[curious]

Hi All,

Great forum! I was not sure where to post this one so I figured this could be the place.

I’m wondering if, upon full automation and some parameterization of a CAE process, there is a way to provide a “black-box” to say a customer, so they can integrate my CAE routine into theirs without getting access to the IP embedded in my models (e.g. detailed geometry, mesh and solver settings, complete result dataset). Basically, I’m looking after the functionality of a meta-model, but with the actual detailed CAE model being run at each query.

I believe I’ve seen this feature advertised in some 0D-calculation tools. However, I could not find equivalent feature in 3D simulation programs. I guess the typical CPU time, the file management complexity, and maybe limited users’ need for such feature could be the reason why. Or I didn’t search hard enough, and if so, please accept my apologies for this.
Any insight regarding this topic is much appreciated!

Cheers
/Jens

[LuckyTran]

Compile your code so that it's all in binary. Then they'll have no access.

Are you trying to protect your IP or keep it as a trade secret? If you only need protection, then you just need to both agree to a non-disclosure agreement. You can also register your IP and license its use to your collaborators.

I think it's harder if you are trying to make it a complete black box, it's basically a crytographic problem. Maybe you can compile everything into a binary.

[curious]

Thanks Lucky!

Quote:

Originally Posted by LuckyTran

Are you trying to protect your IP or keep it as a trade secret? If you only need protection, then you just need to both agree to a non-disclosure agreement.

I want to keep both my design details and my modeling techniques trade secrets. Sadly, I have seen too many suppliers breach the terms of their own NDA's (by sharing with me way more information about my competitors than they should have) that I don't have much trust in this system anymore.

Quote:

Originally Posted by LuckyTran

Compile your code so that it's all in binary. Then they'll have no access. [...] I think it's harder if you are trying to make it a complete black box, it's basically a crytographic problem. Maybe you can compile everything into a binary.

I guess that's the sort of functionality I am after. I don't have access to any commercial CAE software at the moment so I can't easily check those things, so I have no idea if those are standard functionalities or not. Anyone?

On a side note, after Googling a little about IP, binaries, etc, I rapidly found this:
Wow... I didn't think it was THAT easy :/

[mprinkey]

The answer to your question depends on what language your simulation code is written. If it is C/C++/Fortran, those online compilers are not going to work very well. Note, they are picking apart java byte in that video. If you are working with Java, Python, or similar "scripting" type languages, it is going to be very hard to protect your work, because "compiled" versions of those languages are still pretty expressive. As the video said, I don't know what you can do besides obfuscation, and that is really more of a speed bump than a locked gate.

If you are starting with a real compiled code (like C++ or Fortran), the output will be assembly language and will not be nearly as easy to reverse engineer. If you have critical constants or datasets, you may want to store them in encrypted datafiles or variables and then decrypt them at runtime. Generally, you want to hind the way you generate the key to decrypt them with an key generator to make it hard for people to find the key in your binary.

If you need a cheap hardware dongle solution, you can integrate a yubikey ($25 each) and use their challenge/response mechanism to generate the decryption code for the datasets and prevent execution if the data doesn't decrypt cleanly. That allows you to easily and cheaply prevent mass distribution or wholesale integration of your binary into some other work. They will need to have a physical key installed in the system for your code to work.

There are other options as well, but they will start costing real money. There are dongles with real SDKs or FlexLM with cryptographic license files, etc. But there are pretty expensive upfront costs for those.

[curious]

Thank you Michael, very insightful.

Quote:

Originally Posted by mprinkey

The answer to your question depends on what language your simulation code is written.

In most cases, the CAE processes that I would parameterize and automate would rely heavily on commercial CAE software at each step. For example, Catia V5 for CAD creation and ANSYS for everything else. This would of course require that the end-user of my routine has the required licenses. I guess what I am after is a way to prevent easy access to the by-products of the complete CAE process: CAD model, mesh files, datasets...

After further research, it appears that LS-Dyna has some encryption capabilities, as suggested in this document. See page 37: "Lotus Engineering, Inc. provided encrypted files for the crash models and crash configurations. Due to encryption, specifics of the material, failure, fracture, joining and structural sub-models employed in the models and simulations could not be evaluated."

RADIOSS and ANSYS Mechanical also seem to have some encryption capabilities at least for material properties, but maybe not much more...

Apparently the LS-Dyna encryption system relies on OpenPGP. I suppose encryption could be implemented, but I wish a general, off-the-shelf solution was readily available... Any opinion regarding the feasibility of implementing a general encryption framework for CAE applications is welcome.

[mprinkey]

Quote:

Originally Posted by curious

Any opinion regarding the feasibility of implementing a general encryption framework for CAE applications is welcome.

Sorry, but I don't see a path forward there. It would require buy-in from all of the software manufacturers and they will need to agree on a standard encryption scheme and key-distribution mechanism. And cryptography is very easy to do wrong, so each part of the process has to be vetted to make sure there are no leaks...look at sshpass as an example for how difficult it is to hide a password just sent into ssh on the command line. You have the same problem in launching the various applications...you can't pass them on the command liine. You can't store the keys in a file on the file system and you can't store the intermediate files unencrypted. Maybe the applications could all pull the encryption keys from the dongle, but again...that would have to be part of the standard scheme all of the vendors agreed to.

If you used open source software instead, you could hack the code up to include encryption or to even pass data from application to application using pipes/sockets/stdin/out and avoid writing the intermediate files to disk at all. This is a hard problem and one I don't see commercial software vendors taking an interest in, unless they are paid to do it. Open source is likely the only way to accomplish this, IMO.