CN106874777A - A kind of method and system for preventing configuration file to be tampered, monitoring host computer - Google Patents

A kind of method and system for preventing configuration file to be tampered, monitoring host computer Download PDF

Info

Publication number
CN106874777A
CN106874777A CN201611268066.4A CN201611268066A CN106874777A CN 106874777 A CN106874777 A CN 106874777A CN 201611268066 A CN201611268066 A CN 201611268066A CN 106874777 A CN106874777 A CN 106874777A
Authority
CN
China
Prior art keywords
configuration file
check code
parameter
tampered
bms
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201611268066.4A
Other languages
Chinese (zh)
Inventor
黄峰
黄一峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huizhou Blueway New Energy Technology Co Ltd
Original Assignee
Huizhou Blueway New Energy Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huizhou Blueway New Energy Technology Co Ltd filed Critical Huizhou Blueway New Energy Technology Co Ltd
Priority to CN201611268066.4A priority Critical patent/CN106874777A/en
Publication of CN106874777A publication Critical patent/CN106874777A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/445Program loading or initiating
    • G06F9/44505Configuring for program initiating, e.g. using registry, configuration files
    • G06F9/4451User profiles; Roaming

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention discloses a kind of method and system for preventing configuration file to be tampered, host computer.The method comprising the steps of:S1, reads the parameter of original configuration file;S2, according to the parameter of original configuration file, calculates the first check code;S3, reads the parameter of the configuration file of BMS to be implanted;S4, the parameter of the configuration file according to BMS to be implanted calculates the second check code;S5, judges whether first check code is equal with the second check code, if equal, verification passes through;Otherwise, verification does not pass through.The present invention can careless undated parameter problem for scene; a kind of method and system for preventing configuration file to be tampered are provided; relaying configuration file is not tampered with, and prevents field technician from arbitrarily changing profile parameters, and the profile parameters of mistake are injected into BMS.Profile parameters can be prevented to be tampered, prevent field adjustable contact staff's change parameter, cause system configuration incorrect, parameter entanglement improves the security of system.

Description

A kind of method and system for preventing configuration file to be tampered, monitoring host computer
Technical field
The present invention relates to a kind of file security field of battery management system, more particularly to one kind prevents configuration file quilt Method and system, the monitoring host computer distorted.
Background technology
Configuration file is defined as the setting of environment needed for system loads and the set of file.At present, configuration file is matched somebody with somebody Put and typically completed by software systems, it includes the importing and derivation of configuration file.But, there are many text edit softwares also may be used To directly read the parameter of configuration file, it might even be possible to change the parameter with more new configuration file by text edit software.
In the prior art, because the parameter of configuration file can be changed arbitrarily, so the commissioning staff at scene enters to BMS During row debugging, the parameter of configuration file may be modified.If the configuration file of modification is injected into BMS, and adjust Amended configuration file is not sent to other producers by examination personnel again, will result in producers produce BMS when Or the configuration file of most original is injected into BMS.The configuration file of most original here refers to not changed parameter Configuration file.So when the equipment that will result in below reads the configuration file in BMS, failure information, equipment can not Normal work.
Because the parameter of configuration file can be changed arbitrarily, not only easily break down, but also wasting manpower and material resources The reason for looking for failure;Meanwhile, also it is unfavorable for the protection of vital document and important information.
The content of the invention
The purpose of the present invention is to overcome weak point of the prior art, there is provided a kind of side for preventing configuration file to be tampered Method and system, monitoring host computer.
The purpose of the present invention is achieved through the following technical solutions:
A kind of method for preventing configuration file to be tampered, including:
S1, reads the parameter of original configuration file;
S2, according to the parameter of original configuration file, calculates the first check code;
S3, reads the parameter of the configuration file of BMS to be implanted;
S4, the parameter of the configuration file according to BMS to be implanted calculates the second check code;
S5, judges whether first check code is equal with the second check code, if equal, verification passes through;Otherwise, verify Do not pass through.
As further preferred scheme, in the step S5, judge first check code whether with the second check code It is equal, if equal, after verification passes through, also include:Configuration file is injected into BMS.
Used as further preferred scheme, the step S5 judges whether first check code verifies code-phase with second Deng, if unequal, verify it is obstructed after, also include:
Then judge that the parameter of configuration file is tampered, and produces fault message, and fault message is uploaded.
Used as further preferred scheme, first check code is MD5 check codes.
Used as further preferred scheme, second check code is MD5 check codes.
The present invention also provides a kind of system for preventing configuration file to be tampered, including:
First read module, the parameter for reading original configuration file;
First computing unit, for the parameter according to original configuration file, calculates the first check code;
Second read module, the parameter of the configuration file for reading BMS to be implanted;
Second computing unit, for the parameter of the configuration file according to BMS to be implanted, calculates the second check code;
Judge control module, for judging whether first check code is equal with second check code, if equal, Report verification by information, otherwise, then report verification not pass through information.
Used as further preferred scheme, the judgement control module includes:
The judgement control module includes:Parameter injection unit, check code judging unit and breakdown judge unit;
The parameter injection unit, for configuration file to be injected into BMS;
The check code judging unit, for judging whether first check code is equal with the second check code, and will sentence Disconnected result passes to the breakdown judge unit;
The breakdown judge unit, the judged result for receiving the judging unit judges whether to break down, and produce Raw fault message, host computer is uploaded to by fault message.
Used as further preferred scheme, the breakdown judge unit includes:
Fault detection unit, for the result according to the judging unit, judges whether to break down, and produce failure to believe Breath;
Failure reporting unit, for fault message to be uploaded into host computer.
Used as further preferred scheme, the system for preventing configuration file to be tampered also includes operation interface, described Operation interface is used to show the operating process to the parameter of configuration file.
The present invention also provides a kind of monitoring host computer, including:The system that configuration file is tampered is prevented, it is described to prevent configuration The system that file is tampered includes:
First read module, the parameter for reading original configuration file;
First computing unit, for the parameter according to original configuration file, calculates the first check code;
Second read module, the parameter of the configuration file for reading BMS to be implanted;
Second computing unit, for the parameter of the configuration file according to BMS to be implanted, calculates the second check code;
Judge control module, for judging whether first check code is equal with second check code, if equal, Report verification by information, otherwise, then report verification not pass through information.
The present invention compared to prior art advantage and have the beneficial effect that:
1st, the present invention is a kind of method and system for preventing configuration file to be tampered, monitoring host computer, can prevent configuration The parameter of file is tampered, and prevents field adjustable personnel and contact staff's modification parameter, causes system configuration incorrect, and parameter is wrong Disorderly, equipment normal work and safe handling are influenceed.
2nd, the present invention can careless undated parameter problem for scene, there is provided a kind of method for preventing configuration file to be tampered And system, the parameter of relaying configuration file is not tampered with, and prevents field adjustable contact staff, the auditor of OQC, sample The technical staff of test arbitrarily changes the parameter of configuration file, and the parameter of error configurations file is injected into BMS.
3rd, the present invention provides a kind of method and system for preventing configuration file to be tampered, monitoring host computer, can prevent from matching somebody with somebody The parameter for putting file is tampered, if host computer verification does not pass through, configuration file cannot be injected into BMS.
4th, the present invention provides a kind of system for preventing configuration file to be tampered, monitoring host computer, and the MD5 for using is added It is close, further increase the security of configuration file.
Brief description of the drawings
Fig. 1 is the flow chart of the method for preventing configuration file to be tampered of the invention;
Fig. 2 is the theory diagram of the system for preventing configuration file to be tampered of the invention;
Fig. 3 is the theory diagram of breakdown judge unit of the invention.
Specific embodiment
For the ease of understanding the present invention, the present invention is described more fully below with reference to relevant drawings.In accompanying drawing Give better embodiment of the invention.But, the present invention can be realized in many different forms, however it is not limited to herein Described implementation method.On the contrary, the purpose for providing these implementation methods is to make to understand more the disclosure Plus it is thorough comprehensive.
It should be noted that when element is referred to as " being fixed on " another element, it can directly on another element Or can also there is element placed in the middle.When an element is considered as " connection " another element, it can be directly connected to To another element or may be simultaneously present centering elements.Term as used herein " vertical ", " level ", " left side ", For illustrative purposes only, it is unique implementation method to be not offered as " right side " and similar statement.
Unless otherwise defined, all of technologies and scientific terms used here by the article with belong to technical field of the invention The implication that technical staff is generally understood that is identical.The term for being used in the description of the invention herein is intended merely to description tool The purpose of the implementation method of body, it is not intended that in the limitation present invention.Term as used herein " and/or " include one or more The arbitrary and all of combination of related Listed Items.
In embodiments of the invention, a kind of method for preventing configuration file to be tampered, including:The configuration text that reading most starts Part parameter;According to described profile parameters are most started, the first check code is calculated;Read the profile parameters of injection BMS; Profile parameters according to injection BMS, calculate the second check code;Judge whether first check code is equal to the second school Code is tested, if equal, verification passes through;Otherwise, verification does not pass through.
In order to illustrate technical solutions according to the invention, illustrated below by specific embodiment.
Embodiment one
Fig. 1 is referred to, a kind of method 20 for preventing configuration file to be tampered that Fig. 1 is provided for first embodiment of the invention Flow chart, including:
S1, reads the parameter of original configuration file;
S2, according to the parameter of original configuration file, calculates the first check code;
S3, reads the parameter of the configuration file of BMS to be implanted;
S4, the parameter of the configuration file according to BMS to be implanted calculates the second check code;
S5, judges whether first check code is equal with the second check code, if equal, verification passes through;Otherwise, verify Do not pass through.
Specifically,
In the step S5, judge whether first check code is equal with the second check code, if equal, verification passes through Afterwards, also include:Configuration file is injected into BMS.If unequal, after verification is obstructed, also include:Then judge configuration file Parameter is tampered, and produces fault message, and fault message is uploaded.
It will be clear that first check code is MD5 check codes.Second check code is MD5 check codes.
In actual application, the parameter first to original configuration file is calculated, and obtains the first check code, monitoring Host computer can preserve the first check code.When the commissioning staff at scene needs to modify the parameter of configuration file, then Before configuration file is injected into BMS, monitoring host computer is calculated the parameter of the configuration file of BMS to be implanted, obtains second , if the first check code and the second check code are identical, can be injected into configuration file in BMS by check code;Otherwise, then it is assumed that The parameter of configuration file is tampered, immediately reporting fault information, and the configuration file not being tampered enters in BMS.
Embodiment two
Fig. 2 is referred to, a kind of system 10 for preventing configuration file to be tampered that Fig. 2 is provided for second embodiment of the invention Theory diagram, including:
First read module 100, the parameter for reading original configuration file;First computing unit 200, for according to original The parameter of beginning configuration file, calculates the first check code.Second read module 300, the configuration file for reading BMS to be implanted Parameter;Second computing unit 400, for the parameter of the configuration file according to BMS to be implanted, calculates the second check code.Institute The first read module 100 is stated to be connected with first computing unit 200.Second read module 300 is calculated with described second Unit 400 is connected.
Control module 500 is judged, for judging whether first check code is equal with second check code, if phase Deng, then report verification by information, otherwise, then report verification not pass through information.First computing unit 200 and described second Computing unit 400 is connected with the judgement control module 500 respectively.
Wherein, the judgement control module 500 includes:Parameter injection unit 520, check code judging unit 510 and failure Judging unit 530.
The parameter injection unit 520, for configuration file to be injected into BMS;
The check code judging unit 510, for judging whether first check code is equal with the second check code, and will Judged result passes to the breakdown judge unit 530;
The breakdown judge unit 530, the judged result for receiving the judging unit 510 judges whether event occur Barrier, and fault message is produced, fault message is uploaded to host computer.
The judging unit 510 is connected with the parameter injection unit 520 and the breakdown judge unit 530 respectively.
Refer to Fig. 3.It should also be noted that the breakdown judge unit 530 includes:Fault detection unit 531, for root According to the result of the judging unit, judge whether to break down, and produce fault message;;Failure reporting unit 532, for inciting somebody to action Fault message is uploaded to host computer.The fault detection unit 531 and the signal of failure reporting unit 532 are connected.
The system 10 for preventing configuration file to be tampered also includes operation interface 600, and the operation interface 600 is used to show Show the operating process to the parameter of configuration file, the operation interface 600 is connected with the judgement control module 500.
In the present embodiment, by being provided with the first computing unit, according to the parameter of original configuration file, the first school is calculated Test code;The second computing unit is additionally provided with, the parameter of the configuration file according to BMS to be implanted is calculated the second check code; Verify whether the first check code is equal with the second check code by judging unit again, such that it is able to prevent the configuration file being tampered It is injected into BMS, improves the security of system information, the safe handling of protection equipment.
Embodiment three
The present invention also provides a kind of monitoring host computer, and the monitoring host computer is connected by CAN lines with battery management system, wrapped The system for preventing configuration file to be tampered described in above-described embodiment two is included, the system for preventing configuration file to be tampered is specific Structure and working principle is basically identical with the description of above-described embodiment two, specifically can no longer be gone to live in the household of one's in-laws on getting married herein referring to above-described embodiment two State.
In the present embodiment, configuration file is prevented to be tampered, if the verification in host computer does not pass through, cannot be by configuration text Part is injected into BMS, improves the security of system information, the normal work of protection equipment.
The above implementation method only expresses several embodiments of the invention, and its description is more specific and detailed, but Therefore the limitation to the scope of the claims of the present invention can not be interpreted as.It should be pointed out that for the ordinary skill people of this area For member, without departing from the inventive concept of the premise, various modifications and improvements can be made, these belong to of the invention Protection domain.Therefore, the protection domain of patent of the present invention should be determined by the appended claims.

Claims (10)

1. a kind of method for preventing configuration file to be tampered, it is characterised in that including:
S1, reads the parameter of original configuration file;
S2, according to the parameter of original configuration file, calculates the first check code;
S3, reads the parameter of the configuration file of BMS to be implanted;
S4, the parameter of the configuration file according to BMS to be implanted calculates the second check code;
S5, judges whether first check code is equal with the second check code, if equal, verification passes through;Otherwise, verify obstructed Cross.
2. the method for preventing configuration file to be tampered according to claim 1, it is characterised in that in the step S5, sentence Whether first check code that breaks is equal with the second check code, if equal, after verification passes through, also includes:Configuration file is injected To in BMS.
3. the method for preventing configuration file to be tampered according to claim 2, it is characterised in that the step S5, judges Whether first check code is equal with the second check code, if unequal, after verification is obstructed, also includes:
Then judge that the parameter of configuration file is tampered, and produces fault message, and fault message is uploaded.
4. the method for preventing configuration file to be tampered according to claim 1, it is characterised in that first check code is MD5 check codes.
5. the method for preventing configuration file to be tampered according to claim 1, it is characterised in that second check code is MD5 check codes.
6. a kind of system for preventing configuration file to be tampered, it is characterised in that including:
First read module, the parameter for reading original configuration file;
First computing unit, for the parameter according to original configuration file, calculates the first check code;
Second read module, the parameter of the configuration file for reading BMS to be implanted;
Second computing unit, for the parameter of the configuration file according to BMS to be implanted, calculates the second check code;
Control module is judged, for judging whether first check code is equal with second check code, if equal, reports Verification otherwise, then reports verification not pass through information by information.
7. the system for preventing configuration file to be tampered according to claim 6, it is characterised in that the judgement control module Including:Parameter injection unit, check code judging unit and breakdown judge unit;
The parameter injection unit, for configuration file to be injected into BMS;
The check code judging unit, for judging whether first check code is equal with the second check code, and will determine that knot Fruit passes to the breakdown judge unit;
The breakdown judge unit, the judged result for receiving the judging unit judges whether to break down, and produce event Barrier information, host computer is uploaded to by fault message.
8. the system for preventing configuration file to be tampered according to claim 7, it is characterised in that the breakdown judge unit Including:
Fault detection unit, for the result according to the judging unit, judges whether to break down, and produce fault message;
Failure reporting unit, for fault message to be uploaded into host computer.
9. the system that configuration file is tampered of preventing according to claim 8 any one, it is characterised in that also including behaviour Make interface, the operation interface is used to show the operating process to the parameter of configuration file.
10. it is a kind of to monitor host computer, it is characterised in that including preventing configuration file as described in claim 6 to 9 any one The system being tampered.
CN201611268066.4A 2016-12-31 2016-12-31 A kind of method and system for preventing configuration file to be tampered, monitoring host computer Pending CN106874777A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611268066.4A CN106874777A (en) 2016-12-31 2016-12-31 A kind of method and system for preventing configuration file to be tampered, monitoring host computer

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611268066.4A CN106874777A (en) 2016-12-31 2016-12-31 A kind of method and system for preventing configuration file to be tampered, monitoring host computer

Publications (1)

Publication Number Publication Date
CN106874777A true CN106874777A (en) 2017-06-20

Family

ID=59164348

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611268066.4A Pending CN106874777A (en) 2016-12-31 2016-12-31 A kind of method and system for preventing configuration file to be tampered, monitoring host computer

Country Status (1)

Country Link
CN (1) CN106874777A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108345292A (en) * 2018-02-07 2018-07-31 中航锂电(洛阳)有限公司 A kind of battery management system method for parameter configuration and system
CN110727614A (en) * 2019-09-24 2020-01-24 北京四达时代软件技术股份有限公司 EDID dynamic configuration method and device and electronic equipment
CN113434561A (en) * 2021-06-24 2021-09-24 北京金山云网络技术有限公司 Live broadcast data verification method and system, electronic device and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102902732A (en) * 2012-09-11 2013-01-30 南车株洲电力机车研究所有限公司 Check adding method into extensive makeup language (XML) configuration file
CN105630562A (en) * 2016-01-07 2016-06-01 东莞钜威新能源有限公司 Method and device for initializing battery management system
CN106021119A (en) * 2016-08-03 2016-10-12 网易(杭州)网络有限公司 Configuration file calibration method and device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102902732A (en) * 2012-09-11 2013-01-30 南车株洲电力机车研究所有限公司 Check adding method into extensive makeup language (XML) configuration file
CN105630562A (en) * 2016-01-07 2016-06-01 东莞钜威新能源有限公司 Method and device for initializing battery management system
CN106021119A (en) * 2016-08-03 2016-10-12 网易(杭州)网络有限公司 Configuration file calibration method and device

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108345292A (en) * 2018-02-07 2018-07-31 中航锂电(洛阳)有限公司 A kind of battery management system method for parameter configuration and system
CN110727614A (en) * 2019-09-24 2020-01-24 北京四达时代软件技术股份有限公司 EDID dynamic configuration method and device and electronic equipment
CN113434561A (en) * 2021-06-24 2021-09-24 北京金山云网络技术有限公司 Live broadcast data verification method and system, electronic device and storage medium

Similar Documents

Publication Publication Date Title
CN103577748B (en) Dynamic measuring method based on dependable computing and management system
US20180107196A1 (en) Method of Detecting Home Appliance Bus Control System
KR102483314B1 (en) Method and device for detecting the absence of voltage
Hollnagel Understanding accidents-from root causes to performance variability
CN103699844B (en) Safety protection system and method
CN106227159A (en) Safety-protection system for the use dynamic signature of Industry Control infrastructure
CN110955571B (en) Fault management system for functional safety of vehicle-specification-level chip
CN106874777A (en) A kind of method and system for preventing configuration file to be tampered, monitoring host computer
CN104850093B (en) Method and automated network for the security in monitoring automation network
US9916331B2 (en) Method and device for automatically processing static test data of rail transit vehicle
CN107451040A (en) Localization method, device and the computer-readable recording medium of failure cause
CN105164691A (en) Optimizing test data payload selection for testing computer software applications using computer networks
CN106529834A (en) Method and system for evaluating nuclear power plant safety state and nuclear power plant device
CN103001946A (en) Website security detection method, website security detection equipment and website security detection system
CN106227158A (en) Rapid configuration safety-protection system for Industry Control infrastructure
CN105827469A (en) MODBUS TCP implementation defect tester and detection method thereof
CN103324890B (en) The detection method and device that local file includes loophole are carried out to link
CN113572576A (en) Sampling data verification method and device, relay protection device and storage medium
CN105930237A (en) Chip security detection method, chip structure, and chip module
CN106982141A (en) Weblogic examples monitoring method and device
CN117077594B (en) Method, system, computer equipment and medium for monitoring simulation accelerator
CN105074833A (en) Device and method for detecting unauthorised manipulations of the system state of an open-loop and closed-loop control unit of a nuclear plant
CN104515945A (en) Hidden fault detection circuit and method for detecting hidden fault by using same
CN106168970A (en) Functional module detection method and system towards question and answer robot
CN102567174B (en) Microprocessor operation monitoring system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20170620