CN112015373A - Formal modeling method based on formalization method endogenous security application software - Google Patents

Formal modeling method based on formalization method endogenous security application software Download PDF

Info

Publication number
CN112015373A
CN112015373A CN202010735834.2A CN202010735834A CN112015373A CN 112015373 A CN112015373 A CN 112015373A CN 202010735834 A CN202010735834 A CN 202010735834A CN 112015373 A CN112015373 A CN 112015373A
Authority
CN
China
Prior art keywords
modeling
application software
determining
diagram
model
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010735834.2A
Other languages
Chinese (zh)
Other versions
CN112015373B (en
Inventor
赵涌鑫
刘知昊
蒲戈光
刘虹
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Industrial Control Safety Innovation Technology Co ltd
East China Normal University
Original Assignee
Shanghai Industrial Control Safety Innovation Technology Co ltd
East China Normal University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Industrial Control Safety Innovation Technology Co ltd, East China Normal University filed Critical Shanghai Industrial Control Safety Innovation Technology Co ltd
Priority to CN202010735834.2A priority Critical patent/CN112015373B/en
Publication of CN112015373A publication Critical patent/CN112015373A/en
Application granted granted Critical
Publication of CN112015373B publication Critical patent/CN112015373B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/20Software design
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/30Creation or generation of source code
    • G06F8/35Creation or generation of source code model driven
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)

Abstract

The invention discloses a formal modeling method of endogenous safety application software based on a formal method, wherein the modeling part comprises the following parts: and (3) applying software functional modeling to support the description of system functions, wherein the system functional modeling comprises a system structure modeling part and a system behavior modeling part. The system structure modeling is to model a system architecture, and uses a class diagram to describe attributes and methods related in a system, the system behavior modeling adopts a state diagram and a sequence diagram to model the behavior of the whole system, wherein the state diagram describes control logic of processes, and the sequence diagram describes an interaction process between the processes; application software information security threat and policy modeling to support the description of system security threats and security policies. The information security threat modeling uses an attack tree to deeply analyze vulnerability correlation of each module of the system in all aspects, finds an attack path threatening network security and presents the attack path in a tree mode.

Description

Formal modeling method based on formalization method endogenous security application software
Technical Field
The invention belongs to the technical field of software, and relates to an endogenous safety application software form modeling method based on a formalization method, which is used for forming an endogenous safety application software integrated development system.
Background
Endogenous safety is the direction and the evolution target of future development of network safety, and the dispersed and independent safety capacity needs to depend on cooperation, aggregation and integration into an information system and business application, so that the safety capacity continuously growing from the information system is constructed, the characteristics of self-adaption, autonomy and self-growth are achieved, the protection capacity can be improved along with the increase of the system, and the system safety is ensured all the time. The current application software has the characteristics of distributivity, heterogeneity, concurrency, instantaneity and the like, and simultaneously has the problems of more safety defects, high error correction difficulty and the like. This approach requires modeling of software architecture, software behavior, security threats and policies. And the capability of fusion modeling and analysis of the behavior of the concurrent/distributed system for relieving the security attack threat from different angles is realized by combining the application software formalized modeling technology of the fusion of the state machine and the sequence diagram and the application software security threat and security policy modeling technology in the open network environment.
Disclosure of Invention
The invention mainly aims to provide a formal modeling method of endogenous safety application software based on a formal method, and provides a modeling cross-platform desktop application tool (sbid-ava, hereinafter referred to as a tool) for endogenous safety application software.
In order to achieve the above object, the present invention provides a formal modeling method for endogenous security application software based on a formalization method, wherein the formal modeling method for endogenous security application software based on a formalization method comprises the following steps:
a) modeling the architecture of the application software by using a class diagram and a topological diagram;
b) according to the determined application software architecture model, modeling the concurrent distributed behaviors by fusing a state machine and a sequence diagram;
c) and modeling the information security threat of the software by utilizing the attack tree according to the software architecture model and the behavior model, and recommending a security relief strategy on the security threat model to support strategy modeling.
According to the formalized method for modeling the internal safety application software based on the formalized method, the class diagram and the topological graph are utilized to model the architecture of the application software, the global attribute and the participating entity of the application software can be found out firstly, the global attribute is abstracted into the class diagram data type, and the participating entity is abstracted into the model process, so that the basic elements of the model are clear; secondly, the topological graph of the model is modeled to enable the role of the abstract process to be instantiated, and the specific attribute on the role can ensure the abstraction of the communication process of the application software by the tool, so that the communication cost estimation can be carried out on the basis, and the great accuracy can be provided.
In addition, the formal modeling method based on the endogenous safety application software of the formal method provided by the invention can also have the following additional technical characteristics:
preferably, the modeling the architecture of the application software by using the class diagram and the topological graph includes:
a1) modeling the attribute and method of the process/computing node by using the class diagram;
a2) and modeling the network topology by using the topological graph.
Preferably, the a1) utilizes the class diagram to model the attribute and method of the process/computing node, including:
a11) determining the data type according to the data class diagram;
a12) determining process content according to the process class diagram;
a13) determining a channel relation according to the channel class diagram;
a14) determining an axiom function according to the axiom class diagram;
a15) knowledge visibility is determined based on the initial knowledge class diagram.
Preferably, the a2) utilizes a topological graph to model the network topology, including:
and determining the link of the topological graph according to the relation between the topological node of the instantiated class graph and the network.
Preferably, the modeling the concurrent distributed behaviors by fusing the state machine and the sequence diagram according to the determined application software architecture model includes:
b1) describing the internal control logic of the process/computation node by using a state machine;
b2) sequence diagrams are used to describe the interaction process between processes/compute nodes.
Preferably, said b1) describes the internal control logic of the process/computation node by using a state machine, including:
b11) determining a corresponding state machine according to the process content;
b12) determining the content of the state node (initial state, intermediate state, transition state and acceptable state) according to the determined state machine;
b13) and determining the refinement state according to the state node.
Preferably, said b2) uses sequence diagram to describe the interaction process between the process/computation nodes, including:
b21) determining an object-life line according to the process class diagram;
b22) according to the communication method, a communication message is determined.
Preferably, the modeling the information security threat of the software by using the attack tree according to the software architecture model and the behavior model, and recommending a security mitigation strategy to support strategy modeling on the security threat model, includes:
c1) determining the vulnerability of the software system according to the attack tree;
c2) and determining a software safety relieving strategy according to the vulnerability of the system.
Additional aspects and advantages of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.
The invention discloses an endogenous safety application software formal modeling method based on a formal method, wherein a modeling part comprises the following parts: and (3) applying software functional modeling to support the description of system functions, wherein the system functional modeling comprises a system structure modeling part and a system behavior modeling part. The system structure modeling is to model a system architecture, and uses a class diagram to describe attributes and methods related in a system, the system behavior modeling adopts a state diagram and a sequence diagram to model the behavior of the whole system, wherein the state diagram describes control logic of processes, and the sequence diagram describes an interaction process between the processes; application software information security threat and policy modeling to support the description of system security threats and security policies. The information security threat modeling uses an attack tree to deeply analyze vulnerability correlation of each module of the system in all aspects, finds an attack path threatening network security and presents the attack path in a tree mode. In the technology of modeling information security threats by using an attack tree, suggestion and recommendation are made on possible information security mitigation strategies or measures. The attacker behavior modeling analyzes and summarizes the possible behaviors of the attacker on the basis of the security threat modeling, and uses a state diagram to specifically describe the behaviors of the attacker. In the invention, the application software is formally modeled by using the tool, so that the functionality of a protocol can be ensured by graphic modeling, a system model and a threat model are provided for model verification and code generation in an integrated back-end tool, and the unification of modeling of an application software architecture, control logic and a safety strategy can be ensured.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
fig. 1 is a schematic flowchart of a formal modeling method for an endogenous security application software based on a formalization method according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of a formal modeling tool window for an endogenous security application based on a formalization method according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of attributes of a modeling class diagram of an application software architecture according to an embodiment of the present invention;
FIG. 4 is a diagram illustrating a process of modeling class diagrams of an application software architecture according to an embodiment of the present invention;
FIG. 5 is a schematic diagram of an application software architecture modeling class diagram channel according to an embodiment of the present invention;
FIG. 6 is a schematic diagram illustrating axiom of modeling class diagrams of an application software architecture according to an embodiment of the present invention;
FIG. 7 is a diagram illustrating initial knowledge of a modeling class diagram of an application software architecture according to an embodiment of the present invention;
FIG. 8 is a schematic view of a topology diagram of a modeling class diagram of an application software architecture according to an embodiment of the present invention;
FIG. 9 is a diagram of a state machine for behavior modeling of application software according to an embodiment of the present invention;
FIG. 10 is a schematic diagram of a sequence diagram for behavior modeling of application software according to an embodiment of the present invention;
fig. 11 is a schematic diagram of an application software security threat and policy modeling attack tree according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
Fig. 1 is a schematic flowchart of a formal modeling method for an endogenous security application software based on a formalization method according to an embodiment of the present invention; as shown in fig. 1, the method comprises the steps of:
the method comprises the following steps: modeling the architecture of the application software using class diagrams:
specifically, a formal modeling method of the endogenous security application software according to a formal method, a global data type of the abstract application software, a process of an application software model, an inter-process channel, an axiom and initial knowledge of the model.
FIG. 3 is a data class diagram depicting application model attributes and customization methods. The types of data built in include: int (shaping), boolean, number (natural number), byte (byte), composite data type including ByteVec, Timer (clock).
Attributes are represented as data types and identifiers:
attr≡Type Identifier|Type[]Identifier
the method is expressed as data type, identifier and parameter:
method≡Type Identifier(parameters)
FIG. 4 is a process class diagram depicting the contents of an application software model abstraction process, including properties, methods, and communication methods. The process attribute and method are consistent with the definition of the data class diagram, and the built-in method comprises four encryption and decryption methods including specific algorithms, namely symmetric encryption, symmetric decryption, signature and verification. The symmetric encryption and decryption provides AES and DES algorithms, and the signature verification method provides RSA, ECC, MD5, SHA1 and SHA256 algorithms.
Figure BDA0002605005270000051
|ByteVec SymDec(ByteVec msg,int key)
|ByteVec Sign(ByteVec msg,int skey)
|bool Verify(ByteVec msg,int pkey)
The process class diagram also provides a communication method for describing a means for the process abstracted by the process template to communicate with other processes. The communication method is defined as follows:
methodcommunication≡Identifier(parameters)[IN/OUT][CommType]
wherein IN and OUT indicate whether the communication method is for acceptance or transmission; the communication mode CommType includes native ethernet frame and UDP, which are respectively expressed as native ethernet frame and UDP communication.
Fig. 5 is a channel class diagram for describing a transmitting and receiving relationship of a communication method of the process class diagram. Generally involving two processes and a method of transmit-receive communication over the processes, while indicating whether the channel is public or private, is defined as follows:
channel≡Process1.methodcommunication-(public/private)-Process2.methodcommunication
wherein, the processes 1 and 2 are two processes, public and private representing public and private channels.
FIG. 6 is a diagram of axioms for describing axioms in the application software model, and two axioms are built in the tool, namely
SymDec(SymEnc(m,k),k)=m
Verify(Sign(m,sk),pk)=True
The encryption and decryption pairing, represented as a built-in function, is verified with a private key signature and a public key.
FIG. 7 is an initial knowledge class diagram for describing initial knowledge of an application software model, and a single knowledge definition process class diagram attribute visibility can be used for explicitly defining the scope of information known to each process. And the public and private key pair defines a public-private key pairing relationship.
Single knowledge representation the initial knowledge contains this attribute:
Knowledgementsingle≡Process.Processattr
the public-private key pair is defined as:
Process.Processattr|Process.Processattr
where asymmetric encryption is represented as being paired with asymmetric decryption or signature verification.
Step two: modeling the architecture of the application software by using a topological graph:
specifically, according to a formal modeling method of endogenous security application software in a formal method, each node in a topological graph represents a specific role of a certain process class graph applied in a network environment, and all attributes of the process class graph are instantiated. In the example, all complex types (the properties of the ancestor type inherited by the complex types are real) are expanded, and when an array is encountered, variable-length array processing is carried out. Each element expands individually and will be treated as a leaf node direct set value until the base type is encountered. Directed edges can be connected among nodes of the topological graph to represent simplex communication from one party to another party, and communication method sequence pairs and communication cost can be set on the edges. The optional communication method sequence is defined in the channel class diagram as the item conforming to the sending and receiving process class diagram.
The topological graph edge of FIG. 8 is defined as:
Figure BDA0002605005270000061
where it is represented as two processes and a communication method on the processes, a public channel or a private channel.
Step three: and modeling the concurrent distributed behaviors by fusing the state machine and the sequence diagram according to the determined application software architecture model.
Specifically, the system behavior modeling adopts a state diagram and a sequence diagram to model the behavior of the whole system. The state machine describes the control logic of each process, and the sequence diagram describes the interaction process between the processes.
FIG. 9 is a state machine diagram depicting the internal control logic of a process/compute node. When a process class diagram is created in the class diagram, a corresponding state machine panel is automatically created under the state machine tab. When the state machine panel is created, a unique and unalterable initial state (black filled circles in the figure) is provided, linking an initial normal state. The user can create several normal or terminated states (double circles in the figure) on the panel through a right-click menu transfer. And providing a plurality of anchor points on each state node, and clicking the anchor points to carry out state connection to represent state transition. A guard condition and a plurality of transition actions can be set on the transition edge of the state so as to complete the behavior modeling of the state machine.
The guard condition is a logic expression of a class C language, and the expression of true or false can be judged through evaluation (the default is true). The logical expressions may be connected by the binary operators & & and | |, to support more complex guard conditions.
A branch action is an assignment declaration statement or method call in a class C language.
StateMachineaction≡Type Identifier|Type Identifier:=Expression|
Identifier:=Expression|Identifier(parameters)
The first two are declaration statements, the third is assignment statements, and finally the method is called.
Fig. 10 is a sequence diagram illustrating the interaction process between process/compute nodes. In the sequence diagram panel, several object-lifelines can be added, wherein a process template can be organized and then various types of messages, including synchronous messages, asynchronous messages, return messages, can be concatenated between them. An outgoing communication method from the process template can be selected on the message connection.
Step four: and modeling the information security threat of the software by utilizing the attack tree according to the software architecture model and the behavior model, and recommending a security relief strategy on the security threat model to support strategy modeling.
FIG. 11 uses an attack tree to model information security threat modeling of application software, and uses the attack tree to deeply analyze vulnerability associations of various modules of the system in various aspects, and finds and presents attack paths threatening network security in a tree manner. Moreover, on the technology of modeling the information security threat by using the attack tree, a possible information security mitigation strategy library is collected and sorted, and a corresponding security mitigation strategy is recommended according to an attack method in the attack tree.
On the basis of modeling the security threat by using the attack tree, the behavior of the attacker is analyzed and summarized, and a state machine is used for specifically describing the behavior of the attacker. After the attacker takes into account, the behavior of each process in the distributed system will correspond to the new state machine obtained after the process function state machine and the attacker state machine are synchronized.
Therefore, by formally modeling the application software, the application software is modeled by using a formalized method endogenous safety application software formal modeling method. In the process, on one hand, the application software is modeled based on the formalization method endogenous safety application software form, and the model architecture of the application software, the details of the internal state change process and the communication process are favorably described. On the other hand, the architecture, design and deployment of the software system are systematically analyzed to find out potential threats possibly faced by the software system, and the safety of the software system is improved on the whole. And guiding research and development personnel to write safe codes, assisting penetration testing personnel to carry out safety testing, identifying threats, and reducing threats and avoiding risks.
Through the above description of the embodiments, it is clear to those skilled in the art that the above embodiment methods can be implemented by software. The present invention uses a Net Core 3.0 based Avalonia cross-platform desktop application tool, based on the understanding that the solution of the present invention, or the parts contributing to the prior art, can be embodied in the form of a software product.
The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention are included in the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (8)

1. A formal modeling method based on a formalization method endogenous security application software is characterized by comprising the following steps:
a) modeling the architecture of the application software by using a class diagram and a topological diagram;
b) according to the determined application software architecture model, modeling the concurrent distributed behaviors by fusing a state machine and a sequence diagram;
c) and modeling the information security threat of the software by utilizing the attack tree according to the software architecture model and the behavior model, and adopting a security relief strategy to support strategy modeling on the security threat model.
2. The method according to claim 1, wherein the modeling the architecture of the application software by using the class diagram and the topological graph comprises:
a1) modeling the attribute and method of the process/computing node by using the class diagram;
a2) and modeling the network topology by using the topological graph.
3. The method of claim 2, wherein modeling attributes, methods of a process/compute node using a class graph comprises:
a11) determining the data type according to the data class diagram;
a12) determining process content according to the process class diagram;
a13) determining a channel relation according to the channel class diagram;
a14) determining an axiom function according to the axiom class diagram;
a15) knowledge visibility is determined based on the initial knowledge class diagram.
4. The method of claim 2, wherein modeling the network topology using the topology map comprises: and determining the link of the topological graph according to the relation between the topological node of the instantiated class graph and the network.
5. The method of claim 1, wherein modeling the concurrent distributed behavior by fusing a state machine and a sequence diagram according to the determined application software architecture model comprises:
b1) describing the internal control logic of the process/computation node by using a state machine;
b2) sequence diagrams are used to describe the interaction process between processes/compute nodes.
6. The method of claim 5, wherein said using a state machine to describe internal control logic of a process/compute node comprises:
b11) determining a corresponding state machine according to the process class diagram;
b12) determining the content of the state node according to the determined state machine, comprising: initial state, intermediate state, transition state, acceptable state;
b13) and determining the refinement state according to the state node.
7. The method according to claim 5, wherein the describing the interaction process between the processes/computation nodes by using the sequence diagram comprises:
b21) determining an object-life line according to the process template;
b22) according to the communication method, a communication message is determined.
8. The method of claim 1, wherein the modeling of the information security threat of the software using the attack tree according to the software architecture model and the behavior model, and wherein the recommending of the security mitigation policy to support policy modeling on the security threat model comprises:
c1) determining the vulnerability of the software system according to the attack tree;
c2) and determining a software safety relieving strategy according to the vulnerability of the system.
CN202010735834.2A 2020-07-28 2020-07-28 Endogenous safety application software formal modeling method based on formalization method Active CN112015373B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010735834.2A CN112015373B (en) 2020-07-28 2020-07-28 Endogenous safety application software formal modeling method based on formalization method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010735834.2A CN112015373B (en) 2020-07-28 2020-07-28 Endogenous safety application software formal modeling method based on formalization method

Publications (2)

Publication Number Publication Date
CN112015373A true CN112015373A (en) 2020-12-01
CN112015373B CN112015373B (en) 2022-02-11

Family

ID=73500230

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010735834.2A Active CN112015373B (en) 2020-07-28 2020-07-28 Endogenous safety application software formal modeling method based on formalization method

Country Status (1)

Country Link
CN (1) CN112015373B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115357911A (en) * 2022-10-24 2022-11-18 中国人民解放军国防科技大学 Method for establishing security threat model of satellite navigation system

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102447695A (en) * 2011-11-14 2012-05-09 中国科学院软件研究所 Method for identifying key attack path in service system
CN106802863A (en) * 2016-12-16 2017-06-06 华东师范大学 Interprocess communication security formalization analysis checking system based on micro-kernel prototype
CN107103244A (en) * 2017-05-12 2017-08-29 天津大学 The appraisal procedure of Web application architecture securities based on AADL
CN109150831A (en) * 2018-07-16 2019-01-04 中国人民解放军战略支援部队信息工程大学 A kind of the cloud task execution device and method of interior raw safety
CN109191326A (en) * 2018-08-23 2019-01-11 东北大学 The interdependent deposit system network attack methods of risk assessment of power distribution network CPS based on attacker visual angle
DE102017212581A1 (en) * 2017-07-21 2019-01-24 Siemens Aktiengesellschaft A method for dynamically expanding a domain-specific language of a graphical modeling tool

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102447695A (en) * 2011-11-14 2012-05-09 中国科学院软件研究所 Method for identifying key attack path in service system
CN106802863A (en) * 2016-12-16 2017-06-06 华东师范大学 Interprocess communication security formalization analysis checking system based on micro-kernel prototype
CN107103244A (en) * 2017-05-12 2017-08-29 天津大学 The appraisal procedure of Web application architecture securities based on AADL
DE102017212581A1 (en) * 2017-07-21 2019-01-24 Siemens Aktiengesellschaft A method for dynamically expanding a domain-specific language of a graphical modeling tool
CN109150831A (en) * 2018-07-16 2019-01-04 中国人民解放军战略支援部队信息工程大学 A kind of the cloud task execution device and method of interior raw safety
CN109191326A (en) * 2018-08-23 2019-01-11 东北大学 The interdependent deposit system network attack methods of risk assessment of power distribution network CPS based on attacker visual angle

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
张琛等: "分布式软件系统交互行为建模、验证与测试", 《计算机研究与发展》 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115357911A (en) * 2022-10-24 2022-11-18 中国人民解放军国防科技大学 Method for establishing security threat model of satellite navigation system

Also Published As

Publication number Publication date
CN112015373B (en) 2022-02-11

Similar Documents

Publication Publication Date Title
EP3564884A1 (en) Method and system for verifying policy compliance of transactions in a blockchain executing smart contracts
AU2015201161B2 (en) Event correlation
CN110442652A (en) A kind of across chain data processing method and device based on block chain
CN112153030B (en) Internet of things protocol security automatic analysis method and system based on formal verification
KR20180105688A (en) Computer security based on artificial intelligence
EP4216077A1 (en) Blockchain network-based method and apparatus for data processing, and computer device
US20190250941A1 (en) Fpga platform as a service (paas)
US20240314168A1 (en) Systems and Methods for Detecting man-in-the-middle cybersecurity threats
US11533336B2 (en) Security verification method and apparatus for attacked smart home Internet of Things system
CN109088741A (en) A kind of block catenary system Formal Modeling and verification method
Levshun et al. A technique for design of secure data transfer environment: Application for I2C protocol
CN112015373B (en) Endogenous safety application software formal modeling method based on formalization method
Rouland et al. A formal methods approach to security requirements specification and verification
Apvrille et al. Model-driven engineering for designing safe and secure embedded systems
CN110533268A (en) A kind of risk control method, air control system and terminal device
CN115733659A (en) Intelligent encryption contract detection system based on block chain
Berger et al. Does my bft protocol implementation scale?
Al Ghamdi An optimized and secure energy-efficient blockchain-based framework in IoT
Phillips et al. Automated knowledge-based cybersecurity risk assessment of cyber-physical systems
Hossan et al. A Comprehensive Analysis of Blockchain Technology and Consensus Protocols Across Multilayered Framework
La Salle et al. Joint modeling of hyperledger fabric and sybil attack: petri net approach
Yu et al. Attack graph auto-generation for blockchains based on bigraphical reaction systems
CN111245800A (en) Network security testing method and device of industrial control network based on application scene
Seifi et al. Analysis of two authorization protocols using Colored Petri Nets
Kumar et al. Formal model-driven analysis of resilience of gossipsub to attacks from misbehaving peers

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant