CN110213237B - Control method for fully distributed subsystem collaborative safety control and Petri network model - Google Patents

Control method for fully distributed subsystem collaborative safety control and Petri network model Download PDF

Info

Publication number
CN110213237B
CN110213237B CN201910371368.1A CN201910371368A CN110213237B CN 110213237 B CN110213237 B CN 110213237B CN 201910371368 A CN201910371368 A CN 201910371368A CN 110213237 B CN110213237 B CN 110213237B
Authority
CN
China
Prior art keywords
snni
ith
library
bin
subnet
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910371368.1A
Other languages
Chinese (zh)
Other versions
CN110213237A (en
Inventor
张婷婷
胡核算
樊一宏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN201910371368.1A priority Critical patent/CN110213237B/en
Publication of CN110213237A publication Critical patent/CN110213237A/en
Application granted granted Critical
Publication of CN110213237B publication Critical patent/CN110213237B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention belongs to the technical field of cooperative control systems, and discloses a control method for cooperative safety control of a completely distributed subsystem and a Petri network model; decomposing the upper system into a plurality of lower systems by a decomposition technique based on index decomposition of the library; calculating the reachable state of the ith lower system and the shortest step length for reaching each reachable state; and calculating the safety of the ith lower system through a distributed safety diagnosis algorithm. The distributed diagnosis method has strong reliability, can decompose a complex Petri network model into a plurality of subnets through various network decomposition methods, obtains certain properties of the original system through the research on the subnets, can be embodied to a certain part of the original system, has reduced running time and higher speed compared with global diagnosis, and ensures that the later-stage safe maintenance of the system is more convenient.

Description

Control method for fully distributed subsystem collaborative safety control and Petri network model
Technical Field
The invention belongs to the technical field of cooperative control systems, and particularly relates to a control method and a Petri network model for cooperative safety control of a completely distributed subsystem.
Background
Today, the rapid development of internet technology has entered an era full of informatization technology, and the development of information technology has become an important strategic resource for the social development of our country, so that the competition of each country and enterprise for information is more and more intense. Security is one of the most basic features in information driven systems, such as database management, e-commerce and mobile communication networks. For these systems, any important information should not be corrupted or obtained by unauthorized users (called intruders). The concept of interference is to prevent any information leakage and to prevent intruders from getting some secret information.
Since the rise of internet technology, many researchers at home and abroad have studied information security technology from their own excellence, and most of the articles for studying information security by building a Petri net model have adopted a global diagnosis method, such as SNNI (strong non-deterministic non-interference), which is a trace-based attribute that intuitively indicates that a system is secure if contents that can be seen by a low-level part are not dependent on contents that can be done by a high-level part. In the Discrete Event System (DES), two types of users are involved, namely a high-level user and a low-level user, both of which are aware of the structure of the system, but which interact with the system in two different ways. In particular, the high-level user should be aware of the occurrence of all events involved in the system, while the low-level user is only aware of some, but not all, of them. Information leakage occurs if a low-level user (i.e., an intruder) can observe the occurrence of events in the system that are only visible to high-level users. In other words, if the high-level view and the low-level view of the system conflict, information leakage may occur. After the accuracy and review of some of these articles, a number of deficiencies were found to exist, as follows: 1. it focuses on examining the SNNI, ILPs and corresponding linear constraints of any given system, which may be astronomical numbers in their size, leading to difficult calculations. 2. Providing information about SNNI accurately and timely is inefficient. When a system is not SNNI, identifying the corresponding areas where information is leaked is time consuming and error prone if this method is used. 3. The method for global safety diagnosis has poor flexibility and fault tolerance. Whenever the system is reconfigured, all ILPs must be rebuilt. Therefore, these disadvantages make their use difficult and difficult to adopt in practical applications.
In summary, the problems of the prior art are as follows:
(1) the existing method for researching information safety by establishing a Petri network model mostly adopts a global diagnosis method after modeling the Petri network, so that the flexibility and the fault tolerance are poor, and the calculation is complex.
(2) In the existing method for researching information security by establishing a Petri network model, when the final judgment result is that the system is not secure, it is difficult to determine which part of the system is not secure at all, so that information leakage is caused, namely the system is not secure, and inconvenience is brought to later-stage system maintenance.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides a control method for fully distributed subsystem collaborative safety control and a Petri network model.
The invention is realized in such a way that a control method for the cooperative safety control of a fully distributed subsystem comprises the following steps:
a first step of decomposing an upper system into a plurality of lower systems by a decomposition technique based on index decomposition of a library;
secondly, calculating the reachable state of the ith lower system and the shortest step length for reaching each reachable state;
thirdly, calculating the safety of the ith lower system through a distributed safety diagnosis algorithm, and if the result has no feasible solution, indicating that the ith lower system is safe; and repeating the second step, otherwise, the ith lower system is unsafe, namely the original system is unsafe, and if all the lower systems are safe, the original system is safe.
Further, the control method for the fully distributed subsystem collaborative safety control comprises the following steps:
the method comprises the following steps: decomposing based on indexes of the library;
definitions 1, N ═ (P, T; F, M0) For a Petri net system, the function f is P → {1,2, …, k } satisfies:
Figure GDA0002127239340000031
so that
Figure GDA0002127239340000032
Or
Figure GDA0002127239340000033
f(p1)≠f(p2) F is the index function of the library of N, and f (p) is the index of the library p;
definitions 2, N ═ (P, T; F, M0) Is a Petri net, and the function f is a library index function with the function P → {1,2, …, k } being N, called Ni=(Pi,Ti,Fi,M0i) (i ∈ {1,2, …, k }) is a decomposition net with N based on the indexes of the library; n is a radical ofiSatisfy (I) Pi={p∈P|f(p)=i};②
Figure GDA0002127239340000034
③Fi={(Pi×Ti)∪(Ti×Pi)}∩F;④M0i=Γp→piM0;
Theorem 1, Ni=(Pi,Ti;Fi,M0i) (i ∈ {1,2, …, k }) is N ═ P, T; f, M0) Based on the decomposition web of the library index, then
Figure GDA0002127239340000035
Satisfies the following conditions:
Figure GDA0002127239340000036
and | t | < ═ 1;
step two, calculating the reachable state of the ith subnet and the shortest step length for reaching all reachable states according to the library place, the transition and the number of tokens in the ith subnet;
step three, distributed SNNI (CO-SNNI); s is < N, M0Is a complex network system, SiSubnet of S (i ∈ N)+) If for any two subnets S1,S2∈SiIf S is1,S2Is decomposed based on library indices, and S1,S2Are both SNNI, S is CO-SNNI.
Further, in the second step, the shortest step length required by the ith subnet to reach all reachable states is calculated and is represented by J.
Further, in the third step, S ═ N, M is known0Is a complex network system, SiIs a subnet of S, i ∈ N+S is CO-SNNI if and only if each subnet satisfies the following condition:
Figure GDA0002127239340000037
δiis the optimal solution of the integer linear programming problem;
Maxδi(t)
s.t.
mi0+cili>=0
δi∈Nnil
and judging whether a Petri network corresponding to an actual system is CO-SNNI or not, if so, indicating that the content seen by the low-order user is not dependent on the content seen by the high-order user, and then, the system is safe, otherwise, the system is not safe.
Another object of the present invention is to provide a control system for fully distributed sub-system cooperative safety control based on the control method for fully distributed sub-system cooperative safety control, the control system for fully distributed sub-system cooperative safety control including: one upper system and several lower systems;
the lower system is a sub-part of the upper system; the upper system triggers an event of the lower system.
Another object of the present invention is to provide a Petri network model using the control method of the fully distributed sub-system cooperative security control.
Another object of the present invention is to provide a cooperative control system using the control method for cooperative safety control of fully distributed subsystems.
Another object of the present invention is to provide an information data processing terminal using the control method for the fully distributed sub-system cooperative security control.
In particular embodiments, the following results may be obtained:
experiment of Global constraint Distributed constraint Results
FIG. 2 33 27 CO-SNNI
FIG. 9 43 7 non-CO-SNNI
FIG. 11 9306 7 non-CO-SNNI
In summary, the advantages and positive effects of the invention are: the distributed diagnosis method has strong reliability, the complex Petri network model can be decomposed into a plurality of subnets through various network decomposition methods, certain properties of the original system can be obtained through the research on the subnets, and meanwhile, a certain part of the original system can be embodied. In the implementation mode, compared with the constraint condition of global diagnosis, the constraint condition of distributed diagnosis is obviously reduced, so that the running time is reduced, the speed is high, and the later safety maintenance of the system is more convenient.
The method proposed by the invention is roughly as follows: an efficient decomposition method is adopted to divide an integral bounded PN modeling system into a plurality of subsystems. Meanwhile, the behavior and the state of the original system can be kept consistent with those of the subsystem. This is of great significance for analysis of SNNI, as in SNNI systems it requires that the overall system and underlying subnets be low-view tracking equivalents in behavior and state. Furthermore, important criteria are given, demonstrating that the SNNI of an overall system can be determined by the SNNI of its subsystems. Then, efficient conditions are presented that allow analysis of SNNI in each subsystem by solving for ILPs. And finally, determining whether the whole system is the SNNI according to the satisfaction of the SNNI of each subsystem. Furthermore, our method can return relevant information about SNNI, i.e. the corresponding region of information leakage. This is crucial to improve system security.
Significance of distributed security diagnostics:
1) the SNNI of any given network system may be checked in a distributed manner. Analyzing the global requirements of SNNI can be obtained by local analysis without the need to know global information. The method is suitable for practical application due to high calculation efficiency. This attribute is not available globally. In addition, information about SNNI locality may be returned to improve system security. 2) The SNNI analysis method enables the SNNI analysis to be applicable to any network system, and has good expandability and adaptability, and better flexibility and fault tolerance, which are not available in global diagnosis. When only a portion of the network system is reconfigured, rather than the entire network system, only the SNNI needs to be rechecked instead of checking the SNNI of the entire system.
Compared with the prior art, the method has the following advantages:
1. the collaborative SNNI focuses on negotiating and integrating all decomposed lower systems to finally obtain the security of the original upper system, compared with the global SNNI, the distributed SNNI focuses on obtaining the security of the whole system from the security of all parts of the system, when the system is not secure, the system can be calculated and analyzed to obtain which part of the system is not secure, and the global SNNI cannot obtain the result.
2. Compared with global SNNI, distributed CO-SNNI has small calculation amount and fast operation time, especially when the system is non-CO-SNNI, the distributed CO-SNNI does not need to calculate all subnets, and if and only if only one subnet is non-SNNI, the original system is not CO-SNNI, namely the original system is unsafe.
3. The global SNNI generally can only aim at some smaller upper systems, when the upper systems are more complex, the global SNNI constraint conditions are relatively more, the calculation is extremely complex, some results are even difficult to obtain, the distributed CO-SNNI can decompose a large upper system, then whether each small lower system is SNNI or not is calculated, the calculation amount of each decomposed small lower system is small, the running time is fast, and particularly when one lower system is non-SNNI, the original upper system can be directly obtained to be non-CO-NI SNs without calculating other decomposed small lower systems, the calculation amount is greatly reduced, and the calculation efficiency is higher.
Drawings
Fig. 1 is a flowchart of a control method for fully distributed sub-system cooperative safety control according to an embodiment of the present invention.
Fig. 2 is a schematic diagram of a host system N according to an embodiment of the present invention.
FIG. 3 is a diagram of a lower level system according to an embodiment of the present invention;
in the figure: (a) lower system N1(ii) a (b) Lower system N2
FIG. 4 shows a lower system N according to an embodiment of the present invention3Schematic representation.
FIG. 5 is a graph 1 illustrating the results provided by an embodiment of the present invention.
FIG. 6 is a graph 2 illustrating the results provided by an embodiment of the present invention.
FIG. 7 is a graph 3 illustrating the results provided by an embodiment of the present invention.
FIG. 8 is a graph 4 illustrating the results provided by an embodiment of the present invention.
Fig. 9 is a schematic diagram 1 of a host system N according to an embodiment of the present invention.
FIG. 10 is a schematic diagram of a library-based index decomposition 1 according to an embodiment of the present invention;
in the figure: (a) lower system N1(ii) a (b) Lower system N2(ii) a (c) Lower system N3
Fig. 11 is a schematic diagram 2 of a host system N according to an embodiment of the present invention.
FIG. 12 is a schematic diagram of a library-based index decomposition scheme 2 according to an embodiment of the present invention;
in the figure: (a) lower system N1(ii) a (b) Lower system N2(ii) a (c) Lower system N3
DETAILED DESCRIPTION OF EMBODIMENT (S) OF INVENTION
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail with reference to the following embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The invention provides a Petri network-based distributed CO-SNNI safety diagnosis method based on the existing global SNNI (strong non-determinacy non-interference: the initiation of high-level transition can not enable the initiation of any low-level transition); the invention improves the original global diagnosis method, and has the advantages of higher detection speed of system safety, shorter diagnosis time and simpler calculation.
The following detailed description of the principles of the invention is provided in connection with the accompanying drawings.
As shown in fig. 1, a control method for coordinated safety control of a fully distributed sub-system according to an embodiment of the present invention includes the following steps:
s101: decomposing the upper system into a plurality of lower systems by a decomposition technique based on index decomposition of the library;
s102: calculating the reachable state of the ith lower system and the shortest step length for reaching each reachable state;
s103: and (4) calculating the safety of the ith lower system through a distributed safety diagnosis algorithm, if the result has no feasible solution, indicating that the ith lower system is safe, and repeating the step S102, otherwise, indicating that the ith lower system is unsafe, namely the original system is unsafe, and if all the lower systems are safe, indicating that the original system is safe.
The control method for the fully distributed subsystem collaborative safety control provided by the embodiment of the invention comprises the following steps:
the lower system is a sub-part of the upper system, and the behavior of the upper system can always trigger an event of the lower system, so that the lower system can detect the behavior of the upper system, and the system is unsafe. The lower system is a subsystem extracted from the Petri network, and the fact that the upper system is possible to happen can be predicted by observing the subsystem, so that the upper system is unsafe.
The existing large-scale upper system (a Petri network model of an actual system) decomposes an original upper system into a plurality of lower systems through index decomposition based on a library, and when one lower system is unsafe, the original upper system can be directly obtained to be unsafe; when all the lower systems are safe, the original upper system can be obtained to be safe.
The application of the principles of the present invention will now be described in further detail with reference to the accompanying drawings.
The control method for the fully distributed subsystem collaborative safety control provided by the embodiment of the invention specifically comprises the following steps:
the method comprises the following steps:
1. bank-based index decomposition
Definitions 1 and N ═ P, T; F, M0) For a Petri net system, the function f is P → {1,2, …, k } satisfies:
Figure GDA0002127239340000081
so that
Figure GDA0002127239340000082
Or
Figure GDA0002127239340000083
f(p1)≠f(p2) Let f be the library index function of N, and f (p) be the index of library p.
Definitions 2N ═ (P, T; F, M)0) Is a Petri net, and the function f is a library index function with the function P → {1,2, …, k } being N, called Ni=(Pi,Ti,Fi,M0i) (i ∈ {1,2, …, k }) is a decomposition net with N based on the library index. N is a radical ofiSatisfy (I) Pi={p∈P|f(p)=i};②
Figure GDA0002127239340000084
③Fi={(Pi×Ti)∪(Ti×Pi)}∩F;④M0i=Γp→piM0。
Theorem 1 setting Ni=(Pi,Ti;Fi,M0i) (i ∈ {1,2, …, k }) is N ═ P, T; f, M0) Based on the decomposition web of the library index, then
Figure GDA0002127239340000085
Satisfies the following conditions:
Figure GDA0002127239340000086
and | t | < ═ 1.
Step two:
and calculating the reachable state of the ith subnet according to the library position and the transition in the ith subnet and the number of tokens (calculated according to a SIMIPN simulation platform in a laboratory).
The shortest step length (calculated according to the SIMIPN simulation platform of the laboratory) required by the ith subnet to reach all reachable states is calculated and is represented by J.
Step three:
definitions distributed SNNI (CO-SNNI)
Known as S ═ N, M0Is a complex network system, SiSubnet of S (i ∈ N)+) If for any two subnets S1,S2∈SiIf S is1,S2Is decomposed based on library indices, and S1,S2Are both SNNI, S is CO-SNNI.
Known as S ═ N, M0Is a complex network system, SiSubnet of S (i ∈ N)+) S is called CO-SNNI if and only if each subnet satisfies the following condition:
Figure GDA0002127239340000091
δiis the optimal solution of the integer linear programming problem;
Maxδi(t)
s.t.
mi0+cili>=0
δi∈Nnil
symbolic interpretation in the algorithm:
mi0 initial state of ith subnet
cil Incidence matrix containing low-order transition only in ith sub-network
δi Optimal solution for ith subnet integer linear programming
prei Pre-incidence matrix of ith sub-network
ci Incidence matrix of ith sub-network
When judging whether a Petri network corresponding to an actual system is CO-SNNI, if so, the system is safe, otherwise, the system is unsafe, and the content which can be seen by a low-order user does not depend on the content which can be seen by a high-order user.
The application of the principles of the present invention will now be described in further detail with reference to specific embodiments.
Example 1:
in FIGS. 3 and 4N1、N2、N3The subnet decomposed by the upper system N based on the index of the library in FIG. 2, the two methods are used respectivelyAnd calculating the safety of the upper system.
Global formula SNNI:
max=l1+l2+l3
2-2*l1>=0;
2-2*l1-2*l2>=0;
2-2*l3>=0;
l1>=0;
l1+l2>=0;
l3>=0;
@bin(l1);
@bin(l2);
@bin(l3);
calculate at the initial mark m0The maximum number of initiation of low level transitions, the results are as follows:
Figure GDA0002127239340000101
the results are carried over to yield:
2>=2*l11
0>=2*l11+2*l12
0>=2*l13+2*h12
0>=h11
0>=h12
0>=h11
0>=h14
1>=h13
2-2*l11+h11>=2*l21
-2*l11-2*l12+h12>=2*l21+2*l22
-2*l13+h11-2*h12>=2*l23+2*h22
l11-h11>=h21
1+l11+l12-h12>=h22
-h11+h12>=h21
h13-h14>=h24
1+l13-h13+h14>=h23
2-2*l11+h11-2*l21+h21>=2*l31
-2*l11-2*l12+h12-2*l21-2*l22+h22>=2*l31+2*l32
-2*l13+h11-2*h12-2*l23+h21-2*h22>=2*l33+2*h32
l11-h11+l21-h21>=h31
1+l11+l12-h12+l21+l22-h22>=h32
-h11+h12-h21+h22>=h31
h13-h14+h23-h24>=h34
1+l13-h13+h14+l23-h23+h24>=h33
2-2*l11+h11-2*l21+h21-2*l31+h31>=0;
-2*l11-2*l12+h12-2*l21-2*l22+h22-2*l31-2*l32+h32>=0;
-2*l13+h11-2*h12-2*l23+h21-2*h22-2*l33+h31-2*h32>=0;
l11-h11+l21-h21+l31-h31>=0;
1+l11+l12-h12+l21+l22-h22+l31+l32-h32>=0;
-h11+h12-h21+h22-h31+h32>=0;
h13-h14+h23-h24+h33-h34>=0;
1+l13-h13+h14+l23-h23+h24+l33-h33+h34>=0;
l11+l12+l13+l21+l22+l23+l31+l32+l33=1;
@bin(l11);
@bin(l12);
@bin(113);
@bin(h11);
@bin(h12);
@bin(h13);
@bin(h14);
@bin(l21);
@bin(l22);
@bin(l23);
@bin(h21);
@bin(h22);
@bin(h23);
@bin(h24);
@bin(l31);
@bin(l32);
@bin(l33);
@bin(h31);
@bin(h32);
@bin(h33);
@bin(h34);
the results are shown in FIG. 5: therefore, the upper system N is safe.
Distributed CO-SNNI: first lower system N1
max=l1
2-2*l1>=0;
l1>=0;
@bin(l1);
Calculate at the initial mark m0Is enabled, the first subordinate system N1The maximum number of triggers for medium to low level transitions, the results are as follows:
Variable Value Reduced Cost
L1 1.000000 -1.000000
the results are carried over to yield:
2-2*l1>=2*l11
l1>=h11
-2*l11+h11>=2*l21
1+l11-h11>=h21
-2*l11+h11-2*l21+h21>=0;
1+l11-h11+l21-h21>=0;
l11+l21=1;
@bin(l11);
@bin(h11);
@bin(l21);
@bin(h21);
the results are shown in FIG. 6; i.e. the lower system N1Is SNNI safe;
second lower system N2
max=l1+l2
2-2*l1-2*l2>=0;
l1+l2>=0;
@bin(l1);
@bin(l2);
Calculate at the initial mark m0Enabled, second subordinate system N2The maximum number of triggers for medium to low level transitions, the results are as follows:
Variable Value Reduced Cost
L1 0.000000 -1.000000
L2 1.000000 -1.000000
the results are carried over to yield:
0>=2*l11+2*l12
1>=h11
-2*l11-2*l12+h11>=2*l21+2*l22
1+l11+l12-h11>=h21
-2*l11-2*l12+h11-2*l21-2*l22+h21>=0;
1+l11+l12-h11+l21+l22-h21>=0;
l11+l12+l21+l22=1;
@bin(l11);
@bin(l12);
@bin(h11);
@bin(l21);
@bin(l22);
@bin(h21);
the results are shown in FIG. 7: so that the second lower system N2Is SNNI safe。
Third subordinate system N3
max=l1
2-2*l1>=0;
l1>=0;
@bin(l1);
Calculate at the initial mark m0Is enabled, a third lower system N3The maximum number of triggers for medium to low level transitions, the results are as follows:
Variable Value Reduced Cost
L1 1.000000 -1.000000
the results are carried over to yield:
0>=2*l11+2*h11
0>=h12
0>=h14
1>=h13
-2*l11-2*h11+h12>=2*l21+2*h21
h11-h12>=h22
h13-h14>=h24
1+>11-h13+h14>=h23
-2*l11-2*h11+h12-2*l21-2*h21+h22>=0;
h11-h12+h21-h22>=0;
h13-h14+h23-h24>=0;
1+l11-h13+h14+l21-h23+h24>=0;
l11+l21=1;
@bin(l11);
@bin(h11);
@bin(h12);
@bin(h13);
@bin(h14);
@bin(l21);
@bin(h21);
@bin(h22);
@bin(h23);
@bin(h24);
the results are shown in FIG. 8: so that the third lower system N3Is SNNI safe. In summary, it can be seen that the original upper system N is CO-SNNI secure, and it is obvious that some parts of the system can be embodied by using the distributed algorithm, and the constraint conditions become less, the running time is shortened, and the method is simple and clear compared with the global algorithm.
Example 2:
in FIG. 10N1、N2、N3The upper system N in fig. 9 calculates the security of the upper system by using two methods based on the subnet decomposed by the library index.
Global formula SNNI:
max=l1+l2
1-l1>=0;
1+l1-l2>=0;
1+l2>=0;
l1>=0;
-l1+l2>=0;
-l2>=0;
@bin(l1);
@bin(l2);
calculate at the initial mark m0The maximum number of initiation of low level transitions, the results are as follows:
Variable Value Reduced Cost
L1 0.000000 -1.000000
L2 0.000000 -1.000000
the results are carried over to yield:
1>=l11
1>=l12
1>=h12
0>=h11
0>=l11
0>=l12
1-l11+h11>=l21
1+l11-l12>=l22
1+l12-h12>=h22
l11-h11>=h21
-l11+l12>=l21
-l12+h12>=l22
1-l11+h11-l21+h21>=l31
1+l11-l12+l21-l22>=l32
1+l12-h12+l22-h22>=h32
l11-h11+l21-h21>=h31
-l11+l12-l21+l22>=l31
-l12+h12-l22+h22>=l32
1-l11+h11-l21+h21-l31+h31>=l41
1+l11-l12+l21-l22+l31-l32>=l42
1+l12-h12+l22-h22+l32-h32>=h42
l11-h11+l21-h21+l31-h31>=h41
-l11+l12-l21+l22-l31+l32>=l41
-l12+h12-l22+h22-l32+h32>=l42
1-l11+h11-l21+h21-l31+h31-l41+h41>=l51
1+l11-l12+l21-l22+l31-l32+l41-l42>=l52
1+l12-h12+l22-h22+l32-h32+l42-h42>=h52;
l11-h11+l21-h21+l31-h31+l41-h41>=h51
-l11+l12-l21+l22-l31+l32-l41+l42>=l51
-l12+h12-l22+h22-l32+h32-l42+h42>=l52
1-l11+h11-l21+h21-l31+h31-l41+h41-l51+h51>=l61
1+l11-l12+l21-l22+l31-l32+l41-l42+l51-l52>=l62
1+l12-h12+l22-h22+l32-h32+l42-h42+l52-h52>=h62
l11-h11+l21-h21+l31-h31+l41-h41+l51-h51>=h61
-l11+l12-l21+l22-l31+l32-l41+l42-l51+l52>=l61
-l12+h12-l22+h22-l32+h32-l42+h42-l52+h52>=l62
1-l11+h11-l21+h21-l31+h31-l41+h41-l51+h51-l61+h61>=0;
1+l11-l12+l21-l22+l31-l32+l41-l42+l51-l52+l61-l62>=0;
1+l12-h12+l22-h22+l32-h32+l42-h42+l52-h52+l62-h62>=0;
l11-h11+l21-h21+l31-h31+l41-h41+l51-h51+l61-h61>=0;
-l11+l12-l21+l22-l31+l32-l41+l42-l51+l52-l61+l62>=0;
-l12+h12-l22+h22-l32+h32-l42+h42-l52+h52-l62+h62>=0;
l11+l12+l21+l22+l31+l32+l41+l42+l51+l52+l61+l62=1;
@bin(l11);
@bin(l12);
@bin(h11);
@bin(h12);
@bin(l21);
@bin(l22);
@bin(h21);
@bin(h22);
@bin(l31);
@bin(l32);
@bin(h31);
@bin(h32);
@bin(l41);
@bin(l42);
@bin(h41);
@bin(h42);
@bin(l51);
@bin(l52);
@bin(h51);
@bin(h52);
@bin(l61);
@bin(l62);
@bin(h61);
@bin(h62);
the results are as follows:
Figure GDA0002127239340000171
it can be seen that the initiation of a high level of migration can enable a low level of migration, so the original system is non-SNNI, i.e. the original system is not safe.
Distributed CO-SNNI:
first lower system N1
max=l;
1-l>=0;
l>=0;
@bin(l);
Calculate at the initial mark m0The maximum number of triggers for low level transitions, enabled, results are as follows:
Variable Value Reduced Cost
L 1.000000 -1.000000
the results are carried over to yield:
0>=l11
1>=h11
-l11+h11>=l21
1+l11-h11>=h21
-l11+h11-l21+h21>=0;
1+l11-h11+l21-h21>=0;
l11+l21=1;
@bin(l11);
@bin(h11);
@bin(l21);
@bin(h21);
the results are as follows:
Figure GDA0002127239340000181
it is seen that the initiation of high level transitions can enable low level transitions, so the first lower level system is non-SNNI, i.e. the original system is non-CO-SNNI.
In conclusion, the calculation amount is greatly saved by the obtained distributed algorithm, when a lower system is judged to be unsafe, the operation does not need to be continued, the fact that the original system is unsafe can be directly obtained, and the fact that information leakage occurs at the first subnet can be obtained.
Example 3:
the upper system N is shown in FIG. 11; the library-based index decomposition is shown in FIG. 12;
global formula SNNI:
max=l1+l2
1+l1>=0;
-l1>=0;
1+l1>=0;
1+l2>=0;
-l2>=0;
@bin(l1);
@bin(l2);
calculate at the initial mark m0The maximum number of initiation of low level transitions, the results are as follows:
Variable Value Reduced Cost
L1 0.000000 -1.000000
L2 0.000000 -1.000000
through a SIMIPN simulation platform in a laboratory, the reachable state of the original upper system is 3722, the shortest step length reaching all reachable states is 1860 under the condition that the initial state is [1, 0, 1, 1, 0], if global SNNI calculation is used, after the maximum initiation number of low-order transition under the condition of the initial state is calculated, the safety of the original upper system is judged together with 9306 constraint conditions, the calculation is extremely complex compared with distributed CO-SNNI, and if distributed calculation is used, the result is easily obtained.
Distributed CO-SNNI
First lower system N1
max=l;
l+l>=0;
-l>=0;
@bin(l);
Calculate at the initial mark m0The maximum number of initiation of low level transitions, the results are as follows:
Variable Value Reduced Cost
L 0.000000 -1.000000
the results are carried over to yield:
1>=h1
0>=l1
1+l1-h1>=h2
-l1+h1>=l2
1+l1-h1+l2-h2>=0;
-l1+h1-l2+h2>=0;
l1+l2=1;
@bin(h1);
@bin(l1);
@bin(h2);
@bin(l2);
as a result:
Figure GDA0002127239340000201
in summary, the initiation of a high level transition may enable a low level transition, so the first lower system is non-SNNI, i.e., the original system is non-CO-SNNI.
The above three examples can be summarized as follows:
experiment of Global constraint Distributed constraint Results
FIG. 2 33 27 CO-SNNI
FIG. 9 43 7 non-CO-SNNI
FIG. 11 9306 7 non-CO-SNNI
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.

Claims (5)

1. A control method for fully distributed subsystem cooperative safety control is characterized by comprising the following steps:
a first step of decomposing an upper system into a plurality of lower systems by a decomposition technique based on index decomposition of a library;
secondly, calculating the reachable state of the ith lower system and the shortest step length for reaching each reachable state;
thirdly, calculating the safety of the ith lower system through a distributed safety diagnosis algorithm, and if the result has no feasible solution, indicating that the ith lower system is safe; and repeating the second step, otherwise, the ith lower system is unsafe, namely the original system is unsafe, and if all the lower systems are safe, the original system is safe.
2. The method for controlling the fully distributed sub-system cooperative safety control as claimed in claim 1, wherein the method for controlling the fully distributed sub-system cooperative safety control comprises:
the method comprises the following steps: decomposing based on indexes of the library;
definitions 1, N ═ (P, T; F, M0) For a Petri net system, the function f is P → {1,2, ·, k } satisfies:
Figure FDA0003146467230000011
so that
Figure FDA0003146467230000012
Or
Figure FDA0003146467230000013
f(p1)≠f(p2) F is the index function of the library of N, and f (p) is the index of the library p; wherein M is0Is the initial identity of the net;
definitions 2, N ═ (P, T; F, M0) Is a Petri net, and the function f is a library index function with P → {1,2, ·, k } being N, called Ni=(Pi,Ti,Fi,M0i) (i epsilon {1,2, ·, k }) is a decomposition net with N based on the indexes of the library; n is a radical ofiSatisfy (I) Pi={p∈P|f(p)=i};②
Figure FDA0003146467230000014
③Fi={(Pi×Ti)∪(Ti×Pi)}∩F;④M0i=Γp→piM0;
Theorem 1, Ni=(Pi,Ti;Fi,M0i) (i ∈ {1,2, ·, k }) is N ═ P, T; f, M0) Based on the decomposition web of the library index, then
Figure FDA0003146467230000015
Satisfies the following conditions:
Figure FDA0003146467230000016
1 and 1, | t | < |;
step two, calculating the reachable state of the ith subnet and the shortest step length for reaching all reachable states according to the library place, the transition and the number of tokens in the ith subnet;
step three, distributed SNNI (CO-SNNI); s is < N, M0Is a complex network system, SiIf the S subnet is opposite to any two subnets S1,S2∈Si,i∈N+(ii) a If S1,S2Is decomposed based on library indices, and S1,S2Are both SNNI, S is CO-SNNI.
3. The method as claimed in claim 2, wherein the shortest step length required for the ith subnet to reach all reachable states is calculated in the second step and is represented by J.
4. The method for controlling fully distributed sub-system cooperative safety control according to claim 2, wherein S ═ N, M is known in the three steps0Is a complex network system, SiIs a subnet of S, i ∈ N+S is CO-SNNI if and only if each subnet satisfies the following condition:
Figure FDA0003146467230000021
wherein m isi0Is the initial state of the ith subnet, cilIs the incidence matrix, pre, containing only low-order transitions in the ith subnetiIs the pre-incidence matrix of the ith subnet, ciIs the incidence matrix of the ith subnet;
δiis the optimal solution of the integer linear programming problem;
Maxδi(t)
s.t.
mi0+cili>=0
δi∈Nnil
and judging whether a Petri network corresponding to an actual system is CO-SNNI or not, if so, indicating that the content seen by the low-order user is not dependent on the content seen by the high-order user, and then, the system is safe, otherwise, the system is not safe.
5. A control system for fully distributed sub-system cooperative safety control based on the control method for fully distributed sub-system cooperative safety control according to claim 1, wherein the control system for fully distributed sub-system cooperative safety control comprises: a host system including a plurality of lower systems;
the lower system is a sub-part of the upper system; the upper system triggers an event of the lower system.
CN201910371368.1A 2019-05-06 2019-05-06 Control method for fully distributed subsystem collaborative safety control and Petri network model Active CN110213237B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910371368.1A CN110213237B (en) 2019-05-06 2019-05-06 Control method for fully distributed subsystem collaborative safety control and Petri network model

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910371368.1A CN110213237B (en) 2019-05-06 2019-05-06 Control method for fully distributed subsystem collaborative safety control and Petri network model

Publications (2)

Publication Number Publication Date
CN110213237A CN110213237A (en) 2019-09-06
CN110213237B true CN110213237B (en) 2021-08-20

Family

ID=67787000

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910371368.1A Active CN110213237B (en) 2019-05-06 2019-05-06 Control method for fully distributed subsystem collaborative safety control and Petri network model

Country Status (1)

Country Link
CN (1) CN110213237B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111209526B (en) * 2019-12-30 2023-03-31 西安电子科技大学 Matrix algorithm-based distributed network information security diagnosis method and application
CN111245827B (en) * 2020-01-09 2022-03-01 西安电子科技大学 Distributed network information security detection method, system, storage medium and computer

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007058447A (en) * 2005-08-23 2007-03-08 Kimura Unity Co Ltd Modeling method of control target system based on extended petri net and controller based on extended petri net
CN105116795B (en) * 2015-07-22 2018-02-02 西安电子科技大学 A kind of distributed control method for being directed to the automated manufacturing system with assembly manipulation
CN108647377A (en) * 2018-03-28 2018-10-12 山东科技大学 A kind of multi-party Cooperative Analysis method of logic-based game petri nets

Also Published As

Publication number Publication date
CN110213237A (en) 2019-09-06

Similar Documents

Publication Publication Date Title
Kumari et al. Secure data analytics for smart grid systems in a sustainable smart city: Challenges, solutions, and future directions
Qi et al. Using the Internet of Things E‐Government Platform to Optimize the Administrative Management Mode
CN110213237B (en) Control method for fully distributed subsystem collaborative safety control and Petri network model
Li et al. Research on Multi‐Target Network Security Assessment with Attack Graph Expert System Model
Orr et al. Network community structure of substorms using SuperMAG magnetometers
Bianchini et al. Data management challenges for smart living
Wang et al. [Retracted] Artificial Intelligence Technology Based on Deep Learning in Building Construction Management System Modeling
Wang Construction and simulation of performance evaluation index system of Internet of Things based on cloud model
Huang et al. A novel collaborative diagnosis approach of incipient faults based on VMD and SCN for rolling bearing
Wang et al. Automotive cybersecurity vulnerability assessment using the common vulnerability scoring system and Bayesian network model
CN110569647B (en) Omnidirectional cooperative safety diagnosis method and cooperative control system in networked system
Xie et al. Graph‐based Bayesian network conditional normalizing flows for multiple time series anomaly detection
Zhang et al. ARIMA Model‐Based Fire Rescue Prediction
Fei et al. RETRACTED: Optimization of Communication Network Fault Identification Based on NB-IoT
Chen et al. Improved prediction of hourly PM2. 5 concentrations with a long short-term memory and spatio-temporal causal convolutional network deep learning model
Atef et al. On Some Types of Covering‐Based ℐ, T‐Fuzzy Rough Sets and Their Applications
Jiang [Retracted] Research on Machine Learning Algorithm for Internet of Things Information Security Management System Research and Implementation
Yang et al. Ddmt: Denoising diffusion mask transformer models for multivariate time series anomaly detection
Cao Global Convergence of Schubert’s Method for Solving Sparse Nonlinear Equations
Wang et al. [Retracted] Design of an Underground Transmission Line Condition Fault Monitoring System for Power Grids Based on Data Analysis Algorithms
Dyvak et al. An Ontological Approach to Detecting Irrelevant and Unreliable Information on Web-Resources and Social Networks
Khadem et al. A Hybridized GA with LP‐LP Model for the Management of Confined Groundwater
Luo Research on Decision‐Making of Complex Venture Capital Based on Financial Big Data Platform
Qiao et al. Fault recognition method of smart grid data acquisition system based on FNN and sequential DS fusion
Zhang et al. Prediction study and application of wind power development based on filtering error threshold

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant