CN111970166B - Test method, device, equipment, system and computer readable storage medium - Google Patents
Test method, device, equipment, system and computer readable storage medium Download PDFInfo
- Publication number
- CN111970166B CN111970166B CN202010763289.8A CN202010763289A CN111970166B CN 111970166 B CN111970166 B CN 111970166B CN 202010763289 A CN202010763289 A CN 202010763289A CN 111970166 B CN111970166 B CN 111970166B
- Authority
- CN
- China
- Prior art keywords
- network security
- information
- situation awareness
- tested
- test
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/50—Testing arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/06—Generation of reports
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a test method, a test device, test equipment, a test system and a computer readable storage medium. Wherein the method comprises the following steps: configuring a test environment, wherein configuring the test environment comprises: simulating at least one network safety monitoring device and a master station server; establishing a first communication link between each network security monitoring device and the situation awareness system to be tested and a second communication link between the master station server and the situation awareness system to be tested; controlling each network security monitoring device to send an acquired information event corresponding to the network security monitoring device to the situation awareness system to be detected through the first communication link, and controlling the situation awareness system to be detected to send a network security event to the master station server through the second communication link; judging whether feedback information corresponding to the information collecting event is received within the corresponding overtime waiting time or not; and generating a test report of the situation awareness system to be tested based on each judgment result.
Description
Technical Field
The invention relates to the field of network security of power monitoring systems, in particular to a testing method, a testing device, testing equipment, testing system and a computer readable storage medium.
Background
At present, the network security requirements of power grid companies on power monitoring systems are more and more strict, and power monitoring system network security situation sensing systems are gradually established, so that all-around and all-weather network security situation sensing of each power monitoring system of the power grid companies is realized, various network security risks and illegal access events are timely discovered, and therefore situation sensing and early warning of the power monitoring system network security are realized. In order to ensure the monitoring capability of the network security situation awareness system accessed into the power monitoring system, state network companies and south network companies propose to perform network access detection on the network security situation awareness system to be accessed into the power monitoring system, specify a series of network access detection specifications and requirements, and then organize electric academy to perform network security situation awareness system access test. It should be appreciated that since the devices in the power monitoring system are numerous, that is: the network security situation awareness system to be accessed needs to monitor a plurality of objects, so that a comprehensive power monitoring system with a plurality of objects is difficult to build in a laboratory to meet the test of the network security situation awareness system. The existing common test mode is to test a network security situation perception system by using a power monitoring system built by one or a small number of devices, and the test mode may have the following defects: if the performance of the network security situation perception system is tested by increasing the number of devices in the power monitoring system, the cost expenditure is multiplied; moreover, the performance of the network security situation awareness system with high throughput cannot be effectively tested by the power monitoring system built by only one or a plurality of network devices. For the reasons, a set of equipment with complete functions, flexible configuration and simple use in various power monitoring systems and a testing tool in the aspect of operation are urgently needed to support the testing of the network security situation awareness system.
Disclosure of Invention
It is therefore an objective of the claimed invention to provide a testing method, apparatus, device and system, which can solve at least some of the above problems.
In order to achieve the purpose, the technical scheme of the invention is realized as follows:
in a first aspect, an embodiment of the present invention provides a testing method, where the method includes:
configuring a test environment, wherein the configuring the test environment comprises: simulating at least one network safety monitoring device and a master station server; establishing a first communication link between each network security monitoring device of the at least one network security monitoring device and a situation awareness system to be tested and a second communication link between the master station server and the situation awareness system to be tested;
controlling each network security monitoring device in the at least one network security monitoring device to send an information acquisition event corresponding to the network security monitoring device to the situation awareness system to be tested through the first communication link, and controlling the situation awareness system to be tested to send a network security event to the master station server through the second communication link; the network security event is obtained by the situation awareness system to be tested based on the received information acquisition event corresponding to the network security monitoring equipment;
judging whether feedback information corresponding to the information collecting event is received within the corresponding overtime waiting time or not; generating a test report of the situation awareness system to be tested based on each judgment result; the test report is used for indicating the perception capability of the situation perception system to be tested.
In the foregoing solution, the simulating at least one network security monitoring device includes:
configuring at least one piece of first basic information, and generating a network safety monitoring device matched with the first basic information based on each piece of first basic information, wherein each piece of first basic information at least comprises: a device name, an internet protocol, IP, address, and a media access control, MAC, address;
the simulation main website server includes: configuring second basic information, and generating the master station server based on the second basic information, wherein the second basic information comprises a first communication address and a first port number;
the network safety monitoring equipment is each electronic equipment in the power monitoring system; the master station server is used for analyzing each network security event sent by the situation awareness system to be tested according to a set specification and feeding back an analysis result; and the analysis result is the feedback information.
In the foregoing solution, the establishing a first communication link between each network security monitoring device of the at least one network security monitoring device and the situation awareness system to be detected includes: sending a second communication address and a second port number corresponding to the situation awareness system to be detected to each network security monitoring device in the at least one network security monitoring device, so that each network security monitoring device in the at least one network security monitoring device establishes a first communication link with the situation awareness system to be detected based on the second communication address and the second port number;
establishing a second communication link between the master station server and the situation awareness system to be tested, comprising: and sending the first communication address and the first port number of the master station server to the situation awareness system to be tested so that the situation awareness system to be tested establishes the second communication link with the master station server based on the first communication address and the first port number.
In the foregoing solution, the controlling each network security monitoring device of the at least one network security monitoring device to send a corresponding collected information event to the situation awareness system to be detected through the first communication link includes:
sending at least one information acquisition instruction to each network safety monitoring device in the at least one network safety monitoring device; the acquisition information instruction is used for instructing the network security monitoring equipment to generate an acquisition information event corresponding to the acquisition information instruction and sending the acquisition information event corresponding to the acquisition information instruction to the situation awareness system to be tested through the first communication link; wherein the at least one acquisition information instruction is generated based on a configured acquisition information item list; the collection information item list comprises configuration parameters for generating each collection information instruction;
correspondingly, the controlling the situation awareness system to be tested to send a network security event to the master station server through the second communication link includes:
and controlling the situation awareness system to be tested to send each network security event corresponding to the information acquisition event to the master station server through the second communication link.
In the foregoing solution, the generating a test report of the situation awareness system to be tested based on each determination result includes:
recording a test result corresponding to each judgment result;
generating the test report based on each corresponding test result; the test report is stored in a readable document form;
receiving feedback information corresponding to the information collecting event in the corresponding overtime waiting time according to the judgment result, wherein the test result is that the feedback information passes; and if the judgment result is that the feedback information corresponding to the information collecting event is not received in the corresponding overtime waiting time, the test result is failed.
In the above aspect, the method further includes:
loading an acquisition information list corresponding to the network safety monitoring equipment for each network safety monitoring equipment; the acquisition information list is formed by acquiring each data of the network safety monitoring equipment according to the set situation awareness technical specification.
In the above aspect, the method further includes:
and displaying the same test result in the test report by adopting the same identifier, and displaying different test results in the test report by adopting different identifiers.
In the above aspect, the method further includes:
recording each acquisition information instruction generated based on the acquisition information item list, each acquisition information event generated by each network security monitoring device based on each acquisition information instruction, and each network security event generated by the situation awareness system to be tested based on each acquisition information event;
adding each record to a respective location in the test report; the corresponding position is a recording position which can enable the information acquisition instruction, the network security monitoring equipment, the information acquisition event and the network security event to form a one-to-one mapping relation.
In a second aspect, an embodiment of the present invention provides a test apparatus, including: a configuration unit, a control unit and a judgment unit, wherein,
the configuration unit is configured to configure a test environment, where the configuring the test environment includes: simulating at least one network safety monitoring device and a master station server; establishing a first communication link between each network security monitoring device of the at least one network security monitoring device and a situation awareness system to be tested and a second communication link between the master station server and the situation awareness system to be tested;
the control unit is configured to control each network security monitoring device of the at least one network security monitoring device to send an information acquisition event corresponding to the network security monitoring device to the situation awareness system to be tested through the first communication link, and control the situation awareness system to be tested to send a network security event to the master station server through the second communication link; the network security event is obtained by the situation awareness system to be tested based on the received information acquisition event corresponding to the network security monitoring equipment;
the judging unit is used for judging whether feedback information corresponding to the information collecting event is received within the corresponding overtime waiting time; generating a test report of the situation awareness system to be tested based on each judgment result; the test report is used for indicating the perception capability of the situation perception system to be tested.
In the foregoing solution, the configuration unit is specifically configured to: configuring at least one first basic message, generating a network safety monitoring device matched with the first basic message based on each first basic message in the at least one first basic message, and configuring a second basic message, generating the master station server based on the second basic message; wherein each of the first basic information at least includes: a device name, an internet protocol, IP, address, and a media access control, MAC, address; the second basic information comprises a first communication address and a first port number; the network safety monitoring equipment is each electronic equipment in the power monitoring system; the master station server is used for analyzing each network security event sent by the situation awareness system to be tested according to a set specification and feeding back an analysis result; and the analysis result is the feedback information.
In the foregoing solution, the configuration unit is further specifically configured to: sending a second communication address and a second port number corresponding to the situation awareness system to be detected to each network security monitoring device in the at least one network security monitoring device, so that each network security monitoring device in the at least one network security monitoring device establishes a first communication link with the situation awareness system to be detected based on the second communication address and the second port number; and sending the first communication address and the first port number of the master station server to the situation awareness system to be tested so that the situation awareness system to be tested establishes the second communication link with the master station server based on the first communication address and the first port number.
In the foregoing solution, the control unit is specifically configured to: sending at least one information acquisition instruction to each network safety monitoring device in the at least one network safety monitoring device; the acquisition information instruction is used for instructing the network security monitoring equipment to generate an acquisition information event corresponding to the acquisition information instruction and sending the acquisition information event corresponding to the acquisition information instruction to the situation awareness system to be tested through the first communication link; wherein the at least one acquisition information instruction is generated based on a configured acquisition information item list; the collection information item list comprises configuration parameters for generating each collection information instruction; and controlling the situation awareness system to be tested to send each network security event corresponding to the information acquisition event to the master station server through the second communication link.
In the foregoing solution, the determining unit is specifically configured to: recording a test result corresponding to each judgment result; generating the test report based on each corresponding test result; the test report is stored in a readable document form; receiving feedback information corresponding to the information collecting event in the corresponding overtime waiting time according to the judgment result, wherein the test result is that the feedback information passes; and if the judgment result is that the feedback information corresponding to the information collecting event is not received in the corresponding overtime waiting time, the test result is failed.
In the above solution, the testing apparatus further includes: a loading unit to: loading an acquisition information list corresponding to the network safety monitoring equipment for each network safety monitoring equipment; the acquisition information list is formed by acquiring each data of the network safety monitoring equipment according to the set situation awareness technical specification.
In the above solution, the testing apparatus further includes: a display unit for: and displaying the same test result in the test report by adopting the same identifier, and displaying different test results in the test report by adopting different identifiers.
In the foregoing solution, the determining unit is further specifically configured to: recording each acquisition information instruction generated based on the acquisition information item list, each acquisition information event generated by each network security monitoring device based on each acquisition information instruction, and each network security event generated by the situation awareness system to be tested based on each acquisition information event; adding each record to a respective location in the test report; the corresponding position is a recording position which can enable the information acquisition instruction, the network security monitoring equipment, the information acquisition event and the network security event to form a one-to-one mapping relation.
In a third aspect, an embodiment of the present invention provides a computer-readable storage medium, on which a computer program is stored; the computer program, when executed by a processor, implements the steps of any of the methods described above.
In a fourth aspect, an embodiment of the present invention provides a test apparatus, where the test apparatus includes: a processor and a memory for storing a computer program operable on the processor, wherein the processor is operable to perform the steps of any of the above methods when executing the computer program.
In a fifth aspect, an embodiment of the present invention provides a test system, which includes a test control module, a monitored object simulation module, and a master station simulation module,
the test control module is configured to configure a test environment, where the configuring the test environment includes: simulating at least one network safety monitoring device through the monitoring object simulation module and simulating a master station server through the master station simulation module; establishing a first communication link between each network security monitoring device of the at least one network security monitoring device and a situation awareness system to be tested and a second communication link between the master station server and the situation awareness system to be tested; controlling each network security monitoring device in the at least one network security monitoring device to send an information acquisition event corresponding to the network security monitoring device to the situation awareness system to be tested through the first communication link, and controlling the situation awareness system to be tested to send a network security event to the master station server through the second communication link; the network security event is obtained by the situation awareness system to be tested based on the received information acquisition event corresponding to the network security monitoring equipment; judging whether feedback information corresponding to the information collecting event is received within the corresponding overtime waiting time or not; generating a test report of the situation awareness system to be tested based on each judgment result; the test report is used for indicating the perception capability of the situation perception system to be tested.
In the foregoing solution, the test control module is specifically configured to: configuring at least one piece of first basic information, and sending the at least one piece of first basic information to the monitoring object simulation module; configuring second basic information and sending the second basic information to the master station simulation module;
the monitoring object simulation module is used for receiving the at least one piece of first basic information sent by the test control module and generating network security monitoring equipment matched with the first basic information based on each piece of first basic information in the at least one piece of first basic information;
the master station simulation module is used for receiving second basic information sent by the test control module and generating the master station server based on the second basic information;
wherein each of the first basic information at least includes: a device name, an internet protocol, IP, address, and a media access control, MAC, address; the second basic information comprises a first communication address and a first port number; the network safety monitoring equipment is each electronic equipment in the power monitoring system; the master station server is used for analyzing each network security event sent by the situation awareness system to be tested according to a set specification and feeding back an analysis result; and the analysis result is the feedback information.
In the foregoing solution, the test control module is further configured to: sending a second communication address and a second port code corresponding to the situation awareness system to be detected to each network security monitoring device simulated by the monitored object simulation module; sending a first communication address and a first port number of the master station server to the situation awareness system to be tested;
each network security monitoring device simulated by the monitoring object simulation module is used for receiving the second communication address and the second port number and establishing a first communication link with the situation awareness system to be detected based on the second communication address and the second port number;
and the situation awareness system to be tested is used for receiving the first communication address and the second port number and establishing the second communication link with the master station server based on the first communication address and the first port number.
In the foregoing solution, the test control module is further configured to: sending at least one information acquisition instruction to each network safety monitoring device in the at least one network safety monitoring device;
each network safety monitoring device simulated by the monitoring object simulation module is used for receiving the at least one information acquisition instruction, generating an information acquisition event corresponding to the information acquisition instruction based on each information acquisition instruction, and sending the information acquisition event to the situation awareness system to be detected through the first communication link;
the situation awareness system to be tested is used for receiving the acquired information event, converting the acquired information event into a network security event, and sending the network security event to the master station server through the second communication link;
the master station server is used for receiving the network security event, analyzing the network security event according to a set specification and feeding back an analysis result; and the analysis result is the feedback information.
In the foregoing solution, the test control module is further configured to: recording a test result corresponding to each judgment result; generating the test report based on each corresponding test result; the test report is stored in a readable document form; receiving feedback information corresponding to the information collecting event in the corresponding overtime waiting time according to the judgment result, wherein the test result is that the feedback information passes; and if the judgment result is that the feedback information corresponding to the information collecting event is not received in the corresponding overtime waiting time, the test result is failed.
In the above scheme, the system further includes a display module configured to display the same test result in the test report by using the same identifier, and display different test results in the test report by using different identifiers.
In the above scheme, the test control module, the monitored object simulation module and the master station simulation module are arranged on the same computer.
The embodiment of the invention provides a test method, a test device, equipment, a test system and a computer readable storage medium, wherein the method comprises the following steps: configuring a test environment, wherein the configuring the test environment comprises: simulating at least one network safety monitoring device and a master station server; establishing a first communication link between each network security monitoring device of the at least one network security monitoring device and a situation awareness system to be tested and a second communication link between the master station server and the situation awareness system to be tested; controlling each network security monitoring device in the at least one network security monitoring device to send an information acquisition event corresponding to the network security monitoring device to the situation awareness system to be tested through the first communication link, and controlling the situation awareness system to be tested to send a network security event to the master station server through the second communication link; the network security event is obtained by the situation awareness system to be tested based on the received information acquisition event corresponding to the network security monitoring equipment; judging whether feedback information corresponding to the information collecting event is received within the corresponding overtime waiting time or not; generating a test report of the situation awareness system to be tested based on each judgment result; the test report is used for indicating the perception capability of the situation perception system to be tested. Compared with the existing test method, the test method provided by the invention has the following advantages: 1. various test systems can be deployed in simple environments such as a laboratory and the like, so that the difficulty, cost and period of test environment construction are greatly reduced; 2. different types of network safety monitoring equipment can be flexibly configured, and the adaptability of the system is improved; 3. the simulation of a plurality of (such as 1000) network safety monitoring devices can be supported, so that the number of the simulatable devices is greatly increased; 4. the closed-loop simulation test of the situation awareness system to be tested can be realized, and the practical value is very high; 5. a complete and comprehensive test report can be provided, and the difficulty of analyzing problems by testers is simplified; 6. the method and the device realize rapid configuration, reduce test complexity, save labor cost and improve test efficiency.
Drawings
Fig. 1 is a schematic flow chart of a testing method according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a test system according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a testing apparatus according to an embodiment of the present invention;
fig. 4 is a schematic diagram of a hardware structure of a testing apparatus according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the following describes specific technical solutions of the present invention in further detail with reference to the accompanying drawings in the embodiments of the present invention. The following examples are intended to illustrate the invention but are not intended to limit the scope of the invention.
The present invention will be described in further detail with reference to the accompanying drawings and specific embodiments.
Fig. 1 is a schematic flow chart illustrating a testing method according to an embodiment of the present invention. In fig. 1, the method comprises:
s101: configuring a test environment, wherein the configuring the test environment comprises: simulating at least one network safety monitoring device and a master station server; establishing a first communication link between each network security monitoring device of the at least one network security monitoring device and a situation awareness system to be tested and a second communication link between the master station server and the situation awareness system to be tested;
s102: controlling each network security monitoring device in the at least one network security monitoring device to send an information acquisition event corresponding to the network security monitoring device to the situation awareness system to be tested through the first communication link, and controlling the situation awareness system to be tested to send a network security event to the master station server through the second communication link; the network security event is obtained by the situation awareness system to be tested based on the received information acquisition event corresponding to the network security monitoring equipment;
s103: judging whether feedback information corresponding to the information collecting event is received within the corresponding overtime waiting time or not; generating a test report of the situation awareness system to be tested based on each judgment result; the test report is used for indicating the perception capability of the situation perception system to be tested.
It should be noted that configuring a test environment here, in other words, building a test system for testing the capability of the situation awareness system to be tested to monitor the network security monitoring device in a certain power monitoring system. More generally, configuring a test environment is to set up a system which is composed of an electric power monitoring system and a to-be-tested situation awareness system and can normally operate so as to test the awareness capability of the to-be-tested situation awareness system, wherein the awareness capability is used for describing the receiving and processing capability of the to-be-tested situation awareness system on information collecting events sent by each device of the to-be-tested electric power monitoring system.
Specifically, for step S101, to set up a system that operates normally, at least one network security monitoring device and a master station server in the power monitoring system need to be simulated, and a first communication link between the network security monitoring device and the situation awareness system to be detected and a second communication link between the master station server and the situation awareness system to be detected are established.
In some embodiments, for the simulating at least one network security monitoring device in step S101, the method includes:
configuring at least one piece of first basic information, and generating a network safety monitoring device matched with the first basic information based on each piece of first basic information, wherein each piece of first basic information at least comprises: a device name, an internet protocol, IP, address, and a media access control, MAC, address;
the simulation master station server in the step S101 comprises the following steps: configuring second basic information, and generating the master station server based on the second basic information, wherein the second basic information comprises a first communication address and a first port number;
the network safety monitoring equipment is each electronic equipment in the power monitoring system; the master station server is used for analyzing each network security event sent by the situation awareness system to be tested according to a set specification and feeding back an analysis result; and the analysis result is the feedback information.
It should be noted that the network security monitoring device is each electronic device in the power monitoring system, for example, a general host includes a server and a workstation; the embedded host comprises an embedded device; the network equipment comprises a switch and a router; the safety equipment comprises a firewall, a longitudinal encryption authentication device, a forward isolation device, a reverse isolation device, a situation perception acquisition device and the like. The first basic information is data required for simulating a network safety monitoring device capable of operating normally, and includes at least a device name, an internet protocol IP address and a media access control MAC address, and may further include more data, such as a test user name, a manufacturer name and the like.
The term "generating a network security monitoring device matched with the first basic information based on each of the at least one piece of first basic information" as used herein refers to generating a network security monitoring device matched with the first basic information based on each piece of first basic information, in other words, the first basic information corresponds to the simulated network security monitoring devices one by one.
In practical application, the simulated master server may be a Transmission Control Protocol (TCP) server based on IEC-104. When the simulation is performed, the second basic information may include the first communication address and the first port number, that is, a master station server may be simulated by having one communication address and one port number. The setting specification may refer to a technical specification of the network security monitoring device of the power monitoring system, where an analysis rule and the like are specified in the technical specification.
In some embodiments, the establishing a first communication link between each of the at least one network security monitoring device and the situation awareness system to be tested in step S101 includes: sending a second communication address and a second port number corresponding to the situation awareness system to be detected to each network security monitoring device in the at least one network security monitoring device, so that each network security monitoring device in the at least one network security monitoring device establishes a first communication link with the situation awareness system to be detected based on the second communication address and the second port number;
and for the establishment of the second communication link between the master station server and the situation awareness system to be tested in step S101, the method includes: and sending the first communication address and the first port number of the master station server to the situation awareness system to be tested so that the situation awareness system to be tested establishes the second communication link with the master station server based on the first communication address and the first port number.
It should be noted that the first communication link is a data transmission path between the network security monitoring device and the situation awareness system to be detected, and is different according to different transmission protocols followed by the network security monitoring device, for example, when the network security monitoring device follows TCP, the established first communication link is a data transmission path according to TCP; for another example, if the network security monitoring device follows a User Datagram Protocol (UDP), the established first communication link is a path for transmitting data according to the UDP. No matter whether the first communication link is established based on TCP or UDP, the specific procedure for establishing the communication link may refer to the prior art, and is not described herein again. The second communication link is a transmission path between the master station server and the situation awareness system to be tested, and when the master station server follows the TCP, the second communication link is established according to the TCP, and the specific establishment process is not repeated herein.
In the practical application process, after the test environment configuration is completed, the normal tester process can be started, that is: operations completed in steps S102 and S103.
In some embodiments, for S102, may include:
sending at least one information acquisition instruction to each network safety monitoring device in the at least one network safety monitoring device; the acquisition information instruction is used for instructing the network security monitoring equipment to generate an acquisition information event corresponding to the acquisition information instruction and sending the acquisition information event corresponding to the acquisition information instruction to the situation awareness system to be tested through the first communication link; wherein the at least one acquisition information instruction is generated based on a configured acquisition information item list; the collection information item list comprises configuration parameters for generating each collection information instruction;
correspondingly, the controlling the situation awareness system to be tested to send a network security event to the master station server through the second communication link includes:
and controlling the situation awareness system to be tested to send each network security event corresponding to the information acquisition event to the master station server through the second communication link.
It should be noted that the collected information item list includes configuration parameters for generating each collected information instruction, such as name, type, IP, operation parameters, operation times, and the like of the network security monitoring device. The collection information item list may be an eXtensible Markup Language (XML) format document, which may be arbitrarily configured by the tester.
It should be understood that any configuration described herein is not meant to be without limitations, in other words, a configuration is meaningless if the network security monitoring device fails to simulate a collection event corresponding to a collection command based on the collection command generated by the tester configuring the collection command generated by some parameters, and thus the test is definitely failed. Thus, in some embodiments, the method further comprises:
loading an acquisition information list corresponding to the network safety monitoring equipment for each network safety monitoring equipment; the acquisition information list is formed by acquiring each data of the network safety monitoring equipment according to the set situation awareness technical specification.
It should be noted that the set situation awareness technical specification may refer to a working specification of the situation awareness system formulated based on a technical specification of a network security monitoring device of the power monitoring system, for example, a type of information of the network security monitoring device is specified, and a processing mode of the collected information is specified; the data contained in the collected information list corresponding to the network security monitoring device forms some operations that the network security monitoring device can complete and some attributes of the device, and the operations can include collected information and an information generation mode, wherein the collected information contains operation information, configuration information, state information and alarm information; the information generation mode comprises trigger uploading or periodic uploading. The collected information list can be stored by adopting a binary format file, the content in the collected information list can be dynamically and quickly modified, and the operability is improved. The acquisition information item list is configured according to the acquisition information item list so as to ensure that an acquisition information command generated based on the acquisition information item list can enable the network safety monitoring equipment to generate an acquisition information event corresponding to the acquisition information command, thereby eliminating test failure caused by artificial configuration.
The sending of at least one information acquisition command to each network security monitoring device may be referred to herein as sending a plurality of information acquisition commands to one network security monitoring device. And after receiving the information acquisition instruction, the network safety monitoring equipment generates a corresponding information acquisition event based on the instruction of the information acquisition instruction. The information collecting event may refer to a certain operation completed by the network security monitoring device, for example, when the information collecting instruction indicates that the network security monitoring device completes successful login, the network security monitoring device generates a successful login event after completing successful login based on the information collecting instruction, and the successful login event is the information collecting event.
In an actual application process, for S103, the corresponding timeout waiting time may be a maximum waiting time for receiving feedback information corresponding to an information acquisition event after controlling the network security monitoring device to send the information acquisition event corresponding to the network security monitoring device to the situation awareness system to be detected through the first communication link, and for example, the timeout waiting time may be set to 3 seconds, 5 seconds, and the like. Specifically, at this time, after controlling the network security monitoring device to send an information acquisition event corresponding to the network security monitoring device to the situation awareness system to be tested through the first communication link, the maximum waiting time for receiving feedback information corresponding to the information acquisition event is 3 seconds, in other words, if the feedback information corresponding to the information acquisition event can be received, the receiving time is always within 3 seconds; and if the feedback information corresponding to the information collecting event is not received within 3 seconds, the feedback information corresponding to the information collecting event is not waited to be received.
In some embodiments, the generating a test report of the situation awareness system under test based on each determination result in S103 includes:
recording a test result corresponding to each judgment result;
generating the test report based on each corresponding test result; the test report is stored in a readable document form;
receiving feedback information corresponding to the information collecting event in the corresponding overtime waiting time according to the judgment result, wherein the test result is that the feedback information passes; and if the judgment result is that the feedback information corresponding to the information collecting event is not received in the corresponding overtime waiting time, the test result is failed.
It should be noted that the judgment result here includes two types, that is, receiving the feedback information corresponding to the information acquisition event within the corresponding timeout waiting time, and not receiving the feedback information corresponding to the information acquisition event within the corresponding timeout waiting time. In the two judgment results, when the judgment result is that the feedback information corresponding to the information collecting event is received in the corresponding overtime waiting time, the test result is passed, namely, the test is successful; and if the judgment result is that the feedback information corresponding to the information collecting event is not received in the corresponding overtime waiting time, the test result is failed, namely, the test is failed. Here, each test result is recorded to form a readable document, so that a tester can clearly know which test has a problem, wherein the readable document can be in a format of word, PDF, and the like.
In some embodiments, the method further comprises:
and displaying the same test result in the test report by adopting the same identifier, and displaying different test results in the test report by adopting different identifiers.
It should be noted that the mark may be in any form, for example, when the test result is passed, the green light is on; when the test result is that the test item fails, the red lamp is on, so that a tester can clearly know which test item has a problem, the problem can be quickly positioned and checked, and the troubleshooting time is shortened.
In some embodiments, the method further comprises:
recording each acquisition information instruction generated based on the acquisition information item list, each acquisition information event generated by each network security monitoring device based on each acquisition information instruction, and each network security event generated by the situation awareness system to be tested based on each acquisition information event;
adding each record to a respective location in the test report; the corresponding position is a recording position which can enable the information acquisition instruction, the network security monitoring equipment, the information acquisition event and the network security event to form a one-to-one mapping relation.
It should be noted that, here, all the information related to the test content is recorded in the test report, and the information is classified according to the network security monitoring devices, so that the collected information instruction, the network security monitoring device, the collected information event, and the network security event form a one-to-one mapping relationship, so that the tester can clearly know which test link has a problem, thereby quickly positioning and troubleshooting the problem, shortening the troubleshooting time, and the whole recording process is completely automated, thereby greatly saving the testing time.
The foregoing is a concept of the testing method of the present invention, and then, in a process of actually implementing the foregoing testing method, as shown in fig. 2, an embodiment of the present invention further provides a testing system, where the testing system 20 includes: comprises a test control module 201, a monitoring object simulation module 202 and a master station simulation module 203, wherein,
the test control module 201 is configured to configure a test environment, where the configuring the test environment includes: simulating at least one network security monitoring device through the monitoring object simulation module 202 and simulating a master station server through the master station simulation module 203; establishing a first communication link between each network security monitoring device of the at least one network security monitoring device and a situation awareness system to be tested and a second communication link between the master station server and the situation awareness system to be tested; controlling each network security monitoring device in the at least one network security monitoring device to send an information acquisition event corresponding to the network security monitoring device to the situation awareness system to be tested through the first communication link, and controlling the situation awareness system to be tested to send a network security event to the master station server through the second communication link; the network security event is obtained by the situation awareness system to be tested based on the received information acquisition event corresponding to the network security monitoring equipment; judging whether feedback information corresponding to the information collecting event is received within the corresponding overtime waiting time or not; generating a test report of the situation awareness system to be tested based on each judgment result; the test report is used for indicating the perception capability of the situation perception system to be tested.
It should be noted that the same terms as those mentioned above have the same meanings, and are described in detail in the foregoing, so that the description thereof is omitted. The test control module 201 is the core of the test system, all control commands and configuration are realized through the test control module 201, and in practical application, a tester can realize the sending and configuration operations of the test control commands and the like through a human-computer interaction interface arranged on the test control module 201.
In some embodiments, the test control module 201 is specifically configured to: configuring at least one piece of first basic information, and sending the at least one piece of first basic information to the monitored object simulation module 202; configuring second basic information, and sending the second basic information to the master station simulation module 203;
the monitored object simulation module 202 is configured to receive the at least one piece of first basic information sent by the test control module 201, and generate network security monitoring equipment matched with the first basic information based on each piece of first basic information in the at least one piece of first basic information;
the master station simulation module 203 is configured to receive second basic information sent by the test control module 201, and generate the master station server based on the second basic information;
wherein each of the first basic information at least includes: a device name, an internet protocol, IP, address, and a media access control, MAC, address; the second basic information comprises a first communication address and a first port number; the network safety monitoring equipment is each electronic equipment in the power monitoring system; the master station server is used for analyzing each network security event sent by the situation awareness system to be tested according to a set specification and feeding back an analysis result; and the analysis result is the feedback information.
In some embodiments, the test control module 201 is further configured to: sending a second communication address and a second port number corresponding to the situation awareness system to be detected to each network security monitoring device simulated by the monitored object simulation module 202; sending a first communication address and a first port number of the master station server to the situation awareness system to be tested;
each network security monitoring device simulated by the monitoring object simulation module is used for receiving the second communication address and the second port number and establishing a first communication link with the situation awareness system to be detected based on the second communication address and the second port number;
and the situation awareness system to be tested is used for receiving the first communication address and the second port number and establishing the second communication link with the master station server based on the first communication address and the first port number.
In some embodiments, the test control module 201 is further configured to: sending at least one information acquisition instruction to each network safety monitoring device in the at least one network safety monitoring device;
each network safety monitoring device simulated by the monitoring object simulation module is used for receiving the at least one information acquisition instruction, generating an information acquisition event corresponding to the information acquisition instruction based on each information acquisition instruction, and sending the information acquisition event to the situation awareness system to be detected through the first communication link;
the situation awareness system to be tested is used for receiving the acquired information event, converting the acquired information event into a network security event, and sending the network security event to the master station server through the second communication link;
the master station server is used for receiving the network security event, analyzing the network security event according to a set specification and feeding back an analysis result; and the analysis result is the feedback information.
It should be noted that the terms appearing herein have the same meaning as those in the preceding test method, and are described in detail in the preceding, and thus are not repeated herein.
In some embodiments, the test control module 201 is further configured to: recording a test result corresponding to each judgment result; generating the test report based on each corresponding test result; the test report is stored in a readable document form; receiving feedback information corresponding to the information collecting event in the corresponding overtime waiting time according to the judgment result, wherein the test result is that the feedback information passes; and if the judgment result is that the feedback information corresponding to the information collecting event is not received in the corresponding overtime waiting time, the test result is failed.
In some embodiments, the test system further includes a display module configured to display the same test result in the test report by using the same identifier, and display different test results in the test report by using different identifiers.
The Display module may be any type of Display element, such as a television Tube (CTR) Display, a Liquid Crystal Display (LCD), an LED Display, and the like, and the type of the Display element can be selected according to actual needs.
In some embodiments, the test control module, the monitored object simulation module, and the master station simulation module are provided on the same computer.
It should be noted that the test control module, the monitoring object simulation module and the master station simulation module can be arranged on the same computer (PC) and connected to the same switch with the situation sensing system to be tested, and the test control module, the monitoring object simulation module and the master station simulation module are integrated in the same test system, so that the configuration operation is very simple, that is, the time for setting up the test environment is greatly shortened, and the cost for setting up the test environment is saved.
For understanding the present invention, based on the aforementioned test system in fig. 2, the following embodiment is used to illustrate the specific working principle of the test method of the present invention.
Take an example in which the power monitoring system includes two network security monitoring devices, one is a server named server1 and the other is a firewall named Fw 1. The working process is as follows:
1) configuring a test environment
Firstly, a tester configures first basic information of server1 and first basic information of Fw1 through an input element of a human-computer interaction interface on the test control module 201, and sends the first basic information of server1 and the first basic information of Fw1 to the monitored object simulation module 202, and configures second basic information, and sends the second basic information to the master station simulation module 203, wherein the input element can be in the form of a key, a button, a touch key and the like.
Here, after the monitored object simulation module 202 receives the first basic information of the server1 and the first basic information of the Fw1, the server1 is simulated based on the first basic information of the server1, the Fw1 is simulated based on the first basic information of the Fw1, the simulated server1 and the Fw1 form a power monitoring system, and then the sensing capability of the situation sensing system to be tested on the power monitoring system including two network security monitoring devices is tested. It should be noted that, the configuration is convenient and flexible, the number of the network safety monitoring devices can be simulated according to the actual requirements of the power monitoring system, and the convenience of building the test environment is greatly realized. And the master station simulation module 203 simulates the master station server by receiving the second basic information.
Then, the tester starts the simulated server1, Fw1 and the master station server through the input element of the man-machine interface, namely: respectively establishing a first communication link between the server1 and the Fw1 and the situation awareness system to be tested, and establishing a second communication link between the master station server and the situation awareness system to be tested, in other words, the step is that the simulated server1 and the Fw1, the master station server and the situation awareness system to be tested form a system which normally operates so as to carry out testing.
2) Testing
Firstly, a tester configures a list of collected information items through an input element of a human-computer interaction interface on the test control module 201. Based on the foregoing description, the collected information item list is configured based on the simulated collected information lists of the network security monitoring devices.
For example, the partial collection information list of simulated server1 as shown in Table 1; the partial acquisition information list of the simulated Fw1 shown in table 2, and the acquisition information item list configured based on tables 1 and 2 are shown in table 3.
TABLE 1
TABLE 2
| User login success | User exit | User login failure |
| Modifying policies | CPU utilization | Memory usage rate |
| Firewall power failure | Firewall fan failure | Abnormal temperature of firewall |
| Network DOWN/UP | Attack warning | Access without compliance with a security policy |
TABLE 3
| Test item | Device name | Type of device | Equipment IP | Operating parameters | Number of runs |
| Success of login | server1 | Server | 198.120.0.100 | user:admin | 1 |
| Attack warning | Fw1 | Fire wall | 198.120.0.101 | user:tester | 5 |
Then, a tester clicks an operation button in an input element of a human-computer interaction interface on the test control module 201 to start a test, the test control module 201 respectively and sequentially sends acquisition information instructions generated based on an acquisition information item list to the simulated servers 1 and Fw1, the servers 1 and the Fw1 respectively generate acquisition information events corresponding to the acquisition information instructions after receiving the corresponding acquisition information instructions, respectively send the respective acquisition information events to the situation awareness system to be tested through a first communication link, the situation awareness system to be tested generates network security events corresponding to the acquisition information events and sends the network security events to the master station server, and the master station server receives the network security events, analyzes the network security events according to set specifications and feeds back analysis results to the test control module 201; and the analysis result is the feedback information. If the test control module 201 receives the feedback information within the corresponding timeout waiting time, the test is successful; if the test control module 201 does not receive the feedback information within the corresponding timeout waiting time, the test fails.
For example, the test control module 201 sends an information acquisition instruction for the server1 to simulate successful login to the server1, the server1 receives the instruction, generates a login successful information acquisition event and uploads the login successful information acquisition event to the situation awareness system to be tested, the situation awareness system to be tested receives the login successful information acquisition event, generates a login successful network security event based on the login successful information acquisition event and uploads the login successful network security event to the master station server, the master station server receives the login successful network security event, analyzes the login successful network security event according to a set standard to obtain an analysis result, and feeds the analysis result back to the test control module 201, so that a complete closed-loop test is formed. If the test control module 201 receives the parsing result within the corresponding timeout waiting time, it indicates that the test is successful, that is: the test result can be recorded as pass; if the test control module 201 does not receive the analysis result within the corresponding timeout waiting time, it indicates that the test is unsuccessful, that is: the test result may be scored as failed.
3) Generating test reports
The test report is generated based on the test result corresponding to each collected information event, and the test report may also include all the test-related contents, such as the collected information instruction, the network security monitoring device, the collected information event, the network security event, and the like. And the contents related to the test are added to the corresponding positions in the test report according to the network safety monitoring equipment, so that the information acquisition instruction, the network safety monitoring equipment, the information acquisition event and the network safety event form a one-to-one mapping relation, and therefore, testers can conveniently and quickly troubleshoot problems.
Based on the same inventive concept as the foregoing, as shown in fig. 3, an embodiment of the present invention further provides a testing apparatus, where the testing apparatus 30 includes: a configuration unit 301, a control unit 302, and a judgment unit 303, wherein,
the configuration unit 301 is configured to configure a test environment, where the configuring the test environment includes: simulating at least one network safety monitoring device and a master station server; establishing a first communication link between each network security monitoring device of the at least one network security monitoring device and a situation awareness system to be tested and a second communication link between the master station server and the situation awareness system to be tested;
the control unit 302 is configured to control each network security monitoring device of the at least one network security monitoring device to send an information acquisition event corresponding to the network security monitoring device to the situation awareness system to be tested through the first communication link, and control the situation awareness system to be tested to send a network security event to the master station server through the second communication link; the network security event is obtained by the situation awareness system to be tested based on the received information acquisition event corresponding to the network security monitoring equipment;
the judging unit 303 is configured to judge whether feedback information corresponding to an information acquisition event is received within a corresponding timeout waiting time; generating a test report of the situation awareness system to be tested based on each judgment result; the test report is used for indicating the perception capability of the situation perception system to be tested.
In some embodiments, the configuration unit 301 is specifically configured to: configuring at least one first basic message, generating a network safety monitoring device matched with the first basic message based on each first basic message in the at least one first basic message, and configuring a second basic message, generating the master station server based on the second basic message; wherein each of the first basic information at least includes: a device name, an internet protocol, IP, address, and a media access control, MAC, address; the second basic information comprises a first communication address and a first port number; the network safety monitoring equipment is each electronic equipment in the power monitoring system; the master station server is used for analyzing each network security event sent by the situation awareness system to be tested according to a set specification and feeding back an analysis result; and the analysis result is the feedback information.
In some embodiments, the configuration unit 301 is further specifically configured to: sending a second communication address and a second port number corresponding to the situation awareness system to be detected to each network security monitoring device in the at least one network security monitoring device, so that each network security monitoring device in the at least one network security monitoring device establishes a first communication link with the situation awareness system to be detected based on the second communication address and the second port number; and sending the first communication address and the first port number of the master station server to the situation awareness system to be tested so that the situation awareness system to be tested establishes the second communication link with the master station server based on the first communication address and the first port number.
In some embodiments, the control unit 302 is specifically configured to: sending at least one information acquisition instruction to each network safety monitoring device in the at least one network safety monitoring device; the acquisition information instruction is used for instructing the network security monitoring equipment to generate an acquisition information event corresponding to the acquisition information instruction and sending the acquisition information event corresponding to the acquisition information instruction to the situation awareness system to be tested through the first communication link; wherein the at least one acquisition information instruction is generated based on a configured acquisition information item list; the collection information item list comprises configuration parameters for generating each collection information instruction; and controlling the situation awareness system to be tested to send each network security event corresponding to the information acquisition event to the master station server through the second communication link.
In some embodiments, the determining unit 303 is specifically configured to: recording a test result corresponding to each judgment result; generating the test report based on each corresponding test result; the test report is stored in a readable document form; receiving feedback information corresponding to the information collecting event in the corresponding overtime waiting time according to the judgment result, wherein the test result is that the feedback information passes; and if the judgment result is that the feedback information corresponding to the information collecting event is not received in the corresponding overtime waiting time, the test result is failed.
In some embodiments, the test device further comprises: a loading unit to: loading an acquisition information list corresponding to the network safety monitoring equipment for each network safety monitoring equipment; the acquisition information list is formed by acquiring each data of the network safety monitoring equipment according to the set situation awareness technical specification.
In some embodiments, the test device further comprises: a display unit for: and displaying the same test result in the test report by adopting the same identifier, and displaying different test results in the test report by adopting different identifiers.
In some embodiments, the determining unit 303 is further specifically configured to: recording each acquisition information instruction generated based on the acquisition information item list, each acquisition information event generated by each network security monitoring device based on each acquisition information instruction, and each network security event generated by the situation awareness system to be tested based on each acquisition information event; adding each record to a respective location in the test report; the corresponding position is a recording position which can enable the information acquisition instruction, the network security monitoring equipment, the information acquisition event and the network security event to form a one-to-one mapping relation.
It should be noted that the test apparatus described in the above embodiments and the test method described in the above embodiments are the same inventive concept, and therefore, the meanings of the terms appearing in the test apparatus described in the above embodiments are the same as those described above, and are not repeated herein.
Embodiments of the present invention further provide a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the steps of the foregoing method embodiments, and the foregoing storage medium includes: a mobile storage device, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
An embodiment of the present invention further provides a testing apparatus, including: a processor and a memory for storing a computer program capable of running on the processor, wherein the processor is configured to execute the steps of the above-described method embodiments stored in the memory when running the computer program.
Fig. 4 is a schematic diagram of a hardware structure of a testing apparatus according to an embodiment of the present invention, where the testing apparatus 40 includes: the at least one processor 401, the memory 402, and optionally the test apparatus 40 may further include at least one communication interface 403, and the various components in the test apparatus 40 are coupled together by a bus system 404, it being understood that the bus system 404 is used to implement connection communication between these components. The bus system 404 includes a power bus, a control bus, and a status signal bus in addition to a data bus. For clarity of illustration, however, the various buses are labeled as bus system 404 in FIG. 4.
It will be appreciated that the memory 402 can be either volatile memory or nonvolatile memory, and can include both volatile and nonvolatile memory. Among them, the nonvolatile Memory may be a Read Only Memory (ROM), a Programmable Read Only Memory (PROM), an Erasable Programmable Read-Only Memory (EPROM), an Electrically Erasable Programmable Read-Only Memory (EEPROM), a magnetic random access Memory (FRAM), a Flash Memory (Flash Memory), a magnetic surface Memory, an optical disk, or a Compact Disc Read-Only Memory (CD-ROM); the magnetic surface storage may be disk storage or tape storage. Volatile Memory can be Random Access Memory (RAM), which acts as external cache Memory. By way of illustration and not limitation, many forms of RAM are available, such as Static Random Access Memory (SRAM), Synchronous Static Random Access Memory (SSRAM), Dynamic Random Access Memory (DRAM), Synchronous Dynamic Random Access Memory (SDRAM), Double Data Rate Synchronous Dynamic Random Access Memory (DDRSDRAM), Enhanced Synchronous Dynamic Random Access Memory (ESDRAM), Enhanced Synchronous Dynamic Random Access Memory (Enhanced DRAM), Synchronous Dynamic Random Access Memory (SLDRAM), Direct Memory (DRmb Access), and Random Access Memory (DRAM). The memory 402 described in connection with the embodiments of the invention is intended to comprise, without being limited to, these and any other suitable types of memory.
The memory 402 in embodiments of the present invention is used to store various types of data to support the operation of the test equipment 40. Examples of such data include: any computer program for operating on the test device 40, such as controlling each of the at least one network security monitoring device to send collected information events corresponding to the network security monitoring device to the situation awareness system to be tested via the first communication link, may be included in the memory 402 to implement the method of the embodiment of the present invention.
The method disclosed in the above embodiments of the present invention may be applied to the processor 401, or implemented by the processor 401. The processor may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in a processor or instructions in the form of software. The Processor may be a general purpose Processor, a Digital Signal Processor (DSP), or other programmable logic device, discrete gate or transistor logic device, discrete hardware components, or the like. The processor may implement or perform the methods, steps, and logic blocks disclosed in embodiments of the present invention. A general purpose processor may be a microprocessor or any conventional processor or the like. The steps of the method disclosed by the embodiment of the invention can be directly implemented by a hardware decoding processor, or can be implemented by combining hardware and software modules in the decoding processor. The software modules may be located in a storage medium having a memory and a processor reading the information in the memory and combining the hardware to perform the steps of the method.
In an exemplary embodiment, the test Device 40 may be implemented by one or more Application Specific Integrated Circuits (ASICs), DSPs, Programmable Logic Devices (PLDs), Complex Programmable Logic Devices (CPLDs), Field Programmable Gate Arrays (FPGAs), general purpose processors, controllers, Micro Controllers (MCUs), microprocessors (microprocessors), or other electronic components for performing the above-described methods.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus and method may be implemented in other ways. The above-described device embodiments are merely illustrative, for example, the division of the unit is only a logical functional division, and there may be other division ways in actual implementation, such as: multiple units or components may be combined, or may be integrated into another system, or some features may be omitted, or not implemented. In addition, the coupling, direct coupling or communication connection between the components shown or discussed may be through some interfaces, and the indirect coupling or communication connection between the devices or units may be electrical, mechanical or other forms. The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed on a plurality of network units; some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment. In addition, all the functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may be separately regarded as one unit, or two or more units may be integrated into one unit; the integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional unit.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the present invention.
Claims (13)
1. A method of testing, the method comprising:
configuring a test environment, wherein the configuring the test environment comprises: simulating at least one network safety monitoring device and a master station server; establishing a first communication link between each network security monitoring device of the at least one network security monitoring device and a situation awareness system to be tested and a second communication link between the master station server and the situation awareness system to be tested;
controlling each network security monitoring device in the at least one network security monitoring device to send an information acquisition event corresponding to the network security monitoring device to the situation awareness system to be tested through the first communication link, and controlling the situation awareness system to be tested to send a network security event to the master station server through the second communication link; the network security event is obtained by the situation awareness system to be tested based on the received information acquisition event corresponding to the network security monitoring equipment;
judging whether feedback information corresponding to the information collecting event is received within corresponding overtime waiting time or not, wherein the feedback information is an analysis result fed back by the master station server after analyzing each network security event sent by the situation awareness system to be detected according to a set specification; generating a test report of the situation awareness system to be tested based on each judgment result; the test report is used for indicating the perception capability of the situation perception system to be tested.
2. The method of claim 1, wherein the simulating at least one network security monitoring device comprises:
configuring at least one piece of first basic information, and generating a network safety monitoring device matched with the first basic information based on each piece of first basic information, wherein each piece of first basic information at least comprises: a device name, an internet protocol, IP, address, and a media access control, MAC, address;
the simulation main website server includes: configuring second basic information, and generating the master station server based on the second basic information, wherein the second basic information comprises a first communication address and a first port number;
the network safety monitoring equipment is each electronic equipment in the power monitoring system; and the master station server is used for analyzing each network security event sent by the situation awareness system to be tested according to a set specification and feeding back an analysis result.
3. The method according to claim 2, wherein the establishing a first communication link between each of the at least one network security monitoring device and the situation awareness system under test comprises: sending a second communication address and a second port number corresponding to the situation awareness system to be detected to each network security monitoring device in the at least one network security monitoring device, so that each network security monitoring device in the at least one network security monitoring device establishes a first communication link with the situation awareness system to be detected based on the second communication address and the second port number;
establishing a second communication link between the master station server and the situation awareness system to be tested, comprising: and sending the first communication address and the first port number of the master station server to the situation awareness system to be tested so that the situation awareness system to be tested establishes the second communication link with the master station server based on the first communication address and the first port number.
4. The method according to claim 1, wherein the controlling each of the at least one network security monitoring device to send a corresponding collected information event to the situation awareness system to be tested via the first communication link comprises:
sending at least one information acquisition instruction to each network safety monitoring device in the at least one network safety monitoring device; the acquisition information instruction is used for instructing the network security monitoring equipment to generate an acquisition information event corresponding to the acquisition information instruction and sending the acquisition information event corresponding to the acquisition information instruction to the situation awareness system to be tested through the first communication link; wherein the at least one acquisition information instruction is generated based on a configured acquisition information item list; the collection information item list comprises configuration parameters for generating each collection information instruction;
correspondingly, the controlling the situation awareness system to be tested to send a network security event to the master station server through the second communication link includes:
and controlling the situation awareness system to be tested to send each network security event corresponding to the information acquisition event to the master station server through the second communication link.
5. The method according to claim 1, wherein the generating a test report of the situation awareness system under test based on each determination result comprises:
recording a test result corresponding to each judgment result;
generating the test report based on each corresponding test result; the test report is stored in a readable document form;
receiving feedback information corresponding to the information collecting event in the corresponding overtime waiting time according to the judgment result, wherein the test result is that the feedback information passes; and if the judgment result is that the feedback information corresponding to the information collecting event is not received in the corresponding overtime waiting time, the test result is failed.
6. The method of claim 4, further comprising:
loading an acquisition information list corresponding to the network safety monitoring equipment for each network safety monitoring equipment; the acquisition information list is formed by acquiring each data of the network safety monitoring equipment according to the set situation awareness technical specification.
7. The method of claim 5, further comprising:
and displaying the same test result in the test report by adopting the same identifier, and displaying different test results in the test report by adopting different identifiers.
8. The method of claim 4, further comprising:
recording each acquisition information instruction generated based on the acquisition information item list, each acquisition information event generated by each network security monitoring device based on each acquisition information instruction, and each network security event generated by the situation awareness system to be tested based on each acquisition information event;
adding each record to a respective location in the test report; the corresponding position is a recording position which can enable the information acquisition instruction, the network security monitoring equipment, the information acquisition event and the network security event to form a one-to-one mapping relation.
9. A test device is characterized by comprising a configuration unit, a control unit and a judgment unit, wherein,
the configuration unit is configured to configure a test environment, where the configuring the test environment includes: simulating at least one network safety monitoring device and a master station server; establishing a first communication link between each network security monitoring device of the at least one network security monitoring device and a situation awareness system to be tested and a second communication link between the master station server and the situation awareness system to be tested;
the control unit is configured to control each network security monitoring device of the at least one network security monitoring device to send an information acquisition event corresponding to the network security monitoring device to the situation awareness system to be tested through the first communication link, and control the situation awareness system to be tested to send a network security event to the master station server through the second communication link; the network security event is obtained by the situation awareness system to be tested based on the received information acquisition event corresponding to the network security monitoring equipment;
the judging unit is used for judging whether feedback information corresponding to the information collecting event is received within the corresponding overtime waiting time; generating a test report of the situation awareness system to be tested based on each judgment result; the test report is used for indicating the perception capability of the situation perception system to be tested.
10. A computer-readable storage medium, characterized in that the readable storage medium has stored thereon a computer program; the computer program when executed by a processor implements the steps of the method of any one of claims 1 to 8.
11. A test apparatus, characterized in that the test apparatus comprises: a processor and a memory for storing a computer program operable on the processor, wherein the processor is operable to perform the steps of the method of any of claims 1 to 8 when the computer program is executed.
12. The utility model provides a test system, its characterized in that, the system includes test control module group, monitoring object simulation module and main website simulation module, wherein, test control module group for dispose test environment, wherein, it includes to dispose test environment: simulating at least one network safety monitoring device through the monitoring object simulation module and simulating a master station server through the master station simulation module;
establishing a first communication link between each network security monitoring device of the at least one network security monitoring device and a situation awareness system to be tested and a second communication link between the master station server and the situation awareness system to be tested; controlling each network security monitoring device in the at least one network security monitoring device to send an information acquisition event corresponding to the network security monitoring device to the situation awareness system to be tested through the first communication link, and controlling the situation awareness system to be tested to send a network security event to the master station server through the second communication link; the network security event is obtained by the situation awareness system to be tested based on the received information acquisition event corresponding to the network security monitoring equipment; judging whether feedback information corresponding to the information collecting event is received within corresponding overtime waiting time or not, wherein the feedback information is an analysis result fed back by the master station server after analyzing each network security event sent by the situation awareness system to be detected according to a set specification; generating a test report of the situation awareness system to be tested based on each judgment result; the test report is used for indicating the perception capability of the situation perception system to be tested.
13. The system of claim 12, wherein the test control module, the monitored object simulation module, and the master station simulation module are provided on a same computer.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010763289.8A CN111970166B (en) | 2020-07-31 | 2020-07-31 | Test method, device, equipment, system and computer readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010763289.8A CN111970166B (en) | 2020-07-31 | 2020-07-31 | Test method, device, equipment, system and computer readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111970166A CN111970166A (en) | 2020-11-20 |
| CN111970166B true CN111970166B (en) | 2021-11-12 |
Family
ID=73363315
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010763289.8A Active CN111970166B (en) | 2020-07-31 | 2020-07-31 | Test method, device, equipment, system and computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111970166B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113411199A (en) * | 2021-05-07 | 2021-09-17 | 上海纽盾科技股份有限公司 | Safety test method and system for intelligent equal-protection evaluation |
| CN113609024B (en) * | 2021-08-17 | 2023-07-14 | 北京计算机技术及应用研究所 | Embedded software closed-loop test method based on reflection technology |
| WO2023130383A1 (en) * | 2022-01-07 | 2023-07-13 | Oppo广东移动通信有限公司 | Sensing methods and devices |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2009128905A1 (en) * | 2008-04-17 | 2009-10-22 | Siemens Energy, Inc. | Method and system for cyber security management of industrial control systems |
| CN102361346A (en) * | 2011-06-23 | 2012-02-22 | 陕西电力科学研究院 | Master station full-digital scene testing method of power distribution automation system |
| CN102916859A (en) * | 2012-09-28 | 2013-02-06 | 航天科工深圳(集团)有限公司 | Setting-up method and setting-up device for performance test platform of main station |
| CN103152341A (en) * | 2013-03-04 | 2013-06-12 | 中国电子科技集团公司第三十研究所 | Virtuality and reality combined network security situation awareness simulation method and system |
| CN107679768A (en) * | 2017-10-25 | 2018-02-09 | 中国南方电网有限责任公司 | A kind of Situation Awareness System and its construction method based on real-time data of power grid |
| CN109886475A (en) * | 2019-01-24 | 2019-06-14 | 广西电网有限责任公司电力科学研究院 | The information security Situation Awareness System of metering automation system based on AI |
| CN109922073A (en) * | 2019-03-19 | 2019-06-21 | 中国南方电网有限责任公司 | Network security monitoring device, method and system |
| CN111092786A (en) * | 2019-12-12 | 2020-05-01 | 中盈优创资讯科技有限公司 | Network equipment safety authentication service reliability enhancing system |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106789275B (en) * | 2016-12-27 | 2020-06-16 | 上海科梁信息工程股份有限公司 | Power transmission network security test system and method for electric power system |
-
2020
- 2020-07-31 CN CN202010763289.8A patent/CN111970166B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2009128905A1 (en) * | 2008-04-17 | 2009-10-22 | Siemens Energy, Inc. | Method and system for cyber security management of industrial control systems |
| CN102361346A (en) * | 2011-06-23 | 2012-02-22 | 陕西电力科学研究院 | Master station full-digital scene testing method of power distribution automation system |
| CN102916859A (en) * | 2012-09-28 | 2013-02-06 | 航天科工深圳(集团)有限公司 | Setting-up method and setting-up device for performance test platform of main station |
| CN103152341A (en) * | 2013-03-04 | 2013-06-12 | 中国电子科技集团公司第三十研究所 | Virtuality and reality combined network security situation awareness simulation method and system |
| CN107679768A (en) * | 2017-10-25 | 2018-02-09 | 中国南方电网有限责任公司 | A kind of Situation Awareness System and its construction method based on real-time data of power grid |
| CN109886475A (en) * | 2019-01-24 | 2019-06-14 | 广西电网有限责任公司电力科学研究院 | The information security Situation Awareness System of metering automation system based on AI |
| CN109922073A (en) * | 2019-03-19 | 2019-06-21 | 中国南方电网有限责任公司 | Network security monitoring device, method and system |
| CN111092786A (en) * | 2019-12-12 | 2020-05-01 | 中盈优创资讯科技有限公司 | Network equipment safety authentication service reliability enhancing system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111970166A (en) | 2020-11-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111970166B (en) | Test method, device, equipment, system and computer readable storage medium | |
| US9569325B2 (en) | Method and system for automated test and result comparison | |
| US11789760B2 (en) | Alerting, diagnosing, and transmitting computer issues to a technical resource in response to an indication of occurrence by an end user | |
| WO2018120721A1 (en) | Method and system for testing user interface, electronic device, and computer readable storage medium | |
| CN107241229B (en) | Service monitoring method and device based on interface testing tool | |
| JP6171386B2 (en) | Controller, information processing apparatus and program | |
| US7617086B2 (en) | Monitoring simulating device, method, and program | |
| CN105205003A (en) | Automated testing method and device based on clustering system | |
| WO2017161964A1 (en) | Communication network inspection method and device, and inspection client terminal | |
| CN110784374A (en) | Method, device, equipment and system for monitoring operation state of service system | |
| CN105183575A (en) | Processor fault diagnosis method, device and system | |
| CN111367812A (en) | Test method, electronic device and readable storage medium | |
| CN116303034A (en) | Automatic test system, method, equipment and medium for network on chip | |
| JP7146824B2 (en) | A graphical user interface tool for configuring a system to detect vehicle intrusions | |
| CN113094236A (en) | System data acquisition method and device, computer equipment and storage medium | |
| CN116647490A (en) | Aviation AFDX network data detection system | |
| WO2016127483A1 (en) | Processing method and device for collection agent management subsystem | |
| CN113722211B (en) | BMC debugging method, device, system and embedded equipment | |
| CN112788640B (en) | Communication equipment testing method and device, storage medium and terminal | |
| CN111008113B (en) | SAS-Expander test method and tool | |
| CN114706371A (en) | Complete vehicle network non-dormancy diagnosis method and device, electronic equipment and storage medium | |
| CN114372003A (en) | Test environment monitoring method and device and electronic equipment | |
| CN114595848A (en) | Equipment supervision method and device | |
| CN110978051B (en) | Robot simulation device, system, method, readable medium, and electronic apparatus | |
| CN117012337A (en) | Menu testing method, system, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |