations using the one or more models.

6. The computer-implemented method of claim 1, wherein transmitting, by the digital platform and to the location of the one or more models, the transaction request comprises transmitting, by the digital platform and to a digital agent, the transaction request that causes the digital agent to perform the one or more operations using the one or more models.

7. The computer-implemented method of claim 6, further comprising: storing, by the digital agent, one or more digital tools in a tools database, the one or more digital tools comprise model-based systems engineering (MBSE) tools, augmented reality (AR) tools, computer aided design (CAD) tools, data analytics tools, modeling and simulation (M&S) tools, and product lifecycle management (PLM) tools; and storing the one or more models, the one or more models comprise simulation engines, requirements models, electronics models, test-plan models, cost-models, schedule models, software modeling, supply-chain models, manufacturing models, cyber security models, multi-attribute trade-space tools, and mission effects models.

8. The computer-implemented method of claim 7, further comprising monitoring, by the digital platform, a usage of one or more digital tools over a period of time.

9. The computer-implemented method of claim 7, wherein the digital platform and the digital agent communicate in a bi-directional manner through one or more firewalls.

10. The computer-implemented method of claim 9, wherein transmitting the transaction request that causes the digital agent to perform the one or more operations using the one or more models requested by the user device comprises transmitting the transaction request that causes the digital agent to copy the one or more models and subsequently perform a write action against the copied version of the one or more models without modifying an original version of the one or more models.

11. The computer-implemented method of claim 1, wherein the one or more operations comprises at least one of reading data from the one or more models, writing data to the one or more models, accessing one or more digital artifacts out of the one or more models, or accessing the one or more models.

12. The computer-implemented method of claim 1, further comprising: determining, by the digital platform, whether the user that transmitted the request is authorized to access the one or more models, wherein determining comprises: obtaining, by the digital platform, one or more credentials of the user prior to receiving the request to access the one or more models; and determining, by the digital platform, that the user is authorized to access the digital platform using the one or more obtained credentials applied against a permission model.

13. The computer-implemented method of claim 1, further comprising: determining, by the digital platform, a type of the one or more operations to perform against the one or more models; in response to determining the type of the one or more operations to perform against the one or more models, transmitting, by the digital platform and to the location of the one or more models, the transaction request; receiving, by the digital platform, a splicer that provides access to one or more functions of the one or more models; and providing, by the digital platform and to a user interface, the received splicer for user interaction to the one or more functions of the one or more models.

14. The computer-implemented method of claim 13, wherein the received splicer is configured to restrict user access to a subset of functionalities of the one or more models.

15. The computer-implemented method of claim 13, wherein the received splicer is configured to redact a portion of the one or more models.

16. The computer-implemented method of claim 13, wherein the received splicer is configured to secure a subset of functionalities of the one or more models on the user device.

17. The computer-implemented method of claim 1, further comprising: extracting, from the received request and by the digital platform, data that identifies the one or more models the user seeks to access; and retrieving, by the digital platform, the location of the one or more models based on the extracted data from the received request.

18. The computer-implemented method of claim 1, wherein maintaining the auditable record of the data further comprises: storing, by the digital platform, data related to the transaction request and the data representative of the result of the one or more operations performed using the one or more models; and auditing, by the digital platform, the stored data for at least one of a security breach, data quality control, or improving the one or more operations performed using the one or more models.

19. A system comprising: one or more computers and one or more storage devices storing instructions that are operable, when executed by the one or more computers, to cause the one or more computers to perform operations comprising: receiving, by a digital platform, a request to access one or more models, the request comprising a location of the one or more models; determining, by the digital platform, that a user that transmitted the request is authorized to access the one or more models; in response to determining that the user is authorized to access the one or more models, transmitting, by the digital platform and to the location of the one or more models, a transaction request that causes execution of one or more operations using the one or more models; providing, by the digital platform, data representative of a result of the execution of the one or more operations; maintaining, by the digital platform, an auditable record of data related to the received request, the transaction request, and the data representative of the result of the one or more operations performed using the one or more models; and providing, by the digital platform and to a user device of the user, data stored in the auditable record.

20. A non-transitory computer-readable medium storing software comprising instructions executable by one or more computers which, upon such execution, cause the one or more computers to perform operations comprising: receiving, by a digital platform, a request to access one or more models, the request comprising a location of the one or more models; determining, by the digital platform, that a user that transmitted the request is authorized to access the one or more models; in response to determining that the user is authorized to access the one or more models, transmitting, by the digital platform and to the location of the one or more models, a transaction request that causes execution of one or more operations using the one or more models; providing, by the digital platform, data representative of a result of the execution of the one or more operations; maintaining, by the digital platform, an auditable record of data related to the received request, the transaction request, and the data representative of the result of the one or more operations performed using the one or more models; and providing, by the digital platform and to a user device of the user, data stored in the auditable record.

06; 04

edspap.20240419833