US 9,811,657 B2
Security information for software parts
Gregory A. Kimberly, Seattle, WA (US)
Assigned to THE BOEING COMPANY, Chicago, IL (US)
Filed by The Boeing Company, Chicago, IL (US)
Filed on Jun. 6, 2014, as Appl. No. 14/297,729.
Prior Publication US 2015/0356319 A1, Dec. 10, 2015
Int. Cl. G06F 21/51 (2013.01); G06F 21/64 (2013.01)
CPC G06F 21/51 (2013.01) [G06F 21/64 (2013.01)] 19 Claims
OG exemplary drawing
 
1. A method of identifying a software part, comprising:
signing security information for the software part with a security information digital signature to form signed security information, wherein the security information identifies a security policy for the software part that specifies how the software part is checked based on whether the software part is critical or non-critical;
signing the software part with a software part digital signature;
checking the software part digital signature using the signed security information, wherein the signed security information includes information that indicates how the software part digital signature is checked to determine whether the software part is correct, such that the security information identifies an acceptable digital signature for the software part digital signature, an acceptable certificate authority, and an approved system on which the software part is approved to be used; and
in response to a determination that the software part digital signature is correct, associating the signed security information with the software part such that the software part includes the signed security information.