CN103441926A - Security gateway system of numerically-controlled machine tool network - Google Patents
Security gateway system of numerically-controlled machine tool network Download PDFInfo
- Publication number
- CN103441926A CN103441926A CN2013103793636A CN201310379363A CN103441926A CN 103441926 A CN103441926 A CN 103441926A CN 2013103793636 A CN2013103793636 A CN 2013103793636A CN 201310379363 A CN201310379363 A CN 201310379363A CN 103441926 A CN103441926 A CN 103441926A
- Authority
- CN
- China
- Prior art keywords
- security
- communication
- data
- authentication
- machine tool
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/02—Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]
Landscapes
- Computer And Data Communications (AREA)
Abstract
The invention discloses a security gateway system of a numerically-controlled machine tool network. The security gateway system solves the technical problem of poor security of an existing gateway system. According to the technical scheme, the security gateway system comprises a data communication security subsystem, a system safety protection subsystem, a management interface based on roles and a remote management tool. When the numerically-controlled machine tool network has access to an enterprise information network, data source authentication, data integrity authentication and communication unidirectional authentication are carried out through the data communication security subsystem, and then communication controllability authentication, abnormal event alarm and safety audit are conducted through the system safety protection subsystem. Because a safe unidirectional data communication channel is established between the enterprise information network and the numerically-controlled machine tool network, communication security mechanisms of the data source authentication, data integrity authentication, communication unidirectional authentication and the like are provided. In the security gateway system, system safety mechanisms of the communication controllability authentication, abnormal event alarm, safety audit, safety management and the like are provided, so the technical problem of high security risks due to a direct access mode are solved.
Description
Technical field
The present invention relates to a kind of security gateway system, particularly relate to a kind of Digit Control Machine Tool net security gateway system.
Background technology
The manufacturing enterprise of China is used Digit Control Machine Tool to carry out precision optical machinery processing more and more.In the machining system based on Digit Control Machine Tool, by a controller and a plurality of Digit Control Machine Tool, formed, they couple together by network, by controller, Digit Control Machine Tool are implemented to long-range setting and control, form a Digit Control Machine Tool net.
Along with industrialization and the informationalized degree of depth merge, increasing enterprise is linked into Enterprise Information Net by the Digit Control Machine Tool net, design machining drawing on the work station of engineer in Enterprise Information Net, after generating the machined parameters file, be transferred on the controller in the Digit Control Machine Tool net, be directly used in the control Digit Control Machine Tool and carry out machining, the mistake of having avoided manual delivery and input machined parameters file to introduce, improved operating efficiency greatly.
Because the node in the Digit Control Machine Tool net is mainly controller of digital controlled machine tool, belong to built-in terminal, can't protect by the safety information products such as anti-virus software are installed, in state in the air.There is larger potential safety hazard in this direct access way, and main manifestations is:
(1) may be passed to the Digit Control Machine Tool net from rogue programs such as the virus in Enterprise Information Net, wooden horses, mechanical processing process is disturbed and destroys.Shake net virus is exactly typical case.
(2), from the attack in Enterprise Information Net and violation operation, Digit Control Machine Tool net and mechanical processing process are disturbed and destroyed.
(3) the machined parameters file may illegally be distorted in transmitting procedure, the serious consequence such as cause that part is scrapped.
(4) illegal access host in the Digit Control Machine Tool net, the Entry Firm information network, implement unlawful activities without permission.
On the other hand; a lot of military enterprises have mostly set up the Digit Control Machine Tool net; and military enterprise's information network belongs to the classified information net; regulation according to national Information System Security cascade protection system; any terminal equipment must just can be linked in the classified information net under the condition of safety prevention measure is arranged, to guarantee the safety of network boundary.Because controller of digital controlled machine tool is built-in terminal, security protection system can't be installed.Therefore, usually forbid the Digit Control Machine Tool net without security protection is linked in the classified information net, can only adopt data to derive mode, on the work station of classified information net, deposit the machined parameters file of generation in CD; Then on the controller in machined parameters file in CD is imported to the Digit Control Machine Tool net again.Although this data export method is safer, also bring problems such as using inconvenience and the wasting of resources.
Visible, directly access way exists very large potential safety hazard, and data derivation mode exists problems such as using inconvenience.The key addressed these problems is the Digit Control Machine Tool net to be linked in Enterprise Information Net (comprising the classified information net) how safely, under safety, controlled condition, realizes that the safety of data file transmits.
At first, the Digit Control Machine Tool net is non-classified network, does not exist classified information to process and storage problem.Secondly, the Digit Control Machine Tool net must be linked into the company information network having under the condition of safety prevention measure, this safety prevention measure can be realized by a security gateway is set between Enterprise Information Net and Digit Control Machine Tool net, under the control of security gateway, Enterprise Information Net transmits the machined parameters file to the Digit Control Machine Tool net, both effectively reduced the security risk that direct access way is brought, and solved again data and derived the use inconvenience problem that mode is brought.
Summary of the invention
In order to overcome the poor deficiency of existing gateway security of system, the invention provides a kind of Digit Control Machine Tool net security gateway system.This system comprises data communications security subsystem, system safety protection subsystem, the management interface based on the role and telemanagement instrument.When Digit Control Machine Tool net accessing enterprise information net, carry out the authentication of data source authentication, data integrity and the communication unit tropism authenticates by the data communications security subsystem, then protect subsystem by system safety and communicate controllability authentication, abnormal event alarming and security audit.By security gateway system, set up the one way data communication passage of a safety between Enterprise Information Net and Digit Control Machine Tool net, realized the security mechanisms such as data source authentication, data integrity and communication unit tropism.In security gateway system inside, the security mechanisms such as communication controllability, abnormal event alarming, security audit and safety management are provided, further strengthened security of system.Security mechanism and security mechanism combine, and the security risk of Digit Control Machine Tool net access is reduced in controlled range, can solve the high technical problem of security risk of direct access way.
The technical solution adopted for the present invention to solve the technical problems is: a kind of Digit Control Machine Tool net security gateway system is characterized in comprising data communications security subsystem, system safety protection subsystem, the management interface based on the role and telemanagement instrument.
The data communications security subsystem is realized data source authentication, data integrity and communication unit tropism.The data source white list adopts the XML language description, and the one-way hash function in data source authentication and data integrity protection adopts the MD5 algorithm to realize.
System safety protection subsystem is realized communication controllability, abnormal event alarming and security audit.Communication controllability white list adopts the XML language description, and utilizes the API of operating system to realize its communication control function.Abnormal event alarming adopts screen display, SMS and E-mail mode, and the anomalous event details are recorded in journal file.Anomalous event comprises the accessing operation that excludes white list and the abnormal behaviour of breach of security rule.Journal file comprises two proper communication behavioural informations and exceptional communication behavioural information, and identifies different danger classes according to the order of severity of anomalous event.Journal file adopts the standard logs form record that rolled, and provides information when journal file is about to write all over, requires the timely backup log file of keeper.
Management interface module based on the role provides the management interface based on the role for the telemanagement instrument, comprise system manager and security audit person that the role separates, the system manager mainly is responsible for white list and safety regulation foundation and editor, abnormal event alarming information processing, checks that algorithm upgrades and maintenance and other the operations such as system management; Security audit person mainly is responsible for log information inquiry, audit and backup operation.
The telemanagement instrument, for the user provides the management platform of the security gateway based on the B/S three-decker, comprises secure configuration management, system operational management, anomalous event management, log query and security audit function.System manager and security audit person's role and account are divided and are arranged, and login and identity are differentiated separately separately, form the supervision mechanism of restriction mutually, guarantee fail safe and credibility that security gateway is managed.
The invention has the beneficial effects as follows: this system comprises data communications security subsystem, system safety protection subsystem, the management interface based on the role and telemanagement instrument.When Digit Control Machine Tool net accessing enterprise information net, carry out the authentication of data source authentication, data integrity and the communication unit tropism authenticates by the data communications security subsystem, then protect subsystem by system safety and communicate controllability authentication, abnormal event alarming and security audit.By security gateway system, set up the one way data communication passage of a safety between Enterprise Information Net and Digit Control Machine Tool net, realized the security mechanisms such as data source authentication, data integrity and communication unit tropism.In security gateway system inside, the security mechanisms such as communication controllability, abnormal event alarming, security audit and safety management are provided, further strengthened security of system.Security mechanism and security mechanism combine, and the security risk of Digit Control Machine Tool net access is reduced in controlled range, have solved the high technical problem of security risk of direct access way.
Below in conjunction with drawings and Examples, the present invention is elaborated.
The accompanying drawing explanation
Fig. 1 is the block diagram of Digit Control Machine Tool net security gateway system of the present invention.
Embodiment
Digit Control Machine Tool net security gateway system of the present invention comprises data communications security subsystem, system safety protection subsystem, the management interface based on the role and telemanagement instrument.
(1) data communications security subsystem: mainly realize the security mechanisms such as data source authentication, data integrity and communication unit tropism, wherein:
1. the data source white list adopts the XML language to describe, and the one-way hash function in data source authentication adopts the MD5 algorithm to realize.
2. the one-way hash function in the data integrity protection is also to adopt the MD5 algorithm to realize.
In addition, on work station end and controller end, need to realize corresponding with it data file sending and receiving program.
(2) system safety protection subsystem: the main security mechanisms such as communication controllability, abnormal event alarming, security audit of realizing, wherein:
1. the controllability of communicating by letter white list adopts the XML language to describe, and the API(that utilizes operating system is as Windows TDI interface function) realize its communication control function.
2. abnormal event alarming adopts the modes such as screen display, SMS, Email, and the anomalous event details are recorded in journal file.Anomalous event comprises the accessing operation that excludes white list and abnormal behaviour of breach of security rule etc.
3. log recording comprises two category informations: proper communication behavioural information and exceptional communication behavioural information, and identify different danger classes according to the order of severity of anomalous event.Journal file adopts the standard logs form record that rolled, and provides information when journal file is about to write all over, requires the timely backup log file of keeper.
(3) the management interface module based on the role: for the telemanagement instrument provides the management interface based on the role, comprise system manager and security audit person that the role separates, the system manager mainly is responsible for white list and safety regulation foundation and editor, abnormal event alarming information processing, checks that algorithm upgrades and maintenance and other the operations such as system management; Security audit person mainly is responsible for the operations such as log information inquiry, audit, backup.
(4) telemanagement instrument: for the user provides the management platform of the security gateway based on the B/S three-decker, comprise the functions such as secure configuration management, system operational management, anomalous event management and log query, security audit.System manager and security audit person's role and account minute are arranged, and login and identity are differentiated separately separately, form the supervision mechanism of restriction mutually, guarantee fail safe and the credibility of security gateway management.
The security mechanism that security gateway system mainly is achieved as follows:
(1) data source authentication: by the data source authentication mechanism based on white list, data source is authenticated, only have the data source (work station) on white list just to allow to initiate the TCP connection, transmission data file, prevent rogue program and attack interference and the destruction to the Digit Control Machine Tool net.
(2) data integrity: by one-way hash function, transmitted data file is carried out to integrity protection, prevent that data file from illegally being distorted in transmitting procedure.
(3) communication unit tropism: by one-way communication mechanism, only allowing Enterprise Information Net to initiate TCP to the Digit Control Machine Tool net connects and transmission data file, and forbid oppositely connecting and transmitting data, and prevent from utilizing Digit Control Machine Tool net Entry Firm information network without permission, implement unlawful activities.
(4) communication controllability: by the controlled mechanism of the communication based on white list, network service behavior to process, services and applications on security gateway system is controlled, only have the credible program on white list just to allow to carry out network communication operations, prevent that rogue program is to Enterprise Information Net or to Digit Control Machine Tool net initiation network attack.
(5) operation retrospective: by log recording and Security Auditing Mechanism, operation behaviors all on security gateway system and security incident are recorded and audit, and anomalous event is sent to warning in time.For assessing security risk, trace assailant's responsibility foundation and evidence be provided.
Below describe the present invention in detail.
1. data source authentication mechanism.
Each allows the work station of access control machine, must identify with 32 authentication codes and IP address, and registration in advance is in the data source white list of security gateway system.
Data source authentication is divided into two stages:
(1) preliminary authentication: send while setting up the TCP connection request to the controller (abbreviation controller) of Digit Control Machine Tool net when the work station (abbreviation work station) of Enterprise Information Net is used Transmission Control Protocol, at first security gateway system receives sets up the TCP connection request, then extract source IP address, data query source white list, take and determine whether as believable data source.If incredible data source does not allow to set up TCP and connects, end this operation.
(2) final authentication: connect if allow to set up TCP, work station is used one-way hash function to do hash calculating to oneself authentication code and IP address, obtain the data source hashed value, and construct a data structure, comprising data file, filename, data file hashed value, data source hashed value etc., by the tcp data bag, send to controller.At first security gateway system receives the tcp data bag, extract the data source hashed value, then use data source authentication code and IP address in identical one-way hash function calculated data source white list, the hashed value that obtains and the hashed value of extraction are compared, if identical, illustrate that this data source is believable data source, proceeds to follow-up processing; Otherwise be illegal data source, end this operation.Final authentication is attacked mainly for preventing IP spoofing.
2. data integrity mechanism.
Work station is used one-way hash function to do hash to the data file that will transmit and calculates, obtain the data file hashed value, and construct a data structure, comprising data file, filename, data file hashed value, data source hashed value etc., by the tcp data bag, send to controller.At first security gateway system receives the tcp data bag, extract the data file hashed value, then use identical one-way hash function to calculate the hashed value of received data file, compare two hashed values, if identical, illustrate that received data file is complete, be not tampered, proceed to follow-up processing; Otherwise illustrate that data file is tampered, end this operation.
3. communication unit tropism mechanism.
Security gateway system, after checking by data source authentication and data integrity, sends and sets up the TCP connection request to controller.When security gateway system receive controller allow set up the TCP connection response after, send the tcp data bag only comprise data file and filename to controller.Controller receives the tcp data bag, file is stored under the catalogue of appointment, completes this data file and transmits, and has realized the safe transfer of data file.Under any circumstance, security gateway system is all forbidden the communication request from controller, mainly for preventing from utilizing Digit Control Machine Tool net Entry Firm information network without permission, implements unlawful activities.
4. communication controllability mechanism.
In advance by allowing to carry out the process of network service on security gateway system, the title of services and applications is registered in the credible program white list of security gateway system.After the security gateway system operation, for any process, services and applications of attempting to start network service, system will be inquired about credible program white list, if its program name appears in white list, allow to carry out network communication operations, otherwise forbid this program execution.Initiate network attack mainly for preventing the rogue programs such as virus, wooden horse to Enterprise Information Net or to the Digit Control Machine Tool net.
5. Security Auditing Mechanism.
Operation behavior and security incidents all on security gateway system all will be recorded in journal file, and the information of record comprises: program module, seriousness, time, host name or IP, process name, process ID and the text etc. that produce daily record.In order to guarantee the integrality of log information, take following safeguard measure: (1) information of preventing is distorted: system forbids revising or deleting the log information in journal file usually, to keep the integrality of log information.(2) prevent loss of data: produce loss of data in order to prevent journal file from writing all over, system will be according to the journal file length of Administrator, file size is monitored, when reaching the higher limit of setting, provide continuously warning message, remind keeper's current daily record data of backup in time, to prevent loss of data.
Security audit is by the user's operation behavior in system and the statistical analysis of security incident, the violation operation that may exist in therefrom discovery system, anomalous event, attack and system vulnerability etc., for electronic evidence-collecting and the trackability of security incident provides technological means.The keeper is by the system management facility bookkeeping of auditing, and comprises that system parameters configuration, log information are checked, event statistical analysis, alarm information processing, log information backup etc.
Claims (1)
1. a Digit Control Machine Tool net security gateway system, is characterized in that comprising data communications security subsystem, system safety protection subsystem, the management interface based on the role and telemanagement instrument;
The data communications security subsystem is realized data source authentication, data integrity and communication unit tropism; The data source white list adopts the XML language description, and the one-way hash function in data source authentication and data integrity protection adopts the MD5 algorithm to realize;
System safety protection subsystem is realized communication controllability, abnormal event alarming and security audit; Communication controllability white list adopts the XML language description, and utilizes the API of operating system to realize its communication control function; Abnormal event alarming adopts screen display, SMS and E-mail mode, and the anomalous event details are recorded in journal file; Anomalous event comprises the accessing operation that excludes white list and the abnormal behaviour of breach of security rule; Journal file comprises two proper communication behavioural informations and exceptional communication behavioural information, and identifies different danger classes according to the order of severity of anomalous event; Journal file adopts the standard logs form record that rolled, and provides information when journal file is about to write all over, requires the timely backup log file of keeper;
Management interface module based on the role provides the management interface based on the role for the telemanagement instrument, comprise system manager and security audit person that the role separates, the system manager mainly is responsible for white list and safety regulation foundation and editor, abnormal event alarming information processing, checks that algorithm upgrades and maintenance and other the operations such as system management; Security audit person mainly is responsible for log information inquiry, audit and backup operation;
The telemanagement instrument, for the user provides the management platform of the security gateway based on the B/S three-decker, comprises secure configuration management, system operational management, anomalous event management, log query and security audit function; System manager and security audit person's role and account are divided and are arranged, and login and identity are differentiated separately separately, form the supervision mechanism of restriction mutually, guarantee fail safe and credibility that security gateway is managed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310379363.6A CN103441926B (en) | 2013-08-27 | 2013-08-27 | Security gateway system of numerically-controllmachine machine tool network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310379363.6A CN103441926B (en) | 2013-08-27 | 2013-08-27 | Security gateway system of numerically-controllmachine machine tool network |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103441926A true CN103441926A (en) | 2013-12-11 |
| CN103441926B CN103441926B (en) | 2016-12-28 |
Family
ID=49695592
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310379363.6A Expired - Fee Related CN103441926B (en) | 2013-08-27 | 2013-08-27 | Security gateway system of numerically-controllmachine machine tool network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103441926B (en) |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103744992A (en) * | 2014-01-22 | 2014-04-23 | 重庆心宿二信息技术有限公司 | Control method and control system for accessing to computer file contents |
| CN104539573A (en) * | 2014-10-30 | 2015-04-22 | 北京科技大学 | Communication method and device of industrial security gateway based on embedded system |
| CN105978871A (en) * | 2016-05-09 | 2016-09-28 | 北京航天数控系统有限公司 | Communication protection device for numerical control system |
| CN106354100A (en) * | 2016-11-18 | 2017-01-25 | 北京网御星云信息技术有限公司 | Operation-maintenance auditing method and device for numerical control machine tool |
| CN106411816A (en) * | 2015-07-29 | 2017-02-15 | 研祥智能科技股份有限公司 | Industrial control system, secure interconnection system and processing method thereof |
| CN106774168A (en) * | 2016-12-09 | 2017-05-31 | 中国电子科技网络信息安全有限公司 | A kind of numerical control NC code safety filtering system |
| CN108429744A (en) * | 2018-03-05 | 2018-08-21 | 中国电子科技网络信息安全有限公司 | A kind of CNC Machine Tools Communication interface security means of defence and device |
| CN109739203A (en) * | 2019-02-25 | 2019-05-10 | 南京世界村云数据产业集团有限公司 | A kind of industrial network Border Protection system |
| CN109976239A (en) * | 2019-04-29 | 2019-07-05 | 北京京航计算通讯研究所 | Industrial control system terminal security guard system |
| CN114095227A (en) * | 2021-11-15 | 2022-02-25 | 许昌许继软件技术有限公司 | Credible authentication method and system for data communication gateway and electronic equipment |
| CN114253220A (en) * | 2021-12-15 | 2022-03-29 | 三明学院 | Automatic change digit control machine tool control system |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7305547B2 (en) * | 2002-06-28 | 2007-12-04 | Hewlett-Packard Development Company, L.P. | Method for upgrading a host/agent security system that includes digital certificate management and an upgradable backward compatible host/agent security system digital certificate infrastructure |
| CN101247391A (en) * | 2007-12-28 | 2008-08-20 | 上海电力学院 | OPC safety proxy system and proxy method thereof |
| CN101588360A (en) * | 2009-07-03 | 2009-11-25 | 深圳市安络大成科技有限公司 | Associated equipment and method for internal network security management |
| CN101634850A (en) * | 2008-07-23 | 2010-01-27 | 北京三维力控科技有限公司 | Isolated gateway |
| US20120023177A1 (en) * | 2008-10-24 | 2012-01-26 | Thales | Tool for the Centralized Supervision and/or Hypervision of a Set of Systems Having Different Security Levels |
-
2013
- 2013-08-27 CN CN201310379363.6A patent/CN103441926B/en not_active Expired - Fee Related
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7305547B2 (en) * | 2002-06-28 | 2007-12-04 | Hewlett-Packard Development Company, L.P. | Method for upgrading a host/agent security system that includes digital certificate management and an upgradable backward compatible host/agent security system digital certificate infrastructure |
| CN101247391A (en) * | 2007-12-28 | 2008-08-20 | 上海电力学院 | OPC safety proxy system and proxy method thereof |
| CN101634850A (en) * | 2008-07-23 | 2010-01-27 | 北京三维力控科技有限公司 | Isolated gateway |
| US20120023177A1 (en) * | 2008-10-24 | 2012-01-26 | Thales | Tool for the Centralized Supervision and/or Hypervision of a Set of Systems Having Different Security Levels |
| CN101588360A (en) * | 2009-07-03 | 2009-11-25 | 深圳市安络大成科技有限公司 | Associated equipment and method for internal network security management |
Non-Patent Citations (1)
| Title |
|---|
| 何得勇: "内部网行为监管审计系统的设计与实现", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103744992B (en) * | 2014-01-22 | 2017-05-17 | 重庆心宿二信息技术有限公司 | Control method and control system for accessing to computer file contents |
| CN103744992A (en) * | 2014-01-22 | 2014-04-23 | 重庆心宿二信息技术有限公司 | Control method and control system for accessing to computer file contents |
| CN104539573A (en) * | 2014-10-30 | 2015-04-22 | 北京科技大学 | Communication method and device of industrial security gateway based on embedded system |
| CN104539573B (en) * | 2014-10-30 | 2018-07-27 | 北京科技大学 | A kind of communication means and device of the industry security gateway based on embedded system |
| CN106411816A (en) * | 2015-07-29 | 2017-02-15 | 研祥智能科技股份有限公司 | Industrial control system, secure interconnection system and processing method thereof |
| CN106411816B (en) * | 2015-07-29 | 2021-02-05 | 研祥智能科技股份有限公司 | Industrial control system, safety interconnection system and processing method thereof |
| CN105978871A (en) * | 2016-05-09 | 2016-09-28 | 北京航天数控系统有限公司 | Communication protection device for numerical control system |
| CN106354100A (en) * | 2016-11-18 | 2017-01-25 | 北京网御星云信息技术有限公司 | Operation-maintenance auditing method and device for numerical control machine tool |
| CN106354100B (en) * | 2016-11-18 | 2019-03-12 | 北京网御星云信息技术有限公司 | A kind of operation audit method and device applied to numerically-controlled machine tool |
| CN106774168B (en) * | 2016-12-09 | 2019-06-28 | 中国电子科技网络信息安全有限公司 | A kind of numerical control NC code safety filtering system |
| CN106774168A (en) * | 2016-12-09 | 2017-05-31 | 中国电子科技网络信息安全有限公司 | A kind of numerical control NC code safety filtering system |
| CN108429744A (en) * | 2018-03-05 | 2018-08-21 | 中国电子科技网络信息安全有限公司 | A kind of CNC Machine Tools Communication interface security means of defence and device |
| CN109739203A (en) * | 2019-02-25 | 2019-05-10 | 南京世界村云数据产业集团有限公司 | A kind of industrial network Border Protection system |
| CN109739203B (en) * | 2019-02-25 | 2021-09-21 | 南京世界村云数据产业集团有限公司 | Industrial network boundary protection system |
| CN109976239A (en) * | 2019-04-29 | 2019-07-05 | 北京京航计算通讯研究所 | Industrial control system terminal security guard system |
| CN114095227A (en) * | 2021-11-15 | 2022-02-25 | 许昌许继软件技术有限公司 | Credible authentication method and system for data communication gateway and electronic equipment |
| CN114253220A (en) * | 2021-12-15 | 2022-03-29 | 三明学院 | Automatic change digit control machine tool control system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103441926B (en) | 2016-12-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103441926A (en) | Security gateway system of numerically-controlled machine tool network | |
| Benias et al. | A review on the readiness level and cyber-security challenges in Industry 4.0 | |
| CN109995796B (en) | Industrial control system terminal safety protection method | |
| CN109976239B (en) | Industrial control system terminal safety protection system | |
| CN106789015B (en) | Intelligent power distribution network communication safety system | |
| CN109739203B (en) | Industrial network boundary protection system | |
| CN103413088B (en) | A kind of computer document operation safety auditing system | |
| CN104753936A (en) | Opc security gateway system | |
| CN111930723B (en) | Scientific and technological achievement data fusion method based on big data | |
| CN105430000A (en) | Cloud computing security management system | |
| CN104184735A (en) | Electric marketing mobile application safe protection system | |
| CN104320389A (en) | Fusion identify protection system and fusion identify protection method based on cloud computing | |
| CN103413083A (en) | Security defending system for single host | |
| US9608973B2 (en) | Security management system including multiple relay servers and security management method | |
| CN103236932A (en) | Webpage tamper-proofing device and method based on access control and directory protection | |
| Abouzakhar | Critical infrastructure cybersecurity: A review of recent threats and violations | |
| CN103530559A (en) | Integrity protection system of Android system | |
| CN113382076A (en) | Internet of things terminal security threat analysis method and protection method | |
| CN113311809A (en) | Industrial control system-based safe operation and maintenance instruction blocking device and method | |
| CN110087238B (en) | Information security protection system of mobile electronic equipment | |
| CN108388779A (en) | A kind of Portable Automatic stamper machine and management system and its management control method | |
| Braband | What's Security Level got to do with Safety Integrity Level? | |
| CN111652454A (en) | Supervision quality and safety production management evaluation management system | |
| Gu et al. | IoT security and new trends of solutions | |
| CN107315963A (en) | A kind of financial management method with remote access function |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CB03 | Change of inventor or designer information |
Inventor after: Li Yonghu Inventor before: Cai Lin Inventor before: Cai Wandong |
|
| CB03 | Change of inventor or designer information | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20171013 Address after: Room 3, building 60, Yan Yan Road, Chengxi District, Qinghai, Xining, 810000, China Patentee after: Xining wiscom Electronics Co. Ltd. Address before: 710072 Xi'an friendship West Road, Shaanxi, No. 127 Patentee before: Northwestern Polytechnical University |
|
| TR01 | Transfer of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20161228 Termination date: 20190827 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |