CN112363710B - Multi-variable user program compiling method based on multi-heterogeneous execution controller - Google Patents
Multi-variable user program compiling method based on multi-heterogeneous execution controller Download PDFInfo
- Publication number
- CN112363710B CN112363710B CN202110049701.4A CN202110049701A CN112363710B CN 112363710 B CN112363710 B CN 112363710B CN 202110049701 A CN202110049701 A CN 202110049701A CN 112363710 B CN112363710 B CN 112363710B
- Authority
- CN
- China
- Prior art keywords
- user program
- heterogeneous
- method based
- execution controller
- variable
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/30—Creation or generation of source code
- G06F8/31—Programming languages or programming paradigms
- G06F8/315—Object-oriented languages
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformation of program code
- G06F8/41—Compilation
Abstract
The invention discloses a multi-user program compiling method based on a multi-heterogeneous execution controller, which is used for compiling a plurality of sets of user program executable files by upper computer configuration software in the field of industrial control and downloading the user program executable files to a plurality of executors of the multi-heterogeneous execution controller for running. The invention generates a plurality of sets of target executive programs with different chip architectures by adding means such as code confusion and abnormal detection when the user program code is converted into the C language code and by using a compiler linking tool to specify different code segments and data segment addresses. The invention satisfies the requirement that a plurality of heterogeneous executors of the heterogeneous execution controller respectively run the same service user program, and simultaneously improves the dynamic property and diversity of the user program, thereby improving the safety of the controller.
Description
Technical Field
The invention belongs to the technical field of industrial control, and particularly relates to a multi-variable user program compiling method based on a multi-heterogeneous execution controller.
Background
With the gradual opening and intelligence of industrial application, the traditional industrial control system is gradually opened from a closed application scene for many years, and the safety requirement is more urgent while new targets of intelligent manufacturing, industry 4.0 and the like are created by combining the advanced technologies such as the internet of things, 5G, artificial intelligence, big data and the like. The mimicry defense theory is a Dynamic Heterogeneous Redundancy (DHR) strategy or mechanism based on an endogenous safety mechanism, wherein the mimicry camouflage strategy or mechanism is introduced into the DHR, and a plurality of active defense elements are fused to change the unicity of a target system by isomerism and pluralism; changing the certainty of the target system dynamically and randomly; identifying and shielding unknown defects and unknown threats by a heterogeneous redundant multi-mode arbitration mechanism; enhancing flexibility or resiliency of target system service functions with a high reliability architecture; defending or rejecting an uncertain threat to a target system with the apparent uncertain nature of the system.
The configuration software of the upper computer of the industrial control system compiles and downloads a user program corresponding to the process flow into an industrial controller such as a PLC (programmable logic controller) or DCS (distributed control system) controller for operation, and provides different compiling methods for the user program.
For high stability, the conventional controller or the safety controller has a strong reliability design of equipment redundancy, that is, each set of controllers has 1: 1, the safety controller can reach 3 or more redundancies; but they are based on the redundancy of the same source and the same architecture, and use the same kernel, system, driver and executive. Two methods are generally adopted for the upper computer configuration software to issue the user program to the controller, namely, the user program is converted into an interpretation type execution file of a similar assembly statement to be issued; and secondly, the user program is cross-compiled into an executable file of a target system and then issued. Based on the traditional controller, the upper computer configuration software only compiles and issues a set of user programs to each executive body, and the upper computer configuration software is easy to be cracked and forged by attackers.
The mimicry industrial controller is an endogenous safety industrial controller combined with a mimicry defense theory, and a plurality of sets of heterogeneous main control chips are adopted as a plurality of executors in the mimicry industrial controller. Relatively speaking, the maximum change of the mimicry industrial controller is that more than 3 redundancies are fixed, and each redundant executive body has heterogeneity, and the differences are from hardware comprising a CPU architecture and peripheral devices to software comprising a main program and internal drivers, such as processors of kernel architectures of ARMv7-A, X86, Mips and the like; in the whole control execution, judgment output is arbitrated from a plurality of executives through the arbitrator in real time, so that attack and vulnerability utilization aiming at single equipment are effectively avoided.
Disclosure of Invention
The invention aims to provide a multi-variable user program compiling method based on a multi-heterogeneous execution controller, aiming at overcoming the defects in the prior art. The invention aims at diversified compiling processing of a user program which is in charge of industrial application service logic control in multi-heterogeneous execution controller execution body software, improves heterogeneous thoroughness of a user program execution file in a controller by various methods, and achieves safety and stability of an integral controller.
The purpose of the invention is realized by the following technical scheme: a multi-variable user program compiling method based on a multi-heterogeneous execution controller comprises the following steps:
(1) converting the user program statement into a C language code, which specifically comprises the following steps:
(1.1) converting the control logic of the user program into a plurality of different sets of C language codes;
(1.2) randomly inserting the obfuscated code, the abnormal checking code and the abnormal processing code into each set of C language code;
(1.3) each set of C language codes and a target heterogeneous executive body thereof agree to adopt the same service memory address for the same service function, and the service memory addresses for the same service function are different among the heterogeneous executive bodies, so that the service memory addresses for the same service function of each set of C language codes are also different;
(2) aiming at each heterogeneous executive body, the C language codes are respectively cross-compiled into target programs with corresponding frameworks, which specifically comprises the following steps: the kernel versions of all the heterogeneous executors are different, and each set of C language codes realize cross compiling of a plurality of sets of target programs of the kernel architecture by specifying a compiler of the kernel version or corresponding compiling parameters according to the kernel version of the target heterogeneous executors;
(3) linking the target program into a plurality of executable files, specifically: linking the target program generated in the step (2) to generate an executable file; the running address appointed when each executable file is linked is consistent with the running address convention of the target heterogeneous executive body, and the running addresses of the heterogeneous executive bodies are different.
Furthermore, the service memory address of each heterogeneous executive body supports dynamic change through other appointed files.
Further, the other appointment file includes a user program configuration table.
Further, the execution address specified when the executable file is linked comprises the starting addresses of the code segment and the data segment.
Further, the user program is a service control program which is loaded to the industrial controller and runs, and corresponds to the process flow of each industrial scene.
Further, the multi-heterogeneous execution controller is a mimicry industrial controller.
Further, the obfuscated code includes invalid temporary variable definitions and related operations, addition, subtraction, or exclusive-or of normal variable values, complex logic operations under unsatisfiable conditional branches, and assignments.
Further, the code of the exception checking and exception handling includes entering the specified exception handling when the memory change corresponding to the reserved trap is judged, so as to record an exception event or trigger an alarm.
Further, the reservation trap includes a traffic-independent heap variable and a stack variable.
The invention has the beneficial effects that: based on a multi-heterogeneous execution body controller, the user program is cross-compiled into the executable file of the target system and issued, and the upper computer compiles the executable files of the user program with different frameworks aiming at different heterogeneous execution bodies. The invention considers several changing methods in the compiling of the user program, and generates the user program execution file with more dynamic and diversity by adding means such as code confusion, abnormal detection and the like when the user program code is converted into the C language code, changing business memory addresses and using a compiler linking tool to designate different code segments and data segment addresses, thereby achieving higher safety. Aiming at the design of a plurality of sets of heterogeneous executors in the controller, the compiling method of a plurality of sets of kernel architecture programs required by the execution of a compiling user program is met, and meanwhile, the user program and the controller have higher safety.
Drawings
Fig. 1 is a main flow chart of user program compiling and downloading.
Detailed Description
The invention relates to a multi-variable user program compiling method based on a multi-heterogeneous execution controller, which adopts a user program compiling type issuing mode to compile a user program generated by industrial control system configuration software by inserting invalid codes, checking codes, multi-platform cross compiling, dynamic code addresses and data addresses to generate different executable files for downloading to a target controller.
The user program is a business control program which is loaded to the industrial controller and runs, and corresponds to the process flow of each industrial scene. According to the IEC61131-3 international standard, a writing specification of a user program defines a text language (an instruction list IL and a structure text ST) and a graphical language (a ladder diagram LD, a function block diagram FBD and a sequential function diagram SFC); after the user program is compiled, the programming configuration software needs to be compiled into an execution instruction which can be recognized by a target controller, the compiling mode is generally 2, one is compiling type, the user program source code programming is firstly converted into C language, and then the execution file of the target controller is generated through cross compiling of the C language; and secondly, interpretation, namely converting the source code of the user program into a self-defined intermediate interpretation instruction, issuing the instruction to a target controller, and interpreting and executing the instruction by the target controller. In this embodiment, a simulated industrial controller is taken as an example, the overall process is shown in fig. 1, and the main operation steps are as follows:
step one, converting a user program into a plurality of sets of C language codes
The invention only aims at the first mode and converts the first mode into C language codes; in the process, a plurality of variation methods are added, and a plurality of different sets of C language codes are generated in a differentiated mode, and the specific steps are as follows:
1) adding obfuscated codes
The user program is converted into a plurality of sets of C language codes, and different confusion codes are randomly inserted into each set of C language codes, such as invalid temporary variable definitions and related operations, addition, subtraction and XOR of normal variable values, complex logic operations and assignments under unsatisfiable conditional branches, and the like.
The control logic of most user programs is relatively simple, and an attacker can easily grab the communication packet for analysis and decryption when downloading the configuration software user program; adding different obfuscated codes is to increase the code heterogeneity of the user program of the multiple executors of the mimicry industrial controller; and secondly, the difficulty of understanding the user program by an attacker is increased, and cracking and counterfeiting are prevented.
2) Adding check codes
And inserting code logic of exception checking and exception handling, and entering specified exception handling when judging that memories (such as a business-independent heap variable or a stack variable) corresponding to certain reserved traps are changed, so as to record exception events or trigger an alarm. For example, the function is checked for the input parameter within a limited size range, or the function reserves an unnecessary and unused parameter, a fixed value is transmitted in a calling party by convention, and once the check is not met, the heap memory is considered to be abnormal, and an alarm is triggered. When the alarm is recorded, relevant information (such as time, code position, abnormal value and the like) is written into another specified memory area, and the memory area is processed by the abnormal checking code of the main program in a unified way.
3) Defining same service function corresponding to different memory addresses
The business functions related in the user program comprise a bit number, a function block, hardware configuration parameters and the like, different executors of the mimicry industrial controller respectively adopt different business memory addresses aiming at different user program business functions, and the business memory address operation in a C language code generated by the user program is appointed to be corresponding; that is, the same executive body adopts different service memory addresses for different service functions, and different executive bodies also adopt different service memory addresses for the same service function. For example, for the 1 st DO bit number setting value, the service memory address of the bit number corresponding to the execution block a is 0x800a100, the service memory address of the bit number corresponding to the execution block B is 0x900B200, and the service memory address of the hardware configuration parameter of the execution block B may be 0x800a 100. The business memory address of each executable supports dynamic changes via other provisioning files, such as user profile.
Table 1: service memory address of each executive
The internal memory address division of the traditional controller is fixed, such as a bit number area, a hardware configuration area and the like, a plurality of executors of the mimicry industrial controller can increase the internal memory uncertainty of the controller and the difference of C codes of a user program by defining the variable memory address of the service, and even if an attacker reversely analyzes the execution codes of the user program, the ultimate service purpose is difficult to determine.
Step two, C language code is cross compiled into a plurality of object programs
The C language code realizes the cross compiling of a plurality of sets of target programs (o files) of the kernel architecture by designating the compiler of the kernel version or corresponding compiling parameters, and the specific kernel version is judged according to the CPU architecture adopted by each executive body hardware of the mimicry industrial controller. The cross compiling is to generate a target program which can be executed on an operating system of one kernel version on an operating system of another kernel version; such as compilation into an x86 object using GCC version x86, compilation into a Mips object using GCC version Mips, compilation into a corresponding kernel version of ARM object using the-march subparameter of the ARM GCC compiler. For example, for the ArmV7-A family of kernel chip executors, the compile command is designated "Arm-elf-gcc-std = c 99-march = Arm-mv 7-a-mfpu = fpa" when compiled using Arm-elf-gcc.
Step three, linking the target program into a plurality of sets of executable files
Linking the target program generated in the second step through the compiler or the corresponding compiling parameter specified in the second step to generate an executable file (bin file); each executive body of the mimicry industrial controller respectively designates different executable file running addresses, and the executable files are the same as the running addresses of the appointed executable files of the target executive body; the execution address specified when the executable file is linked comprises a code segment starting address and a data segment starting address. The executable file run address of each executable supports dynamic changes via other provisioning files, such as user program configuration tables. An LD link command such as GCC specifies the code segment start address by the parameter "-Ttext" and the data segment start address by the parameter "-Tdata". The operation addresses of the executors are shown in Table 2 below, for example, when Arm-elf-gcc link is used, the link command specifying the code segment start address 0x80002000 and the data segment start address 0xA0003000 is "Arm-elf-ld-Ttext 0x 80002000-Tdata 0xA 0003000".
Table 2: run addresses of executors
| Executive A | Executive B | Executive C | |
| Code segment start address | 0x80002000 | 0x60001000 | 0x70002000 |
| Data segment start address | 0xA0003000 | 0x70004000 | 0x90002000 |
And step four, changing a set of user program IEC61131-3 programming language source codes created by the upper machine configuration software to generate a plurality of sets of executable files facing different heterogeneous kernels for downloading to a target controller.
The invention generates the dynamic user program executable file through diversified compiling, causes certain interference and difficulty to the attack behaviors of communication packet analysis, executable file reverse analysis and the like of an attacker, improves the user program operation safety of the controller and ensures the correctness of the field process flow. In addition, a checking mechanism added in the code C can achieve the function similar to a honeypot, and an alarm is triggered when the program is abnormally executed, so that the checking mechanism is used as a basis for capturing and corresponding countermeasures of the controller.
Claims (9)
1. A multi-variable user program compiling method based on a multi-heterogeneous execution controller is characterized by comprising the following steps:
(1) converting the user program statement into a C language code, which specifically comprises the following steps:
(1.1) converting control logic in the user program into a plurality of different sets of C language codes;
(1.2) randomly inserting confusion codes and codes comprising exception checking and exception handling into each set of C language codes;
(1.3) each set of C language code is consistent with the business memory address convention of the target heterogeneous executive body, and the business memory addresses aiming at the same business function are different among the heterogeneous executive bodies;
(2) aiming at each heterogeneous executive body, the C language codes are respectively cross-compiled into target programs with corresponding frameworks, which specifically comprises the following steps: the kernel versions of all the heterogeneous executors are different, and each set of C language codes realize cross compiling of a plurality of sets of target programs of the kernel architecture by specifying a compiler of the kernel version or corresponding compiling parameters according to the kernel version of the target heterogeneous executors;
(3) linking the target program into a plurality of executable files, specifically: linking the target program generated in the step (2) to generate an executable file; the running address appointed when each executable file is linked is consistent with the running address convention of the target heterogeneous executive body, and the running addresses of the heterogeneous executive bodies are different.
2. The multi-variable user program compilation method based on a multi-heterogeneous execution controller of claim 1, wherein the service memory address of each heterogeneous execution body supports dynamic changes through other default files.
3. The multi-variant user program compilation method based on a multi-heterogeneous execution controller of claim 2, wherein the other appointment files comprise configuration tables.
4. The multi-variable user program compiling method based on the multi-heterogeneous execution controller according to claim 1, wherein the execution address specified when the executable file is linked comprises a start address of a code segment and a data segment.
5. The multi-variable user program compiling method based on the multi-heterogeneous execution controller according to claim 1, wherein the user program is a business control program which is loaded into an industrial controller and then runs, and corresponds to a process flow of each industrial scene.
6. The multi-variant user program compilation method based on a multi-heterogeneous execution controller of claim 1, wherein the multi-heterogeneous execution controller is a mock-up industrial controller.
7. The multi-variable user program compilation method based on a multi-heterogeneous execution controller according to claim 1, wherein the obfuscated code comprises invalid temporary variable definitions and associated operations, addition, subtraction, or exclusive-or of normal variable values, complex logic operations under unsatisfied conditional branches, and assignments.
8. The multi-variable user program compiling method based on the multi-heterogeneous execution controller according to claim 1, wherein the code comprising the exception checking and the exception handling comprises entering a designated exception handling when a memory change corresponding to a reserved trap is judged, so as to record an exception event or trigger an alarm.
9. The multi-variable user program compilation method based on a multi-heterogeneous execution controller of claim 8, wherein the reserved trap comprises a transaction-independent heap variable and a stack variable.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110049701.4A CN112363710B (en) | 2021-01-14 | 2021-01-14 | Multi-variable user program compiling method based on multi-heterogeneous execution controller |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110049701.4A CN112363710B (en) | 2021-01-14 | 2021-01-14 | Multi-variable user program compiling method based on multi-heterogeneous execution controller |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112363710A CN112363710A (en) | 2021-02-12 |
| CN112363710B true CN112363710B (en) | 2021-03-30 |
Family
ID=74534993
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110049701.4A Active CN112363710B (en) | 2021-01-14 | 2021-01-14 | Multi-variable user program compiling method based on multi-heterogeneous execution controller |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112363710B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116893663B (en) * | 2023-09-07 | 2024-01-09 | 之江实验室 | Main control abnormality detection method and device, storage medium and electronic equipment |
| CN116880905B (en) * | 2023-09-08 | 2024-01-09 | 之江实验室 | Data storage method and device, storage medium and electronic equipment |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101311901A (en) * | 2007-05-25 | 2008-11-26 | 松下电器产业株式会社 | Program re-writing apparatus |
| WO2016166744A1 (en) * | 2015-04-16 | 2016-10-20 | Morphisec Information Security 2014 Ltd. | Method and system for protecting computerized systems from malicious code by means of mutable instructions |
-
2021
- 2021-01-14 CN CN202110049701.4A patent/CN112363710B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101311901A (en) * | 2007-05-25 | 2008-11-26 | 松下电器产业株式会社 | Program re-writing apparatus |
| WO2016166744A1 (en) * | 2015-04-16 | 2016-10-20 | Morphisec Information Security 2014 Ltd. | Method and system for protecting computerized systems from malicious code by means of mutable instructions |
Non-Patent Citations (2)
| Title |
|---|
| 《硬件描述语言到C语言的翻译》;邵秀丽等;《软件》;19950515(第5期);第9-13页 * |
| Making the Fortran-to-C transition_ how painful is it really_;GERHARD THEURICH等;《 Computing in Science & Engineering》;IEEE;20010228;第3卷(第1期);第21-27页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112363710A (en) | 2021-02-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112363710B (en) | Multi-variable user program compiling method based on multi-heterogeneous execution controller | |
| Bao et al. | {BYTEWEIGHT}: Learning to recognize functions in binary code | |
| WO2016135729A1 (en) | A method to identify known compilers functions, libraries and objects inside files and data items containing an executable code | |
| CN102916937B (en) | A kind of method, device and client device tackling web page attacks | |
| CN106682460B (en) | It is a kind of based on the Code obfuscation method converted twice | |
| CN101446905B (en) | Method for compiling and compiler | |
| CN114417355B (en) | Lightweight safety detection system and method for industrial control system | |
| WO2023035751A1 (en) | Intelligent confusion for mobile terminal application | |
| CN109766690B (en) | ROP and variant attack dynamic detection method based on multi-strategy instruction detection | |
| Pogliani et al. | Detecting insecure code patterns in industrial robot programs | |
| CN108121285B (en) | Application software collaborative compiling method and device based on continuous function diagram | |
| US20190102541A1 (en) | Apparatus and method for defending against unauthorized modification of programs | |
| CN114840418A (en) | Fuzzy test method and device | |
| CN114510723A (en) | Intelligent contract authority management vulnerability detection method and device | |
| Moukahal et al. | Boosting grey-box fuzzing for connected autonomous vehicle systems | |
| Ouyang et al. | An advanced automatic construction method of ROP | |
| King et al. | Analysis of executables: Benefits and challenges (dagstuhl seminar 12051) | |
| KR102601979B1 (en) | Method and apparatus for verifying software program | |
| Yang et al. | Fuzzing IPC with knowledge inference | |
| Chen et al. | OBSan: An Out-Of-Bound Sanitizer to Harden DNN Executables. | |
| CN114064499B (en) | Black box fuzzy test method and system, electronic equipment and storage medium | |
| US20060037005A1 (en) | Method and apparatus for increasing computer security | |
| EP3557464B1 (en) | System and method for identifying vulnerabilities of applications by intercepting function calls | |
| EP4167111A1 (en) | Method and apparatus for preparing unique software | |
| CN105446322B (en) | A kind of control routine method for detecting abnormality and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |