CN115237697A - Universal cipher machine test platform - Google Patents

Universal cipher machine test platform Download PDF

Info

Publication number
CN115237697A
CN115237697A CN202210896632.5A CN202210896632A CN115237697A CN 115237697 A CN115237697 A CN 115237697A CN 202210896632 A CN202210896632 A CN 202210896632A CN 115237697 A CN115237697 A CN 115237697A
Authority
CN
China
Prior art keywords
cipher machine
board
interface
power
cipher
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210896632.5A
Other languages
Chinese (zh)
Inventor
王进
杨俊�
习亮
宋峙峰
万星
曲新春
李洋
李嘉禾
冯成林
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Institute of Computer Technology and Applications
Original Assignee
Beijing Institute of Computer Technology and Applications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Institute of Computer Technology and Applications filed Critical Beijing Institute of Computer Technology and Applications
Priority to CN202210896632.5A priority Critical patent/CN115237697A/en
Publication of CN115237697A publication Critical patent/CN115237697A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/22Detection or location of defective computer hardware by testing during standby operation or during idle time, e.g. start-up testing
    • G06F11/2205Detection or location of defective computer hardware by testing during standby operation or during idle time, e.g. start-up testing using arrangements specific to the hardware being tested
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/22Detection or location of defective computer hardware by testing during standby operation or during idle time, e.g. start-up testing
    • G06F11/2273Test methods

Landscapes

  • Engineering & Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Quality & Reliability (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Test And Diagnosis Of Digital Computers (AREA)

Abstract

The invention relates to a universal cipher machine test platform, and belongs to the field of cipher machine tests. The password test platform comprises a main control unit, a back plate, an interface plate and a switching plate. The main control runs test software and bottom layer drive; the interface board is compatible with the current common interface protocol; the back board is a mixed slot position, supports standard board cards such as VPX, PXIe, CPCIe and the like, and provides a power interface and an interconnection channel for a main control board and an interface board; the adapter plate is mainly used for testing scenes of non-standard cipher machines, realizes functions of converting differential signals into single terminals and testing starting time, power consumption and the like of the cipher machines, can improve the anti-interference performance of service interfaces, enhances the environmental adaptability and extends the use scenes. This greatly improves the quantity of testing the cipher machine simultaneously.

Description

Universal cipher machine test platform
Technical Field
The invention belongs to the field of cipher machine testing, and particularly relates to a universal cipher machine testing platform.
Background
Cipher machines are essential key devices in information security systems, and are usually used for realizing encryption (plaintext-ciphertext) or crypto-parsing (ciphertext-plaintext). The cipher machine is not only used in the fields of military affairs, foreign exchange information and the like, but also is widely integrated into the daily life of people at present, such as financial encryption cards, security gateways, encrypted voice and the like. It is a core device in the whole information security field, which is related to the information security of the national level and the personal level. Therefore, the robustness of the cryptographic engine itself is particularly important, regarding the security of the whole information system. Generally, a great deal of function, performance test and reliability test is performed before the cipher machine is put into use, which is a tedious and tedious process. However, the cipher machines have different physical forms, different sizes and different external interface protocols, so that application scenes are different, which is a great challenge for the test and maintenance of the cipher machines.
The traditional automatic testing platform of the cipher machine can realize mutual independence of a test case and a maintenance tool, and self-conversion of a test data format and a command length, so that the testing automation level is improved. For example, the application No. 201310368525.6 discloses an automatic testing system and a working method thereof for a cipher machine, and aims to solve the problem that the testing and maintenance management mode of the cipher machine is single and not easy to expand, and is not beneficial to the management requirements of automatic and intelligent testing and maintenance. "
Another example is the cipher machine testing device and the method for testing cipher machine with the same, which is the application No. 202011203466.3, which discloses a cipher machine testing device and a testing method, and aims to solve the problems that because the number of variable domains is large, the rules are complex, each instruction needs to be spliced byte by byte according to the rules, some variable domains need to send hexadecimal data, some variable domains need to be ASCII codes, the codes need to be converted by themselves, and the length of the command needs to be calculated by itself, the method is too complex, consumes a long time, and is easy to make mistakes. "
In summary, the conventional cryptographic engine test platform only describes the related test method in the software application layer, and does not describe the hardware compatibility between the cryptographic engine and the test platform, i.e. the conventional cryptographic engine test platform cannot be used universally; secondly, the cipher machines cannot be tested simultaneously in large batches; finally, the function of testing hardware parameters (such as the power consumption of the cipher machine, the starting time of the cipher machine and the like) of the cipher machine is not provided.
It is an object of an embodiment of the present invention to provide a general cryptographic engine testing platform, which is used to solve one or more of the above technical problems.
Disclosure of Invention
Technical problem to be solved
The technical problem to be solved by the invention is how to provide a universal cipher machine test platform, so as to solve the problems that the traditional cipher machine test platform only describes a related test method in a software application layer, does not describe the hardware compatibility between a cipher machine and the test platform, namely, the universal cipher machine test platform cannot be used, and the cipher machines cannot be simultaneously tested in a large batch; finally, the problem of testing hardware parameters of the cipher machine is solved.
(II) technical scheme
In order to solve the technical problem, the invention provides a universal cipher machine test platform which comprises a main control, a back plate, an interface plate and a switching plate, wherein test software and a bottom layer drive are operated on the main control; the interface board is compatible with an interface protocol; the back board is a mixing slot position and provides a power interface and an interconnection channel for the main control and the interface board; the adapter plate is used for a non-standard cipher machine test scene, is connected with the interface board and the cipher machine, and realizes the measurement of the differential-to-single end and the start time and the power consumption of the test cipher machine; directly inserting a tested cipher machine on a backboard of a test platform aiming at standard board cards PXIe and VPX form cipher machines; if the external interconnection of the cipher machine adopts a standard physical interface RJ45/SFP, designing the standard physical interface on the interface board; if the cipher machine adopts low-speed interface uart, SPI or IIC for external interconnection, differential signal transmission is adopted, and a transfer board with the function of converting differential signals into single-ended signals is connected to an interface board in series in the cipher machine, so that anti-interference remote communication can be realized; .
Furthermore, the interface board is 3U-shaped, supports the hot plug function of the board level, and comprises a ZYNQ bus, an RS-485 bus, a J30J quick-locking connector and a single-end-to-differential chip; with ZYNQ as a core architecture, arm software and FPGA logic can be operated simultaneously, so that multi-protocol calling and logic control are facilitated; the hot-plug interchangeable electric port and optical port support the Ethernet protocol, and the highest speed can reach 10Gbps; the RS-485 bus and the single-end-to-differential chip are used for connecting the J30J quick-lock connector and the ZYNQ, and are used for receiving hardware parameters of the cipher machine acquired by the external adapter plate and transmitting the hardware parameters to the master control; the interface board adopts a J30J quick-locking connector supporting high-speed signal transmission and supports up to 50 pairs of differential signals.
Further, an interface board ZYNQ is used as a core architecture, and the ZYNQ writes a configuration file through an SD card; the Ethernet interface and the ZYNQ are interconnected through serdes high-speed signals, and the highest speed can reach 10Gbps; a single-ended control signal LVTTL interconnected with ZYNQ passes through an optical coupling isolation device and then is sent to a single-ended to differential chip, and the differential transmission function is realized; the interface board and the main control are interconnected through a back board PCIe multiplied by 4.
Further, the J30J quick-lock connector is 100 pins, and includes 44 pairs of differential signals, 12 ground signals, and is divided into two channels, each channel has 22 pairs of differential pairs, one of which is RS-485, and 21 pairs of freely available, 6 ground signals; the two channels adopt different isolation power supplies for power supply to realize the electrical isolation between the channels; meanwhile, all single-ended signals are isolated by the optical coupler, so that the internal and external isolation of the board card is realized; the power management unit directly supplies power to the on-board GND domain device, the isolation power supply 1 supplies power to the ISO _ GND1 domain circuit, the isolation power supply 2 supplies power to the ISO _ GND2 domain circuit corresponding to the channel 1, and the channel 2 corresponds to the isolation power supply.
Furthermore, the adapter plate is positioned between the interface board and the cipher machine to be tested, converts the differential signal transmitted by the interface board into a single-ended signal, measures the power consumption and the starting time of the cipher machine, and provides an independent power supply channel for the cipher machine; the adapter board takes the MCU as a control core, the MCU controls the cipher machine to be electrified, and the power consumption and the starting time of the board card are transmitted to the interface board through RS-485; the precise resistor and the acquisition chip are used for acquiring the power consumption of the cipher machine board card; the starting time of the cipher machine is the difference between the power-on time of the cipher machine and an indication signal sent after the cipher machine works normally; the power module provides power for the adapter plate and the cipher machine behind, and is independent of each other.
Furthermore, the adapter board is independently powered by 12V through the power connector and then is converted into a 5V input multi-channel power supply through the isolation power supply module, the multi-channel power supply module enables independent channels for supplying power to the MCU, enabling pins and PGOOD signals of other power output channels are interconnected with the MCU, and the MCU controls enabling pins of other power supplies to output when working normally; the tested cipherers are independently supplied with power without influencing each other, a high-precision metal film resistor is connected in series at each cipher power supply interface, two ends of each metal film resistor are connected to the differential input end of the acquisition chip LTC2991 respectively, the ADC integrated in the metal film resistor converts the acquired analog voltage signals into digital signals, the digital signals are transmitted to the MCU through the IIC bus, and the MCU transmits power consumption information to the interface board through the RS-485 bus.
Furthermore, the metal film resistor is far away from the interference of a clock and a high-speed signal, the wiring is as short and thick as possible, no device is placed on the bottom layer, and copper is completely paved.
Further, the starting time of the cipher machine is measured, a PGOOD signal generated by the multichannel power supply module and a state indication signal sent by the cipher machine are collected by the MCU, the time difference between the two signals is the starting time of the cipher machine, the MCU sends time information to the interface board through the RS-485 bus, the interface board sends the time information to the master control, the starting time of the cipher machine is obtained, the next action can be performed, and the condition that the time information passes or does not pass is displayed finally.
Furthermore, the power consumption detection unit supplies power independently, and controls the power supply channel to supply power independently for the cipher machine after the power consumption detection unit works normally; each independent power supply channel is connected with a precision resistor in series, voltage at two ends of each precision resistor is collected and converted into digital signals and then sent to the MCU through the bus, the MCU sends the power consumption of the cipher machine to the interface board through the bus, the interface board transmits power consumption information to the master control unit again, the power consumption value of the cipher machine can be obtained, secondary processing can be carried out subsequently, and whether the power consumption meets requirements or not is judged.
Furthermore, the state indication signal sent by the tested cipher machine is used for controlling the conversion from differential to single-ended chip enabling, and data interaction can be carried out only after the state of the tested device is completely prepared, so that the test system is in a safe and credible state.
(III) advantageous effects
The invention provides a universal cipher machine test platform which comprises a main control unit, a back plate, an interface plate and a switching plate. The main control runs test software and bottom layer drive; the interface board is compatible with the current common interface protocol; the back board is a hybrid slot position, supports standard board cards such as VPX, PXIe, CPCIe and the like (including but not limited to the standard board cards mentioned in the text), and provides a power interface and an interconnection channel for a main control and an interface board; the adapter plate is mainly used for testing scenes of non-standard cipher machines, realizes functions of converting differential signals into single terminals and testing starting time, power consumption and the like of the cipher machines, can improve the anti-interference performance of service interfaces, enhances the environmental adaptability and extends the use scenes.
The main control of the universal cipher machine test platform is used for simulating test data, running a test environment and interconnected with an interface board through a PCIe bus. Both the data bus bandwidth and the on-board resources are sufficient to support multi-cipher high volume testing. Secondly, the password testing platform adopts a card insertion type platform, a plurality of interface boards can be inserted theoretically, one interface board can test a plurality of cipherers simultaneously, the number of the cipherers to be tested simultaneously is greatly increased, and if the physical size of the interface board is increased, the number of the cipherers to be tested simultaneously can be continuously increased.
Drawings
FIG. 1 is a schematic diagram of a universal cryptographic engine test platform according to the present invention;
FIG. 2 is a test scheme of a standard board card form cipher machine;
FIG. 3 is a schematic diagram of a pluggable optical port (left) and an electrical port (right);
FIG. 4 is a schematic diagram of a nonstandard cipher machine (single ended signal) test platform;
FIG. 5 is a schematic block diagram of an interface board of the password testing platform (3U board card);
FIG. 6 is a patch panel with the power consumption, start-up time measurement and differential to single-ended functionality of a cryptographic engine;
fig. 7 is a system block diagram of embodiment 1.
Detailed Description
In order to make the objects, contents and advantages of the present invention clearer, the following detailed description of the embodiments of the present invention will be made in conjunction with the accompanying drawings and examples.
The invention provides a universal cipher machine test platform which comprises a cipher test platform and a cipher machine. The password test platform comprises input and output equipment, a master control unit, an interface board card, a back plate, a switching plate and the like.
Due to different external interface protocols (such as TCP/IP, PCIe, SRIO, UART, SPI, IIC and the like) and different physical shapes and sizes (such as a rack server, a standard board card and a non-standard product) and the like of the cipher machine, the traditional cipher machine test system or platform cannot be compatible with various cipher machines of various types, and is difficult to be universal; in addition, the conventional test platform always realizes the simultaneous test of a plurality of cipher machines in a large batch at the application layer, and a method for realizing the simultaneous test in a large batch at the actual hardware level is not described, and the test of the hardware performance of the cipher machines is not included.
Therefore, in order to adapt to various types of cipher machines and support large-batch testing and cipher machine hardware performance testing, the invention provides a universal cipher machine testing platform which can support multi-type and large-batch cipher machine testing and can also test hardware parameters of the cipher machine, and the universal cipher machine testing platform is composed as shown in figure 1.
The password testing platform comprises a main control unit, a back plate, an interface plate, a switching plate, a mouse, a keyboard and a display. The main control runs test software and bottom layer drive; the interface board is compatible with the current common interface protocol; the back board is a hybrid slot position, supports standard board cards such as VPX, PXIe, CPCIe and the like (including but not limited to the standard board cards mentioned in the text), and provides a power interface and an interconnection channel for a main control and an interface board; the adapter plate is mainly used for a nonstandard cipher machine test scene, is connected with an interface board and a cipher machine, realizes the measurement of the starting time and the power consumption of a differential-to-single end and a test cipher machine, can improve the anti-interference performance of a service interface, enhances the environmental adaptability and prolongs the use scene.
The invention provides a universal cipher machine test platform, which realizes the functions of universal and large-batch test, cipher machine hardware parameter measurement and the like by adopting a mixed back plate supporting a plurality of standard board cards, a high-performance master control interface board and a switching board compatible with a plurality of interface protocols and physical interfaces.
How to do one get universal?
The main difficulty in realizing the universal cipher machine test platform is as follows: (1) the protocols of external interfaces of the cipher machines are different; second, the physical link for transmitting signals has single-ended signals, differential signals, low-speed signals and high-speed signals. Therefore, to realize a universal cipher machine test platform, the problems that the external interface protocols and physical links of the cipher machine are different, and the physical appearance and size of the cipher machine are different need to be solved. By classifying and summarizing the service interface protocol of a common cipher machine and the physical form of the cipher machine, the universal cipher machine test platform can be divided into the following three application scenes.
(1) Standard board card form cipher machine
For a common standard board card type cipher machine (VPX, PXIe, CPCIe), a service interface usually adopts a high-speed point-to-point communication mode, an adopted communication protocol includes PCIe, SRIO and gigabit or ten-gigabit ethernet, an external interface is located on a board card backplane connector, and for this case, a hybrid slot backplane can be adopted for a cipher test platform, and the backplane needs to support multiple board card standards, such as VPX, PXIe, CPCIe, and the like. At the moment, the cipher machine can be directly inserted into a backboard of the cipher test platform, and the backboard provides information interaction and power supply channels for the cipher machine in the forms of the master control board card and the tested standard board card. And the master control operation test software is used for realizing the performance and function test of the cipher machine. The test scenario of the standard board card form cipher machine only needs the main control and the back board, as shown in fig. 2.
(2) Cipher machine for standard equipment
The standard form equipment cipher machine is most common to a rack server cipher machine, and an external service interface of the rack server cipher machine is usually a standard ethernet (an electrical interface or an optical interface) and supports a TCP/IP protocol. The interface board of the scheme supports the mutual replacement of an electrical port (RJ 45, twisted pair) and an optical port (SFP, optical fiber), the speed of a service interface (optical port) can reach 10Gbps at most, and the replaceable optical port and the replaceable electrical port are shown in figure 3. Through an alternative physical interface, the test platform can be compatible with a server cipher machine which is commonly used at present.
The test platform has the advantages that the main control also has the standard Ethernet interface, if only one cipher machine with the standard Ethernet interface is tested, the main control is the cipher test platform, and the test software or the function library running on the main control can realize the performance and function test of the cipher machine.
In the test scene, if a plurality of devices of standard Ethernet interfaces need to be tested simultaneously, a test platform consists of a main control, an interface board and a back board; if the device to be tested is a device to be tested, only the main control and the back board are needed.
(3) Nonstandard cipher machine
The nonstandard cipher machines have different forms, service interface protocols have various choices, and an interface board is indispensable at the moment, can be compatible with various interface protocols and is adaptive to a mixed back board of a test platform, so that the test platform is universal as much as possible. The interface board can also be in a special form (universal by replacing the interface board). If the non-standard cipher machine is used as a service port through a standard physical link such as a twisted pair or an optical fiber, the interface board only needs to support a corresponding interface (an optical port or an electrical port) and is directly connected through the twisted pair or the optical fiber. If the non-standard cipher machine service port needs to communicate remotely while parallel data is transmitted, the interface board may adopt differential transmission, and a patch panel for converting a differential signal into a single-ended signal is connected to the cable at one end of the cipher machine to be tested, so as to implement reliable communication remotely, as shown in fig. 4.
(4) Interface board design
The universal function of the universal cipher machine test platform is mainly realized by the compatibility of the interface board and the backboard, and the backboard can adopt a plurality of standard mixing slot positions, so that the universal cipher machine test platform is easy to realize.
The interface board is in a standard board card form, is arranged on the back board, is directly or indirectly interconnected with the tested cipher machine through the adapter board, is compatible with various interface protocols, and supports various standard physical interfaces. In general, common protocols for cipher machine service ports are PCIe, SRIO, uart, SPI, TCP/IP, IIC, etc. Common standard physical interfaces of a TCP/IP protocol are in the forms of RJ45, SFP and the like; PCIe and SRIO are usually applied to a cipher machine in a standard board card form, and a functional performance test is completed by interconnecting a bottom board connector of a board card of the cipher machine and a test platform; however, the physical forms of the low-speed interfaces such as uart, SPI, and IIC are different, and due to the short transmission distance and the weak anti-interference capability, they need to be considered in a lump.
Through the analysis, aiming at the cipher machines in the forms of standard board cards (PXIe, VPX and the like), the tested cipher machines are directly installed and inserted on the backboard of the test platform; if the external interconnection of the cipher machine adopts a standard physical interface RJ45/SFP, the standard physical interface is designed on an interface board; if the cipher machine adopts a low-speed interface for external interconnection, such as: uart, SPI, IIC and the like, differential signal transmission is adopted, and an adapter plate with the function of converting differential signals into single-ended signals is connected in series at the equipment end of the cipher machine, so that anti-interference remote communication can be realized.
The interface board adopted by the scheme is 3U (5 HP) in size, supports the board card level hot plug function and comprises a ZYNQ, an RS-485 bus, a J30J quick-locking connector and a single-end-to-differential chip; the ZYNQ is used as a core framework, arm software and FPGA logic can be operated simultaneously, and multi-protocol calling and logic control are facilitated; the hot-plug interchangeable electric port and optical port mainly support the Ethernet protocol, and the highest speed can reach 10Gbps; the RS-485 bus and the single-end-to-differential chip are used for connecting the J30J quick-lock connector and the ZYNQ, and are used for receiving hardware parameters of the cipher machine acquired by the external adapter plate and transmitting the hardware parameters to the master control; the interface board adopts a J30J quick-locking connector supporting high-speed signal transmission and can support up to 50 pairs of differential signals.
In order to be compatible with a general cipher machine test platform, the interface board also needs to conform to the mechanical and electrical performance of the hybrid slot back plate. A functional block diagram of the interface board is shown in fig. 5.
As shown in fig. 5, the interface board ZYNQ is a core architecture, and the ZYNQ writes a configuration file through the SD card. The physical forms of the external interfaces mainly include two types, one is an optoelectronic replaceable Ethernet interface, and the other is a J30J quick-locking connector, namely a differential interface. The Ethernet interface and the ZYNQ are interconnected through series high-speed signals, and the highest speed can reach 10Gbps. And a single-ended control signal LVTTL interconnected with ZYNQ passes through the optical coupling isolation device and then is sent to a single-ended to differential chip (the chip model: DS26LV31 WQML), so that the differential transmission function is realized. The interface board and the main control are interconnected through a back board PCIe multiplied by 4. The interface board supplies power through the backplane connector, and the hot plug controller at the interface is used for realizing the board card level hot plug function; the power management unit directly supplies power to the on-board GND domain device; the isolation power supply 1 supplies power to the ISO _ GND1 domain circuit, the isolation power supply 2 supplies power to the ISO _ GND2 domain circuit corresponding to the channel 1, and the channels are divided into the following parts corresponding to the channel 2.
The J30J quick-locking connector (specific model: J30JA-100 ZKW-J) adopted by the scheme is 100 pins and comprises 44 pairs of differential signals and 12 ground signals (6 each of ISO _ GND1 and ISO _ GND 2), wherein the differential signals are divided into two channels (two colors in a block diagram represent the two channels), and each channel comprises 22 pairs of differential pairs (one pair is RS-485, and the freely available pair is 21 pairs) and 6 ground signals. The two channels adopt different isolation power supplies for power supply, so that the electrical isolation between the channels is realized; meanwhile, all single-ended signals are isolated by the optical coupler, so that the internal and external isolation of the board card is realized.
(5) Adapter plate design
The adapter plate is positioned between the interface board and the cipher machine to be tested (the side close to the cipher machine to be tested has weak anti-interference capability due to the transmission distance of the single-ended signal), and is an independent module (or device), which mainly realizes the functions of converting the differential signal transmitted by the interface board into the single-ended signal, measuring the power consumption and the starting time of the cipher machine (of course, environmental data acquisition and the like can be added), providing an independent power supply channel for the cipher machine, and the like. The adapter board takes an MCU (STM 32 and the like) as a control core, the MCU controls the cipher machine to be electrified, and the power consumption and the starting time of the board card are transmitted to the interface board through RS-485; the precise resistor and the acquisition chip are used for acquiring the power consumption of the cipher machine board card; the starting time of the cipher machine is the difference between the power-on time of the cipher machine and an indication signal sent after the cipher machine works normally; the power module provides power for the adapter plate and the cipher machine behind, and is independent of each other. The adapter board can interconnect two cipher machines with signals of up to 25 pins, can provide 80W load capacity, and can cover a test scene that the power consumption of a single-board cipher machine is lower than 40W, and a schematic diagram block diagram of the adapter board is shown in FIG. 6.
As shown in fig. 6, the adapter board is powered by 12V alone through the power connector and then converted into a 5V input multi-channel power supply through the isolation power module, and the multi-channel power supply has the characteristics of wide input range and adjustable output voltage. The multichannel power module enables independent channels for supplying power to the MCU, the enable pins of the output channels of the other power sources and PGOOD signals are interconnected with the MCU, and the MCU can control the enable pins of the other power sources to output when the MCU works normally. The tested cipherers are independently supplied with power without influencing each other, a high-precision metal film resistor (10 mohm resistance value is selected in the scheme) is connected in series at each power supply interface of the cipherers, two ends of the metal film resistor are connected with differential input ends of an acquisition chip (LTC 2991) respectively, an ADC (analog to digital converter) integrated in the cipherers converts acquired analog voltage signals into digital signals, the digital signals are transmitted to an MCU (microprogrammed control unit) through an IIC (inter-integrated circuit) bus, and the MCU transmits power consumption information to an interface board through an RS-485 bus. It should be noted that the metal film resistor needs to be far away from the interference of a clock, a high-speed signal and the like, the wiring is as short and thick as possible, no device is placed on the bottom layer, copper is completely laid, and the measurement accuracy is guaranteed.
The differential interface on the board adopts a high-reliability connector (J30 JZLN100ZKWA 000) and can support severe mechanical experiments such as vibration, impact (which can meet the test requirements of GJB150.16A/18A) and the like; the differential interface signals are still divided into two groups, converted into single-ended signals through a differential chip DS26LV32AWQML and then subjected to signal interaction with the cipher machine to be tested through a J63A connector.
Cipher machine start time measurement
The starting time measurement of the cipher machine is that the MCU collects a PGOOD (2 &3) signal generated by the multi-channel power module and a state indication signal (a mark signal indicating that the cipher machine module is completely prepared and works normally) signal sent by the cipher machine, the time difference between the two signals is the starting time of the cipher machine, the MCU sends time information to an interface board through an RS-485 bus, the interface board sends the time information to a master controller, the starting time of the cipher machine is obtained, next action can be performed, for example, target value comparison is performed, and finally secondary processing such as passing or failing is displayed.
Power consumption measurement
The power consumption detection unit supplies power independently (CH 1 channel), and the detection unit controls the power supply channel to supply power independently for the cipher machine after working normally; each independent power supply channel is connected with a precision resistor in series, voltage at two ends of each precision resistor is collected and converted into digital signals and then sent to the MCU through the bus, the MCU sends the power consumption of the cipher machine to the interface board through the bus, the interface board transmits power consumption information to the master control unit again, the power consumption value of the cipher machine can be obtained, secondary processing can be carried out subsequently, and whether the power consumption meets requirements or not is judged.
Safe state
In order to prevent the test failure caused by uncontrollable output error information of IO state of ZYNQ of an interface board in the power-on process, the scheme utilizes the state indication signal sent by the tested cipher machine to control the enabling of a differential-to-single-ended chip (DS 26LV32 AWQML), and data interaction can be carried out only after the state of the tested device is completely prepared, so that the test system is in a safe and credible state.
(ii) as do simultaneous high-volume testing?
Whether the test platform can realize large-scale test or not is mainly limited by two factors. Firstly, whether main software resources of a test platform can be met or not is tested; second, there are enough test objects to interconnect on the hardware.
The main control of the universal cipher machine test platform is used for simulating test data, running a test environment and interconnected with an interface board through a PCIe bus. Either the data bus bandwidth or the on-board resources are sufficient to support large-scale testing of multiple crypto-engines. Secondly, the password testing platform adopts a card insertion type platform, a plurality of interface boards can be inserted theoretically, one interface board can test a plurality of cipherers simultaneously, the number of the cipherers to be tested simultaneously is greatly increased, and if the physical size of the interface board is increased, the number of the cipherers to be tested simultaneously can be continuously increased.
Example 1
The cipher machine related in this case is in a single-board non-standard physical form, the service interface is an SPI protocol, the management interface is a uart protocol, and an implementation block diagram of case 1 is shown in fig. 7. Based on the test platform, the function and performance test required by the case can be realized, the whole time consumption is shortened, and the test efficiency is improved.
The cipher machine test platform mainly comprises a cipher test platform, a transfer board and a tested cipher machine. The tested cipher machine and the test platform are interconnected through a differential cable (SPI protocol and uart protocol). The testing machine has 9 slot positions, the main control board card is positioned in the first slot (downwards expanded), 8 peripheral slot positions can be provided with 8 interface boards, one interface board is in butt joint with one adapter board, one adapter board can be connected with two tested ciphers (the service interface of the tested ciphers is an SPI protocol, the management interface is a full uart protocol, the ciphers need 20 pins in total, one adapter board can support 50 single-end pins and 50 differential pins), and therefore the testing platform can simultaneously test 16 ciphers. The acquisition circuit on the adapter plate can also accurately and automatically measure the power consumption and the starting time of the cipher machine, thereby eliminating artificial measurement errors and ensuring more reliable test results. The main control slot position of the backboard of the testing machine and each peripheral slot position are interconnected through PCIe3.0 multiplied by 4 (bandwidth 4 GB/s), high-bandwidth and high-capacity data transmission is supported, and the adaptive scene is richer. Meanwhile, the test platform is simple to build, the number of interconnected cables is small, required matched equipment is simplified, and the time for building the platform can be greatly saved.
The key points of the invention are as follows:
1. the general type;
2. testing simultaneously in large batches;
3. supporting cipher machine hardware parameter measurement;
4. because the test platform and the tested object are interconnected in a mode with anti-interference capability, the application under the electromagnetic severe environment can be supported.
The above description is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, several modifications and variations can be made without departing from the technical principle of the present invention, and these modifications and variations should also be regarded as the protection scope of the present invention.

Claims (10)

1. A universal cipher machine test platform is characterized in that the test platform comprises a main control, a back plate, an interface plate and a switching plate, wherein test software and a bottom layer drive are operated on the main control; the interface board is compatible with an interface protocol; the back board is a mixing slot position and provides a power interface and an interconnection channel for the main control and the interface board; the adapter plate is used for a non-standard cipher machine test scene, is connected with the interface board and the cipher machine, and realizes the measurement of the differential-to-single end and the start time and the power consumption of the test cipher machine; directly inserting a tested cipher machine on a backboard of a test platform aiming at standard board cards PXIe and VPX form cipher machines; if the external interconnection of the cipher machine adopts a standard physical interface RJ45/SFP, designing the standard physical interface on the interface board; if the cipher machine adopts low-speed interface uart, SPI or IIC for external interconnection, differential signal transmission is adopted, and a transfer board with the function of converting differential signals into single-ended signals is connected to an interface board in series in the cipher machine, so that anti-interference remote communication can be realized.
2. The universal cipher machine test platform of claim 1, wherein the interface board is 3U-sized, supports board level hot plug function, and comprises a ZYNQ, an RS-485 bus, a J30J quick lock connector and a single-end-to-differential chip; the ZYNQ is used as a core framework, arm software and FPGA logic can be operated simultaneously, and multi-protocol calling and logic control are facilitated; the hot-plug interchangeable electric port and optical port support the Ethernet protocol, and the highest speed can reach 10Gbps; the RS-485 bus and the single-end-to-differential chip are used for connecting the J30J quick-lock connector and the ZYNQ, and are used for receiving hardware parameters of the cipher machine acquired by the external adapter plate and transmitting the hardware parameters to the master control; the interface board adopts a J30J quick-locking connector supporting high-speed signal transmission and supports up to 50 pairs of differential signals.
3. The universal cipher machine test platform of claim 2, wherein the interface board ZYNQ is a core architecture, and the ZYNQ writes the configuration file through the SD card; the Ethernet interface and the ZYNQ are interconnected through serdes high-speed signals, and the highest speed can reach 10Gbps; a single-ended control signal LVTTL interconnected with ZYNQ passes through the optical coupling isolation device and then is sent to the single-ended to differential chip, and the differential transmission function is realized; the interface board and the master controller are interconnected through a backplane PCIe 4.
4. The universal cryptographic engine test platform of claim 3 wherein the J30J quick lock connector is 100 pins comprising 44 differential pairs of 12 ground signals, divided into two channels, each channel having 22 differential pairs, one of RS-485 pairs, and 21 pairs of 6 ground signals freely available; the two channels adopt different isolation power supplies for power supply, so that the electrical isolation between the channels is realized; meanwhile, all single-ended signals are isolated by the optical coupler, so that the internal and external isolation of the board card is realized; the power management unit directly supplies power to the on-board GND domain device, the isolation power supply 1 supplies power to the ISO _ GND1 domain circuit, the isolation power supply 2 supplies power to the ISO _ GND2 domain circuit corresponding to the channel 1, and the channel 2 corresponds to the isolation power supply.
5. The universal cipher machine test platform of any one of claims 1 to 4, wherein the adapter board is located between the interface board and the cipher machine to be tested, converts the differential signal transmitted from the interface board into a single-ended signal, measures the power consumption and the start time of the cipher machine, and provides an independent power supply channel for the cipher machine; the adapter board takes the MCU as a control core, the MCU controls the cipher machine to be electrified, and the power consumption and the starting time of the board card are transmitted to the interface board through RS-485; the precise resistor and the acquisition chip are used for acquiring the power consumption of the cipher machine board card; the starting time of the cipher machine is the difference between the power-on time of the cipher machine and an indication signal sent after the cipher machine works normally; the power module provides power for the adapter plate and the cipher machine behind, and is independent of each other.
6. The universal cryptographic machine test platform as in claim 5, wherein the adapter board is powered by 12V alone through the power connector and then converted into a 5V input multi-channel power supply through the isolation power supply module, the multi-channel power supply module enables independent channels for supplying power to the MCU, enable pins and PGOOD signals of the other power output channels are interconnected with the MCU, and the MCU controls the enable pins of the other power supplies to output when the MCU works normally; the tested cipherers are independently supplied with power without influencing each other, a high-precision metal film resistor is connected in series at each power supply interface of each cipherer, two ends of each metal film resistor are connected with the differential input end of the acquisition chip LTC2991 respectively, the ADC integrated in the metal film resistor converts acquired analog voltage signals into digital signals, the digital signals are transmitted to the MCU through the IIC bus, and the MCU transmits power consumption information to the interface board through the RS-485 bus.
7. The universal cryptographic engine test platform of claim 6 wherein the metal film resistor is far from the clock and high speed signal interference, the traces are as short as possible, no device is placed on the bottom layer, and copper is completely laid.
8. The general cipher machine test platform of claim 6, wherein the cipher machine start time measurement is performed by acquiring a PGOOD signal generated by the multi-channel power module and a status indication signal sent by the cipher machine by the MCU, a time difference between the two signals is start time of the cipher machine, the MCU sends time information to the interface board through the RS-485 bus, and the interface board sends the time information to the main controller, so that the start time of the cipher machine is obtained and a next action can be performed, and finally a pass or fail display is performed.
9. The universal cipher machine test platform of claim 6, wherein the power consumption detection unit supplies power independently, and controls the power supply channel to supply power independently to the cipher machine after the power consumption detection unit works normally; each independent power supply channel is connected with a precision resistor in series, voltage at two ends of each precision resistor is collected and converted into digital signals and then sent to the MCU through the bus, the MCU sends the power consumption of the cipher machine to the interface board through the bus, the interface board transmits power consumption information to the master control unit again, the power consumption value of the cipher machine can be obtained, secondary processing can be carried out subsequently, and whether the power consumption meets requirements or not is judged.
10. The universal cryptographic machine test platform of claim 6, wherein the state indication signal sent by the cryptographic machine under test is used to control the enabling of the differential-to-single-ended chip, and only after the state of the device under test is completely ready, data interaction can be performed, so that the test system is in a secure and trusted state.
CN202210896632.5A 2022-07-28 2022-07-28 Universal cipher machine test platform Pending CN115237697A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210896632.5A CN115237697A (en) 2022-07-28 2022-07-28 Universal cipher machine test platform

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210896632.5A CN115237697A (en) 2022-07-28 2022-07-28 Universal cipher machine test platform

Publications (1)

Publication Number Publication Date
CN115237697A true CN115237697A (en) 2022-10-25

Family

ID=83676653

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210896632.5A Pending CN115237697A (en) 2022-07-28 2022-07-28 Universal cipher machine test platform

Country Status (1)

Country Link
CN (1) CN115237697A (en)

Similar Documents

Publication Publication Date Title
CN202797544U (en) Active cable, cable assembly and electronic device
EP1684446A2 (en) A method and apparatus for testing optical network equipment
CN109558371B (en) Method for communicating with a microcontroller, and computing system
CN206515812U (en) A kind of test board of server admin unit
CN212135408U (en) Board card bus data transmission test system
CN105356935B (en) A kind of cross board and implementation method for realizing SDH high order cross
CN208141371U (en) A kind of multi-functional UART debugging board
CN104679116B (en) Server cabinet system, circuit board composition system and its circuit board
CN115237697A (en) Universal cipher machine test platform
CN110850128A (en) On-site automatic test system bus for marine instrument
CN107070547B (en) A kind of CPCI type gigabit Ethernet device with failure monitoring ability
TWI701938B (en) Internet telephone device, external connection card and communication method therefor
CN109240972A (en) A kind of GPU board and the VPX signal processing cabinet using the board
CN211375588U (en) Multi-debugging interface switching circuit
CN103200038A (en) Open multiservice platform
CN105975421A (en) Splitting and folding type modular instrument bus device
CN110022255A (en) The ubiquitous electric power platform of internet of things of modularization based on mixing communication network data exchange
CN209017053U (en) A kind of device of communication module test
CN205210211U (en) General test platform of avionics
CN216622983U (en) Locomotive simulation device and locomotive simulation system
US10235321B2 (en) Stacking modular instrument system
CN210780843U (en) Testing and fault positioning device and system for gateway module of Internet of things
CN213094226U (en) CAN communication device based on CPCI bus
CN220292038U (en) USB changes on-vehicle ethernet equipment
CN111208770B (en) Signal acquisition and test system and test method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination