CN106778282A - Credible distribution terminal - Google Patents
Credible distribution terminal Download PDFInfo
- Publication number
- CN106778282A CN106778282A CN201611027209.2A CN201611027209A CN106778282A CN 106778282 A CN106778282 A CN 106778282A CN 201611027209 A CN201611027209 A CN 201611027209A CN 106778282 A CN106778282 A CN 106778282A
- Authority
- CN
- China
- Prior art keywords
- credible
- distribution terminal
- cpu
- tpcm
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of credible distribution terminal, it is made up of credible core board and its peripheral mainboard;Comprising central processing unit, credible platform control module and its associated storage part and connection circuit in credible core board, wherein CPU is responsible for processing the service computation of distribution terminal, and TPCM is responsible for credible measurement, credible report, safety storage and the cryptographic services of distribution terminal;The main interface for being made up of power supply module, external communication module, analog input and output module, digital quantity input/output module, On-off signal output module and instruction interactive module, being the extension, the important component of Various types of data automatic business processing conversion and man-machine interaction of core board peripheral circuit of peripheral mainboard.The present invention realizes all kinds of distribution terminal secure and trusteds, the integrality of full-scope safeguards distribution terminal software and hardware system, the confidentiality of data and identity reality.
Description
Technical field
The present invention relates to a kind of credible distribution terminal.
Background technology
Distribution power automation terminal(Referred to as " distribution terminal "), refer to the various distant places prison installed in medium voltage distribution network scene
Survey, the general name of control unit, are the important of electrical power distribution automatization system mainly including line feed terminals, stand institute terminal, distribution transformer terminals etc.
Part.Traditional distribution terminal mainly focuses on business function design, less to end message due care, only part type
Number support the function such as data encryption, authentication of software.Particularly many distribution terminals equal position in the middle of actually used process
In field, unattended state is chronically at, is easily distorted and attack by lawless people.
Trust computing is a kind of new computation model, emphasizes that computing and protection are parallel, and it is based on hardware security module
Transitive trust technology can effectively improve the overall security of system.It is entered using reliable computing technology in distribution terminal
Row security protection, can effectively protect the authenticity of the integrality of distribution terminal software and hardware system, the confidentiality of data and identity, from
And greatly reinforce the overall security of distribution terminal or even electrical power distribution automatization system.
Credible calculating platform refers to build support system in computing systems, for realizing trust computing function.It is credible
Platform control module(Trusted Platform Control Module, TPCM)It is that one kind is integrated in credible calculating platform
In, for setting up and ensureing the hardware core module for trusting source point, externally provide integrity measurement, safety storage, credible report
And the function such as cryptographic service.
The content of the invention
All kinds of distribution terminal secure and trusteds are realized it is an object of the invention to provide one kind, full-scope safeguards distribution terminal is soft or hard
The credible distribution terminal of the integrality of part system, the confidentiality of data and identity reality.
Technical solution of the invention is:
A kind of credible distribution terminal, it is characterized in that:It is made up of credible core board and its peripheral mainboard;Included in credible core board
Central processing unit(Central Processing Unit, CPU), credible platform control module(Trusted Platform
Control Module, TPCM)And its associated storage part is responsible for processing the business of distribution terminal with circuit, wherein CPU is connected
Calculate, TPCM is responsible for credible measurement, credible report, safety storage and the cryptographic services of distribution terminal;Peripheral mainboard is main by supplying
Power supply module, external communication module, analog input and output module, digital quantity input/output module, On-off signal output
Module and indicate interactive module constitute, be core board peripheral circuit extension, Various types of data automatic business processing conversion it is important
Part and the interface of man-machine interaction.
TPCM and CPU is attached by specific bus, and TPCM is possessed of control power to CPU, can at any time control CPU's
Start and stop.
When system starts, TPCM is first powered up starting;After confirming to start correctly, TPCM sends CPU and opens to sequence circuit
Dynamic control signal, and entry instruction waits service state;
Further, CPU electrifying startups, core starts code operation and follow-up appointment codes is measured;
Further, measurement confirmation is carried out to the hardware and environment configurations of binding platform;
Further, metric operations system loader code, by rear execution operating system loader code;
Further, metric operations system kernel layer identification code, by rear loading operating system nucleus layer identification code;
Further, metric operations system user layer identification code, credible mode of operation is entered by rear, and system starting process terminates.
Further, when a upper layer application needs to perform, its code need to be measured, by rear load operating,
It is otherwise forbidden to run.
The present invention has advantages below:
(1)It is safe, even if using reliable computing technology so that also can be real in the state of distribution terminal is unattended in the wild
Now overall terminal system is safely controllable;
(2)Distribution terminal information security is entirely autonomous controllable, and design principle is based on the trust computing Dual system of China's autonomous innovation
Structure, TPCM starts prior to CPU and possesses control to CPU so that the credibility of whole system is greatly improved;
(3)It is transparent to upper-layer service application, upper-layer service program and code need not be transformed by credible distribution terminal
Operation.
Brief description of the drawings
The invention will be further described with reference to the accompanying drawings and examples.
Fig. 1 is the structural representation of one embodiment of the invention.
Specific embodiment
A kind of credible distribution terminal, is made up of credible core board and its peripheral mainboard;Comprising center in credible core board
Processor(Central Processing Unit, CPU), credible platform control module(Trusted Platform Control
Module, TPCM)And its associated storage part is responsible for processing the service computation of distribution terminal with circuit, wherein CPU is connected,
TPCM is responsible for credible measurement, credible report, safety storage and the cryptographic services of distribution terminal;Peripheral mainboard is main by power supply
Module, external communication module, analog input and output module, digital quantity input/output module, On-off signal output module with
And indicate interactive module to constitute, it is extension, the important composition portion of Various types of data automatic business processing conversion of core board peripheral circuit
Divide the interface with man-machine interaction.
TPCM and CPU is attached by specific bus, and TPCM is possessed of control power to CPU, can at any time control CPU's
Start and stop.
When system starts, TPCM is first powered up starting;After confirming to start correctly, TPCM sends CPU and opens to sequence circuit
Dynamic control signal, and entry instruction waits service state;
Further, CPU electrifying startups, core starts code operation and follow-up appointment codes is measured;
Further, measurement confirmation is carried out to the hardware and environment configurations of binding platform;
Further, metric operations system loader code, by rear execution operating system loader code;
Further, metric operations system kernel layer identification code, by rear loading operating system nucleus layer identification code;
Further, metric operations system user layer identification code, credible mode of operation is entered by rear, and system starting process terminates.
Further, when a upper layer application needs to perform, its code need to be measured, by rear load operating,
It is otherwise forbidden to run.
Claims (6)
1. a kind of credible distribution terminal, it is characterized in that:It is made up of credible core board and its peripheral mainboard;Wrapped in credible core board
Containing central processing unit, credible platform control module and its associated storage part and connection circuit, wherein CPU is responsible for processing distribution end
The service computation at end, TPCM is responsible for credible measurement, credible report, safety storage and the cryptographic services of distribution terminal;Peripheral mainboard
Mainly by power supply module, external communication module, analog input and output module, digital quantity input/output module, switching value
Input/output module and instruction interactive module are constituted, and are that extension, the Various types of data automatic business processing of core board peripheral circuit turn
The important component and the interface of man-machine interaction changed.
2. credible distribution terminal according to claim 1, it is characterized in that:TPCM and CPU is connected by specific bus
Connect, TPCM is possessed of control power to CPU, can at any time control the start and stop of CPU.
3. credible distribution terminal according to claim 2, it is characterized in that:When system starts, TPCM is first powered up starting;
After confirming to start correctly, TPCM sends CPU and starts control signal to sequence circuit, and entry instruction waits service state;
Further, CPU electrifying startups, core starts code operation and follow-up appointment codes is measured;
Further, measurement confirmation is carried out to the hardware and environment configurations of binding platform;
Further, metric operations system loader code, by rear execution operating system loader code;
Further, metric operations system kernel layer identification code, by rear loading operating system nucleus layer identification code;
Further, metric operations system user layer identification code, credible mode of operation is entered by rear, and system starting process terminates.
4. credible distribution terminal according to claim 3, it is characterized in that:Further, when a upper layer application needs to hold
During row, its code need to be measured, by rear load operating, otherwise forbid it to run.
5. credible distribution terminal according to claim 1, it is characterized in that:Embedded TPCM chips are used as credible in core board
The trusted root of distribution terminal, even if using reliable computing technology so that also can be real in the state of distribution terminal is unattended in the wild
Now overall terminal system is safely controllable.
6. credible distribution terminal according to claim 1, it is characterized in that:TPCM starts prior to CPU and possesses CPU control
Power.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611027209.2A CN106778282A (en) | 2016-11-22 | 2016-11-22 | Credible distribution terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611027209.2A CN106778282A (en) | 2016-11-22 | 2016-11-22 | Credible distribution terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106778282A true CN106778282A (en) | 2017-05-31 |
Family
ID=58970162
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611027209.2A Pending CN106778282A (en) | 2016-11-22 | 2016-11-22 | Credible distribution terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106778282A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108153554A (en) * | 2017-12-18 | 2018-06-12 | 江苏方天电力技术有限公司 | A kind of RTOS trusted systems and implementation method based on credible chip |
| CN108595964A (en) * | 2018-04-27 | 2018-09-28 | 北京可信华泰信息技术有限公司 | A kind of credible platform control module implementation method based on firmware |
| CN109918915A (en) * | 2019-03-14 | 2019-06-21 | 沈昌祥 | A kind of dynamic measurement method based on dual Architecture credible calculating platform |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101515316A (en) * | 2008-02-19 | 2009-08-26 | 北京工业大学 | Trusted computing terminal and trusted computing method |
| CN203911584U (en) * | 2014-05-05 | 2014-10-29 | 国家电网公司 | Novel distributed automatic monitoring terminals for power distribution network |
| CN104200165A (en) * | 2014-07-30 | 2014-12-10 | 中国电子科技集团公司第三十研究所 | Initiative trusted measurement method based on CPU made in China |
| CN104778141A (en) * | 2015-02-10 | 2015-07-15 | 浙江大学 | Control system trusted architecture-based TPCM (Trusted Platform Control Module) and trusted detection technology |
| CN105550579A (en) * | 2016-02-02 | 2016-05-04 | 浪潮电子信息产业股份有限公司 | Method for realizing BMC integrity measurement based on TPCM |
-
2016
- 2016-11-22 CN CN201611027209.2A patent/CN106778282A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101515316A (en) * | 2008-02-19 | 2009-08-26 | 北京工业大学 | Trusted computing terminal and trusted computing method |
| CN203911584U (en) * | 2014-05-05 | 2014-10-29 | 国家电网公司 | Novel distributed automatic monitoring terminals for power distribution network |
| CN104200165A (en) * | 2014-07-30 | 2014-12-10 | 中国电子科技集团公司第三十研究所 | Initiative trusted measurement method based on CPU made in China |
| CN104778141A (en) * | 2015-02-10 | 2015-07-15 | 浙江大学 | Control system trusted architecture-based TPCM (Trusted Platform Control Module) and trusted detection technology |
| CN105550579A (en) * | 2016-02-02 | 2016-05-04 | 浪潮电子信息产业股份有限公司 | Method for realizing BMC integrity measurement based on TPCM |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108153554A (en) * | 2017-12-18 | 2018-06-12 | 江苏方天电力技术有限公司 | A kind of RTOS trusted systems and implementation method based on credible chip |
| CN108595964A (en) * | 2018-04-27 | 2018-09-28 | 北京可信华泰信息技术有限公司 | A kind of credible platform control module implementation method based on firmware |
| CN109918915A (en) * | 2019-03-14 | 2019-06-21 | 沈昌祥 | A kind of dynamic measurement method based on dual Architecture credible calculating platform |
| CN109918915B (en) * | 2019-03-14 | 2019-10-11 | 沈昌祥 | A kind of dynamic measurement method based on dual Architecture credible calculating platform |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103150514B (en) | A kind of trusted module based on mobile device and trusted service method thereof | |
| US20130238478A1 (en) | System and method for providing debt securities denominated in virtual currencies | |
| KR101907486B1 (en) | Mobile computing system for providing execution environment having high secure ability | |
| CN107667347A (en) | Techniques for virtualized access to security services provided by a converged manageability and security engine | |
| CN103988185A (en) | Secure replay protected storage | |
| US20200026882A1 (en) | Methods and systems for activating measurement based on a trusted card | |
| CN104115125A (en) | Secure error handling | |
| US20140075550A1 (en) | Hardware-enforced access protection | |
| CN110490416B (en) | Task management method and terminal equipment | |
| CN106778282A (en) | Credible distribution terminal | |
| CN107391999B (en) | Credential providers that package other credential providers | |
| CN114257551A (en) | Distributed current limiting method and system and storage medium | |
| CN104021104A (en) | Collaborative system based on dual-bus structure and communication method thereof | |
| CN109344664A (en) | A kind of cipher card and its encryption method that based on FPGA data are carried out with algorithm process | |
| CN111125707A (en) | BMC (baseboard management controller) safe starting method, system and equipment based on trusted password module | |
| CN102867255A (en) | Multi-operating system platform and mobile payment equipment E-bank USB key and working method thereof | |
| CN104346572B (en) | A kind of general external intelligent terminal secure operating environment construction method | |
| CN104408364A (en) | Server management program protection method and system | |
| CN102663471A (en) | Mobile terminal safety information storage method and system on basis of EMMC (Embedded MultiMedia Card) chip | |
| CN107204206A (en) | A kind of electrical fuse programming method, terminal and computer-readable recording medium | |
| CN111158857A (en) | Data encryption method, device, equipment and storage medium | |
| CN110517061A (en) | A kind of generation method of discount coupon, device and server | |
| AU2015291536A1 (en) | Method and apparatus for realizing switching between intelligent key device modes | |
| CN111444515A (en) | Credibility measurement method based on PCIE interface | |
| US10579789B2 (en) | Portable appliance |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170531 |
|
| RJ01 | Rejection of invention patent application after publication |