CN107403098A - The active safety means of defence and credible industrial control computer of credible industrial control computer startup stage - Google Patents

The active safety means of defence and credible industrial control computer of credible industrial control computer startup stage Download PDF

Info

Publication number
CN107403098A
CN107403098A CN201710445071.6A CN201710445071A CN107403098A CN 107403098 A CN107403098 A CN 107403098A CN 201710445071 A CN201710445071 A CN 201710445071A CN 107403098 A CN107403098 A CN 107403098A
Authority
CN
China
Prior art keywords
file
credible
algorithms
system image
close
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710445071.6A
Other languages
Chinese (zh)
Inventor
萧海东
孙桉
孙一桉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Kuang En Network Technology Co Ltd
Beijing Si Rui Rui Intelligent Technology Research Institute Co Ltd
Original Assignee
Beijing Kuang En Network Technology Co Ltd
Beijing Si Rui Rui Intelligent Technology Research Institute Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Kuang En Network Technology Co Ltd, Beijing Si Rui Rui Intelligent Technology Research Institute Co Ltd filed Critical Beijing Kuang En Network Technology Co Ltd
Priority to CN201710445071.6A priority Critical patent/CN107403098A/en
Publication of CN107403098A publication Critical patent/CN107403098A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides the active safety means of defence of credible industrial control computer startup stage a kind of and credible industrial control computer, methods described to include:After power supply is accessed, power-supply controller of electric is controlled as electricity on flash memory;The integrality of bootstrap loader file is verified using state's close SM2 and SM3 algorithms;It is electric on control device controller after verifying successfully, so that device controller calls SM2 the and SM3 algorithm engines of TCM safety chips to verify the integrality of system image file;After the completeness check failure of bootstrap loader file, control power-supply controller of electric is to electricity under credible industrial control computer or restarts, reach only when bootstrap loader file and system image file pass through completeness check, just normal start-up operation system, realize the technique effect that active safety of the operating system of credible industrial control computer in credible industrial control computer startup stage protects.

Description

The active safety means of defence of credible industrial control computer startup stage and credible work Industry control computer
Technical field
The present invention relates to industry control network security technology area, starts rank more particularly, to a kind of credible industrial control computer The active safety means of defence and credible industrial control computer of section.
Background technology
With industry 4.0, made in China 2025, internet+, Internet of Things, two change fusion processes continuous mixing together, more Industrial circle has been arrived come more information technology applications.At present, the critical infrastructures for being related to national economy more than 80% according to Automated job is realized by industrial control system.
In fields such as Industry Controls, network security problem more highlights.Industrial network security, with traditional commercial network not Together, that faced between industrial network is field personnel and working equipment, even small error may also cause industry The collapse of network, cause life and property loss difficult to the appraisal.Domestic and international Industrial Management network is to industrial control system Related data does not accomplish complete security protection, and even without safety prevention measure, this brings seriously to industrial network Threat.After hacker or criminal attack industrial control network by internet, industrial control network is stolen Creation data, control data, capacity data in (Industry control network) etc., all can be to industrial production safety Produce huge loss.
In order to ensure the safety of industry control network, need to set up safe set generally between industry control network and conventional internet It is standby, such as, audit device, gateway equipment, data isolation gateway device etc., applied for example, gateway equipment is exactly one kind in industry control Common equipment in network security, on the premise of supporting industry produces net, Office Network (internet) two-way isolation, by gateway pair Message in internet carries out agreement stripping etc., judges to transmit the legitimacy of file, to ensure the security of industry control network.
Based on industrial control computer usually requires safety chip, using integrity measurement and management and control technology as support, For the purpose of preventing not trusted program in Industry Control terminal (active station) operation.Safety chip solves the body of industry control terminal Part certification and identification problem.Integrity measurement solves the problems, such as identification of the computer program in loading with management and control technology, and The operation of program can be forbidden being not trusted.
Although however, being provided with safety chip in industrial control computer, guiding still occurs in practical application The situation that loading procedure (bootloader) file is tampered and/or system image file is tampered, bootstrap loader (bootloader) file is tampered and/or after system image file is tampered, it will and cause operating system not start normally, Either start the another set of operating system different from the operating system for needing to start.
The content of the invention
In view of this, it is an object of the invention to provide a kind of active safety of credible industrial control computer startup stage Means of defence and credible industrial control computer, to solve bootstrap loader present in prior art (bootloader) text After part is tampered and/or system image file is tampered, caused operating system can not normally start, or the operation started The system technical problem different from the operating system for needing to start.
To prevent in a first aspect, the embodiments of the invention provide a kind of active safety of credible industrial control computer startup stage Maintaining method, applied in the credible platform control module of credible industrial control computer, in the credible industrial control computer Also include:Flash memory, power-supply controller of electric and the device controller being connected with the credible platform control module, methods described include:
After power supply is accessed, the power-supply controller of electric is controlled to store guiding in the flash memory for electricity on the flash memory Loading procedure file and system image file;
After the bootstrap loader file is read in the flash memory, using the close SM2 and SM3 algorithms of state to institute The integrality for stating bootstrap loader file is verified;
After the completeness check success of the bootstrap loader file, it is the equipment to control the power-supply controller of electric It is electric on controller, so that described in the device controller read by running the bootstrap loader file in the flash memory System image file, and then the device controller is called SM2 the and SM3 algorithm engines of TCM safety chips to the system The integrality of image file is verified;
After the completeness check failure of the bootstrap loader file, the power-supply controller of electric is controlled to described credible Under industrial control computer electricity or restart.
With reference in a first aspect, the embodiments of the invention provide the possible embodiment of the first of first aspect, wherein, institute State and the integrality of the bootstrap loader file is verified using state's close SM2 and SM3 algorithms, including:
Hash computing is carried out to the bootstrap loader file using state's close SM3 algorithms, obtains the first Hash Value;
Default bootstrap file signature data and safety management certificate are read from default memory space;
Using the close SM2 algorithms of state, using the safety management certificate and first Hash Value, to bootstrap text Part signed data carries out signature verification;
When signature verification success, the completeness check success of the bootstrap loader file is determined;
When signature verification fails, the completeness check failure of the bootstrap loader file is determined.
Second aspect, the embodiments of the invention provide a kind of active safety of credible industrial control computer startup stage to prevent Maintaining method, in the device controller applied to credible industrial control computer, also include in the credible industrial control computer: Flash memory, power-supply controller of electric and credible platform control module, the methods described being connected with the device controller include:
After upper electricity, system image file is read in the flash memory by running bootstrap loader file;
After the system image file is read in the flash memory, by the SM2 and SM3 that call TCM safety chips Algorithm engine verifies to the integrality of the system image file;
After the completeness check success of the system image file, the system image file is run;
After the completeness check failure of the system image file, the power-supply controller of electric is controlled to the credible industry Under control computer electricity or restart.
With reference to second aspect, the embodiments of the invention provide the possible embodiment of the first of second aspect, wherein, institute State by calling SM2 the and SM3 algorithm engines of TCM safety chips to verify the integrality of the system image file, wrap Include:
Hash computing is carried out to the system image file using state's close SM3 algorithms, obtains the second Hash Value;
Default system image file signature data and safety management certificate are read from default memory space;
Using the close SM2 algorithms of state, management certificate safe to use and second Hash Value, to the system image file label Name data carry out signature verification;
When signature verification success, the completeness check success of the system image file is determined;
When signature verification fails, the completeness check failure of the system image file is determined.
With reference to second aspect, the embodiments of the invention provide the possible embodiment of second of second aspect, wherein, institute Stating method also includes:
One group of safety management public key, safety management private key and safety management elliptic curve ginseng are generated using the close SM2 algorithms of state Number, the safety management private key are stored by safety officer;
Hash calculating, generation are carried out to bootstrap loader file and system image file respectively using the close SM3 algorithms of state The Hash Value of bootstrap loader file and the Hash Value of system image file;
Using the close SM2 algorithms of state, the Hash Value of the Hash Value to bootstrap loader file and system image file enters respectively Row digital signature, respectively obtain bootstrap file signature data and system image file signature data;
The bootstrap file signature data and system image file signature data Cun Chudao are preset into memory space;
According to the safety management public key, the identity information of the safety officer, safety management elliptic curve ginseng Number generation safety management certificate, and the default memory space is arrived into safety management certificate storage.
The third aspect, the embodiments of the invention provide a kind of credible industrial control computer, flash memory, power-supply controller of electric, can Believe platform control module and device controller;
The output end of the flash memory is connected with the credible platform control module and the device controller respectively, for depositing Store up bootstrap loader file and system image file;
The input of the power-supply controller of electric is connected with the credible platform control module, output end respectively with the equipment Controller connects with the flash memory, for being the flash memory according to the first control instruction of the credible platform control module Electricity, it is electricity on the device controller according to the second control instruction of the credible platform control module;
The credible platform control module, is connected with the device controller, for after power supply is accessed, to described Credible platform control module sends the first control instruction, the integrality of the bootstrap loader file is verified, when integrality school After testing successfully, the second control instruction is sent to the credible platform control module, after completeness check failure, controls the electricity Source controller is to electricity under the credible industrial control computer or restarts;
The device controller, for after the power-up, the system being read by running the bootstrap loader file Image file, the integrality of the system image file is verified, after completeness check success, run the system image text Part, after completeness check failure, the power-supply controller of electric is controlled to electricity under the credible industrial control computer or is restarted.
With reference to the third aspect, the embodiments of the invention provide the possible embodiment of the first of the third aspect, wherein, institute Stating credible platform control module includes:Memory, the computer that is stored on the memory and can run on the microprocessor The randomizer of the random number that program, the close SM3 algorithms of generation state and the close SM2 algorithms of state use, the close SM3 algorithms of generation state and Whether key generator, the verification bootstrap loader file of the key that the close SM2 algorithms of state use are complete actively to be measured The cryptographic algorithm engine and microprocessor of unit, the close SM3 algorithms of the storage state and the close SM2 algorithms of state, the microprocessor are held The step of method described in above-mentioned first aspect being realized during the row computer program.
Fourth aspect, the embodiment of the present invention additionally provide a kind of credible platform control module, including:Memory, it is stored in On the memory and computer program, the close SM2 algorithms of the close SM3 algorithms of generation state and state that can run on the microprocessor use The key generator of the key that uses of randomizer, the close SM3 algorithms of generation state and the close SM2 algorithms of state of random number, school Test the whether complete active metric element of the bootstrap loader file, the close SM3 algorithms of the storage state and the close SM2 algorithms of state Cryptographic algorithm engine and microprocessor, the microprocessor realizes above-mentioned power first aspect institute when performing the computer program The step of method stated.
5th aspect, the embodiment of the present invention additionally provide a kind of non-volatile program code that can perform with microprocessor Computer-readable medium, described program code makes the microprocessor perform the method described in aforementioned first aspect.
6th aspect, the embodiment of the present invention also provide a kind of non-volatile program code that can perform with microprocessor Computer-readable medium, described program code make the microprocessor perform the method described in foregoing second aspect.
The embodiment of the present invention brings following beneficial effect:The embodiment of the present invention by first after power supply is accessed, Credible platform control module controls the power-supply controller of electric as electricity on the flash memory, when reading the guiding in the flash memory After loading procedure file, credible platform control module is using the close SM2 and SM3 algorithms of state to the bootstrap loader file Integrality is verified, and after the completeness check failure of the bootstrap loader file, credible platform control module can be with The power-supply controller of electric is controlled to electricity under the credible industrial control computer or is restarted;When the bootstrap loader file After completeness check success, credible platform control module can control the power-supply controller of electric as electricity on the device controller.
On device controller after electricity, device controller reads system by running bootstrap loader file in the flash memory System image file, after the system image file is read in the flash memory, device controller is by calling the safe cores of TCM SM2 the and SM3 algorithm engines of piece verify to the integrality of the system image file;It is complete when the system image file After whole property verifies successfully, device controller can run the system image file;When the integrality of the system image file Verification failure after, device controller can control the power-supply controller of electric under the credible industrial control computer electricity or again Open.
The embodiment of the present invention can be in the device controller in industry control network before upper electricity, and credible platform control module is actively The integrality of bootstrap loader file is verified so that trust chain is begun setting up at " the first moment of power-up ", is being verified During success, control power-supply controller of electric is to electricity on device controller, and on device controller after electricity, equipment device controller is actively right The integrality of system image file is verified, just normal to start only in the completeness check success of system image file Operating system, realize that active of the operating system of credible industrial control computer in credible industrial control computer startup stage is pacified Full protection.
Other features and advantages of the present invention will illustrate in the following description, also, partly become from specification Obtain it is clear that or being understood by implementing the present invention.The purpose of the present invention and other advantages are in specification, claims And specifically noted structure is realized and obtained in accompanying drawing.
To enable the above objects, features and advantages of the present invention to become apparent, preferred embodiment cited below particularly, and coordinate Appended accompanying drawing, is described in detail below.
Brief description of the drawings
, below will be to specific in order to illustrate more clearly of the specific embodiment of the invention or technical scheme of the prior art The required accompanying drawing used is briefly described in embodiment or description of the prior art, it should be apparent that, in describing below Accompanying drawing is some embodiments of the present invention, for those of ordinary skill in the art, before creative work is not paid Put, other accompanying drawings can also be obtained according to these accompanying drawings.
Fig. 1 is a kind of structure chart of credible industrial control computer provided in an embodiment of the present invention;
Fig. 2 is a kind of structure chart of credible platform control module provided in an embodiment of the present invention;
Fig. 3 is a kind of active safety protection side of credible industrial control computer startup stage provided in an embodiment of the present invention A kind of flow chart of method;
Fig. 4 is a kind of active safety protection side of credible industrial control computer startup stage provided in an embodiment of the present invention Another flow chart of method;
Fig. 5 is the active safety protection dress of credible industrial control computer startup stage provided in an embodiment of the present invention a kind of The structure chart put;
Fig. 6 is that the active safety of another kind provided in an embodiment of the present invention credible industrial control computer startup stage protects The structure chart of device.
Icon:11- flash memories;12- power-supply controller of electric;13- credible platform control modules;14- device controllers;15- signals Switch unit;21- memories;22- microprocessors;23- randomizers;24- key generators;25- actively measures single Member;26- cryptographic algorithm engines;The control modules of 41- first;The correction verification modules of 42- first;The control modules of 43- second;44- the 3rd is controlled Molding block;The read modules of 51- first;The correction verification modules of 52- second;53- runs module;The control modules of 54- the 4th.
Embodiment
To make the purpose, technical scheme and advantage of the embodiment of the present invention clearer, below in conjunction with accompanying drawing to the present invention Technical scheme be clearly and completely described, it is clear that described embodiment is part of the embodiment of the present invention, rather than Whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art are not making creative work premise Lower obtained every other embodiment, belongs to the scope of protection of the invention.
, will at present after bootstrap loader (bootloader) file is tampered and/or system image file is tampered Operating system can be caused not start normally, or the operating system started different from the operating system that needs start is asked Topic, based on this, in order to improve the two-way isolation of industrial production net, Office Network on the premise of strengthen industrial control computer security Energy;The boot program loads file in the operating system in industrial control computer and system image file data is avoided to be usurped Change the industry control network safety problem caused by replacing, a kind of credible industrial control computer provided in an embodiment of the present invention starts rank The active safety means of defence and credible industrial control computer of section, can be in the device controller in industry control network in upper electricity Before, credible platform control module actively verifies to the integrality of bootstrap loader file so that trust chain is in " power-up the One moment " begins setting up, and when verifying successfully, control power-supply controller of electric is to electric on device controller, the electricity on device controller Afterwards, device controller actively verifies to the integrality of system image file, only the integrality school in system image file Test by when, just normal start-up operation system, realizes the operating system of credible industrial control computer in credible Industry Control meter The active safety protection of calculation machine startup stage.
For ease of understanding the present embodiment, first to a kind of credible Industry Control meter disclosed in the embodiment of the present invention Calculation machine describes in detail, as shown in figure 1, the credible industrial control computer includes:Flash memory 11, power-supply controller of electric 12, can Believe platform control module 13 and device controller 14, in actual applications, signal switch unit 15 can also be included in Fig. 1;Its In, flash memory 11, power-supply controller of electric 12, credible platform control module 13, device controller 14, signal switch unit 15 can be simultaneously Configuration in the printed circuit board of credible industrial control computer, credible platform control module 13 can also by EBI with Device controller 14 and signal switch unit 15 in the printed circuit board of credible industrial control computer connect.
The output end of the flash memory 11 is connected with the credible platform control module 13 and the device controller 14 respectively, For storing bootstrap loader file and system image file;The power input of the flash memory 11 switches with the signal Unit 15 connects.
The input of the power-supply controller of electric 12 is connected with signal switch unit 15, and output end controls with the equipment respectively Device 14 and the flash memory 11 connect, for what is sent according to the credible platform control module 13 by signal switch unit 15 First control instruction is that the flash memory 11 is powered, and is sent according to the credible platform control module 13 by signal switch unit 15 The second control instruction power for the device controller 14;
Power-supply controller of electric can refer to CPLD (Complex Programmable Logic Device, complex programmable control Logic) device etc..
The credible platform control module 13, is connected with the device controller, for after power supply is accessed, generating First control instruction, the first control instruction is sent to the credible platform control module by signal switch unit 15, verifies institute The integrality of bootstrap loader file is stated, the control of generation second after the completeness check success of the bootstrap loader file System instruction, is sent or the second control instruction to the credible platform control module by signal switch unit 15, drawn when described After leading the completeness check failure of loading procedure file, the power-supply controller of electric is controlled under the credible industrial control computer Electricity is restarted;
The device controller 14, for after the power-up, the system being read by running the bootstrap loader file System image file, the integrality of the system image file is verified, after the completeness check success of the system image file, The system image file is run, after the completeness check failure of the system image file, controls the power-supply controller of electric To electricity under the credible industrial control computer or restart.
Signal switch unit 15 in Fig. 1, refer to for receiving the power supply that credible platform control module 13 sends over (power supply instruction can refer to the first control instruction, can also refer to the second control instruction) is made, power supply instruction is solved Analysis, and power supply instruction is sent to power-supply controller of electric 12, realize power supply of the credible platform control module 13 to whole platform It is controlled, when the completeness check of bootstrap loader file or system image file loses in plateform system start-up course Lose, credible platform control module 13 can directly transmit control power command complete under credible industrial control computer electricity or again Open.
In this embodiment, as shown in Fig. 2 credible platform control module 13 can include:Memory 21, it is stored in institute State the computer program that can be run on memory and on microprocessor 22, the close SM2 algorithms of the close SM3 algorithms of generation state and state use Random number the key generator of key that uses of randomizer 23, the close SM3 algorithms of generation state and the close SM2 algorithms of state 24th, it is close that the whether complete active metric element 25 of the bootstrap loader file, the close SM3 algorithms of the storage state and state are verified The cryptographic algorithm engine 26 and microprocessor 22 of SM2 algorithms, the microprocessor are realized when performing the computer program:Under The step of method of embodiment of the method offer is provided.
Industrial control system processor in Fig. 2 on the right side of bus can refer to device controller 14 in embodiments of the present invention, Domestic TCM trust computings security module in Fig. 2 can refer to TCM safety chips, device controller, I/ in embodiments of the present invention O unit and TCM safety chips can be connected by bus with the I2C buses of credible platform control module.
In actual applications, credible platform control module 13 can also include timer, control unit and input and output bridge Order member, timer can be used for timer counter, and microprocessor can send interruption after timer counter meets related application requirement Signal, related application perform interrupt handling routine;Control unit is mainly responsible for terminal platform program circuit management, is microprocessor Command and control center, to coordinating whole terminal platform, work is as important in order, and input and output bridge-jointing unit can pass through LPC Device controller, identification apparatus controller, I2C device controllers or GPIO device controllers connection system bus, enter And device controller and TCM safety chips etc. are connected by system bus.
Credible platform control module can be attached by other of I2C interface and industrial control computer chip, real Existing signal transmission.
The close SM3 algorithms of state are the national Password Management office Chinese commercial cipher hash algorithm standards announced in 2010.SM3 is calculated Digital signature and checking of the method suitable for commercial cipher application, are a kind of algorithms that realization is improved on the basis of SHA-256. SM3 algorithms use Merkle-Damgard structures, and message block length is 512, and digest value length is 256.SM3 algorithms Compression function has similar structure to SHA-256 compression function, but the design of SM3 algorithms is more complicated, for example compresses The each round of function all uses 2 message words.
The close SM2 algorithms of state:Public key algorithm, SM2 algorithms were sent out by national Password Management office on December 17th, 2010 Cloth, full name are elliptic curve.
In actual applications, the sum in the credible platform control module 13 in cryptographic algorithm engine 26 can directly be utilized The integrality of the close SM2 algorithms verification bootstrap loader file of state, and, calculated using the close SM3 of state in cryptographic algorithm engine 26 The integrality of the close SM2 algorithms check system image file of method and state.
In practical application, domestic TCM (Trusted Cryptography are also set up in industrial control computer Module, credible password module) safety chip, hereinafter referred to as TCM, it is stored with for the complete of check system image file in TCM The close SM2 algorithms of the close SM3 algorithms of state and state of whole property, TCM are the core components that industry control terminal system provides security function, are had Crypto-operation and secure storage function, major function include:1) defencive function, performed with trusted manner and calculate safety storage number According to;2) integrity measurement function, protected module will cause its Hash Value to change after being maliciously tampered, by calculating just Module Hash Value in operation can just detect module problem in time;3) authentication function, TCM can assist to complete and terminal Between authentication, PCR platform registers can realize terminal and platform hardware configuration mutually binding, realization is mutually authenticated, Communication function.
In embodiments of the present invention, can be drawn when verifying the integrality of bootstrap loader file using cryptographic algorithm The close SM2 algorithms of the close SM3 algorithms of 26 offer states and state are provided, in check system image file, provide state close SM3 algorithms using TCM With the close SM2 algorithms of state.
When using the integrality of TCM check system image files, it is possible to achieve be subject to root of trust control work(on the basis of TCM Can, form the host being made up of credible platform control module and TCM and add believable credible node metric, operating system is arrived in realization Trust transitivity, authentic hardware environ-ment platform is provided for upper strata;Peripheral resources are carried out with the credible control of hardware of bus level.
On the basis of previous embodiment, in another embodiment of the present invention, the credible platform control module 13 can To be arranged inside industry control network safety means, can also be connected with industry control network safety means by EBI, in reality In, EBI can refer to LPC (Low Pin Count) interface, 33MHz of the lpc bus interface based on Intel standards 4bit parallel bus protocols;EBI can also refer to I2C (Inter-Integrated Circuit, IC bus) and connect Mouthful;EBI can also refer to PCI-Express (peripheral component interconnect express) and connect Mouthful, PCI-Express interfaces use point-to-point serial data transmission technology, and it is anti-that industry control network safety means can refer to industry Wall with flues, industry control safety auditing system, industrial control system leak analysis instrument or industry control safety comprehensive supervising platform etc..
As shown in Fig. 2 credible platform control module 13 can include:Memory 21, it is stored on the memory and can The random number that the computer program that is run on microprocessor 22, the close SM3 algorithms of generation state and the close SM2 algorithms of state use it is random The key generator 24 for the key that number generator 23, the close SM3 algorithms of generation state and the close SM2 algorithms of state use, the verification guiding The password of the whether complete active metric element 25 of loading procedure file, the close SM3 algorithms of the storage state and the close SM2 algorithms of state is calculated Method engine 26 and microprocessor 22, the microprocessor are realized when performing the computer program:Following embodiments of the method provide Method the step of.
In actual applications, credible platform control module 13 can also include timer, control unit and input and output bridge Order member, timer can be used for timer counter, and microprocessor can send interruption after timer counter meets related application requirement Signal, related application perform interrupt handling routine;Control unit is mainly responsible for terminal platform program circuit management, is microprocessor Command and control center, to coordinating whole terminal platform, work is as important in order, and input and output bridge-jointing unit can pass through LPC Device controller, identification apparatus controller, I2C device controllers or GPIO device controllers connection system bus, enter And device controller and TCM safety chips etc. are connected by system bus.
Credible platform control module can be attached by other of I2C interface and industrial control computer chip, real Existing signal transmission.
On the basis of previous embodiment, in another embodiment of the present invention, as shown in figure 3, the embodiment of the present invention is also A kind of active safety means of defence of credible industrial control computer startup stage is provided, due to credible platform in previous embodiment Control module is to send power supply instruction to signal switch unit, and power supply instruction is simply transmitted to by signal switch unit The break-make of power-supply controller of electric, actually power controller controls power supply, so it is single to omit signal switching in the present embodiment Member, on/off control directly is described using power-supply controller of electric.The active peace of the credible industrial control computer startup stage Full protection method can apply to as in the credible industrial control computer of previous embodiment, the described method comprises the following steps.
In step S101, after power supply is accessed, credible platform control module controls the power-supply controller of electric as institute State electric on flash memory;Bootstrap loader file and system image file are stored in the flash memory.
In step s 102, after the bootstrap loader file is read in the flash memory, credible platform control Module is verified using the close SM2 and SM3 algorithms of state to the integrality of the bootstrap loader file.
In this step, key computing can be carried out by the close SM2 and SM3 algorithms of state, can so guarantee safety and Efficiency, double certificate structure, simplifies certificate management, improves availability and pipe.
In embodiments of the present invention, the step S102 may comprise steps of.
Hash computing is carried out to the bootstrap loader file using state's close SM3 algorithms, obtains the first Hash Value;From pre- If default bootstrap file signature data and safety management certificate are read in memory space;Using the close SM2 algorithms of state, use The safety management certificate and first Hash Value, signature verification is carried out to the bootstrap file signature data;Work as label When name is proved to be successful, the completeness check success of the bootstrap loader file is determined;
When signature verification fails, the completeness check failure of the bootstrap loader file is determined.
In step s 103, after the completeness check success of the bootstrap loader file, the power supply control is controlled Device processed is electricity on the device controller, so that the device controller is by running the bootstrap loader file described The system image file is read in flash memory, and then makes SM2 the and SM3 algorithms of the device controller calling TCM safety chips Engine verifies to the integrality of the system image file.
In step S104, after the completeness check failure of the bootstrap loader file, the power supply control is controlled Device processed is to electricity under the credible industrial control computer or restarts.
In step S105, on device controller after electricity, read by running bootstrap loader file in the flash memory Take system image file.
Also include between step S104 and step S105:Control is released to guiding loading by credible platform control module Program file.
In step s 106, after the system image file is read in the flash memory, device controller passes through tune The integrality of the system image file is verified with SM2 the and SM3 algorithm engines of TCM safety chips.
In step s 107, after the completeness check success of the system image file, described in device controller operation System image file.
In embodiments of the present invention, the step S107 may comprise steps of.
Hash computing is carried out to the system image file using state's close SM3 algorithms, obtains the second Hash Value;Deposited from default Storage reads default system image file signature data and safety management certificate in space;It is safe to use using the close SM2 algorithms of state Certificate and second Hash Value are managed, signature verification is carried out to the system image file signature data;When signature verification into During work(, the completeness check success of the system image file is determined;When signature verification fails, the system image text is determined The completeness check failure of part.
In step S108, after the completeness check failure of the system image file, described in device controller control Power-supply controller of electric is to electricity under the credible industrial control computer or restarts.
The embodiment of the present invention is in device controller before upper electricity, and credible platform control module is actively to bootstrap loader text Part is measured so that trust chain is begun setting up at " the first moment of power-up ";And utilize more measurement agencies to establish trust chain, it is State and virtual measurement provide support.Realize the active control and measurement based on password;Using brand-new architecture, with certainly Based on main password, control chip is pillar, and double mainboards that melt are platform, and trusted software is core, credible to be connected as tie, strategy Management and control architectonical, carry out realizing the purpose that secure and trusted protects application.
As shown in figure 4, when credible industrial control computer starts first, it is described in another embodiment of the present invention Method also includes the step of industrial control computer platform completes safety management mandate.
Step S201, device controller using the close SM2 algorithms of state generate one group of safety management public key, safety management private key and Safety management elliptic curve parameter, the safety management private key are stored by safety officer.
In this step, safety management private key needs safety officer's voluntarily kept secure.
Step S202, device controller is using the close SM3 algorithms of state respectively to bootstrap loader file and system image text Part carries out hash calculating, generates the Hash Value of bootstrap loader file and the Hash Value of system image file.
Step S203, device controller the Hash Value to bootstrap loader file and are respectively using the close SM2 algorithms of state The Hash Value of system image file is digitally signed, and respectively obtains bootstrap file signature data and system image file signature Data.
Step S204, device controller deposit the bootstrap file signature data and system image file signature data Store up default memory space.
In this step, default memory space refers to TCM data confidentiality memory module and/or credible platform control module.
Step S205, device controller is according to the safety management public key, the identity information, described of the safety officer Safety management elliptic curve parameter generates safety management certificate, and safety management certificate storage is empty to the default storage Between.
As shown in figure 5, in another embodiment of the present invention, a kind of credible industrial control computer startup stage is also provided Active safety protector, described device includes:First control module 41, the first correction verification module 42, the second control module 43 With the 3rd control module 44;
First control module 41, for after power supply is accessed, controlling the power-supply controller of electric as electricity on the flash memory;
First correction verification module 42, for root after the bootstrap loader file is read in the flash memory, utilize The close SM2 and SM3 algorithms of state verify to the integrality of the bootstrap loader file;
Second control module 43, for after the completeness check success of the bootstrap loader file, described in control Power-supply controller of electric is electricity on the device controller, so that the device controller is by running the bootstrap loader file The system image file is read in the flash memory, so make the device controller call TCM safety chips SM2 and SM3 algorithm engines verify to the integrality of the system image file;
3rd control module 44, for after the completeness check failure of the bootstrap loader file, described in control Power-supply controller of electric is to electricity under the credible industrial control computer or restarts.
As shown in fig. 6, in another embodiment of the present invention, a kind of credible industrial control computer startup stage is also provided Active safety protector, described device includes:First read module 51, the second correction verification module 52, operation module 53 and the Four control modules 54;
First read module 51, after upper electricity, read by running the bootstrap loader file in the flash memory Take system image file;
Second correction verification module 52, for after the system image file is read in the flash memory, by calling TCM SM2 the and SM3 algorithm engines of safety chip verify to the integrality of the system image file;
Module 53 is run, for after the completeness check success of the system image file, running the system image File;
4th control module 54, for after the completeness check failure of the system image file, controlling the power supply Controller is to electricity under the credible industrial control computer or restarts.
In another embodiment of the present invention, a kind of non-volatile program code that can perform with microprocessor is also provided Computer-readable medium, described program code makes the microprocessor perform the method described in above method embodiment.
The active safety means of defence for the credible industrial control computer startup stage that the embodiment of the present invention is provided and can Believe the computer program product of industrial control computer, including store the computer-readable recording medium of program code, it is described The instruction that program code includes can be used for performing the method described in previous methods embodiment, and specific implementation can be found in method and implement Example, will not be repeated here.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description With the specific work process of device, the corresponding process in preceding method embodiment is may be referred to, will not be repeated here.
In addition, in the description of the embodiment of the present invention, unless otherwise clearly defined and limited, term " installation ", " phase Even ", " connection " should be interpreted broadly, for example, it may be being fixedly connected or being detachably connected, or be integrally connected;Can To be mechanical connection or electrical connection;Can be joined directly together, can also be indirectly connected by intermediary, Ke Yishi The connection of two element internals.For the ordinary skill in the art, with concrete condition above-mentioned term can be understood at this Concrete meaning in invention.
If the function is realized in the form of SFU software functional unit and is used as independent production marketing or in use, can be with It is stored in a computer read/write memory medium.Based on such understanding, technical scheme is substantially in other words The part to be contributed to prior art or the part of the technical scheme can be embodied in the form of software product, the meter Calculation machine software product is stored in a storage medium, including some instructions are causing a computer equipment (can be People's computer, server, or network equipment etc.) perform all or part of step of each embodiment methods described of the present invention. And foregoing storage medium includes:USB flash disk, mobile hard disk, read-only storage (ROM, Read-Only Memory), arbitrary access are deposited Reservoir (RAM, Random Access Memory), magnetic disc or CD etc. are various can be with the medium of store program codes.
In the description of the invention, it is necessary to explanation, term " " center ", " on ", " under ", "left", "right", " vertical ", The orientation or position relationship of the instruction such as " level ", " interior ", " outer " be based on orientation shown in the drawings or position relationship, merely to Be easy to the description present invention and simplify description, rather than instruction or imply signified device or element must have specific orientation, With specific azimuth configuration and operation, therefore it is not considered as limiting the invention.In addition, term " first ", " second ", " the 3rd " is only used for describing purpose, and it is not intended that instruction or hint relative importance.
Finally it should be noted that:Embodiment described above, it is only the embodiment of the present invention, to illustrate the present invention Technical scheme, rather than its limitations, protection scope of the present invention is not limited thereto, although with reference to the foregoing embodiments to this hair It is bright to be described in detail, it will be understood by those within the art that:Any one skilled in the art The invention discloses technical scope in, it can still modify to the technical scheme described in previous embodiment or can be light Change is readily conceivable that, or equivalent substitution is carried out to which part technical characteristic;And these modifications, change or replacement, do not make The essence of appropriate technical solution departs from the spirit and scope of technical scheme of the embodiment of the present invention, should all cover the protection in the present invention Within the scope of.Therefore, protection scope of the present invention described should be defined by scope of the claims.

Claims (10)

1. a kind of active safety means of defence of credible industrial control computer startup stage, it is characterised in that applied to credible In the credible platform control module of industrial control computer, also include in the credible industrial control computer:With it is described credible Flash memory, power-supply controller of electric and the device controller of platform control module connection, methods described include:
After power supply is accessed, the power-supply controller of electric is controlled as electricity on the flash memory, storage guiding loading in the flash memory Program file and system image file;
After the bootstrap loader file is read in the flash memory, using the close SM2 and SM3 algorithms of state to the guiding The integrality of loading procedure file is verified;
After the completeness check success of the bootstrap loader file, the power-supply controller of electric is controlled to be controlled for the equipment It is electric on device, so that the device controller reads the system by running the bootstrap loader file in the flash memory Image file, and then the device controller is called SM2 the and SM3 algorithm engines of TCM safety chips to the system image The integrality of file is verified;
After the completeness check failure of the bootstrap loader file, the power-supply controller of electric is controlled to the credible industry Under control computer electricity or restart.
2. the active safety means of defence of credible industrial control computer startup stage according to claim 1, its feature It is, it is described that the integrality of the bootstrap loader file is verified using state's close SM2 and SM3 algorithms, including:
Hash computing is carried out to the bootstrap loader file using state's close SM3 algorithms, obtains the first Hash Value;
Default bootstrap file signature data and safety management certificate are read from default memory space;
Using the close SM2 algorithms of state, using the safety management certificate and first Hash Value, to the bootstrap file label Name data carry out signature verification;
When signature verification success, the completeness check success of the bootstrap loader file is determined;
When signature verification fails, the completeness check failure of the bootstrap loader file is determined.
3. a kind of active safety means of defence of credible industrial control computer startup stage, it is characterised in that applied to credible In the device controller of industrial control computer, also include in the credible industrial control computer:With the device controller The flash memory of connection, power-supply controller of electric and credible platform control module, methods described include:
After upper electricity, system image file is read in the flash memory by running bootstrap loader file;
After the system image file is read in the flash memory, by SM2 the and SM3 algorithms for calling TCM safety chips Engine verifies to the integrality of the system image file;
After the completeness check success of the system image file, the system image file is run;
After the completeness check failure of the system image file, the power-supply controller of electric is controlled to the credible Industry Control Under computer electricity or restart.
4. the active safety means of defence of credible industrial control computer startup stage according to claim 3, its feature It is, it is described by calling SM2 the and SM3 algorithm engines of TCM safety chips to carry out the integrality of the system image file Verification, including:
Hash computing is carried out to the system image file using state's close SM3 algorithms, obtains the second Hash Value;
Default system image file signature data and safety management certificate are read from default memory space;
Using the close SM2 algorithms of state, management certificate safe to use and second Hash Value, to the system image file signature number According to progress signature verification;
When signature verification success, the completeness check success of the system image file is determined;
When signature verification fails, the completeness check failure of the system image file is determined.
5. the active safety means of defence of credible industrial control computer startup stage according to claim 4, its feature It is, methods described also includes:
One group of safety management public key, safety management private key and safety management elliptic curve parameter, institute are generated using the close SM2 algorithms of state Safety management private key is stated to be stored by safety officer;
Hash calculating, generation guiding are carried out to bootstrap loader file and system image file respectively using the close SM3 algorithms of state The Hash Value of loading procedure file and the Hash Value of system image file;
Using the close SM2 algorithms of state, the Hash Value of the Hash Value to bootstrap loader file and system image file enters line number respectively Word is signed, and respectively obtains bootstrap file signature data and system image file signature data;
The bootstrap file signature data and system image file signature data Cun Chudao are preset into memory space;
According to the safety management public key, the identity information of the safety officer, safety management elliptic curve parameter life The default memory space is arrived into safety management certificate, and by safety management certificate storage.
A kind of 6. credible industrial control computer, it is characterised in that including:Flash memory, power-supply controller of electric, credible platform control module And device controller;
The output end of the flash memory is connected with the credible platform control module and the device controller respectively, is drawn for storing Lead loading procedure file and system image file;
The input of the power-supply controller of electric is connected with the credible platform control module, and output end controls with the equipment respectively Device connects with the flash memory, for being electricity, root on the flash memory according to the first control instruction of the credible platform control module It is electricity on the device controller according to the second control instruction of the credible platform control module;
The credible platform control module, is connected with the device controller, for after power supply is accessed, to described credible Platform control module sends the first control instruction, verifies the integrality of the bootstrap loader file, when completeness check into After work(, the second control instruction is sent to the credible platform control module, after completeness check failure, controls the power supply control Device processed is to electricity under the credible industrial control computer or restarts;
The device controller, for after the power-up, the system image being read by running the bootstrap loader file File, the integrality of the system image file is verified, after completeness check success, run the system image file, when After completeness check failure, the power-supply controller of electric is controlled to electricity under the credible industrial control computer or is restarted.
7. credible industrial control computer according to claim 6, it is characterised in that the credible platform control module bag Include:Memory, the computer program that is stored on the memory and can run on the microprocessor, the close SM3 algorithms of generation state Randomizer, the close SM3 algorithms of generation state and the close SM2 algorithms of state of the random number used with state close SM2 algorithms use close Key generator, the whether complete active metric element of the verification bootstrap loader file, the storage close SM3 of state of key The cryptographic algorithm engine and microprocessor of the close SM2 algorithms of algorithm and state, the microprocessor perform real during the computer program The step of any one of existing the claims 1 to 2 methods described.
A kind of 8. credible platform control module, it is characterised in that including:Memory, it is stored on the memory and can be micro- The random number for the random number that computer program, the close SM3 algorithms of generation state and the close SM2 algorithms of state run on processor uses occurs The key generator for the key that device, the close SM3 algorithms of generation state and the close SM2 algorithms of state use, the verification bootstrap loader text The cryptographic algorithm engine and Wei Chu of the whether complete active metric element of part, the close SM3 algorithms of the storage state and the close SM2 algorithms of state Device is managed, the microprocessor realizes the step of any one of the claims 1 to 2 methods described when performing the computer program Suddenly.
A kind of 9. computer-readable medium for the non-volatile program code that can perform with microprocessor, it is characterised in that institute Stating program code makes the microprocessor perform any methods describeds of claim 1-2.
A kind of 10. computer-readable medium for the non-volatile program code that can perform with microprocessor, it is characterised in that institute Stating program code makes the microprocessor perform any methods describeds of claim 3-5.
CN201710445071.6A 2017-06-13 2017-06-13 The active safety means of defence and credible industrial control computer of credible industrial control computer startup stage Pending CN107403098A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710445071.6A CN107403098A (en) 2017-06-13 2017-06-13 The active safety means of defence and credible industrial control computer of credible industrial control computer startup stage

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710445071.6A CN107403098A (en) 2017-06-13 2017-06-13 The active safety means of defence and credible industrial control computer of credible industrial control computer startup stage

Publications (1)

Publication Number Publication Date
CN107403098A true CN107403098A (en) 2017-11-28

Family

ID=60405194

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710445071.6A Pending CN107403098A (en) 2017-06-13 2017-06-13 The active safety means of defence and credible industrial control computer of credible industrial control computer startup stage

Country Status (1)

Country Link
CN (1) CN107403098A (en)

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108229132A (en) * 2017-12-27 2018-06-29 北京和利时系统工程有限公司 A kind of safe starting method and device, terminal
CN108255505A (en) * 2018-01-10 2018-07-06 浪潮(北京)电子信息产业有限公司 A kind of firmware update, device, equipment and computer readable storage medium
CN108446560A (en) * 2018-02-26 2018-08-24 深圳市元征科技股份有限公司 A kind of system detecting method, device, terminal device and readable storage medium storing program for executing
CN109101844A (en) * 2018-08-22 2018-12-28 京东方科技集团股份有限公司 Mobile unit and its safe checking method
CN109840409A (en) * 2018-12-29 2019-06-04 北京深思数盾科技股份有限公司 Core board and core board start method
CN109918948A (en) * 2019-01-23 2019-06-21 西安邮电大学 APK integrity checking method, computer program based on national secret algorithm SM3
CN110933058A (en) * 2019-11-21 2020-03-27 深圳渊联技术有限公司 Internet of things system and safety control method thereof
CN110933057A (en) * 2019-11-21 2020-03-27 深圳渊联技术有限公司 Internet of things security terminal and security control method thereof
CN111125666A (en) * 2019-12-25 2020-05-08 四川英得赛克科技有限公司 Trusted control method and system based on trusted computing system
CN111177709A (en) * 2019-12-31 2020-05-19 全球能源互联网研究院有限公司 Execution method and device of terminal trusted component and computer equipment
CN111901095A (en) * 2020-07-23 2020-11-06 上海世麦智能科技有限公司 Safe starting method and system based on hardware encryption
CN112445537A (en) * 2020-12-11 2021-03-05 中国科学院信息工程研究所 Trusted starting method and device of operating system, mobile terminal and storage medium
CN112732275A (en) * 2019-10-14 2021-04-30 中车株洲电力机车研究所有限公司 Train software partitioning and integrating method
CN113051584A (en) * 2021-05-31 2021-06-29 武汉深之度科技有限公司 System secure starting method and device, computing equipment and readable storage medium
CN113420299A (en) * 2021-04-15 2021-09-21 麒麟软件有限公司 Computer system safe starting and guiding method based on SM3 cryptographic algorithm
CN113438087A (en) * 2021-06-24 2021-09-24 深圳市风云实业有限公司 System mirror image signature verification method based on state cryptographic algorithm under UBOOT
CN113468559A (en) * 2021-06-18 2021-10-01 中国电子产品可靠性与环境试验研究所((工业和信息化部电子第五研究所)(中国赛宝实验室)) Firmware verification method and system
CN113505380A (en) * 2021-06-11 2021-10-15 山东云海国创云计算装备产业创新中心有限公司 BMC (baseboard management controller) safe starting method, device, equipment and medium based on state cryptographic algorithm
CN116881929A (en) * 2023-09-06 2023-10-13 苏州浪潮智能科技有限公司 Safety protection method and device, electronic equipment and substrate controller chip

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101393587A (en) * 2007-09-21 2009-03-25 鸿富锦精密工业(深圳)有限公司 Mobile equipment with security protection function and security protection method thereof
CN101504705A (en) * 2009-03-17 2009-08-12 武汉大学 Trusted platform module and its computer starting control method
CN101877040A (en) * 2009-12-07 2010-11-03 中国航天科工集团第二研究院七○六所 High-reliability computing platform
US20110072520A1 (en) * 2003-08-23 2011-03-24 Softex Incorporated System And Method For Protecting Files Stored On An Electronic Device
CN102063593A (en) * 2011-01-07 2011-05-18 北京工业大学 Credible device with active control function and authentication method thereof
CN103490895A (en) * 2013-09-12 2014-01-01 北京斯庄格科技有限公司 Industrial control identity authentication method and device with state cryptographic algorithms
CN104392152A (en) * 2014-12-10 2015-03-04 深圳市捷顺科技实业股份有限公司 Start-up method of embedded equipment, embedded equipment, server and system
CN106384053A (en) * 2016-09-14 2017-02-08 江苏北弓智能科技有限公司 Trusted boot method and apparatus for mobile operation system

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110072520A1 (en) * 2003-08-23 2011-03-24 Softex Incorporated System And Method For Protecting Files Stored On An Electronic Device
CN101393587A (en) * 2007-09-21 2009-03-25 鸿富锦精密工业(深圳)有限公司 Mobile equipment with security protection function and security protection method thereof
CN101504705A (en) * 2009-03-17 2009-08-12 武汉大学 Trusted platform module and its computer starting control method
CN101877040A (en) * 2009-12-07 2010-11-03 中国航天科工集团第二研究院七○六所 High-reliability computing platform
CN102063593A (en) * 2011-01-07 2011-05-18 北京工业大学 Credible device with active control function and authentication method thereof
CN103490895A (en) * 2013-09-12 2014-01-01 北京斯庄格科技有限公司 Industrial control identity authentication method and device with state cryptographic algorithms
CN104392152A (en) * 2014-12-10 2015-03-04 深圳市捷顺科技实业股份有限公司 Start-up method of embedded equipment, embedded equipment, server and system
CN106384053A (en) * 2016-09-14 2017-02-08 江苏北弓智能科技有限公司 Trusted boot method and apparatus for mobile operation system

Cited By (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108229132A (en) * 2017-12-27 2018-06-29 北京和利时系统工程有限公司 A kind of safe starting method and device, terminal
CN108255505A (en) * 2018-01-10 2018-07-06 浪潮(北京)电子信息产业有限公司 A kind of firmware update, device, equipment and computer readable storage medium
CN108446560A (en) * 2018-02-26 2018-08-24 深圳市元征科技股份有限公司 A kind of system detecting method, device, terminal device and readable storage medium storing program for executing
CN109101844A (en) * 2018-08-22 2018-12-28 京东方科技集团股份有限公司 Mobile unit and its safe checking method
CN109840409A (en) * 2018-12-29 2019-06-04 北京深思数盾科技股份有限公司 Core board and core board start method
CN109918948A (en) * 2019-01-23 2019-06-21 西安邮电大学 APK integrity checking method, computer program based on national secret algorithm SM3
CN112732275B (en) * 2019-10-14 2022-06-03 中车株洲电力机车研究所有限公司 Train software partitioning and integrating method
CN112732275A (en) * 2019-10-14 2021-04-30 中车株洲电力机车研究所有限公司 Train software partitioning and integrating method
CN110933058A (en) * 2019-11-21 2020-03-27 深圳渊联技术有限公司 Internet of things system and safety control method thereof
CN110933057A (en) * 2019-11-21 2020-03-27 深圳渊联技术有限公司 Internet of things security terminal and security control method thereof
CN110933057B (en) * 2019-11-21 2021-11-23 深圳渊联技术有限公司 Internet of things security terminal and security control method thereof
CN111125666B (en) * 2019-12-25 2021-01-12 四川英得赛克科技有限公司 Trusted control method and system based on trusted computing system
CN111125666A (en) * 2019-12-25 2020-05-08 四川英得赛克科技有限公司 Trusted control method and system based on trusted computing system
CN111177709A (en) * 2019-12-31 2020-05-19 全球能源互联网研究院有限公司 Execution method and device of terminal trusted component and computer equipment
CN111901095A (en) * 2020-07-23 2020-11-06 上海世麦智能科技有限公司 Safe starting method and system based on hardware encryption
CN112445537A (en) * 2020-12-11 2021-03-05 中国科学院信息工程研究所 Trusted starting method and device of operating system, mobile terminal and storage medium
CN112445537B (en) * 2020-12-11 2022-04-15 中国科学院信息工程研究所 Trusted starting method and device of operating system, mobile terminal and storage medium
CN113420299A (en) * 2021-04-15 2021-09-21 麒麟软件有限公司 Computer system safe starting and guiding method based on SM3 cryptographic algorithm
CN113051584A (en) * 2021-05-31 2021-06-29 武汉深之度科技有限公司 System secure starting method and device, computing equipment and readable storage medium
CN113505380A (en) * 2021-06-11 2021-10-15 山东云海国创云计算装备产业创新中心有限公司 BMC (baseboard management controller) safe starting method, device, equipment and medium based on state cryptographic algorithm
CN113468559A (en) * 2021-06-18 2021-10-01 中国电子产品可靠性与环境试验研究所((工业和信息化部电子第五研究所)(中国赛宝实验室)) Firmware verification method and system
CN113468559B (en) * 2021-06-18 2024-01-05 中国电子产品可靠性与环境试验研究所((工业和信息化部电子第五研究所)(中国赛宝实验室)) Firmware verification method and system
CN113438087A (en) * 2021-06-24 2021-09-24 深圳市风云实业有限公司 System mirror image signature verification method based on state cryptographic algorithm under UBOOT
CN116881929A (en) * 2023-09-06 2023-10-13 苏州浪潮智能科技有限公司 Safety protection method and device, electronic equipment and substrate controller chip
CN116881929B (en) * 2023-09-06 2024-01-19 苏州浪潮智能科技有限公司 Safety protection method and device, electronic equipment and substrate controller chip

Similar Documents

Publication Publication Date Title
CN107403098A (en) The active safety means of defence and credible industrial control computer of credible industrial control computer startup stage
CN104160403B (en) Use single credible platform module measuring table part
CN108399329B (en) Method for improving security of trusted application program
US20190253417A1 (en) Hardware device and authenticating method thereof
CN102063591B (en) Methods for updating PCR (Platform Configuration Register) reference values based on trusted platform
EP3401825B1 (en) Trustworthiness measuring method and device for cloud computing platform
EP3236376A1 (en) Secure battery authentication
CN105718806A (en) Method for achieving trusted active measurement based on domestic BMC and TPM2.0
CN102833745B (en) Method, communication equipment and communication system that a kind of software security is upgraded
CN104715183A (en) Trusted verifying method and equipment used in running process of virtual machine
CN110875819B (en) Password operation processing method, device and system
CN104794394B (en) A kind of virtual machine starts the method and device of verification
CN110851188B (en) Domestic PLC (programmable logic controller) trusted chain implementation device and method based on binary architecture
US20220224546A1 (en) Software integrity protection method and apparatus, and software integrity verification method and apparatus
CN102761419A (en) Electronic signature tool and authentication system and authentication method using tool
CN107480535A (en) The reliable hardware layer design method and device of a kind of two-way server
CN110175478A (en) A kind of mainboard powering method, system and programming device
CN111125707A (en) BMC (baseboard management controller) safe starting method, system and equipment based on trusted password module
CN103984901B (en) A kind of trusted computer system and its application process
CN111147259A (en) Authentication method and device
CN112653559B (en) Electric control unit starting method and device and storage medium
CN101582765A (en) User bound portable trusted mobile device
CN117032831A (en) Trusted DCS upper computer system, starting method thereof and software starting method thereof
CN109697351B (en) Trusted measurement system and method
CN111723379B (en) Trusted protection method, system, equipment and storage medium for trusted platform area intelligent terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
AD01 Patent right deemed abandoned
AD01 Patent right deemed abandoned

Effective date of abandoning: 20201113