CN107888599A - Intercommunication system and method between a kind of avionics height secure network domain - Google Patents

Intercommunication system and method between a kind of avionics height secure network domain Download PDF

Info

Publication number
CN107888599A
CN107888599A CN201711147073.3A CN201711147073A CN107888599A CN 107888599 A CN107888599 A CN 107888599A CN 201711147073 A CN201711147073 A CN 201711147073A CN 107888599 A CN107888599 A CN 107888599A
Authority
CN
China
Prior art keywords
avionics
network
module
message
communication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201711147073.3A
Other languages
Chinese (zh)
Other versions
CN107888599B (en
Inventor
张双
孔德岐
郑涛
李雪源
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xian Aeronautics Computing Technique Research Institute of AVIC
Original Assignee
Xian Aeronautics Computing Technique Research Institute of AVIC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xian Aeronautics Computing Technique Research Institute of AVIC filed Critical Xian Aeronautics Computing Technique Research Institute of AVIC
Priority to CN201711147073.3A priority Critical patent/CN107888599B/en
Publication of CN107888599A publication Critical patent/CN107888599A/en
Application granted granted Critical
Publication of CN107888599B publication Critical patent/CN107888599B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/069Management of faults, events, alarms or notifications using logs of notifications; Post-processing of notifications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

In order to solve the problems, such as the two-way communication in avionics system between height secure network domain, the invention provides the intercommunication system between a kind of avionics height secure network domain and method, in the module that the deployment of security domain boundaries control device system application layer communicates with lower security classes of applications, the module with high safety grade application communication is disposed in system core layer, realizes the physical isolation of inside modules height safe class communication control module;Control module is sent using avionics network, avionics network sending module realizes lower security network domains to the data transfer of high safety network domains;High safety network domains are realized to the data transfer of lower security network domains using avionics network receiving module, physical isolation is realized between two kinds of data communication flows;Two-way communication and its security isolation with flowing to protection problem, realize seating plane and safeguard that airborne information system integrated with information service communicates with the internetwork data double-way of avionics between high safety network domains and lower security network domains effectively under solution airborne circumstance.

Description

Intercommunication system and method between a kind of avionics height secure network domain
Technical field
The invention belongs to communication technical field, is related to the intercommunication system between a kind of avionics height secure network domain and side Method.
Background technology
In aviation field, the high safety run in avionics system provides guarantor using for the normal operation of whole aircraft Barrier.In traditional aircraft system framework, avionics data are transmitted by dedicated bus in the airborne circumstance of closing, therefore It will not be threatened by external information security, so as to ensure that the security of avionics data.As information technology is in civil aviation electricity Extensive application in subsystem, in order to aircraft utilization person (such as aircraft operator, pilot, attendant) provide it is more, More convenient service, onboard networks service system introducing relatively low safe class platform composition, being built by ethernet network, Lower security classes of applications is resident and run in onboard networks service system.
Civil airplane avionics system network domains are divided into high safety network domains and lower security network domains, high safety It is resident in network domains and higher ranked application (safe class A~C levels) safe for operation, resident in lower security network domains and fortune The relatively low application of row safe class (safe class D~E levels).In order to realize service function demand, high safety grade is applied and low The substantial amounts of data of real-time exchange are needed between safe class application.Therefore, high safety network domains will be faced from lower security network The network information security in domain is threatened, and then its security is impacted, and security implication is brought for airplane operation.
The content of the invention
In order to solve the problems, such as the two-way communication in avionics system between height secure network domain, the invention provides a kind of avionics Intercommunication system and method between height secure network domain, by the physical isolation and data communication flow of communication control module it Between isolation, the information security of high safety network when ensure that two-way communication.
The technical scheme is that:
A kind of intercommunication system between avionics height secure network domain, it is characterized in that:Positioned at airborne information system In the security domain boundaries control device of system, the intercommunication system includes
Information network communication agent module 101, positioned at the system application layer of security domain boundaries control device, believe for realizing The lower security classes of applications communication agent function in network is ceased, it is regular right according to being read from information network Control on Communication table 102 The message of security domain boundaries control device of coming in and going out implements to check and control, will check that the message that passes through is sent out by one-way communication pipeline Control module 103 is sent to avionics network;
Avionics network sends control module 103, positioned at the system core layer of security domain boundaries control device, according to from avionics The inspection rule read in control table 104 is sent, realizes that avionics network sends inspection and control, will check that the message passed through is issued Avionics network sending module 105;
Avionics network sending module 105, positioned at the system core layer of security domain boundaries control device, for realizing avionics net Network message sending function;
Avionics network receiving module 107, positioned at the system core layer of security domain boundaries control device, for realizing avionics net Network message sink function, the internet message received is sent to information network communication agent module by one-way communication pipeline 101;
Operation monitoring and logger module 109, positioned at the system core layer of security domain boundaries control device, for monitoring Information network communication agent module 101, avionics network send control module 103, avionics network sending module 105, avionics network The running status of receiving module 107, the integrality that monitoring information network service control table 102 and avionics send control table 104 are It is no destroyed, while record and preserve monitoring daily record.
Further, avionics network sending module 105, according to the send configuration in avionics send configuration table 106, encapsulation boat Electric network communication frame, the driving of avionics network end node is called to carry out message transmission;Avionics network receiving module 107, according to avionics The reception configuration in allocation list 108 is received, calls the driving of avionics network end node to receive avionics network service frame, parses communication frame Afterwards, internet message is sent to information network communication agent module 101.
Further, operation monitoring is additionally operable to monitoring avionics send configuration table 106 with logger module 109, avionics connects Whether the integrality for receiving allocation list 108 is destroyed, while records and preserve monitoring daily record.
Invention also provides the two-way communication between a kind of avionics height secure network domain, comprise the following steps,
Step 1:Lower security network domains flow to high safety network domains transmission data;
Step 1.1:Information network communication agent module 101 checks according to the rule in information network Control on Communication table 102 The credibility for the data-message that outside lower security classes of applications is sent, if the message is credible, data message is passed through unidirectional Communication pipe is sent to avionics network and sends control module 103, is otherwise transferred to step 1.4;
Step 1.2:Avionics network sends the rule that control module 103 sends control table 104 according to avionics, checks the number Rule whether are closed according to message, if the message closes rule, data-message is sent to avionics network by one-way communication pipeline and sent Module 105, is otherwise transferred to step 1.4;
Step 1.3:Avionics network sending module 105 according to avionics send configuration table 106, by the data-message received according to Avionics internet message form encapsulates, and is sent to high safety grade application via avionics network, goes to step 1.5;
Step 1.4:Abandon message, notice operation monitoring and the log of logger module 109;
Step 1.5:Terminate this transmitting procedure;
Step 2:High safety network domains transmit data to lower security network domains;
Step 2.1:High safety grade is applied and sends avionics communication frame to avionics network receiving module by avionics network 107;
Step 2.2:After avionics network receiving module 107 receives avionics communication frame, communication frame is unpacked, inside getting frame Data-message, the compliance of the inspection of allocation list 108 message is received according to avionics;If message closes rule, pass through one-way communication Pipeline sends data-message to information network communication agent module 101, is transferred to step 2.3;Otherwise it is transferred to step 2.4;
Step 2.3:After information network communication agent module 101 receives data-message, according to information network Control on Communication table Interior 101 rule, data-message is sent to lower security classes of applications, is transferred to step 2.5;
Step 2.4:Abandon message, notice operation monitoring and the log of logger module 109;
Step 2.5:Terminate this transmitting procedure;
Step 3:Running state monitoring process;
Operation monitoring, by the monitoring cycle is set, monitors the running status of other modules, monitoring letter with logger module 109 Cease network service control table 102, avionics sends control table 104, avionics send configuration table 106 and avionics and receives allocation list 108 Integrality, and record and preserve monitoring daily record;
1~step 3 of above-mentioned steps is carried out parallel.
Further, above-mentioned steps 3) be specially:
Step 3.1, startup optimization monitoring and logger module 109;
Step 3.2, operation monitoring checks whether monitoring cycle time reaches with logger module 109, if reaching Into step 3.3, otherwise continue waiting for;
Step 3.3, operation monitoring calculates information network Control on Communication table with logger module 109 using hashing algorithm 102 check code, then compared with pre-recorded check code;
Step 3.4, if the numerical value of two check codes is identical, step 3.5 is transferred to, is otherwise transferred to step 3.14;
Step 3.5, operation monitoring calculates avionics using hashing algorithm with logger module 109 and sends control table 104 Check code, then compared with pre-recorded check code;
Step 3.6, if the numerical value of two check codes is identical, step 3.7 is transferred to, is otherwise transferred to step 3.14;
Step 3.7, operation monitoring calculates avionics send configuration table 106 with logger module 109 using hashing algorithm Check code, then compared with pre-recorded check code;
Step 3.8, step 3.9 is transferred to if the numerical value of two check codes is identical, is otherwise transferred to step 3.14;
Step 3.9, operation monitoring calculates avionics using hashing algorithm with logger module 109 and receives allocation list 108 Check code, then compared with pre-recorded check code;
Step 3.10, step 3.11 is transferred to if the numerical value of two check codes is identical, is otherwise transferred to step 3.14;
Step 3.11, operation monitoring checks information network communication agent module 101, avionics net with logger module 109 Network sends control module 103, avionics network sending module 105, the running status of avionics network receiving module 107;
Step 3.12, if the running status of all modules is normal, step 3.13 is transferred to, if any module is run State is abnormal, is transferred to step 3.14;
Step 3.13, this monitoring activity log is recorded, is transferred to step 3.2;
Step 3.14, fault log is recorded, termination message Common Communication Proxy module 101, avionics network send control mould The operation of block 103, avionics network sending module 105 and avionics network receiving module 107.
Further, the hashing algorithm in above-mentioned steps 3.3, step 3.5, step 3.7 and step 3.9 uses SHA (Secure Hash Algorithm, Secure Hash Algorithm), to ensure the integrality of information data, strengthen anti-attack ability.
Advantages of the present invention:
1) it is divided into system core layer and system application layer inside security domain boundaries control device of the present invention, in system application layer The module to be communicated with lower security classes of applications is disposed, the module with high safety grade application communication is disposed in system core layer, from And realize the physical isolation of inside modules height safe class communication control module;Control module, boat are sent using avionics network Electric network sending module realizes lower security network domains to the data transfer of high safety network domains;It is real using avionics network receiving module Show data transfer of the high safety network domains to lower security network domains, physical isolation is realized between two kinds of data communication flows;Effectively Two-way communication and its security isolation are asked with flowing to protection between high safety network domains and lower security network domains under solution airborne circumstance Topic, realize seating plane and safeguard that airborne information system integrated with information service communicates with the internetwork data double-way of avionics.
2) present invention is using information network Control on Communication table, avionics send control table, avionics send configuration table is respectively cooperating with Information network communication agent module, avionics network send control module, avionics network sending module, realize 3 grades from low to high The traffic flow security control of safe class;Allocation list is received using avionics, information network Control on Communication table is respectively cooperating with avionics net Network receiving module, information network communication agent module, realize 2 grades from high to low safe class traffic flow security control;By The as little as traffic flow security control of high safety grade and the parallel operation of traffic flow security control of safe class from high to low, not only Graduate communication security control is realized, has also taken into account operational efficiency.
3) present invention periodically checks information network Control on Communication table, boat in real time using operation monitoring and logger module Electricity sends control table, avionics send configuration table, the integrality of avionics reception allocation list, can find the peace of crucial service data in time Full feature, enhance the safe for operation of system.
Brief description of the drawings
Fig. 1 is the overall architecture of intercommunication system of the present invention.
Fig. 2 is the data flow model that lower security network domains of the present invention flow to high safety network domains.
Fig. 3 is the data flow model that high safety network domains of the present invention flow to lower security network domains.
Fig. 4 is data transmission procedure of the lower security network domains of the present invention to high safety network domains.
Fig. 5 is data transmission procedure of the high safety network domains of the present invention to lower security network domains.
Fig. 6 is running state monitoring process of the present invention.
Embodiment
The present invention is elaborated below in conjunction with accompanying drawing.
First, system architecture forms
The framework of intercommunication system of the present invention is formed as shown in figure 1, each functional module is arranged on security domain boundaries control In device, including:
(1) information network communication agent module 101:The module is located at the system application layer of security domain boundaries control device, The lower security classes of applications communication agent function in information network is completed, rule is read from information network Control on Communication table 102, it is right The message of discrepancy security domain boundaries control device implements to check and control;When sending, it will check that the message passed through issues avionics Network sends control module 103;When receiving, the message from avionics network receiving module 107 is received.
(2) information network Control on Communication table 102:, should in system positioned at the system application layer of security domain boundaries control device With memory block is distributed in layer internal memory, information network Control on Communication rule is preserved, the rule is by information network communication agent module 101 Read;Information network Control on Communication table 102 is established in communication system initialization, is forbidden writing in the course of work or is changed, with Security during enhancing operation.
(3) avionics network sends control module 103:The module is located at the system core layer of security domain boundaries control device, Complete avionics network and send to check and control, check that rule is sent in control table 104 from avionics and reads, check the message that passes through by Avionics network sends control module 103 and issues avionics network sending module 105.
(4) avionics sends control table 104:Positioned at the system core layer of security domain boundaries control device, in system core layer Memory block is distributed in internal memory, avionics network is preserved and sends control rule, the rule sends control module 103 by avionics network and read Take;Avionics sends control table 104 and established in communication system initialization, forbids writing in the course of work or changes.
(5) avionics network sending module 105:The module is located at the system core layer of security domain boundaries control device, completes Avionics internet message sending function;Send configuration of the module in avionics send configuration table 106, encapsulate avionics network service Frame, the driving of avionics network end node is called to carry out message transmission.
(6) avionics send configuration table 106:Positioned at the system core layer of security domain boundaries control device, in system core layer Memory block is distributed in internal memory, preserves avionics network send configuration information, the send configuration information is by avionics network sending module 105 Read;Avionics send configuration table 106 is established in communication system initialization, is forbidden writing in the course of work or is changed.
(7) avionics network receiving module 107:The module is located at the system core layer of security domain boundaries control device, completes Avionics network service frame receive capabilities;Reception configuration of the module in avionics network receiving module 107, calls avionics network End node driving receives avionics network service frame, after parsing communication frame, sends a message to information network communication agent module 101.
(8) avionics receives allocation list 108:Positioned at the system core layer of security domain boundaries control device, in system core layer Memory block is distributed in internal memory, avionics network is preserved and receives configuration information, the reception configuration information is by avionics network receiving module 107 Read;Avionics receives allocation list 108 and established in communication system initialization, forbids writing in the course of work or changes.
(9) operation monitoring and logger module 109:The module is located at the system core of security domain boundaries control device Layer, in the course of the work, monitoring information Common Communication Proxy module 101, avionics network send control module 103, boat to the module The running status of electric network sending module 105, avionics network receiving module 107, monitoring information network service control table 102, boat Whether electricity transmission control table 104, avionics send configuration table 106, the integrality of avionics reception allocation list 108 are destroyed, and remember simultaneously Record and preserve monitoring daily record.
Above-mentioned each module can use existing unit to realize.
2nd, data flow model
The present invention realizes the separation control of communication flow direction, data flow model such as Fig. 2 and figure by isolating to data stream Shown in 3.
(1) referring to Fig. 2, the data flow model that lower security network domains flow to high safety network domains is as follows:
Step 1:Lower security classes of applications positioned at lower security network domains sends data to information network communication agent module Message, after information network communication agent module receives data-message, according to the rule read from information network Control on Communication table Then, check whether data-message is credible, and response message is sent to lower security classes of applications.
Step 2:Data-message is issued avionics network via one-way communication pipeline and sent by information network communication agent module Control module.
Step 3:After avionics network transmission control module receives data-message, send what is read in control table according to from avionics Rule is checked, checks the compliance of data-message, rule data-message will be closed and issue the transmission of avionics network via one-way communication pipeline Module.
Step 4:After avionics network sending module receives data-message, according to the transmission read from avionics send configuration table Configuration information, data-message is packaged into avionics network service frame, is sent to by the corresponding avionics network port positioned at Gao An The high safety grade application in whole network domain.
(2) referring to Fig. 3, the data flow model that high safety network domains flow to lower security network domains is as follows:
Step 1:Applied positioned at the high safety grade of high safety network domains and communication frame is sent to security domain by avionics network Boundary Control device, received by avionics network receiving module according to the reception configuration information read in allocation list is received from avionics;
Step 2:After avionics network receiving module unpacks avionics network service frame, sent by one-way communication pipeline to letter Cease Common Communication Proxy module;
Step 3:After information network communication agent mould receives avionics data, read according to from information network Control on Communication table Control rule, avionics data are sent to the lower security classes of applications positioned at lower security network domains.
3rd, running
The present invention is divided into the step of 3 part parallels operation, respectively data of the lower security network domains to high safety network domains Transmitting procedure, data transmission procedure from high safety network domains to lower security network domains and operation monitoring process.
(1) data transmission procedure from lower security network domains to high safety network domains, referring to Fig. 4:
Step 1, lower security classes of applications sends data-message to information network communication agent module by information network;
Step 2, information network communication agent module checks data-message according to the rule in information network Control on Communication table Credibility;
Step 3, if the message is credible, step 4 is transferred to, is otherwise transferred to step 9;
Step 4, data message is sent to avionics network by one-way communication pipeline and sent out by information network communication agent module Send control module;
Step 5, after avionics network transmission control module receives data-message, the rule that control table is sent according to avionics checks The compliance of message;
Step 6, if the message closes rule, step 7 is transferred to, is otherwise transferred to step 9;
Step 7, avionics network sends control module and sends data message to avionics network hair by one-way communication pipeline Send module;
Step 8, send configuration information of the avionics network sending module in avionics send configuration table, the data that will be received Message encapsulates according to avionics internet message form, is sent to high safety grade application via avionics network, goes to step 10;
Step 9, message, notice operation monitoring and logger module log are abandoned;
Step 10, this transmitting procedure is terminated.
(2) data transmission procedure from high safety network domains to lower security network domains, referring to Fig. 5:
Step 1, high safety grade is applied and sends avionics communication frame to avionics network receiving module by avionics network;
Step 2, after avionics network receiving module receives avionics communication frame, the data that communication frame is unpacked inside getting frame are disappeared Breath, the reception configuration information in allocation list is received according to avionics, checks the compliance of the data-message;
Step 3, if message closes rule, step 4 is transferred to, is otherwise transferred to step 6;
Step 4, avionics network receiving module sends data-message to information network communication agent by one-way communication pipeline Module;
Step 5, after information network communication agent module receives data-message, according to the control in information network Control on Communication table System rule, data-message is sent to lower security classes of applications;
Step 6, message, notice operation monitoring and logger module log are abandoned;
Step 7, this transmitting procedure is terminated.
(3) running state monitoring process, referring to Fig. 6:
Step 1, startup optimization monitoring and logger module;
Step 2, whether operation monitoring is reached with logger module inspection monitoring cycle time, and step is entered if reaching Rapid 3, otherwise continue waiting for;
Step 3, operation monitoring calculates information network with logger module using hashing algorithm (SHA or MD5 can be selected) The check code of Control on Communication table, then compared with pre-recorded check code;
Step 4, if two check code numerical value are identical, step 5 is transferred to, is otherwise transferred to step 14;
Step 5, operation monitoring calculates avionics using hashing algorithm (SHA or MD5 can be selected) with logger module and sent The check code of control table, then compared with pre-recorded check code;
Step 6, if two check code numerical value are identical, step 7 is transferred to, is otherwise transferred to step 14;
Step 7, operation monitoring calculates avionics using hashing algorithm (SHA or MD5 can be selected) with logger module and sent The check code of allocation list, then compared with pre-recorded check code;
Step 8, if two check code numerical value are identical, step 9 is transferred to, is otherwise transferred to step 14;
Step 9, operation monitoring calculates avionics using hashing algorithm (SHA or MD5 can be selected) with logger module and received The check code of allocation list, then compared with pre-recorded check code;
Step 10, if two check code numerical value are identical, step 11 is transferred to, is otherwise transferred to step 14;
Step 11, operation monitoring checks that information network communication agent module, avionics network are sent with logger module and controlled Molding block, avionics network sending module, the running status of avionics network receiving module;
Step 12, if the running status of all modules is normal, step 13 is transferred to, if any module running status It is abnormal, then it is transferred to step 14;
Step 13, this monitoring activity log is recorded, is transferred to step 2;
Step 14, fault log is recorded, termination message Common Communication Proxy module, avionics network send control module, boat The operation of electric network sending module, avionics network receiving module.

Claims (6)

1. the intercommunication system between a kind of avionics height secure network domain, it is characterised in that positioned at the peace of airborne information system In gamut boundary control device, the intercommunication system includes:
Information network communication agent module (101), positioned at the system application layer of security domain boundaries control device, for realizing information Lower security classes of applications communication agent function in network is regular right according to being read from information network Control on Communication table (102) The message of security domain boundaries control device of coming in and going out implements to check and control, will check that the message that passes through is sent out by one-way communication pipeline Control module (103) is sent to avionics network;
Avionics network sends control module (103), positioned at the system core layer of security domain boundaries control device, is sent out according to from avionics The inspection rule read in control table (104) is sent, realizes that avionics network sends inspection and control, will check that the message passed through is issued Avionics network sending module (105);
Avionics network sending module (105), positioned at the system core layer of security domain boundaries control device, for realizing avionics network Message sending function;
Avionics network receiving module (107), positioned at the system core layer of security domain boundaries control device, for realizing avionics network Message sink function, the internet message received is sent to information network communication agent module by one-way communication pipeline (101);
Operation monitoring and logger module (109), positioned at the system core layer of security domain boundaries control device, believe for monitoring Cease Common Communication Proxy module (101), avionics network sends control module (103), avionics network sending module (105), avionics The running status of network receiving module (107), monitoring information network service control table (102) and avionics send control table (104) Integrality whether be destroyed, while record and preserve monitoring daily record.
2. the intercommunication system between avionics height secure network domain according to claim 1, it is characterised in that:
Avionics network sending module (105), according to the send configuration in avionics send configuration table (106), encapsulation avionics network leads to Believe frame, call the driving of avionics network end node to carry out message transmission;
Avionics network receiving module (107), the reception received according to avionics in allocation list (108) configure, and call avionics network-side Node driving receives avionics network service frame, after parsing communication frame, sends internet message to information network communication agent module (101)。
3. the intercommunication system between avionics height secure network domain according to claim 2, it is characterised in that:
Operation monitoring is additionally operable to monitor avionics send configuration table (106), avionics reception allocation list with logger module (109) (108) whether integrality is destroyed, while records and preserve monitoring daily record.
4. the two-way communication between avionics height secure network domain, it is characterised in that comprise the following steps,
Step 1:Lower security network domains flow to high safety network domains transmission data;
Step 1.1:Information network communication agent module (101) checks according to the rule in information network Control on Communication table (102) The credibility for the data-message that outside lower security classes of applications is sent, if the message is credible, data message is passed through unidirectional Communication pipe is sent to avionics network and sends control module (103), is otherwise transferred to step 1.4;
Step 1.2:Avionics network sends the rule that control module (103) sends control table (104) according to avionics, checks the number Rule whether are closed according to message, if the message closes rule, data-message is sent to avionics network by one-way communication pipeline and sent Module (105), is otherwise transferred to step 1.4;
Step 1.3:Avionics network sending module (105) according to avionics send configuration table (106), by the data-message received according to Avionics internet message form encapsulates, and is sent to high safety grade application via avionics network, goes to step 1.5;
Step 1.4:Abandon message, notice operation monitoring and logger module (109) log;
Step 1.5:Terminate this transmitting procedure;
Step 2:High safety network domains transmit data to lower security network domains;
Step 2.1:High safety grade is applied and sends avionics communication frame to avionics network receiving module by avionics network (107);
Step 2.2:After avionics network receiving module (107) receives avionics communication frame, communication frame is unpacked, the number inside getting frame According to message, the compliance that allocation list (108) checks the message is received according to avionics;If message closes rule, pass through one-way communication Pipeline sends data-message to information network communication agent module (101), is transferred to step 2.3;Otherwise it is transferred to step 2.4;
Step 2.3:After information network communication agent module (101) receives data-message, according in information network Control on Communication table (102) rule, data-message is sent to lower security classes of applications, is transferred to step 2.5;
Step 2.4:Abandon message, notice operation monitoring and logger module (109) log;
Step 2.5:Terminate this transmitting procedure;
Step 3:Running state monitoring process;
Operation monitoring by the monitoring cycle is set, monitors the running status of other modules, monitoring information with logger module (109) Network service control table (102), avionics send control table (104), avionics send configuration table (106) and avionics and receive allocation list (108) integrality, and record and preserve monitoring daily record;
1~step 3 of above-mentioned steps is carried out parallel.
5. the two-way communication between avionics height secure network domain according to claim 4, it is characterised in that the step It is rapid 3) to be specially:
Step 3.1, startup optimization monitoring and logger module (109);
Step 3.2, operation monitoring checks whether monitoring cycle time reaches with logger module (109), enters if reaching Enter step 3.3, otherwise continue waiting for;
Step 3.3, operation monitoring calculates information network Control on Communication table with logger module (109) using hashing algorithm (102) check code, then compared with pre-recorded check code;
Step 3.4, if the numerical value of two check codes is identical, step 3.5 is transferred to, is otherwise transferred to step 3.14;
Step 3.5, operation monitoring calculates avionics using hashing algorithm with logger module (109) and sends control table (104) Check code, then compared with pre-recorded check code;
Step 3.6, if the numerical value of two check codes is identical, step 3.7 is transferred to, is otherwise transferred to step 3.14;
Step 3.7, operation monitoring calculates avionics send configuration table (106) with logger module (109) using hashing algorithm Check code, then compared with pre-recorded check code;
Step 3.8, step 3.9 is transferred to if the numerical value of two check codes is identical, is otherwise transferred to step 3.14;
Step 3.9, operation monitoring calculates avionics using hashing algorithm with logger module (109) and receives allocation list (108) Check code, then compared with pre-recorded check code;
Step 3.10, step 3.11 is transferred to if the numerical value of two check codes is identical, is otherwise transferred to step 3.14;
Step 3.11, operation monitoring checks information network communication agent module (101), avionics net with logger module (109) Network sends control module (103), avionics network sending module (105), the running status of avionics network receiving module (107);
Step 3.12, if the running status of all modules is normal, step 3.13 is transferred to, if any module running status It is abnormal, it is transferred to step 3.14;
Step 3.13, this monitoring activity log is recorded, is transferred to step 3.2;
Step 3.14, fault log is recorded, termination message Common Communication Proxy module (101), avionics network send control module (103), the operation of avionics network sending module (105) and avionics network receiving module (107).
6. the two-way communication between avionics height secure network domain according to claim 5, it is characterised in that:The step Hashing algorithm in rapid 3.3, step 3.5, step 3.7 and step 3.9 uses SHA.
CN201711147073.3A 2017-11-17 2017-11-17 Two-way communication system and method between high-low security network domains of avionics Active CN107888599B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711147073.3A CN107888599B (en) 2017-11-17 2017-11-17 Two-way communication system and method between high-low security network domains of avionics

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711147073.3A CN107888599B (en) 2017-11-17 2017-11-17 Two-way communication system and method between high-low security network domains of avionics

Publications (2)

Publication Number Publication Date
CN107888599A true CN107888599A (en) 2018-04-06
CN107888599B CN107888599B (en) 2020-10-27

Family

ID=61777247

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711147073.3A Active CN107888599B (en) 2017-11-17 2017-11-17 Two-way communication system and method between high-low security network domains of avionics

Country Status (1)

Country Link
CN (1) CN107888599B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109714366A (en) * 2019-02-19 2019-05-03 中国航空工业集团公司西安航空计算技术研究所 Intercommunication system and method between avionics network domains and information network domain
CN109819012A (en) * 2018-12-07 2019-05-28 中国航空工业集团公司西安航空计算技术研究所 A kind of airborne information management system based on network information processing platform
CN109831438A (en) * 2019-02-19 2019-05-31 中国航空工业集团公司西安航空计算技术研究所 Intercommunication system and method between avionics network domains based on virtualization and information network domain
CN111585982A (en) * 2020-04-24 2020-08-25 云南电网有限责任公司信息中心 Restful information exchange system and method for different-level secure networks
CN113347022A (en) * 2021-05-13 2021-09-03 中国航空工业集团公司西安航空计算技术研究所 Civil aircraft airborne information system network security capability detection system and method
CN113395260A (en) * 2021-05-13 2021-09-14 中国航空工业集团公司西安航空计算技术研究所 Network security verification system and method for civil aircraft airborne information system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101662359A (en) * 2009-08-17 2010-03-03 珠海市鸿瑞信息技术有限公司 Security protection method of communication data of special electricity public network
CN103685273A (en) * 2013-12-14 2014-03-26 中国航空工业集团公司第六三一研究所 Method for controlling multi-stage access to avionic data by civil onboard network service system
CN105553965A (en) * 2015-12-10 2016-05-04 中国航空工业集团公司西安航空计算技术研究所 Airborne information safety critical data integrity protection system and method
CN106998333A (en) * 2017-05-24 2017-08-01 山东省计算中心(国家超级计算济南中心) A kind of bilateral network security isolation system and method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101662359A (en) * 2009-08-17 2010-03-03 珠海市鸿瑞信息技术有限公司 Security protection method of communication data of special electricity public network
CN101662359B (en) * 2009-08-17 2011-11-30 中国南方电网有限责任公司 Security protection method of communication data of special electricity public network
CN103685273A (en) * 2013-12-14 2014-03-26 中国航空工业集团公司第六三一研究所 Method for controlling multi-stage access to avionic data by civil onboard network service system
CN105553965A (en) * 2015-12-10 2016-05-04 中国航空工业集团公司西安航空计算技术研究所 Airborne information safety critical data integrity protection system and method
CN106998333A (en) * 2017-05-24 2017-08-01 山东省计算中心(国家超级计算济南中心) A kind of bilateral network security isolation system and method

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
向广利等: "《软件保护新技术》", 30 September 2012 *
陈达: "单向安全隔离与信息交换机制的研究与实现", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109819012A (en) * 2018-12-07 2019-05-28 中国航空工业集团公司西安航空计算技术研究所 A kind of airborne information management system based on network information processing platform
CN109819012B (en) * 2018-12-07 2021-08-31 中国航空工业集团公司西安航空计算技术研究所 Airborne information management system based on networked information processing platform
CN109714366A (en) * 2019-02-19 2019-05-03 中国航空工业集团公司西安航空计算技术研究所 Intercommunication system and method between avionics network domains and information network domain
CN109831438A (en) * 2019-02-19 2019-05-31 中国航空工业集团公司西安航空计算技术研究所 Intercommunication system and method between avionics network domains based on virtualization and information network domain
CN109714366B (en) * 2019-02-19 2021-06-04 中国航空工业集团公司西安航空计算技术研究所 Bidirectional communication system and method between avionic network domain and information network domain
CN109831438B (en) * 2019-02-19 2022-03-11 中国航空工业集团公司西安航空计算技术研究所 Two-way communication system and method between avionic network domain and information network domain based on virtualization
CN111585982A (en) * 2020-04-24 2020-08-25 云南电网有限责任公司信息中心 Restful information exchange system and method for different-level secure networks
CN111585982B (en) * 2020-04-24 2022-12-06 云南电网有限责任公司信息中心 Restful information exchange system and method for different-level security networks
CN113347022A (en) * 2021-05-13 2021-09-03 中国航空工业集团公司西安航空计算技术研究所 Civil aircraft airborne information system network security capability detection system and method
CN113395260A (en) * 2021-05-13 2021-09-14 中国航空工业集团公司西安航空计算技术研究所 Network security verification system and method for civil aircraft airborne information system
CN113395260B (en) * 2021-05-13 2023-03-31 中国航空工业集团公司西安航空计算技术研究所 Network security verification system and method for civil aircraft airborne information system

Also Published As

Publication number Publication date
CN107888599B (en) 2020-10-27

Similar Documents

Publication Publication Date Title
CN107888599A (en) Intercommunication system and method between a kind of avionics height secure network domain
RU2653261C1 (en) Architecture of broadband communication network, unified train management network and train service network, and method of communication with its application
CN106850188B (en) A kind of data transmission system based on multichannel isomery one-way transmission path
CN106341397A (en) Industrial safety isolation GAP
CN105991384B (en) The space flight ethernet communication method of compatible time trigger Ethernet and 1553B
CN104168164B (en) The location mode of data acquisition in AFDX network
CN104683352A (en) Industrial communication isolation gap with double-channel ferrying function
CN101160773A (en) Method and system of obtaining secure shell host key of managed device
CN107968775B (en) Data processing method and device, computer equipment and computer readable storage medium
CN107181615A (en) A kind of method and device emulated to CRH2 TCNs
CN103188308A (en) Remote diagnosis method and system
CN105515835B (en) A kind of aerospace TTE network system grade gateways with communication integrity audit function
CN106789511A (en) Train based on FPGA CAN communication switching control method and modular converter
CN107005348A (en) The method for verifying the integrality of data transfer between main upstream units and main downstream units
CN104160735A (en) Packet processing method, forwarder, packet processing device and packet processing system
CN107370771A (en) A kind of power station centralized control system and method based on internet
CN102497313B (en) Cross-platform application system of surveillance video resources and realization method thereof
CN109831438A (en) Intercommunication system and method between avionics network domains based on virtualization and information network domain
CN109889369A (en) Multi-network redundant data transmission method
CN103777579B (en) A kind of nuclear power station TG and DCS communication system and method
CN108011848A (en) Data exchange system based on railway security computer
CN106953778A (en) A kind of long-distance management system
CN109714366B (en) Bidirectional communication system and method between avionic network domain and information network domain
CN206728062U (en) Combustion engine remote online diagnostic system data transmission link device
CN106161057A (en) The gateway guard method of a kind of user side, gateway device and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant