Method and device for analyzing service-oriented communication

What is claimed is: 1. A method for analyzing service-oriented communication in a communications network, comprising the following steps: analyzing a data packet, and determining, based on information about a data field of a header included in the data packet, whether or not the data packet meets a criterion, the criterion defining a setpoint value for at least one value from the data field permitted in the communications network, the communications network being an automotive communications network in a vehicle; wherein the header is a header for service-oriented communication; wherein the setpoint value defines a combination of values, permitted in the communications network, of at least two different fields of the header of the data packet; wherein an anomaly or an intrusion in the communications network is detected when the criterion is not met by the data packet; wherein the combination of values defines a permitted combination of identifiers in the header of the data packet which identify a service user and a service provider, the service user being a user of a service, and the service provider being a provider of the service; wherein the method further comprises performing a countermeasure in response to detecting the anomaly or the intrusion in the communications network; and wherein the determining of whether or not the data packet meets the criterion is based on a table or a database, the table or the database storing identifications of permitted service providers, identifications of permitted service users, and permitted combinations of which service users may use which service providers. 2. The method as recited in claim 1 , wherein the combination of values permitted in the communications network is a combination of the service provider identified in the header of the data packet by a service ID, and the service user identified in the header of the data packet identified by a client ID. 3. The method as recited in claim 1 , wherein the determining includes checking whether a field “protocol version” from the data packet and/or a field “message type” from the data packet and/or a field “return code” from the data packet, has a value permitted in the communications network. 4. The method as recited in claim 3 , wherein the determining includes checking whether the fields “message type” and “return code” assume a permitted combination. 5. The method as recited in claim 1 , wherein the determining includes checking whether an error code is transmitted in a field “return code” of the data packet. 6. The method as recited in claim 1 , wherein the determining includes checking whether a length of the data packet coincides with a length specified in a “length” field of the data packet and/or whether the data packet is longer or shorter than permitted in the communications network. 7. The method is recited in claim 1 , wherein before an inspection of the criterion, it is checked whether the data packet is part of a service-oriented communication, the inspection of the criterion being carried out only if the data packet is part of a service-oriented communication. 8. The method as recited in claim 1 , wherein the countermeasure includes prohibiting the data packet from being sent to a network user of the communications network. 9. A device for analyzing service-oriented communication in a communications network, the device comprising: an analysis unit which is: (i) situated in a connecting element for connecting data lines in the communications network for transmitting data packets, or (ii) connected or connectable to the connecting element for communication, the analysis unit configured to: analyze a data packet, and determine, based on information about a data field of a header included in the data packet, whether or not the data packet meets a criterion, the criterion defining a setpoint value for at least one value from the data field permitted in the communications network, the communications network being an automotive communications network in a vehicle; wherein the setpoint value defines a combination of values, permitted in the communications network, of at least two different fields of the data packet; wherein an anomaly or an intrusion in the communications network is detected when the criterion is not met by the data packet; wherein the header is a header for service-oriented communication; wherein the combination of values defines a permitted combination of identifiers in the header of the data packet which identify a service user and a service provider, the service user being a user of a service, and the service provider being a provider of the service; wherein the analysis unit is configured to initiate a countermeasure in response to detecting the anomaly or the intrusion in the communications network; and wherein the determination of whether or not the data packet meets the criterion is based on a table or a database, the table or the database storing identifications of permitted service providers, identifications of permitted service users, and permitted combinations of which service users may use which service providers. 10. The device as recited in claim 9 , wherein the connecting element is an automotive Ethernet switch. 11. The device as recited in claim 9 , wherein the combination of values permitted in the communications network is a combination of the service provider identified in the header of the data packet by a service ID, and the service user identified in the header of the data packet identified by a client ID. 12. The device as recited in claim 9 , wherein the combination of values defines a permitted combination of values of a message type field in the header of the data packet and a return code field of the header of the data packet. 13. The device as recited in claim 9 , wherein the countermeasure includes prohibiting the data packet to a network user of the communications network. 14. A non-transitory computer-readable storage medium on which is stored a computer program for analyzing service-oriented communication in a communications network, the computer program, when executed by a computer, causing the computer to perform the following steps: analyzing a data packet, and determining, based on information about a data field of a header included in the data packet, whether or not the data packet meets a criterion, the criterion defining a setpoint value for at least one value from the data field permitted in the communications network, the communications network being an automotive communications network in a vehicle; wherein the header is a header for service-oriented communication; wherein the setpoint value defines a combination of values, permitted in the communications network, of at least two different fields of the data packet; wherein an anomaly or an intrusion in the communications network is detected when the criterion is not met by the data packet; wherein the combination of values defines a permitted combination of identifiers in the header of the data packet which identify a service user and a service provider, the service user being a user of a service, and the service provider being a provider of the service; and wherein the method further comprises performing a countermeasure in response to detecting the anomaly or the intrusion in the communications network; and wherein the determination of whether or not the data packet meets the criterion is based on a table or a database, the table or the database storing identifications of permitted service providers, identifications of permitted service users, and permitted combinations of which service users may use which servi