Detailed Description
In order to make those skilled in the art better understand the technical solutions of the present disclosure, the technical solutions in the embodiments of the present disclosure will be clearly and completely described below with reference to the drawings in the embodiments of the present disclosure. It is to be understood that the described embodiments are merely exemplary of some, and not all, of the present disclosure. All other embodiments, which can be derived by a person skilled in the art from the embodiments disclosed herein without making any creative effort, shall fall within the protection scope of the present disclosure.
It should be noted that the terms "first," "second," and the like in the description and claims of the present disclosure and in the foregoing drawings are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the disclosure described herein are capable of operation in other sequences than those illustrated or described herein. Moreover, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Example 1
According to the present embodiment, there is also provided an embodiment of a method for securely managing communications of a smart meter, where it is noted that the steps illustrated in the flowchart of the drawings may be performed in a computer system, such as a set of computer-executable instructions, and that although a logical order is illustrated in the flowchart, in some cases, the steps illustrated or described may be performed in an order different than here.
The method embodiments provided by the present embodiment may be executed in a server or similar computing device. Fig. 1 shows a hardware block diagram of a computing device for implementing a method for securely managing communications of a smart meter. As shown in fig. 1, the computing device may include one or more processors (which may include, but are not limited to, a processing device such as a microprocessor MCU or a programmable logic device FPGA), a memory for storing data, and a transmission device for communication functions. Besides, the method can also comprise the following steps: a display, an input/output interface (I/O interface), a Universal Serial Bus (USB) port (which may be included as one of the ports of the I/O interface), a network interface, a power source, and/or a camera. It will be understood by those skilled in the art that the structure shown in fig. 1 is only an illustration and is not intended to limit the structure of the electronic device. For example, the computing device may also include more or fewer components than shown in FIG. 1, or have a different configuration than shown in FIG. 1.
It should be noted that the one or more processors and/or other data processing circuitry described above may be referred to generally herein as "data processing circuitry". The data processing circuitry may be embodied in whole or in part in software, hardware, firmware, or any combination thereof. Further, the data processing circuitry may be a single, stand-alone processing module, or incorporated in whole or in part into any of the other elements in the computing device. As referred to in the disclosed embodiments, the data processing circuit acts as a processor control (e.g., selection of a variable resistance termination path connected to the interface).
The memory can be used for storing software programs and modules of application software, such as a program instruction/data storage device corresponding to the method for safely managing communication of the smart meter in the embodiment of the disclosure, and the processor executes various functional applications and data processing by running the software programs and modules stored in the memory, namely, the method for safely managing communication of the smart meter of the application programs is realized. The memory may include high speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some instances, the memory may further include memory located remotely from the processor, which may be connected to the computing device over a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The transmission device is used for receiving or transmitting data via a network. Specific examples of such networks may include wireless networks provided by communication providers of the computing devices. In one example, the transmission device includes a Network adapter (NIC) that can be connected to other Network devices through a base station to communicate with the internet. In one example, the transmission device may be a Radio Frequency (RF) module, which is used for communicating with the internet in a wireless manner.
The display may be, for example, a touch screen type Liquid Crystal Display (LCD) that may enable a user to interact with a user interface of the computing device.
It should be noted here that in some alternative embodiments, the computing device shown in fig. 1 described above may include hardware elements (including circuitry), software elements (including computer code stored on a computer-readable medium), or a combination of both hardware and software elements. It should be noted that FIG. 1 is only one example of a particular specific example and is intended to illustrate the types of components that may be present in a computing device as described above.
According to a first aspect of the embodiment, a method for carrying out safety management on communication of a smart meter is provided. Fig. 2 shows a flow diagram of the method, which, with reference to fig. 2, comprises:
s202: receive the message that sends from other modules and external equipment, wherein other modules are measurement module and extension module among the smart electric meter, and smart electric meter includes measurement module, management module and extension module
S204: checking the link layer format of the message to determine a qualified message with a qualified format, verifying the legality of the qualified message, and determining the qualified message passing the legality verification as a legal message;
s206: and realizing communication data interaction of legal messages by using a software security management application program in a mode of calling the embedded security control module.
Specifically, the method in this embodiment is operated on the management module of the smart meter, the smart meter includes a metering module, a management module and an extension module, and a service application program (namely, a service APP) and a software security management program (namely, a software security management APP, referred to as a security management APP) are operated on the management module.
Specifically, referring to fig. 2, first, a message sent by another module of the smart meter and an external device is received, where the another module is a metering module and an expansion module in the smart meter, and the external device may be a terminal device or the like. For example, a 698 message is received from the master station that securely transmits "ciphertext + sid _ mac" to read the admin core data.
Further, the link layer format of the message is checked, so that a qualified message with a qualified format is determined, the legality of the qualified message is verified, and the qualified message passing the legality verification is determined to be a legal message. Thus determining the authenticity and integrity of the message.
And finally, realizing communication data interaction of a legal message by using a software security management application program in a mode of calling the embedded security control module, wherein the software security management application program runs on the management module, and the communication data interaction comprises communication data interaction among all service application programs in the management module, communication data interaction among all modules in the intelligent electric meter and communication data interaction between the intelligent electric meter and external equipment.
In this embodiment, messages sent by other modules of the smart meter and external devices are received, the link layer format of the received messages is checked, so that qualified messages with qualified formats are determined, the legality of the qualified messages is verified, legal messages are obtained, the integrity and correctness of the messages are determined, and message filtering is implemented on illegal messages and incomplete messages. And finally, realizing communication data interaction of the legal message by using a software security management application program in a mode of calling the embedded security control module.
Therefore, the integrity and the correctness of the message are determined by checking the link layer format and verifying the legality of the message received from other modules and external equipment, and the message filtering is realized on the illegal message and the incomplete message. The embedded security control module ESAM is called to encrypt the plaintext message and decrypt the ciphertext message, so that the security of the message in the transmission process is ensured, and the security management is realized. And unified scheduling is performed on the embedded security control module ESAM, so that system management is realized. Therefore, the technical problems that a new safety risk point is brought after an electric meter is introduced into an operating system, unauthorized access of multiple APPs, safety and credibility of APP services, communication between each APP and a hardware module, scheduling of ESAMs and the like are prevented in the prior art are solved.
Optionally, checking the link layer format of the packet to determine a qualified packet with a qualified format includes: checking whether the header byte, the trailer byte, the header check and the trailer check of the message are correct or not; under the condition that the frame header byte, the frame tail byte, the frame header check and the frame tail check of the message are incorrect, determining that the message is an unqualified message, and discarding the unqualified message; and determining the message as a qualified message under the condition that the header byte, the tail byte, the header check and the tail check of the message are correct.
Specifically, as shown in fig. 3, it is checked whether the header byte, the trailer byte, the header check, the trailer check, and the length of the packet are correct; checking whether the header byte, the trailer byte, the header check and the trailer check of the message are correct or not; under the condition that the frame header byte, the frame tail byte, the frame header check and the frame tail check of the message are incorrect, determining that the message is an unqualified message, and discarding the unqualified message; and determining the message as a qualified message under the condition that the header byte, the tail byte, the header check and the tail check of the message are correct. Therefore, the integrity and the correctness of the content of the received message are ensured, and the message filtering function is realized for the illegal message and the incomplete message.
Optionally, verifying the validity of the qualified packet, and determining the qualified packet that passes the validity verification as a valid packet includes: verifying the legality of the logical address, the beginning, the end, the CS check bit, the client address, the communication address and the length of the qualified message; determining the qualified message as an illegal message under the condition that the legality of the logic address, the beginning, the end, the CS check bit, the client address, the communication address and the length of the qualified message is not verified; and determining the qualified message as a legal message under the condition that the legality of the logical address, the beginning, the end, the CS check bit, the client address, the communication address and the length of the qualified message is verified.
Specifically, the validity of the logical address, the beginning, the end, the CS check bit, the client address, the communication address and the length of the qualified packet is verified; determining the qualified message as an illegal message under the condition that the legality of the logic address, the beginning, the end, the CS check bit, the client address, the communication address and the length of the qualified message is not verified; and determining the qualified message as a legal message under the condition that the legality of the logical address, the beginning, the end, the CS check bit, the client address, the communication address and the length of the qualified message is verified. Therefore, the integrity and the correctness of the content of the received message are ensured, and the message filtering function is realized for the illegal message and the incomplete message.
Optionally, the method of calling the embedded security control module and using the software security management application program to implement communication data interaction of the legitimate packet includes: the software safety management application program runs on the management module, and the communication data interaction comprises communication data interaction among all service application programs in the management module, communication data interaction among all modules in the intelligent electric meter and communication data interaction between the intelligent electric meter and external equipment.
Optionally, the method of calling the embedded security control module and using the software security management application program to implement communication data interaction of the valid message includes: after sending a ciphertext message to the software security management application program, the external device sends the ciphertext message to the metering module, wherein the ciphertext is a legal message; or after the external equipment sends the ciphertext message to the software security management application program, decrypting the ciphertext message to obtain a plaintext message, and sending the plaintext message to the service application program in the management module; or after the external equipment sends the ciphertext message to the software security management application program, decrypting the ciphertext message to obtain a plaintext message, encrypting the plaintext message in a manner that the expansion module can decrypt the plaintext message to obtain a first ciphertext, and sending the first ciphertext to the expansion module; or after the external device sends the ciphertext message to the software security management application program, decrypting the ciphertext message to obtain a plaintext message, judging whether the plaintext message is a message requested to respond by the master station system, encrypting the plaintext message in a manner that the master station system can decrypt the plaintext message under the condition that the plaintext message is the message requested to respond by the master station system to obtain a second ciphertext, sending the second ciphertext to the master station system, and discarding the plaintext message under the condition that the plaintext message is not the message requested to respond by the master station system.
Specifically, referring to fig. 4, after sending a ciphertext message to the software security management application, the external device sends the ciphertext message to the metering module, where the ciphertext is a valid message; or after the external equipment sends the ciphertext message to the software security management application program, decrypting the ciphertext message to obtain a plaintext message, and sending the plaintext message to the service application program in the management module; or after the external equipment sends the ciphertext message to the software security management application program, decrypting the ciphertext message to obtain a plaintext message, encrypting the plaintext message in a manner that the expansion module can decrypt the plaintext message to obtain a first ciphertext, and sending the first ciphertext to the expansion module; or after the external device sends the ciphertext message to the software security management application program, decrypting the ciphertext message to obtain a plaintext message, judging whether the plaintext message is a message requested to respond by the master station system, encrypting the plaintext message in a manner that the master station system can decrypt the plaintext message under the condition that the plaintext message is the message requested to respond by the master station system to obtain a second ciphertext, sending the second ciphertext to the master station system, and discarding the plaintext message under the condition that the plaintext message is not the message requested to respond by the master station system.
Therefore, corresponding operation is carried out according to the content of the ciphertext message sent to the software security management application program by the external equipment, so that communication data interaction of the legal message received from the external equipment is realized. Therefore, the message sending object is judged, and the routing forwarding function is realized.
Optionally, the method of calling the embedded security control module and using the software security management application program to implement communication data interaction of the legitimate packet includes: after the metering module sends a ciphertext message to the software security management application program, sending the ciphertext message to the master station, wherein the ciphertext is a legal message; or after the metering module sends the ciphertext message to the software security management application program, decrypting the ciphertext message to obtain a plaintext message, and sending the plaintext message to the service application program in the management module; or after the metering module sends the ciphertext message to the software security management application program, the ciphertext message is decrypted to obtain a plaintext message, the plaintext is encrypted in a manner that the expansion module can decrypt the plaintext message to obtain a third ciphertext, and the third ciphertext is sent to the expansion module.
Specifically, after the metering module sends a ciphertext message to the software security management application program, the ciphertext message is sent to the master station, wherein the ciphertext is a legal message; or after the metering module sends the ciphertext message to the software security management application program, decrypting the ciphertext message to obtain a plaintext message, and sending the plaintext message to the service application program in the management module; or after the metering module sends the ciphertext message to the software security management application program, the ciphertext message is decrypted to obtain a plaintext message, the plaintext is encrypted in a manner that the expansion module can decrypt the plaintext message to obtain a third ciphertext, and the third ciphertext is sent to the expansion module. Therefore, corresponding operation is carried out according to the content of the ciphertext message sent to the software security management application program by the metering module, so that communication data interaction of the legal message received from the metering module is realized. Therefore, the message sending object is judged, and the routing forwarding function is achieved.
Optionally, the method of calling the embedded security control module and using the software security management application program to implement communication data interaction of the legitimate packet includes: after a service application program in a management module sends a plaintext message to a software security management application program, verifying authority information of the service application program, wherein the plaintext is a legal message; and under the condition that the verification information passes, encrypting the plaintext message and then sending the encrypted plaintext message to the external equipment, the metering module and the expansion module.
Specifically, referring to fig. 5, after the service application in the management module sends a plaintext message to the software security management application, the authority information of the service application is verified, where the plaintext is a legal message; and under the condition that the verification information passes, encrypting the plaintext message and then sending the encrypted plaintext message to the external equipment, the metering module and the expansion module. Therefore, corresponding operation is carried out according to the content of the plaintext message sent to the software security management application program by the management module, so that communication data interaction of the legal message received from the management module is realized. Therefore, the message sending object is judged, and the routing forwarding function is achieved.
Optionally, the method of calling the embedded security control module and using the software security management application program to implement communication data interaction of the legitimate packet includes: after the extension module sends a ciphertext message to the software security management application program, verifying the authority information of the extension module, wherein the ciphertext message is a legal message; and sending the ciphertext message to the external equipment and the metering module under the condition that the verification information passes.
Specifically, after the extension module sends a ciphertext message to the software security management application program, the authority information of the extension module is verified, wherein the ciphertext message is a legal message; and sending the ciphertext message to the external equipment and the metering module under the condition that the verification information passes. Therefore, corresponding operation is carried out according to the content of the plaintext message sent to the software security management application program by the expansion module, so that communication data interaction of the legal message received from the expansion module is realized. Therefore, the message sending object is judged, and the routing forwarding function is achieved.
Optionally, verifying the authority information of the service application includes: calculating the service application program by using a state cryptographic algorithm to obtain a calculation result; and signing the calculation result by using the software security management application program through the encryption machine, and adding the authority information of the service application program and the signature result at the tail of the service application program.
Specifically, a national cryptographic algorithm is used for calculating a service application program to obtain a calculation result; and signing the calculation result by using the software security management application program through the encryption machine, and adding the authority information of the service application program and the signature result at the tail of the service application program. Therefore, the authority information and the signature result are added to the service application program, and the safety is guaranteed.
Optionally, the method of calling the embedded security control module and using the software security management application program to implement communication data interaction of the legitimate packet includes: and providing data interfaces within a certain quantity range for communication data interaction of legal messages, wherein the data interfaces are data interfaces of the embedded safety control module.
Specifically, referring to table 1, data interfaces within a certain number range are provided for communication data interaction of a legal packet, where the data interfaces are data interfaces of an embedded security control module ESAM.
TABLE 1
Optionally, when the communication data interaction is implemented by using a software security management application, the method includes: in the process of realizing communication data interaction by using a software security management application program, determining that the authority information of a legal message passes verification under the condition that a data request of the legal message belongs to one or more data interfaces in a certain number range; and determining that the authority information verification of the legal message fails under the condition that the data request of the legal message does not belong to the data interfaces within a certain quantity range.
Specifically, in the process of realizing communication data interaction by using a software security management application program, under the condition that a data request of a legal message belongs to one or more data interfaces in a certain number range, the authority information of the legal message is determined to pass verification; and determining that the authority information verification of the legal message fails under the condition that the data request of the legal message does not belong to the data interfaces within a certain quantity range.
For example, in the process of implementing communication data interaction by using a software security management application, when a data request of a valid message belongs to one or more data interfaces among 16 data interfaces in table 1, it is determined that the authority information of the valid message passes verification, and when the data request of the valid message does not belong to 16 data interfaces, it is determined that the authority information of the valid message fails verification. Therefore, the data request and the accessed content of the legal message are ensured to be in a certain data range, and the content outside the provided interface cannot be accessed without being authorized.
Optionally, the method of calling the embedded security control module and using the software security management application program to implement communication data interaction of the legitimate packet includes: judging the security parameter level of the legal message; determining that the detection of the security mode of the legal message passes under the condition that the security parameter level of the legal message is greater than or equal to a preset threshold value, and processing the legal message passing the detection of the security mode; and under the condition that the legal security parameter level is less than a preset threshold value, determining that the detection of the security mode of the message of the service application program fails, and not processing the legal message of which the detection of the security mode fails.
Specifically, referring to fig. 6, the security parameter level of the legitimate packet is determined; determining that the detection of the security mode of the legal message passes under the condition that the security parameter level of the legal message is greater than or equal to a preset threshold value, and processing the legal message passing the detection of the security mode; and under the condition that the legal security parameter level is less than a preset threshold value, determining that the detection of the security mode of the message of the service application program fails, and not processing the legal message of which the detection of the security mode fails. And when the security level is higher than or equal to the security level with the lowest request requirement, the message is not processed. The security of the legal message is guaranteed.
Optionally, the method of calling the embedded security control module and using the software security management application program to implement communication data interaction of the valid message further includes: judging whether the data identification of the legal message meets the execution content; when the data identification information conforms to the reading or setting of the legal message, determining that the data identification of the legal message passes the detection, and processing the legal message passing the detection of the data identification; and when the data identification information is inconsistent with the reading or setting of the legal message, determining that the detection of the data identification of the legal message fails, and not processing the legal message of which the detection of the data identification fails.
Specifically, referring to fig. 7, it is determined whether the data identifier (OAD) of the legitimate packet satisfies the execution content; when the data identification information conforms to the reading or setting of the legal message, determining that the data identification of the legal message passes the detection; and when the data identification information is not in accordance with the reading or setting of the legal message, determining that the detection of the data identification of the legal message fails. Thereby screening out the legal messages meeting the execution content.
Further, referring to fig. 1, according to a second aspect of the present embodiment, there is provided a storage medium. The storage medium comprises a stored program, wherein the method of any of the above is performed by a processor when the program is run.
Therefore, according to the embodiment, the link layer format of the received message is checked by receiving messages sent by other modules of the intelligent electric meter and the external equipment, so that the qualified message with a qualified format is determined, the legality of the qualified message is verified, the legal message is obtained, the integrity and the correctness of the message are determined, and the message filtering is realized on the illegal message and the incomplete message. And finally, realizing communication data interaction of the legal message by using a software security management application program in a mode of calling the embedded security control module.
Therefore, the integrity and the correctness of the message are determined by checking the link layer format and verifying the legality of the message received from other modules and external equipment, and the message filtering is realized on the illegal message and the incomplete message. The embedded security control module ESAM is called to encrypt the plaintext message and decrypt the ciphertext message, so that the security of the message in the transmission process is ensured, and the security management is realized. And unified scheduling is performed on the embedded security control module ESAM, so that system management is realized. And then solve the technical problem that the ammeter brings new safe risk point after introducing the operating system among the prior art, how to prevent a plurality of APP unauthorized access, APP business safety credibility, each APP and hardware module communication and ESAM's scheduling problem.
It should be noted that, for simplicity of description, the above-mentioned method embodiments are described as a series of acts or combination of acts, but those skilled in the art will recognize that the present invention is not limited by the order of acts, as some steps may occur in other orders or concurrently in accordance with the invention. Further, those skilled in the art should also appreciate that the embodiments described in the specification are preferred embodiments and that the acts and modules referred to are not necessarily required by the invention.
Through the description of the foregoing embodiments, it is clear to those skilled in the art that the method according to the foregoing embodiments may be implemented by software plus a necessary general hardware platform, and certainly may also be implemented by hardware, but the former is a better implementation mode in many cases. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (e.g., ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal device (e.g., a mobile phone, a computer, a server, or a network device) to execute the method according to the embodiments of the present invention.
Example 2
Fig. 8 shows an apparatus 800 for managing communication security of a smart meter according to the present embodiment, where the apparatus 800 corresponds to the method according to the first aspect of embodiment 1. Referring to fig. 8, the apparatus 800 includes: the receiving module 810 is used for receiving messages sent by other modules and external equipment, wherein the other modules are a metering module and an expansion module in the intelligent electric meter, and the intelligent electric meter comprises a metering module, a management module and an expansion module; a determining module 820, configured to check the link layer format of the packet, so as to determine a qualified packet with a qualified format, verify the validity of the qualified packet, and determine the qualified packet that passes the validity verification as a valid packet; and an interaction module 830, configured to implement communication data interaction of a legal message by using a software security management application program in a manner of calling the embedded security control module.
Optionally, the determining module 820 includes: the checking submodule is used for checking whether the frame head byte, the frame tail byte, the frame head check and the frame tail check of the message are correct or not; the unqualified submodule is used for determining that the message is an unqualified message under the condition that the frame header byte, the frame tail byte, the frame header check and the frame tail check of the message are incorrect, and discarding the unqualified message; and the qualified submodule is used for determining that the message is a qualified message under the condition that the frame header byte, the frame tail byte, the frame header check and the frame tail check of the message are correct.
A determination module 820 comprising: the verification submodule is used for verifying the legality of the logic address, the beginning, the end, the CS check bit, the client address, the communication address and the length of the qualified message; determining an illegal submodule, which is used for determining the qualified message as an illegal message under the condition that the legality of the logic address, the beginning, the end, the CS check bit, the client address, the communication address and the length of the qualified message is not verified; and the legal determining sub-module is used for determining the qualified message as a legal message under the condition that the legality of the logic address, the beginning, the end, the CS check bit, the client address, the communication address and the length of the qualified message passes the verification.
Optionally, the interaction module 830 includes: the software safety management application program runs on the management module, and the communication data interaction comprises communication data interaction among all service application programs in the management module, communication data interaction among all modules in the intelligent electric meter and communication data interaction between the intelligent electric meter and external equipment.
Optionally, the interaction module 830 includes: the first sending submodule is used for sending a ciphertext message to the metering module after the external equipment sends the ciphertext message to the software security management application program, wherein the ciphertext is a legal message; or the second sending submodule is used for decrypting the ciphertext message after the external equipment sends the ciphertext message to the software security management application program to obtain a plaintext message and sending the plaintext message to the service application program in the management module; or the third sending submodule is used for decrypting the ciphertext message after the external equipment sends the ciphertext message to the software security management application program to obtain a plaintext message, encrypting the plaintext message in a manner that the expansion module can decrypt to obtain a first ciphertext, and sending the first ciphertext to the expansion module; or the fourth sending submodule is used for decrypting the ciphertext message after the external device sends the ciphertext message to the software security management application program to obtain a plaintext message, judging whether the plaintext message is a message requested to respond by the master station system, encrypting the plaintext message in a manner that the master station system can decrypt the plaintext message under the condition that the plaintext message is the message requested to respond by the master station system to obtain a second ciphertext, sending the second ciphertext to the master station system, and discarding the plaintext message under the condition that the plaintext message is not the message requested to respond by the master station system.
Optionally, the interaction module 830 includes: the fifth sending submodule is used for sending the ciphertext message to the master station after the metering module sends the ciphertext message to the software security management application program, wherein the ciphertext is a legal message; or the sixth sending submodule is used for decrypting the ciphertext message after the metering module sends the ciphertext message to the software security management application program to obtain a plaintext message and sending the plaintext message to the service application program in the management module; or the seventh sending submodule is used for decrypting the ciphertext message after the metering module sends the ciphertext message to the software security management application program to obtain a plaintext message, encrypting the plaintext in a manner that the expansion module can decrypt the plaintext message to obtain a third ciphertext, and sending the third ciphertext to the expansion module.
Optionally, the interaction module 830 includes: the eighth sending submodule is used for verifying the authority information of the service application program after the service application program in the management module sends a plaintext message to the software security management application program, wherein the plaintext message is a legal message; and the ninth sending submodule is used for encrypting the plaintext message and then sending the encrypted plaintext message to the external equipment, the metering module and the expansion module under the condition that the verification information passes.
Optionally, the interaction module 830 includes: the tenth sending submodule is used for verifying the authority information of the extension module after the extension module sends the ciphertext message to the software security management application program, wherein the ciphertext message is a legal message; and the eleventh sending submodule is used for sending the ciphertext message to the external equipment and the metering module under the condition that the verification information passes.
Optionally, the eighth sending submodule includes: the computing unit is used for computing the service application program by utilizing a state cryptographic algorithm to obtain a computing result; and the signature unit is used for signing the calculation result through the encryption machine by utilizing the software security management application program and adding the authority information of the service application program and the signature result at the tail of the service application program.
Optionally, the interaction module 830 includes: and providing a submodule for providing a data interface within a certain quantity range for communication data interaction of a legal message, wherein the data interface is a data interface of the embedded safety control module.
Optionally, the interaction module 830 includes: the verification information passing sub-module is used for determining that the authority information of the legal message passes the verification under the condition that the data request of the legal message belongs to one or more data interfaces in a certain number range in the process of realizing communication data interaction by using the software security management application program; and the verification information failure sub-module is used for determining that the authority information verification of the legal message fails under the condition that the data request of the legal message does not belong to the data interfaces within a certain number range.
Optionally, the interaction module 830 includes: the judgment safety submodule is used for judging the safety parameter level of the legal message; the safety passing determining submodule is used for determining that the detection of the safety mode of the legal message passes and processing the legal message passing the detection of the safety mode under the condition that the safety parameter level of the legal message is greater than or equal to a preset threshold value; and the safety failure determining submodule is used for determining that the detection of the safety mode of the message of the service application program fails and not processing the legal message of which the detection of the safety mode fails under the condition that the legal safety parameter level is smaller than a preset threshold value.
Optionally, the interaction module 830 includes: the judging submodule is used for judging whether the data identification of the legal message meets the execution content or not; the identification passing submodule is used for determining that the data identification of the legal message passes the detection and processing the legal message passing the data identification detection when the data identification information conforms to the reading or setting of the legal message; and the identification failing submodule is used for determining that the detection of the data identification of the legal message fails and not processing the legal message of which the detection of the data identification fails when the data identification information is not in accordance with the reading or setting of the legal message.
Therefore, according to the embodiment, the link layer format of the received message is checked by receiving messages sent by other modules of the intelligent electric meter and the external equipment, so that the qualified message with a qualified format is determined, the legality of the qualified message is verified, the legal message is obtained, the integrity and the correctness of the message are determined, and the message filtering is realized on the illegal message and the incomplete message. And finally, realizing communication data interaction of the legal message by using a software security management application program in a mode of calling the embedded security control module.
Therefore, the integrity and the correctness of the message are determined by checking the link layer format and verifying the legality of the message received from other modules and external equipment, and the message filtering is realized on the illegal message and the incomplete message. The embedded security control module ESAM is called to encrypt the plaintext message and decrypt the ciphertext message, so that the security of the message in the transmission process is ensured, and the security management is realized. And unified scheduling is performed on the embedded security control module ESAM, so that system management is realized. And then solve the technical problem that the ammeter brings new safe risk point after introducing the operating system among the prior art, how to prevent a plurality of APP unauthorized access, APP business safety credibility, each APP and hardware module communication and ESAM's scheduling problem.
Example 3
Fig. 9 shows an apparatus 900 for managing communication security of a smart meter according to the present embodiment, where the apparatus 900 corresponds to the method according to the first aspect of embodiment 1. Referring to fig. 9, the apparatus 900 includes: a processor 910; and a memory 920 coupled to the processor 910 for providing instructions to the processor 910 to process the following steps: receiving messages sent by other modules and external equipment, wherein the other modules are a metering module and an expansion module in the intelligent electric meter, and the intelligent electric meter comprises a metering module, a management module and an expansion module; checking the link layer format of the message to determine a qualified message with a qualified format, verifying the legality of the qualified message, and determining the qualified message passing the legality verification as a legal message; and realizing communication data interaction of the legal message by using the software security management application program in a mode of calling the embedded security control module.
Optionally, checking the link layer format of the packet to determine a qualified packet with a qualified format includes: checking whether the header byte, the trailer byte, the header check and the trailer check of the message are correct or not; under the condition that the frame header byte, the frame tail byte, the frame header check and the frame tail check of the message are incorrect, determining that the message is an unqualified message, and discarding the unqualified message; and determining the message as a qualified message under the condition that the header byte, the tail byte, the header check and the tail check of the message are correct.
Optionally, verifying the validity of the qualified packet, and determining the qualified packet that passes the validity verification as a valid packet includes: verifying the legality of the logical address, the beginning, the end, the CS check bit, the client address, the communication address and the length of the qualified message; determining the qualified message as an illegal message under the condition that the legality of the logic address, the beginning, the end, the CS check bit, the client address, the communication address and the length of the qualified message is not verified; and determining the qualified message as a legal message under the condition that the legality of the logical address, the beginning, the end, the CS check bit, the client address, the communication address and the length of the qualified message is verified.
Optionally, the method of calling the embedded security control module and using the software security management application program to implement communication data interaction of the valid message includes: the software safety management application program runs on the management module, and the communication data interaction comprises communication data interaction among all service application programs in the management module, communication data interaction among all modules in the intelligent electric meter and communication data interaction between the intelligent electric meter and external equipment.
Optionally, the method of calling the embedded security control module and using the software security management application program to implement communication data interaction of the valid message includes: after sending a ciphertext message to the software security management application program, the external device sends the ciphertext message to the metering module, wherein the ciphertext is a legal message; or after the external equipment sends the ciphertext message to the software security management application program, decrypting the ciphertext message to obtain a plaintext message, and sending the plaintext message to the service application program in the management module; or after the external equipment sends the ciphertext message to the software security management application program, decrypting the ciphertext message to obtain a plaintext message, encrypting the plaintext message in a manner that the expansion module can decrypt the plaintext message to obtain a first ciphertext, and sending the first ciphertext to the expansion module; or after the external device sends the ciphertext message to the software security management application program, decrypting the ciphertext message to obtain a plaintext message, judging whether the plaintext message is a message requested to respond by the master station system, encrypting the plaintext message in a manner that the master station system can decrypt the plaintext message under the condition that the plaintext message is the message requested to respond by the master station system to obtain a second ciphertext, sending the second ciphertext to the master station system, and discarding the plaintext message under the condition that the plaintext message is not the message requested to respond by the master station system.
Optionally, the method of calling the embedded security control module and using the software security management application program to implement communication data interaction of the valid message includes: after the metering module sends a ciphertext message to the software security management application program, sending the ciphertext message to the master station, wherein the ciphertext is a legal message; or after the metering module sends the ciphertext message to the software security management application program, decrypting the ciphertext message to obtain a plaintext message, and sending the plaintext message to a service application program in the management module; or after the metering module sends the ciphertext message to the software security management application program, the ciphertext message is decrypted to obtain a plaintext message, the plaintext is encrypted in a manner that the expansion module can decrypt the plaintext message to obtain a third ciphertext, and the third ciphertext is sent to the expansion module.
Optionally, the method of calling the embedded security control module and using the software security management application program to implement communication data interaction of the valid message includes: after a service application program in a management module sends a plaintext message to a software security management application program, verifying authority information of the service application program, wherein the plaintext is a legal message; and under the condition that the verification information passes, encrypting the plaintext message and then sending the encrypted plaintext message to the external equipment, the metering module and the expansion module.
Optionally, the method of calling the embedded security control module and using the software security management application program to implement communication data interaction of the legitimate packet includes: after the extension module sends a ciphertext message to the software security management application program, verifying the authority information of the extension module, wherein the ciphertext message is a legal message; and sending the ciphertext message to the external equipment and the metering module under the condition that the verification information passes.
Optionally, verifying the authority information of the service application includes: calculating the service application program by using a state cryptographic algorithm to obtain a calculation result; and signing the calculation result by using the software security management application program through the encryption machine, and adding the authority information of the service application program and the signature result at the tail of the service application program.
Optionally, the method of calling the embedded security control module and using the software security management application program to implement communication data interaction of the legitimate packet includes: and providing data interfaces within a certain quantity range for communication data interaction of legal messages, wherein the data interfaces are data interfaces of the embedded safety control module.
Optionally, the communication data interaction is implemented by using a software security management application, including: in the process of realizing communication data interaction by using a software security management application program, determining that the authority information of a legal message passes verification under the condition that a data request of the legal message belongs to one or more data interfaces in a certain number range; and determining that the authority information verification of the legal message fails under the condition that the data request of the legal message does not belong to the data interfaces within a certain quantity range.
Optionally, the method of calling the embedded security control module and using the software security management application program to implement communication data interaction of the legitimate packet includes: judging the security parameter level of the legal message; determining that the detection of the security mode of the legal message passes under the condition that the security parameter level of the legal message is greater than or equal to a preset threshold value, and processing the legal message passing the detection of the security mode; and under the condition that the legal security parameter level is less than a preset threshold value, determining that the detection of the security mode of the message of the service application program fails, and not processing the legal message of which the detection of the security mode fails.
Optionally, the method of calling the embedded security control module and using the software security management application program to implement communication data interaction of the legitimate packet further includes: judging whether the data identification of the legal message meets the execution content; when the data identification information conforms to the reading or setting of the legal message, determining that the data identification of the legal message passes the detection, and processing the legal message passing the detection of the data identification; and when the data identification information is not in accordance with the reading or setting of the legal message, determining that the detection of the data identification of the legal message fails, and not processing the legal message of which the detection of the data identification fails.
Therefore, according to the embodiment, messages sent by other modules of the smart electric meter and external equipment are received, the link layer format of the received messages is checked, so that qualified messages with qualified formats are determined, the legality of the qualified messages is verified, legal messages are obtained, the integrity and correctness of the messages are determined, and message filtering is achieved for illegal messages and incomplete messages. And finally, realizing communication data interaction of legal messages by using a software security management application program in a mode of calling the embedded security control module.
Therefore, the integrity and the correctness of the message are determined by checking the link layer format and verifying the legality of the message received from other modules and external equipment, and the message filtering is realized on the illegal message and the incomplete message. The embedded security control module ESAM is called to encrypt the plaintext message and decrypt the ciphertext message, so that the security of the message in the transmission process is ensured, and the security management is realized. And unified scheduling is performed on the embedded security control module ESAM, so that system management is realized. And then solve the technical problem that the ammeter brings new safe risk point after introducing the operating system among the prior art, how to prevent a plurality of APP unauthorized access, APP business safety credibility, each APP and hardware module communication and ESAM's scheduling problem.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
In the above embodiments of the present invention, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
In the embodiments provided in the present application, it should be understood that the disclosed technology can be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units is only one type of division of logical functions, and there may be other divisions when actually implemented, for example, a plurality of units or components may be combined or may be integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, units or modules, and may be in an electrical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention, which is substantially or partly contributed by the prior art, or all or part of the technical solution may be embodied in a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to perform all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.
The foregoing is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.