software qualification

By generating required specifications and testing actual deployment requirements, the system ensures compatibility between new software and terminal devices, resolves compatibility issues during the installation of new software components, and enables automated and real-time compatibility assessment and deployment, preventing device damage.

CN116235142BActive Publication Date: 2026-06-23GIESECKE & DEVRIENT EPAYMENTS GMBH

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
GIESECKE & DEVRIENT EPAYMENTS GMBH
Filing Date
2021-08-18
Publication Date
2026-06-23

AI Technical Summary

Technical Problem

Existing technologies cannot effectively identify the compatibility of new software components with terminal devices when installing them, which may damage the devices, and lack automated and real-time solutions.

Method used

By generating requirement specifications, assessing the compatibility of new software with end devices, including detecting actual deployment requirements and deploying new software when they are met, and using embedded general-purpose integrated circuit cards and wireless data interfaces for automated assessment and deployment.

Benefits of technology

Ensure the new software is compatible with terminal devices, prevent the installation of incompatible software, reduce manual intervention, lower bandwidth and storage space requirements, and improve installation efficiency.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN116235142B_ABST
    Figure CN116235142B_ABST
Patent Text Reader

Abstract

The invention relates to a method for ensuring that software to be installed on a terminal device is compatible with existing software, in particular with the underlying hardware architecture of the terminal device. The invention is therefore advantageous in that it enables an evaluation of new software components before they are installed, so that incompatible software components cannot be installed on a terminal device, which would impair or destroy the terminal device. Furthermore, the invention relates to a system arrangement implemented in accordance with the proposed method, and to a computer program product containing control instructions for implementing the proposed method.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to a method for ensuring that software (e.g., a new software component or a new operating system or a portion thereof) to be installed on a terminal device is compatible with existing software or operating systems, particularly with the underlying hardware architecture. Therefore, an advantage of this invention is that new software components can be evaluated before installation, thereby preventing incompatible software components from being installed on the terminal device, which could damage or even destroy the terminal device. Furthermore, this invention relates to a system apparatus implementing the proposed method, and a computer program product comprising control instructions for implementing the proposed method. Background Technology

[0002] DE 10 2014 220 616 A1 discloses an operating system for chip cards. This document discusses bootloaders, etc., but does not mention the main aspects of this invention.

[0003] WO 2002 / 037 203 A2 teaches a method for updating software components on a mobile terminal device. This document also relates to a bootloader, specifically for a partition where the operating system is stored.

[0004] DE 10 2015 207 900 A1 teaches the updating of operating system components, where electronic components within a building are addressed. US 2016 / 0162275 A1 discloses an application inspector that identifies and isolates incompatible applications on mobile devices during software platform updates.

[0005] US 2011 / 0225575 A1 discloses a patch analysis computer that retrieves metadata from a website describing one or more patch files used to modify software in one or more target computers.

[0006] According to known technologies, software (such as operating systems) installed on terminal devices needs to be updated and / or replaced from time to time. Therefore, new software, new software components, or new operating systems must be provided, partially or completely. Using these new software components, the currently installed software or operating system is updated or completely replaced. However, problems arise when the newly provided software components or operating system are incompatible with the software system currently installed on the relevant terminal device.

[0007] This poses a significant risk that a new software component might be installed on the device but remain incompatible with existing software, such as the device's operating system. In such cases, the incompatibility wasn't identified before deployment, and the newly installed software component could corrupt the underlying terminal device. This corruption can occur when major components of the currently installed software system are removed and replaced. Because the subsequently installed major software component is inoperable due to incompatibility, the entire terminal device is compromised. Typically, the update is irreversible, as rollback is no longer possible. With the newly installed software component inoperable, the interface becomes unusable, and the terminal device cannot perform processing steps. This means the terminal device has malfunctioned and a new software component that would fix the defect cannot be installed.

[0008] Based on known technologies, available testing methods are typically performed manually and cannot handle a large number of available end devices. Therefore, these methods are not executed using automated mechanisms that can be done over a network. Furthermore, these methods are unavailable at runtime and are prone to errors because they involve significant technical work performed by operators. Summary of the Invention

[0009] Therefore, one object of the present invention is to provide an improved method for ensuring the conformity of software to be installed on a terminal device, which can be executed automatically and requires minimal technical effort. Another object is that this method can operate in real time and prevent the installation of incompatible software components. Another object of the present invention is to provide a system apparatus implemented according to the proposed method. Another object of the present invention is to provide a computer program product comprising control instructions for performing the steps of the proposed method and operating the proposed system apparatus.

[0010] Therefore, a method for ensuring the conformity of software to be installed on a terminal device is proposed. The proposed method includes the following steps: generating a requirement specification by evaluating the new software against the deployment requirements of the terminal device; sending the requirement specification to the terminal device; detecting the actual deployment requirements on the terminal device; comparing the sent requirement specification with the detected actual deployment requirements; and deploying the new software on the terminal device if it is determined that the requirement specification conforms to the actual deployment requirements.

[0011] In the context of this invention, the term "software" refers to any software or entity that can be installed on an operable terminal device to update, replace, supplement, or patch the software running on that terminal device or to add new functionality thereto. In this sense, software can be a new operating system, a part of a new operating system, a library, an application program, a hardware driver or hardware abstraction layer, middleware, etc.

[0012] If the new software does not adversely affect the operability of the terminal device and the software already installed on it, especially the operability of the terminal device's operating system, after being installed on the terminal device, then the software is qualified.

[0013] The new software requirements are primarily related to hardware and resource usage, but it also provides features mainly related to applications and user data.

[0014] The requirements for terminal devices are primarily related to their applications and user data, and should conform to the functionality provided by the new software. Terminal devices also have capabilities primarily related to their hardware and available resources, and these capabilities must conform to the requirements of the new software.

[0015] Typically, the method can be performed at least in part by a so-called embedded general-purpose integrated circuit card or general-purpose integrated circuit card.

[0016] This invention proposes a method as part of an environment that allows the deployment of software, such as a software loader or update agent. This software loader or update agent allows the deployment of software, such as compatible software components, or especially software that can be installed as part or in part of a new operating system.

[0017] The proposed method ensures compliance by checking the software's compatibility with its technical environment. Compatibility refers to any software or operating system already installed on the terminal device, as well as the terminal device and its hardware components. This invention also relates to the evaluation of the provided hardware components. In this sense, not only the compatibility of individual hardware components but also the compatibility of various hardware components working together within the terminal device must be considered.

[0018] The generation of requirements and capability specifications is performed by analyzing the image of the new software and / or the new software itself. This may involve steps such as reading the image size and / or the provided instructions. Furthermore, the new software may require specific hardware components or specific combinations of hardware components. A document indicating such requirements specifications can be attached to or part of the image of the new software and can be automatically read. Specific tests can also be performed on the new software to determine its requirements. The resulting requirements can be compiled into a file specifying the corresponding parameters and values. The steps of generating requirements specifications can be performed remotely over a network, and the resulting file can be transmitted to a terminal device. Communication with the terminal device is typically conducted using a wireless data interface. In the case of a smartphone, a mobile telecommunications network is used. According to the invention, it is possible to provide the requirements specifications first and transmit the image of the new software only if the requirements specifications are positively evaluated, rather than transmitting both the requirements specifications and the image of the new software directly. In situations where only limited bandwidth is available, the requirements specifications can be sent first, which prevents the system from sending the image of the new software if the requirements specifications are rejected.

[0019] Furthermore, the generation of the requirement specification can be performed by the terminal device itself, and the transmission of the requirement specification can be an internal device process that provides the relevant information from memory to a security element arranged or integrated within the terminal device. Therefore, according to one aspect of the invention, the step of transmitting the requirement specification to the terminal device includes transmitting data from one component within the terminal device to another.

[0020] In another step, the actual deployment requirements on the end device are detected. This means testing or at least reading out the software requirements on the end device. These deployment requirements may relate to the availability of storage space, processor type, or certain interfaces. These requirements include the specifications that need to be met to operate the new software.

[0021] When the actual deployment requirements and the requirements specification for the image of the new software are available, these two specifications can be compared, and it can be determined whether the requirements specification meets the actual deployment requirements. For this purpose, a database or table showing the deployment requirements can be provided. Then, evaluation metrics can be provided to indicate when the new software is compatible with the software to be updated or replaced.

[0022] If it is determined that the image of the new software is compatible with the operating system of the terminal device, the new software is deployed. Deploying the new software means making the image of the new software available to the terminal device and its operating system. This can also be done by delivering the image of the new software to the terminal device. Two different interfaces can be used to deliver the requirement specification and the image file. For example, the requirement specification can be provided wirelessly via a so-called over-the-air (OTA) interface, and the image can be provided using a wired communication interface. This takes into account the fact that the requirement specification is usually smaller than the image of the new software. Of course, the same interface can be used in any case. It may also be advantageous to evaluate the requirement specification first and then perform the download of the new software image. In this example, the image of the new software can be downloaded overnight when the user does not typically need a terminal device that is always operational. Therefore, the requirement specification can be provided when user feedback may be needed, and the image of the new software can be downloaded and deployed subsequently.

[0023] According to the present invention, requirements specifications can be defined to ensure compliance with actual deployment requirements. A set of rules indicating compatibility and functionality can be provided, and these rules can also be specified according to the needs of new software. Such a set of rules can also determine which hardware components in the terminal device are available and provide specifications for the supported functions. Real-time testing can also be performed to check whether the instructions of the provided new software can handle the underlying hardware infrastructure.

[0024] According to one aspect of the invention, the requirements specification may include any information regarding the version of the new software image, memory requirements, memory mapping, data format version, hardware information, and / or deployment information. In the case where the new software involves the Java Card operating system, the requirements specification may include information about the Java Card package. Because of the requirements specification, hardware and software components can be described, and this information allows the terminal device to fully determine the compatibility of the provided content. In other method steps, it is advantageous to modify the specifications of the terminal device to make the new software compatible with the terminal device, the installed software, and the hardware. Therefore, memory can be freed up and additional software can be installed.

[0025] According to another aspect of the invention, the transmission of the requirements specification is performed together with the transmission of an image of the new software to the terminal device. The advantage of this is that the terminal device can test the image of the new software, as it is provided along with the requirements specification. Furthermore, the requirements specification and the image of the new software can be compressed into a single file. Alternatively, the requirements specification and the image of the new software can also be transmitted separately.

[0026] According to another aspect of the invention, the transmission of the requirements specification is performed using a file containing the requirements specification, a signature, and / or an image of the new software. The advantage of this is that the signature can be used to protect either the requirements specification or the image of the new software, or both. Furthermore, a single file encoding all the information required to install the new software can be provided.

[0027] According to another aspect of the invention, the actual deployment requirements are detected by detection software running on the terminal device, and this detection software is preferably integrated into the terminal device's operating system or formed as a module or function therein. The advantage of this is that the actual deployment requirements can be detected at runtime, and the operating system itself can use its own settings to evaluate the provided image. Typically, the terminal device's underlying hardware infrastructure is used to detect the actual deployment requirements.

[0028] According to another aspect of the invention, deploying an image for new software includes unpacking the image file, checking its integrity, modifying the currently installed software, updating the currently installed software, replacing the currently installed software, deleting the currently installed software, and / or installing the new software on the terminal device. The advantage of this is that all the functionality required to deploy the new software is available, and the image can be unpacked, making the new software ready for deployment. Similarly, security features can be implemented. In other steps, the software to be replaced or updated is uninstalled, and the new software is installed.

[0029] According to another aspect of the invention, when new software is compatible with the operating system and / or hardware of the terminal device, the specifications are required to conform to the actual deployment requirements. The advantage of this is that it achieves compatibility, ensuring that the software and hardware components available on the terminal device are compatible. A specific set of rules can be provided to indicate compliance.

[0030] According to another aspect of the invention, a table displaying compatibility information is used to assess compliance. The advantage of this is that the manufacturer of the terminal device or the currently installed software can provide compatibility information listing all compatible software and hardware components. To achieve compliance, the table must be checked, and the new software must be compared with the currently installed components. The table can be provided using a database or a typical data file.

[0031] According to another aspect of the invention, the method is terminated if the required specifications do not conform to the actual deployment requirements, because the new software is determined to be unqualified. The advantage of doing so is that it avoids installing newly introduced software components, instead interrupting the method and preventing the installation of incompatible software. Further measures may then be necessary, such as deleting already transmitted data and notifying the user.

[0032] According to another aspect of the invention, the terminal device is a mobile phone, wearable device, portable terminal device, tablet computer, or laptop, and / or includes tamper-proof elements of any style or shape. The advantage of this is that a smartphone or wearable device can constitute the terminal device and specific hardware for operating at least a portion of the proposed method steps and providing memory for the software.

[0033] According to another aspect of the invention, the software to be installed on the terminal device may be a new operating system, a part of a new operating system, or a new operating system image installed on the terminal device, in order to update, replace, or patch the existing operating system of the terminal device.

[0034] According to another aspect of the invention, the proposed method can be executed using various types of hardware. The method can operate automatically, thus allowing for the detection and evaluation of the underlying hardware infrastructure at runtime.

[0035] According to another aspect of the invention, the step of generating the requirement specification specifically includes determining information regarding the capabilities of the new software provided to the terminal device and / or the requirements of the new software on the terminal device. Conversely, the step of detecting the actual deployment requirements specifically includes determining information regarding the capabilities of the terminal device to provide the new software and / or the requirements of the terminal device on the new software.

[0036] According to a preferred embodiment of the present invention, the software currently installed on the terminal device includes an upper software layer and a lower software layer. The upper software layer requires certain capabilities from the new software, while the new software requires certain capabilities from the lower software layer, relative to the software to be installed on the terminal device. In this software configuration, the new software is considered qualified if the new software to be installed provides all the capabilities required by the upper software layer and the lower software layer provides all the capabilities required by the software.

[0037] Therefore, this invention ensures the qualification of software in software configurations that include upper and lower software layers relative to the new software, because the step of generating the requirement specification includes determining information about the capabilities the new software provides to the upper software layer and / or information about the requirements the new software places on the lower software layer. Conversely, the step of detecting actual deployment requirements includes determining information about the capabilities the lower software layer provides to the new software and / or information about the requirements the upper software layer places on the new software.

[0038] The object of the present invention is achieved by a system apparatus for ensuring the conformity of at least a portion of software to be installed on a terminal device. The system apparatus includes a list entity configured to generate a list of requirements specifications for deployment requirements by evaluating an image of new software to be installed on the terminal device; an interface entity configured to transmit the requirements specifications to the terminal device; a detection entity configured to detect actual deployment requirements on the terminal device and compare the transmitted requirements specifications with the detected actual deployment requirements; and a deployment entity configured to deploy the image of the new software on the terminal device if it is determined that the requirements specifications conform to the actual deployment requirements.

[0039] The system apparatus of the present invention is preferably implemented by one or more computer program products, and the detection entity is preferably implemented by detection software installed on a terminal device. That is, the computer program product forming the detection entity is installed on the terminal device and, when executed, detects the actual deployment requirements on the terminal device as part of the method of the present invention.

[0040] Those skilled in the art will recognize that the system apparatus described herein may include more components, such as network components or general-purpose hardware components typically available on terminal devices. The specification is required to be generated, for example, by a server, and is required to be distributed across a computer network.

[0041] According to the present invention, it is particularly advantageous that the proposed method provides steps that can be executed by structural features of a system device including detection software for a terminal device. Furthermore, the system device includes structural features that provide functionality according to the proposed method steps. The proposed method enables the system device to operate, and the system device is capable of executing the corresponding method steps.

[0042] The object of the present invention is achieved by a computer program product configured to provide instructions to detect actual deployment requirements on a terminal device, and the object of the present invention is achieved by implementing the detection steps of the method of the present invention when the computer program product is executed on the processor of the terminal device. Attached Figure Description

[0043] The technical effects and advantages of the present invention are now provided in more detail with reference to the accompanying drawings, in which:

[0044] Figure 1 The system apparatus and functions provided by one aspect of the present invention are illustrated.

[0045] Figure 2 This is a flowchart illustrating one aspect of the proposed method for ensuring compliance;

[0046] Figure 3This is a schematic flowchart illustrating another aspect of the invention: a method for ensuring the qualification of at least a portion of an operating system; and

[0047] Figure 4 The layered software structure on the tamper-proof element of the present invention is shown. Detailed Implementation

[0048] Figure 1 The update package is shown on the left, and the terminal device is shown on the right. In step 1, the new software and an operational summary, list, or description are sent from the update package to the device. In step 2, the terminal device's current operating system checks the summary, list, or description to check the compatibility of the new software with the software currently installed on the terminal device and its operating system. In step 3, the current operating system sends an acknowledgment (ok) message or a rejection (not ok) message, indicating compatibility or incompatibility, respectively. In step 4, if the response is ok, the new software, preferably the operating system or a portion thereof or a patch, is sent to the device. In step 5, the device is finally updated with the new software. The main advantage of this process and system is that it checks compatibility to avoid locking the device. If the current operating system does not accept the software update, unnecessary new software data transmission is prevented.

[0049] Figure 2 A flowchart of a terminal device incorporating tamper-proof elements is shown. The proposed method can be provided in the form of a software loader or update agent that allows software deployment.

[0050] according to Figure 2 In some implementations, the operating system, such as that of a smart card, must be replaced or modified with new software. Typically, software updates, such as the operating system, are required from time to time, for example, through security patches. Furthermore, the new set of instructions provided by the new software may be incompatible with the existing software or hardware architecture of the terminal device. Therefore, problems may arise that render the software or hardware components of the terminal device inoperable.

[0051] According to existing technology, research on the compatibility of new software components (i.e., new operating system components) is conducted through a manual process. However, this process is labor-intensive, prone to errors, and fails to consider the environmental factors affecting compatibility in various terminal devices. Therefore, these issues lead to high costs, and further errors may occur once the hardware is operated or existing applications on the smart card are activated.

[0052] Another problem is that once the new operating system components are installed, the update process may be irreversible because the smart card may no longer function. Therefore, the issuer will have to recall the smart card, which again leads to high costs and heavy workload.

[0053] This invention proposes sending a so-called description to a device before delivering new software, such as a new operating system component. This allows the device to evaluate the software component that will be newly installed on it. This description or summary contains metadata illustrating the new software or operating system component that will be transmitted to and installed on the device. Therefore, the device can compare the functionality provided by the new software or operating system component with its existing architecture.

[0054] In another step, the device can then suggest whether to allow or deny such an update. In this way, only compatible software components will be installed, and if the update is denied, no further software components will be provided or installed.

[0055] The advantage of this approach is that it prevents compatibility issues even before new software components are provided to the device. This reduces bandwidth requirements, storage space, and processing time. However, the main advantage is preventing potentially damaging smart cards or causing incompatible and inoperable software components from being installed on the device. In summary, the advantage of this invention is its ability to perform software component updates, particularly operating system updates, without the risk of incompatibility.

[0056] Figure 3 A flowchart describing a method for ensuring the qualification of software to be installed on a terminal device is shown. The method includes the following steps: 101. Generating a requirement specification 100 by evaluating an image of the new software to be installed on the terminal device relative to the deployment requirements of the terminal device. This requirement specification is generated by determining information about the capabilities of the new software provided to the terminal device and information about the requirements of the new software on the terminal device. Next, the requirement specification is transmitted 102 to the terminal device, and the actual deployment requirements are detected 103 by the terminal device. These actual deployment requirements are detected 103 by determining information about the capabilities of the terminal device provided to the new software and information about the requirements of the terminal device on the new software. Next, the transmitted requirement specification 102 is compared 104 with the detected actual deployment requirements 103, and, if it is determined that the requirement specification conforms to the actual deployment requirements, the image of the new software is deployed 105 on the terminal device.

[0057] The steps to generate the 100 requirements specification include determining information about the capabilities of the new software provided to the end devices and the requirements of the new software on the end devices, while the steps to detect the 103 actual deployment requirements include determining information about the capabilities of the end devices provided to the new software and the requirements of the end devices on the new software.

[0058] Figure 4A layered software structure is illustrated on a tamper-proof element (TRE) installed on a terminal device. New software to be installed on the TRE must conform to this layered software structure to avoid impairing or disrupting the operability of the TRE and the terminal device. The layered software structure of the TRE consists of an upper software layer and a lower software layer relative to the new software. The operation of the upper software layer depends on the new software, while the operation of the new software depends on the lower software layer.

[0059] The upper software layer may include, for example, other software components currently installed on the TRE that require the functionality and capabilities provided by the new software to operate correctly, whether these software components are applications or system functions. Similarly, the lower software layer may include, for example, other software components currently installed on the hardware resources of the TRE or TPE and terminal devices that provide functionality and capabilities to the new software to ensure its correct operation; these software components may be applications, system functions, or hardware access components.

[0060] Because new software exhibits specific functional relationships with upper and lower software layers, the qualification of new software includes two independent aspects: on the one hand, the qualification of new software is evaluated based on its functional relationship with the upper software layer; on the other hand, the qualification of new software is evaluated based on its functional relationship with the lower software layer.

[0061] Generally, in the context of this invention, new software can be any software package, patch, or software entity that is installed on a terminal device after being provided to the end user, for example, to update or supplement functionality or improve the operation of the terminal device in any way. New software can in particular be a new operating system that completely replaces, updates, supplements, or improves an existing operating system, a new or improved library, a new or improved Hardware Abstraction Layer (HAL), a new or improved middleware, a new or improved application, etc. According to... Figure 4 In the illustrated embodiment, new software is installed on the TRE to replace, update, or patch existing software components of the TRE. TRE software components representing upper and lower software layers associated with the new software are identified within the TPE. To identify the lower software layer, all TRE software components that provide capabilities for the new software are identified, such as specific hardware architectures, specific hardware derivatives, specific peripherals, specific minimum available memory, specific software interfaces, specific software functions, etc. Similarly, to identify the upper software layer, all TRE software components that require the capabilities of the new software (e.g., specific interfaces, specific functions, etc.) are identified.

[0062] When ensuring the qualification of new software, on the one hand, it is assessed whether the lower-level software layers provide specific capabilities to the new software, thereby meeting the specific requirements of the new software. On the other hand, it is also assessed whether the new software provides specific capabilities to the upper-level software layers, thereby meeting the specific requirements of the upper-level software layers. Therefore, if the lower-level software layers provide all the capabilities required by the new software, and the new software provides all the capabilities required by the upper-level software layers, then the new software is qualified. In this case, the new software meets the requirements of the upper-level software layers, and the lower-level software layers also meet the requirements of the new software.

[0063] Therefore, in Figure 4 In this context, developing requirement specifications involves determining information about the capabilities the new software provides to upper software layers and the requirements the new software places on lower software layers. Therefore, verifying actual deployment requirements includes determining information about the capabilities the lower software layers provide to the new software and the requirements the upper software layers place on the new software.

[0064] Those skilled in the art will recognize that the foregoing method steps and technical concepts can be performed or set up repeatedly and / or in different orders or structures. Furthermore, the method steps may also include sub-steps. For example, the evaluation of a new operating system image can be performed in parallel with the detection of actual deployment requirements.

Claims

1. A method for ensuring the qualification of software to be installed on a terminal device, comprising the following steps: -Evaluate (101) new software relative to the deployment requirements of the terminal device to generate (100) requirement specifications; - Transmit the required specifications (102) to the terminal device; -Detect the actual deployment requirements on the terminal device (103), and compare the transmitted (102) requirement specifications with the detected (103) actual deployment requirements (104); and -Deploy (105) new software on the terminal device, provided that the required specifications are consistent with the actual deployment requirements. Its characteristic is that the software currently installed on the terminal device includes an upper software layer and a lower software layer, and - The generation of (100) requirement specifications includes information defining the capabilities the new software provides to upper software layers and / or information regarding the requirements the new software places on lower software layers; and - Detection (103) of actual deployment requirements includes determining information about the capabilities provided by the lower software layer to the new software and / or the requirements of the upper software layer for the new software. - The requirements and specifications described in transmission (102) are performed together with the transmission of new software to the terminal device.

2. The method as described in claim 1, characterized in that, The generation of (100) requirements specifications includes information defining the capabilities of the new software provided to the terminal device and / or the requirements of the new software on the terminal device; and The actual deployment requirements for testing (103) include determining information about the capabilities that the terminal device provides to the new software and / or the requirements of the terminal device for the new software.

3. The method as described in claim 1 or 2, characterized in that, The (100) requirements specification includes providing information about the new software, and / or, in the case of the new software involving the Java Card operating system, providing information about the Java Card Pack, and / or providing information about the version of the new software, or memory requirements, and / or memory mapping, and / or data format version, and / or hardware information and / or deployment information.

4. The method as described in claim 1 or 2, characterized in that, The actual deployment requirements are detected by the detection software installed on the terminal device (103).

5. The method as described in claim 1 or 2, characterized in that, The actual deployment requirements are detected by the detection software integrated into the operating system of the terminal device (103).

6. The method as described in claim 1 or 2, characterized in that, Deploying (105) new software includes unpacking the image file of the new software, checking its integrity, modifying the currently installed software components, updating the currently installed software components, replacing the currently installed software components, deleting the currently installed software components, and / or installing the new software on the terminal device.

7. The method as described in claim 1 or 2, characterized in that, If the new operating system is compatible with the currently installed operating system and / or hardware of the terminal device, the stated requirements are consistent with the actual deployment requirements.

8. The method as described in claim 7, characterized in that, The compliance of the required specifications with the actual deployment requirements is determined by evaluating a table of compatibility information.

9. The method as described in claim 1 or 2, characterized in that, The method is terminated if the specified requirements do not meet the actual deployment requirements.

10. The method as described in claim 1 or 2, characterized in that, Ensure the software to be installed on mobile phones, wearable devices, portable terminal devices, tablets or laptops and / or terminal devices containing tamper-proof components is qualified.

11. The method as described in claim 1 or 2, characterized in that, Install the new operating system or operating system image as new software on the terminal device.

12. A system apparatus for ensuring the qualification of software to be installed on a terminal device, comprising: -The entity is configured to generate (100) the required specifications by evaluating (101) new software relative to the deployment requirements of the terminal device; - Configured to transmit the interface entity of the required specification (102) to the terminal device; - A detection entity configured to detect the actual deployment requirements on the terminal device (103) and compare the transmitted (102) requirement specifications with the detected (103) actual deployment requirements (104); and -A deployment entity configured to deploy (105) new software on terminal devices when the required specifications meet actual deployment requirements. Its characteristic is that the software currently installed on the terminal device includes an upper software layer and a lower software layer, and - The entity set to generate (100) requirement specifications is configured to determine information about the capabilities of the new software to the upper software layer and / or the requirements of the new software to the lower software layer; and - The detection entity is configured to determine information about the capabilities that the lower software layer provides to the new software and / or about the requirements of the upper software layer for the new software. - Wherein the interface entity is configured to transmit the requirements specification described in (102) together with the transmission of new software to the terminal device.

13. The system apparatus as claimed in claim 12, characterized in that, The physical entity of the system device is implemented by one or more computer program products.

14. The system apparatus as claimed in claim 12, characterized in that, The detection entity is implemented by detection software installed on the terminal device.

15. A computer program product configured to, when installed on and executed by a terminal device, detect actual deployment requirements on the terminal device as a detection step of the method as described in any one of claims 1 to 11.