CN106845219A - A kind of intrusion detection smart machine for multiple types of data - Google Patents

Abstract

The invention provides an intrusion detection intelligent device for multiple types of data, capable of performing intrusion detection on multiple types of data. The device includes: a backplane, a main board module, a CAN&AD card, a digital IO card, an encryption and decryption card, a rear input and output interface board and a power supply module; wherein, the backplane supports a compact PCI protocol; the rear input and output interface board , for providing various types of input and output interfaces, wherein the various types of input and output interfaces include: encryption and decryption card interface, network port, RS232 serial interface, USB interface, CAN interface, AD interface and digital IO interface , each type of input and output interface is used to obtain corresponding types of data in real time; the main board module is used to perform intrusion detection on the obtained data according to preset intrusion detection rules; the encryption and decryption card is used to It is used for encryption, decryption and digital authentication of unintruded data. The invention is applicable to the technical fields of modern industrial control and information security.

Description

An intrusion detection smart device for multiple types of data

technical field

The invention relates to the technical field of modern industrial control and information security, in particular to an intrusion detection intelligent device for various types of data.

Background technique

In recent years, the interconnection between intelligent devices and industrial information control networks that realize various types of data intrusion detection has become an important part of modern industrial systems, and intelligent detection and communication devices have the functions of various communication interfaces. When the peripheral information network and the control network of intelligent communication equipment are interconnected, due to the uncertainty and uncontrollability of the network, how to ensure the data security and machine instruction security of the industrial process control network becomes a serious problem. Especially for iron and steel metallurgy, petrochemical, energy and electric power, cement and other production industries and infrastructure industries, they have extremely high requirements for the safety and reliability of continuous production. Interconnection is equivalent to exposing the control network directly to the information network and facing the danger of being attacked. Moreover, due to the particularity of industrial field equipment, once a failure occurs, it will cause highly destructive human, material and property losses, and have a very harmful social impact.

In modern industry and data communication, the degree of intelligence is getting higher and higher. Various types of communication data control systems composed of intelligent equipment have been widely used in aerospace, engineering control, environment, power grid, medical equipment, communication and people. in daily life work. Among them, the controller area network (Controller Area Network, CAN), the CAN bus data transmission and reception of the industrial-grade CAN card is completed by the CAN controller and the CAN transceiver. Function cards of this interface are widely used in industries such as automobiles, and are developing rapidly in fields such as industrial control, robots, medical equipment, and sensors. AD signal acquisition function and digital signal IO function are also widely used in reality. In order to collect various information of industrial field equipment, for example, to collect AD signal voltage data, digital input and output parameters, serial UART signal communication, and to use integrated High CAN bus, but also needs to be encrypted and decrypted. In many cases, these functions need to be integrated on one device. However, in the prior art, there is no integrated CAN interface, AD interface, digital IO interface and Devices with encryption and decryption functions.

Contents of the invention

The technical problem to be solved by the present invention is to provide an intrusion detection intelligent device for multiple types of data, to solve the existing problems in the prior art that there is no device integrating CAN interface, AD interface, digital IO interface and encryption and decryption functions. question.

In order to solve the above-mentioned technical problems, an embodiment of the present invention provides an intrusion detection intelligent device for various types of data, including: a backplane, a motherboard module connected to the backplane, a CAN&AD card, a digital IO card, and an encryption and decryption card , a rear input and output interface board and a power supply module; wherein, the backplane supports the compact PCI protocol;

The rear input and output interface board is used to provide multiple types of input and output interfaces, wherein the multiple types of input and output interfaces include: encryption and decryption card interface, network port, RS232 serial interface, USB interface, CAN interface , AD interface and digital IO interface, each type of input and output interface is used to obtain the corresponding type of data in real time;

The CAN&AD card is used to communicate with the CAN interface and the AD interface through the backplane;

The digital IO card is used to communicate with the digital IO interface through the backplane;

The mainboard module is used to perform intrusion detection on the acquired data according to preset intrusion detection rules;

The encryption/decryption card is used to perform encryption/decryption and digital authentication processing on unintruded data;

The power module is used to supply power to the backplane.

Further, the main board module, CAN&AD card, digital IO card, encryption and decryption card, rear input and output interface board and power supply module are connected to the backplane through pinhole connectors;

Wherein, the main board module, CAN&AD card, digital IO card, encryption and decryption card and power supply module are located on the front side of the backplane, and the rear input and output interface board is located on the back side of the backplane.

Further, the multiple types of input and output interfaces include: 1 security card interface, 2 network ports, 2 RS232 serial interfaces, 6 USB interfaces, 2 CAN interfaces, 10 AD interfaces, 24 digital I/O interface.

Further, the CAN&AD card includes: a first conversion module and a first interface expansion module;

The first conversion module is configured to convert the PCI bus into a local bus, wherein the local bus is connected to the first interface expansion module;

The first interface expansion module is used to expand multiple CAN signals and multiple AD signals, wherein the multiple CAN signals and multiple AD signals are connected to the rear input and output interface board through the backplane , the rear input and output interface board provides multiple CAN interfaces and multiple AD interfaces.

Further, the digital IO card includes: a second conversion module and a second interface expansion module;

The second conversion module is configured to convert the PCI bus into a local bus, wherein the local bus is connected to the second interface expansion module;

The second interface expansion module is used to expand multiple IO signals, wherein the multiple IO signals are connected to the rear input and output interface board through the backplane, and are provided by the rear input and output interface board Multiple digital IO interface;

Wherein, each digital IO interface in the multiple digital IO interfaces can be independently configured as an output interface or an input interface.

Further, the device further includes: a first network port expansion module connected to the backplane and a network port transformer connected to the first network port expansion module;

The first network port expansion module and the network port transformer connected to the first network port expansion module are used to expand the first network port;

The first network port is used for inputting and outputting network data.

Further, the device further includes: a second network port expansion module connected to the backplane;

The second network port expansion module is used to expand the second network port;

The second network port is used for inputting and outputting network data.

Further, the device further includes: an AC filter connected to the backplane;

The AC filter is used for filtering the 220V AC.

Further, the multiple types of input and output interfaces also include: a display port;

The display port is used for connecting to a liquid crystal display.

Further, the device further includes: a spare board connected to the backplane; wherein,

The spare boards include: one or more of RS232 serial interface cards, video and audio synthesis cards, 1553B bus cards, 3U boards based on compact PCI bus, and 6U boards based on compact PCI bus.

The beneficial effects of above-mentioned technical scheme of the present invention are as follows:

In the above scheme, based on the network port, RS232 serial interface, USB interface, CAN interface, AD interface and digital IO interface provided by the rear input and output interface board, various types of data such as AD, CAN, and digital quantities can be obtained in real time, and According to the preset intrusion detection rules, the main board module is used to perform intrusion detection on various types of data obtained in real time; and the encryption and decryption card is used to encrypt, decrypt and digitally authenticate the data that has not been invaded, thereby realizing the diversity of data To ensure data security and reliability.

Description of drawings

FIG. 1 is a schematic structural diagram of an intrusion detection smart device for multiple types of data provided by an embodiment of the present invention;

FIG. 2 is a detailed structural schematic diagram of an intrusion detection smart device for multiple types of data provided by an embodiment of the present invention;

Fig. 3 is the basic schematic diagram of the intrusion detection smart device function board provided by the embodiment of the present invention;

Fig. 4 is the internal and external connection principle diagram of the PCI9054 chip provided by the embodiment of the present invention;

Fig. 5 is the digital quantity IO board function realization circuit block diagram provided by the embodiment of the present invention;

Fig. 6 is a connection block diagram of the peripheral system of the intrusion detection smart device provided by the embodiment of the present invention.

detailed description

In order to make the technical problems, technical solutions and advantages to be solved by the present invention clearer, the following will describe in detail with reference to the drawings and specific embodiments.

The present invention aims at the problem that there is no existing device integrating CAN interface, AD interface, digital IO interface and encryption and decryption functions, and provides an intrusion detection intelligent device for various types of data.

As shown in Figure 1, the intrusion detection intelligent device for multiple types of data provided by the embodiment of the present invention includes: a backplane, a motherboard module connected to the backplane, a CAN&AD card, a digital IO card, an encryption and decryption card, Rear input and output interface board and power supply module; wherein, the backplane supports compact PCI protocol;

The rear input and output interface board is used to provide multiple types of input and output interfaces, wherein the multiple types of input and output interfaces include: encryption and decryption card interface, network port, RS232 serial interface, USB interface, CAN interface , AD interface and digital IO interface, each type of input and output interface is used to obtain the corresponding type of data in real time;

The CAN&AD card is used to communicate with the CAN interface and the AD interface through the backplane;

The digital IO card is used to communicate with the digital IO interface through the backplane;

The mainboard module is used to perform intrusion detection on the acquired data according to preset intrusion detection rules;

The encryption/decryption card is used to perform encryption/decryption and digital authentication processing on unintruded data;

The power module is used to supply power to the backplane.

The intrusion detection intelligent device for multiple types of data described in the embodiment of the present invention can obtain real-time Various types of data such as AD, CAN, and digital quantities, and according to the preset intrusion detection rules, use the main board module to perform intrusion detection on the various types of data obtained in real time; and use the encryption and decryption card to detect the unintruded data Encryption and decryption and digital authentication processing are performed to realize data diversity and ensure data security and reliability.

In this embodiment, the backplane, mainboard module, CAN&AD card, digital IO card, encryption and decryption card, and rear input and output interface board all support and use the compact PCI protocol, wherein the CAN&AD card can be an industrial-grade CAN&AD card. In this embodiment, as shown in Figure 1 and Figure 2, the intrusion detection smart device provides a plurality of card slots, wherein the card slots include: a system slot, a device slot, and a power slot, and the system slot is used to insert the The motherboard module is described above, the device slot is used to insert CAN&AD card, digital IO card, encryption and decryption card, and the power slot is used to insert the power module.

In this embodiment, the motherboard module can be a COM-E (COM Express) core board, and the customized Kirin Linux system can run on the COM-E core board, and the customized Kirin Linux system is for various types of The data intrusion detection rules reasonably tailor the original Kylin Linux kernel system, which not only ensures the stability, reliability, and low power consumption of the hardware after tailoring, but also has multiple types of CAN, USB, AD, and IO transmission communications. protocol, realize reliable and efficient transmission of data, and support conversion of multiple communication protocols; wherein, the CPU of the COM-E core board is (Intel) i7-4650U processor, the operating frequency can reach up to 3.3GHz, and the operating temperature range can reach -40°C-+95°C, which meets the special conditions and the environment with large temperature difference in industrial site storage; The CPU of the COM-E core board is equipped with 16GB DDR3 memory; the docking connector of the board on the main board module uses a 440pin SMT method; the main board module, CAN&AD card, digital IO card, encryption and decryption card, rear input and output interface board and power supply module It is the peripheral expansion interface board to realize the COM-E core board.

In this embodiment, the intrusion detection smart device can support multiple communication modes such as RS232, RS485, CAN, AD, digital IO, USB, etc., and can simultaneously communicate with EtherCAT, UDP, NetBEUI protocols and RS232, RS485, CAN, AD, and digital IO signal; the rear input and output interface board contains input and output interfaces of multiple protocols such as EtherCAT, UDP, NetBEUI; the input and output interfaces may include but not limited to: 1 road encryption and decryption card interface, 2 road optical fiber 10 Gigabit network port, 2-way RS232 serial interface, 6-way USB interface, 2-way CAN interface, 10-way AD interface and 24-way digital IO interface; based on the various types of input and output interfaces on the rear input and output interface board, different types of data, the intrusion detection smart device can perform intrusion detection on various types of data acquired, and has comprehensive functions.

In this embodiment, since the intrusion detection smart device has a CAN interface, an AD interface, a digital IO interface and a network port, other equipment (for example, industrial field equipment and/or host computer) can pass the CAN signal line, the AD signal line , IO signal lines and/or network cables are connected and communicated with the intrusion detection smart device, for example, the intrusion detection smart device can realize the AD of data such as DC voltage through the ISOEM-U5-P2-O7 isolator and AD7328BRUZ-TSSOP20 chip Signal acquisition, dual-channel CAN signal acquisition, and digital input and output (IO) can be realized through the digital IO card.

In this embodiment, the intelligent intrusion detection device and other devices (for example, industrial field devices and/or host computers) may form a system.

In this embodiment, the data may be various types of data generated by internal and external user behaviors and system activities, and the specific step of performing intrusion detection on the acquired data may include: analyzing and Detect various types of data generated by internal and external user behavior and system activities, analyze device or system defects and vulnerabilities, and designate targeted detection rules based on protocol features; identify attack behaviors and abnormal behaviors based on Snort detection rules, and respond ; Conduct system resource and data integrity assessments of other devices and control models of other devices, monitor system logs, store access records and attack footprints. Then, through the encryption and decryption card, the unintruded data is encrypted, decrypted and digitally authenticated, so as to realize the safe transmission of data, and realize the variety of data through the network port, CAN interface, USB3.0 interface, AD interface and digital IO interface. sex.

In this embodiment, there is an FPGA chip on the encryption and decryption board, which undertakes the calculation task of the encryption and decryption algorithm, and realizes hardware encryption and decryption operations, so that the encryption and decryption operations basically do not occupy CPU resources on the main board module, and can guarantee as follows: Encryption and decryption speed of various types of data such as DC voltage, current, torque, and rotational speed.

In this embodiment, when the encryption and decryption card performs encryption, decryption and digital authentication processing on unintruded data, it does not only use pure software to perform encryption, decryption, and digital authentication processing on unintruded data. Specifically, When inputting, the encryption and decryption card performs encryption and digital authentication processing on the input data through an encryption algorithm, and when outputting, the encryption and decryption card uses a decryption algorithm corresponding to the encryption algorithm to decrypt and digitally authenticate the data; wherein, the The encryption and decryption card can include Datang Telecom encryption chip and FPGA chip. The encryption and decryption card supports the compact PCI protocol. The compact type abandons the traditional golden finger connection method and adopts the pinhole connector plug-in mode, which has high density and high reliability.

In this embodiment, the mainboard module can also update the encryption and decryption algorithms in the encryption and decryption card, thereby further ensuring the security of various types of industrial data communication.

In this embodiment, if the input and output interfaces include 2-way optical fiber 10 Gigabit network ports, 2-way RS232 serial interfaces, 6-way USB interfaces, 2-way CAN interfaces, 10-way AD interfaces and 24-way digital IO interfaces, then the The intrusion detection smart device mentioned above can perform intrusion detection and storage on the data of 2 optical fiber 10 Gigabit Ethernet ports, 2 RS232 serial ports, 6 USB ports, 2 CAN ports, 10 AD ports and 24 digital IO ports at the same time. .

In this embodiment, the backplane supports the compact PCI protocol, and the compact type abandons the traditional golden finger connection method and adopts the pinhole connector plug-in mode, which has high density and high reliability; because the backplane supports Compact PCI protocol, the backplane can be referred to as a compact PCI backplane, according to the compact PCI protocol, the functional boards (for example, motherboard modules, CAN&AD cards, digital IO cards, encryption and decryption cards) in front of the backplane It only realizes the function but has no external interface. When outputting signals externally, all signals are relayed through the backplane and then output through the external interface on the rear input and output interface board. Taking the CAN port as an example, the CAN&AD card includes: CAN card and The AD card, wherein, the CAN card implements two CAN signals through the expansion chip, and is relayed through the backplane, and two CAN ports need to be set on the rear input and output interface board.

In this embodiment, in order to expand the function of the CAN bus, a CAN card with a magnetically isolated CAN interface and a compact PCI protocol is designed. The CAN card can use the ADM-3053 and CTM1051A-3.3V chips to realize the magnetic isolation technology. The CAN card collects The information of each node on the CAN bus is forwarded to the host computer, and the commands and data of the host computer can be forwarded to each node and complete part of the monitoring and management of the user system on the CAN bus.

In this embodiment, two CAN controllers are carried on the CAN card board, and the two CAN controllers carried on the CAN card board are placed in different positions of the CAN card, and the two CAN controllers can be executed independently in the controller area network at the same time; Magnetic isolation is realized between two CAN controllers. The two-way magnetically isolated CAN card is a controller local area network that provides online capabilities for computers. It has automatic transmission repetition functions and provides bus arbitration and error detection capabilities, which can greatly reduce Chances of data loss and ensuring system reliability.

In the aforementioned specific implementation of intrusion detection smart devices for multiple types of data, further, the main board module, CAN&AD card, digital IO card, encryption and decryption card, rear input and output interface board and power supply module are connected through pinholes The device is plugged in with the backplane;

Wherein, the main board module, CAN&AD card, digital IO card, encryption and decryption card and power supply module are located on the front side of the backplane, and the rear input and output interface board is located on the back side of the backplane.

In this embodiment, the main board module, CAN&AD card, digital IO card, encryption and decryption card, and power module are located on the front side of the backplane, and are key boards for realizing intrusion detection. The boards located on the front side of the backplane It can be called the front side board; the rear input and output interface board is located at the rear side of the backboard, and the board located at the rear side of the backboard can be called the rear side board; the backplane is the front side board and the backboard The relay of the rear board is to realize the relay connection with the front board and the rear board through the back board, and complete the protocol conversion and data transmission of the interface; Detect the vertical plug-in relationship through the pinhole connector in the smart device; for example, the motherboard module, CAN&AD card, digital IO card, encryption and decryption card and power module can be connected through the dense European pinhole connector with a height of 2 mm Realize front-to-side plug-in connection with the backplane to realize power and signal intercommunication between boards; the backplane connects with the rear input and output interface board from the back of the backplane through J1/J4, J2/J5, and J3 connectors connect. The signals are generated by the front boards, connected and relayed by the backplane, and output by the corresponding interfaces on the rear input and output interface boards. In this way, the intrusion detection smart devices are interconnected through high-density, high-reliability European-style pinhole connectors This method realizes the transmission and connection of power supply and signal, which can improve the reliability of the whole device.

In the aforementioned specific implementation of the intrusion detection smart device for multiple types of data, further, the CAN&AD card includes: a first conversion module and a first interface expansion module;

The first conversion module is configured to convert the PCI bus into a local bus, wherein the local bus is connected to the first interface expansion module;

The first interface expansion module is used to expand multiple CAN signals and multiple AD signals, wherein the multiple CAN signals and multiple AD signals are connected to the rear input and output interface board through the backplane , the rear input and output interface board provides multiple CAN interfaces and multiple AD interfaces. In this embodiment, the CAN&AD card includes: a first conversion module and a first interface expansion module, that is to say, the first conversion module and the first interface expansion module are components of the CAN&AD card, and the CAN&AD card uses the first A conversion module will convert the PCI bus into a local bus (the local bus can also be referred to as: local bus), and the first conversion module can include: PCI9054 chip and EEPROM chip, wherein, the PCI9054 chip is used to convert PCI The bus is converted into a local bus, and the configuration information of the PCI9054 chip is stored for a long time after the EEPROM chip curing instruction; 1-way AD signal and 2-way CAN signal, the extended 10-way AD signal and 2-way CAN signal are connected to the rear input and output interface board through the back panel, and the rear input and output interface board provides 10-way AD interface and 2-way CAN Interface, among them, the STM32F207ZGT6 chip needs to use the J-Link tool and Keil5.0 software for program curing.

In this embodiment, as shown in Figure 3, the PCI bus is converted by the circuit, and is connected with the logic control and processing circuit on the board card through the local bus to complete the control of the board card and the input and output of the signal by the interface, and the logic control and processing circuit Realize the functional requirements of the board, complete address decoding, data format conversion, logic control and other functions, and at the same time control the peripheral functional circuits and drive circuits and input and output signals. Among them, the logic control and processing circuits can be realized by FPGA devices .

As shown in Figure 4, the compact PCI bus interface control logic implements the interface between the PCI9054 chip and the 64bit, 66.6MHz PCI bus; the local bus interface control logic implements the connection with the PCI9054 chip. The internal resources of the PCI9054 chip include PCI configuration internal registers, local bus control logic and a pair of read-write FIFOs, which are used to configure the system and connect the PCI bus and the local bus. The internal logic of the PCI9054 chip is composed of a serial EEPROM controller and FIFO control logic. The former is used to load the configuration register value from an optional external serial EEPROM, and the latter controls the read and write FIFO, and coordinates the compact PCI bus and the local bus. The JTAG interface is used to debug the circuit through Keil5.0 software and program, and the program is solidified into the invented board through this interface.

Among them, the PCI9054 chip local/local bus has two working modes (MODE): non-multiplexing mode and multiplexing mode. In the non-multiplexing mode, when the MODE input is low, the PCI9054 adopts the non-multiplexing mode, on the contrary, when the MODE input is high, it adopts the multiplexing mode. In multiplexing mode, LA[27:2] is used to transmit the address, LAD[63:32] is a 64-bit address/data multiplexing bus; in non-multiplexing mode, LA[27:2] is the address bus, LD[63:32] is the data bus.

In order to better understand this embodiment, the compact PCI bus signal is described:

The compact PCI bus signal completes the timing conversion of the bus, so that the intrusion detection smart device can control the functional circuits of each component (mainboard module, CAN&AD card, digital IO card, encryption and decryption card, rear input and output interface board and power module). This embodiment uses the interface solution of PCI9054 chip plus FPGA to complete the design of CAN&AD card and digital IO card. The PCI9054 chip produced by PLX Company is used as the PCI controller, and the FPGA of Altera Company is used to design read and write logic and compact PCI expansion functions.

In the present embodiment, described PCI9054 is the interface chip of 32/64 bits, frequency 33/66MHz, can make the fastest transmission speed of PCI signal reach 264MB/s; Support local bus multiplexing and non-multiplexing 32/ 64-bit address or data protocol, and support dynamic local bus 8-bit, 16-bit and 32-bit operation, local clock up to 66.6MHz; support 5 PCI to local address space mapping, each space allows separate programming wait state, Bus width and burst transfer function; support compact PCI power management v2.2 specification; support PCI expansion of Vital Product Data (Vital Product Data, abbreviated as VPD) and PCI target pre-read mode, which can increase bandwidth and reduce read Delay; PCI9054 chip has 9 programmable general-purpose I/Os, which can be used for multiple purposes; supports hot plugging of compact PCI; its power supply supports DC3.3V and 5V voltage fault-tolerant operation, and has optional serial EEPROM interface.

The compact PCI bus has excellent performance. It adopts European-style pinhole connectors and can quickly transmit various types of data. Low, generally speaking, using a dedicated PCI interface chip to realize the interface function of the compact PCI is a very effective and reliable design implementation method.

In this embodiment, the FPGA device and its development environment and tool QUARTUSⅡ12.0 of ALTERA Company of the United States are used. This is a high-density special digital integrated circuits. The design module can realize the design of digital systems containing large-scale logic gates under the support of FPGA development system software.

The main advantages of FPGA can be summarized in the following three parts:

The FPGA's user-programmable feature greatly shortens the design cycle, and the designer can provide a fast-implementation template on-site in a short period of time.

FPGA can provide a much larger effective logic capacity density than EPLD and CPLD devices, which not only greatly reduces the space of printed circuit boards, greatly reduces system power consumption, but also greatly improves the process feasibility of system design and product reliability. .

FPGA devices are thermally rewritable, reprogrammable, and can be simulated directly during the development process without loss of process implementation.

In the aforementioned specific implementation of the intrusion detection smart device for multiple types of data, further, the digital IO card includes: a second conversion module and a second interface expansion module;

The second conversion module is configured to convert the PCI bus into a local bus, wherein the local bus is connected to the second interface expansion module;

The second interface expansion module is used to expand multiple IO signals, wherein the multiple IO signals are connected to the rear input and output interface board through the backplane, and are provided by the rear input and output interface board Multiple digital IO interface;

Wherein, each digital IO interface in the multiple digital IO interfaces can be independently configured as an output interface or an input interface.

In this embodiment, the digital IO card uses a second conversion module to convert the PCI bus into a local bus, and the second conversion module may include: a PCI9054 chip and an EEPROM chip, wherein the PCI9054 chip is used to convert the PCI bus Cost local bus, long-term storage configuration information of PCI9054 chip after described EEPROM chip hardening order; Described local bus connects second interface expansion module (wherein, described second interface expansion module can be the EP1C3T144C8N chip onboard of digital IO card) And expand 24-way IO signals, the expanded 24-way IO signals are connected to the rear input and output interface board through the back panel, and the rear input and output interface board provides 24 digital IO interfaces to the outside, among which, the onboard digital IO card The EP1C3T144C8N chip loads and compiles the FPGA program with software, and needs to use the USB Blaster emulator and QuartusII12.0 software for program curing.

In this embodiment, the 24 digital IO interfaces are used to provide 24 TTL digital input and output IO ports, and each group of IO ports can be independently configured as output ports or input ports.

In this embodiment, as shown in Fig. 5 is a functional circuit block diagram of the digital IO card, the 10MHz optocoupler uses the HCPL2631 device, and the driving circuit uses the SG2003J/883b. The digital output needs to go through the drive circuit to pull the high voltage to 26VDC, and the 26V power supply is provided by the peripheral DC power supply. When the application program sets a certain output signal, set the corresponding register through the driver interface function, and the FPGA will output the corresponding signal according to the setting value of the register, and then turn it into a 26VDC signal or 0VDC signal after passing through the driving circuit.

In this embodiment, the digital input is connected to the 10MHz optocoupler HCPL2631 chip through a current limiting resistor. When the input signal voltage is DC 14.9V-26.1V, the optocoupler is turned on and the output corresponds to a High state. When the input When the signal is DC 0V～0.81V, the optocoupler is not conducting, and at this time the output corresponds to another Low state. The output line of the optocoupler is connected to the FPGA device EP2C8Q208C8N, and the internal logic of the FPGA can be based on the two states of the optocoupler. Determine the High or Low state of the input signal, and place the input state of this digital quantity in the corresponding register. When the application program wants to read the state of this channel, it needs to call the driver interface function. After the chip ULN2803AFWG and the industrial grade relay JRC-089M-002-05-II, the digital quantity is quickly switched and the state is converted. The driver interface function will return this The state of the digital input signal of the channel, and the returned state is passed to the acquisition software. After the software analyzes and processes, the function of the digital IO card is realized.

In the aforementioned specific implementation of the intrusion detection smart device for multiple types of data, further, the device further includes: a first network port expansion module connected to the backplane and a network port expansion module connected to the first network port Connected network port transformer;

The first network port expansion module and the network port transformer connected to the first network port expansion module are used to expand the first network port;

The first network port is used for inputting and outputting network data.

In this embodiment, the first network port expansion module connected to the backplane may be ICH9M network chip, the network port transformer can be IMG\M1801IG chip; The ICH9M network chip is connected to the network port transformer IMG\M1801IG and expands a network port, wherein the network port can be a fiber optic network port.

In this embodiment, the Ethernet fast input and output of network data can be realized through two optical fiber network ports, supporting Ethernet and Internet transmission standards, and signal transmission supports standard TCP/IP, EtherCAT and UDP protocols.

In the aforementioned specific implementation of the intrusion detection smart device for multiple types of data, further, the device further includes: a second network port expansion module connected to the backplane;

The second network port expansion module is used to expand the second network port;

The second network port is used for inputting and outputting network data.

In this embodiment, the second network port expansion module uses a PCIE X4 signal to expand another optical fiber network port, so that the Ethernet fast input and output of network data can be realized through the two optical fiber network ports, supporting Ethernet and Internet Transmission standard, and signal transmission supports standard TCP/IP, EtherCAT and UDP protocols.

In the specific implementation of the aforementioned intrusion detection smart device for multiple types of data, further, the device further includes: an AC filter connected to the backplane;

The AC filter is used for filtering the 220V AC.

In this embodiment, as shown in Figure 2, the device further includes: an AC filter connected to the backplane; the mains 220V AC is filtered and processed by the AC filter and then introduced into the power module via the backplane, used on the power module Reliable European-style power connector female head, mated connection with the European-style power connector male head on the back panel.

In the aforementioned specific implementation of the intrusion detection smart device for multiple types of data, further, the multiple types of input and output interfaces further include: a display port;

The display port is used for connecting to a liquid crystal display.

In this embodiment, as shown in Figure 2, the input and output interfaces of the intrusion detection smart device include: encryption and decryption card interface, network port, RS232 serial interface, USB interface, CAN interface, AD interface and digital IO interface, as shown in Figure 6 As shown, the intelligent intrusion detection device can be connected to a 10-Gigabit switch, a keyboard, a mouse, and a firewall through the input and output interfaces to realize its external interface. Data such as external voltage, signals from industrial CAN devices or digital IO signals are collected and stored in the hard disk embedded in the motherboard module of the intrusion detection smart device, and the data can be read and written through the host computer software.

In this embodiment, the multiple types of input and output interfaces may further include: a display port, wherein the display port may be used to connect to a liquid crystal display.

In the aforementioned specific implementation of the intrusion detection smart device for multiple types of data, further, the device further includes: a backup board connected to the backplane; wherein,

The spare boards include: one or more of RS232 serial interface cards, video and audio synthesis cards, 1553B bus cards, 3U boards based on compact PCI bus, and 6U boards based on compact PCI bus.

In this embodiment, the device further includes: a spare board connected to the backplane, the spare board is located on the front side of the backplane; function expansion, for example, the spare board includes: RS232 serial interface card, video and audio synthesis card, 1553B bus card, 3U board card based on compact PCI bus, 6U board card based on compact PCI bus One or more, as shown in Figure 2, can be inserted through the spare card slot to further enrich the functional performance of the intrusion detection smart device. Among them, the 6U board slot can be inserted into the 3U board, which has a strong Compatibility: The compact PCI bus abandons the golden finger form of the traditional PCI bus, and adopts a stable and reliable pinhole connector form, which has high density and high reliability. At the same time, the device supports the hot-swappable function of the board and realizes multiple types of protocols. , Integration of multi-function boards.

In this embodiment, the backplane, mainboard module, CAN&AD card, digital IO card, encryption and decryption card, rear input and output interface board, and spare board all use electronic components that meet aviation grade or military grade, and use compact PCI standard, beautiful structural parts, can protect the internal board and its chips and components from damage by external stress.

The above description is a preferred embodiment of the present invention, it should be pointed out that for those of ordinary skill in the art, without departing from the principle of the present invention, some improvements and modifications can also be made, and these improvements and modifications can also be made. It should be regarded as the protection scope of the present invention.

Claims (10)

1. An intrusion detection intelligent device for multiple types of data, characterized in that it comprises: a backplane, a mainboard module connected to the backplane, a CAN&AD card, a digital IO card, an encryption and decryption card, and a rear input and output interface Board and power supply module; Wherein, described backplane supports compact PCI protocol; The rear input and output interface board is used to provide multiple types of input and output interfaces, wherein the multiple types of input and output interfaces include: encryption and decryption card interface, network port, RS232 serial interface, USB interface, CAN interface , AD interface and digital IO interface, each type of input and output interface is used to obtain the corresponding type of data in real time; The CAN&AD card is used to communicate with the CAN interface and the AD interface through the backplane; The digital IO card is used to communicate with the digital IO interface through the backplane; The mainboard module is used to perform intrusion detection on the acquired data according to preset intrusion detection rules; The encryption/decryption card is used to perform encryption/decryption and digital authentication processing on unintruded data; The power module is used to supply power to the backplane. 2. The intrusion detection intelligent device for multiple types of data according to claim 1, wherein the main board module, CAN&AD card, digital IO card, encryption and decryption card, rear input and output interface board and power supply module pass through the needle The hole connector is plugged into the backplane; Wherein, the main board module, CAN&AD card, digital IO card, encryption and decryption card and power supply module are located on the front side of the backplane, and the rear input and output interface board is located on the back side of the backplane. 3. The intrusion detection intelligent device for multiple types of data according to claim 1, wherein the multiple types of input and output interfaces include: 1 security card interface, 2 network ports, 2 RS232 serial ports Line interface, 6-way USB interface, 2-way CAN interface, 10-way AD interface, 24-way digital IO interface. 4. according to claim 1 or 3 described for the intrusion detection intelligent equipment of multiple types of data, it is characterized in that, described CAN&AD card comprises: the first conversion module and the first interface expansion module; The first conversion module is configured to convert the PCI bus into a local bus, wherein the local bus is connected to the first interface expansion module; The first interface expansion module is used to expand multiple CAN signals and multiple AD signals, wherein the multiple CAN signals and multiple AD signals are connected to the rear input and output interface board through the backplane , the rear input and output interface board provides multiple CAN interfaces and multiple AD interfaces. 5. according to claim 1 or 3 described for the intrusion detection intelligent equipment of multiple types of data, it is characterized in that, described digital IO card comprises: the second conversion module and the second interface expansion module; The second conversion module is configured to convert the PCI bus into a local bus, wherein the local bus is connected to the second interface expansion module; The second interface expansion module is used to expand multiple IO signals, wherein the multiple IO signals are connected to the rear input and output interface board through the backplane, and are provided by the rear input and output interface board Multiple digital IO interface; Wherein, each digital IO interface in the multiple digital IO interfaces can be independently configured as an output interface or an input interface. 6. according to claim 1 or 3 described for the intrusion detection intelligent equipment of multiple types of data, it is characterized in that, described equipment also comprises: the first network port expansion module that links to each other with described backplane and with described second A network port transformer connected to the network port expansion module; The first network port expansion module and the network port transformer connected to the first network port expansion module are used to expand the first network port; The first network port is used for inputting and outputting network data. 7. The intrusion detection intelligent device for multiple types of data according to claim 1 or 3, wherein the device further comprises: a second network port expansion module connected to the backplane; The second network port expansion module is used to expand the second network port; The second network port is used for inputting and outputting network data. 8. The intrusion detection intelligent device for multiple types of data according to claim 1 or 3, wherein the device further comprises: an AC filter connected to the backplane; The AC filter is used for filtering the 220V AC. 9. The intrusion detection intelligent device for multiple types of data according to claim 1 or 3, wherein the multiple types of input and output interfaces further include: a display port; The display port is used for connecting to a liquid crystal display. 10. The intrusion detection intelligent device for multiple types of data according to claim 1 or 3, wherein the device further comprises: a spare board connected to the backplane; wherein, The spare boards include: one or more of RS232 serial interface cards, video and audio synthesis cards, 1553B bus cards, 3U boards based on compact PCI bus, and 6U boards based on compact PCI bus.