CN114167804A - Authentication method and system for PLC encryption program - Google Patents
Authentication method and system for PLC encryption program Download PDFInfo
- Publication number
- CN114167804A CN114167804A CN202111328040.5A CN202111328040A CN114167804A CN 114167804 A CN114167804 A CN 114167804A CN 202111328040 A CN202111328040 A CN 202111328040A CN 114167804 A CN114167804 A CN 114167804A
- Authority
- CN
- China
- Prior art keywords
- information
- authentication
- program
- plc
- decoding
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 44
- 230000032683 aging Effects 0.000 claims description 14
- 238000005336 cracking Methods 0.000 abstract description 5
- 238000004364 calculation method Methods 0.000 abstract description 4
- 238000012795 verification Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008094 contradictory effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B19/00—Programme-control systems
- G05B19/02—Programme-control systems electric
- G05B19/04—Programme control other than numerical control, i.e. in sequence controllers or logic controllers
- G05B19/05—Programmable logic controllers, e.g. simulating logic interconnections of signals according to ladder diagrams or function charts
- G05B19/058—Safety, monitoring
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B2219/00—Program-control systems
- G05B2219/10—Plc systems
- G05B2219/14—Plc safety
- G05B2219/14006—Safety, monitoring in general
Landscapes
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Engineering & Computer Science (AREA)
- Automation & Control Theory (AREA)
- Programmable Controllers (AREA)
Abstract
The invention relates to the technical field of PLC programming, in particular to an authentication method and an authentication system for a PLC encryption program, wherein the authentication method comprises the following steps: acquiring encryption information of a PLC encryption program, wherein the encryption information is generated randomly; acquiring authority information, and acquiring decryption information corresponding to the encrypted information according to the authority information; comparing the decryption information with the authentication information to obtain a decoding attribute; and obtaining an authentication result according to the decoding attribute. The method provided by the invention can be used for authenticating through the randomly generated encrypted information, preventing the decoding calculation and cracking of the third-party software, and improving the safety of the PLC program.
Description
Technical Field
The invention relates to the technical field of PLC programming, in particular to an authentication method and system for a PLC encryption program.
Background
In order to prevent the important program from being stolen by malicious means, an independent password is set in units of reading and writing programs, checking and modifying and the like in the PLC, if the passwords do not accord with each other, the corresponding program cannot be downloaded or uploaded, and the program cannot be checked, so that the corresponding PLC needs to set a program protection password, and the program is prevented from being leaked and modified.
The existing method is low in safety, program protection passwords are easy to crack through a third-party tool, and the applicable scene is single.
Disclosure of Invention
The invention aims to provide an authentication method of a PLC encryption program, which can effectively improve the safety and the applicability of the program.
In order to achieve the purpose, the technical scheme provided by the invention is as follows:
an authentication method of a PLC encryption program that encrypts a PLC program to be used through authentication, the authentication method comprising the steps of:
acquiring encryption information of a PLC encryption program, wherein the encryption information is generated randomly;
acquiring authority information of a user, and acquiring decryption information corresponding to the encryption information according to the authority information;
comparing the decryption information with preset authentication information in the PLC encryption program to obtain decoding attributes, wherein the decoding attributes comprise any one of time-efficiency decoding attributes, permanent decoding attributes and error decoding attributes;
obtaining an authentication result according to the decoding attribute;
if the decoding attribute is the time-efficiency decoding attribute, the authentication result is that the time-efficiency authentication is passed, and the user can use the PLC program within the preset time;
if the decoding attribute is a permanent decoding attribute, the authentication result is that the permanent authentication is passed, and the user can use the PLC program permanently;
and if the decoding attribute is an error decoding attribute, the authentication result is authentication failure, the user cannot use the PLC program, and the authentication failure times are recorded.
Further, the authority information includes first authority information;
the obtaining of the decryption information corresponding to the encryption information according to the authority information includes: acquiring first decryption information corresponding to the encryption information according to the first authority information;
the obtaining of the decoding attribute after comparing the decryption information with preset authentication information includes: and comparing the first decryption information with preset authentication information to obtain a first decoding attribute, wherein the first decoding attribute comprises any one of an aging decoding attribute, a permanent decoding attribute and an error decoding attribute.
Further, the authority information includes second authority information;
the obtaining of the decryption information corresponding to the encryption information according to the authority information includes: acquiring second decryption information corresponding to the encrypted information according to the second authority information;
the obtaining of the decoding attribute after comparing the decryption information with preset authentication information includes: and comparing the second decryption information with preset authentication information to obtain a second decoding attribute, wherein the second decoding attribute comprises an aging decoding attribute or an error decoding attribute.
Further, after obtaining the authentication result according to the decoding attribute, the method further includes:
and when the first authentication result is that the time-efficiency authentication is passed or the permanent authentication is passed, binding the address of the PLC program built-in network card, and terminating the authentication process if the address of the PLC program built-in network card is changed.
Further, the encryption information is randomly generated based on a predetermined time.
Further, the encryption information comprises a plurality of segments, and the decryption information comprises a plurality of segments.
Further, after obtaining the authentication result according to the decoding attribute, the method further includes:
and if the authentication failure times meet the preset times, stopping the authentication process, and stopping obtaining the authentication result according to the decoding attribute.
Correspondingly, the authentication system for the PLC encryption program comprises a first device and a second device, wherein the PLC encryption program comprises a first program and a second program, the first device is provided with the first program, and the second device is provided with the second program;
the first program comprises an encrypted information generation module, a decoding attribute module and an authentication module;
the encrypted information generating module randomly generates encrypted information, the decoding attribute module obtains decoding attributes according to the input decrypted information, and the authentication module obtains authentication results according to the decoding attributes;
the second program comprises an authority information acquisition module and a decryption module, the authority information acquisition module acquires authority information, and the decryption module obtains decryption information corresponding to the encrypted information according to the authority information.
Furthermore, the authority information acquisition module is used for user login, and the authority information acquisition module acquires the authority information according to the information of user login.
Further, the first device is a PLC device, and the second device is an upper computer.
Compared with the prior art, the invention has the following beneficial effects:
the method provided by the invention can be used for authenticating through the randomly generated encrypted information, preventing the decoding calculation and cracking of the third-party software, and improving the safety of the PLC program.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the structures shown in the drawings without creative efforts.
FIG. 1 is a flow chart of an embodiment of a method for authenticating a PLC encryption program according to the present invention;
FIG. 2 is a schematic diagram of an embodiment of an authentication system for a PLC encryption program of the present invention;
FIG. 3 is a flow chart illustrating a method of operation of an embodiment of the PLC cryptographic program authentication system of the present invention;
FIG. 4 is a first interface of the PLC encryption program of the present invention;
fig. 5 is a second interface of the PLC encryption program of the present invention.
Reference numerals:
100-a first device; 110 — a first program; 111-an encrypted information generating module; 112-decode attribute module; 113-an authentication module; 200-a second device; 210-a second program; 211-rights information acquisition module; 212-decryption module.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that all the directional indicators (such as up, down, left, right, front, and rear … …) in the embodiment of the present invention are only used to explain the relative position relationship between the components, the movement situation, etc. in a specific posture (as shown in the drawing), and if the specific posture is changed, the directional indicator is changed accordingly.
It will also be understood that when an element is referred to as being "secured to" or "disposed on" another element, it can be directly on the other element or intervening elements may also be present. When an element is referred to as being "connected" to another element, it can be directly connected to the other element or intervening elements may also be present.
In addition, the descriptions related to "first", "second", etc. in the present invention are for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicit indication of the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include at least one of the feature. In addition, technical solutions between various embodiments may be combined with each other, but must be realized by a person skilled in the art, and when the technical solutions are contradictory or cannot be realized, such a combination should not be considered to exist, and is not within the protection scope of the present invention.
Fig. 1 is a schematic flowchart of an embodiment of an authentication method for a PLC encryption program according to the present invention.
Referring to fig. 1, the method embodiment includes the following steps:
s110, obtaining the encrypted information
The encryption information is generated randomly, the encryption information is generated by randomly updating according to preset time through an internal verification algorithm of a PLC encryption program, the encryption information comprises a plurality of sections of fields, and each section of field comprises six digits.
Specifically, the encrypted information may be composed of three segments of numbers, each segment of numbers includes six digits, and the range of the digits is-32767 to 32767, for example: 123456-123456-123456. Under the condition that the length of a register of a program is limited, the length of the encrypted information can be further increased by adopting a multi-segment digital form, so that the complexity of the encrypted information is increased, the cracking difficulty is improved, and the safety is improved. The time of random generation may be set to 1 second, and when the authentication process is unsuccessful, the internal verification algorithm updates the encryption information once in 1 second.
S120, acquiring authority information and decrypting information
The authority information is determined by the logged-in user information, if the user information is a common user, decryption information corresponding to the encrypted information is obtained according to the authority information of the common user, and if the user information is an administrator user, decryption information corresponding to the encrypted information is obtained according to the authority information of the administrator user. The decryption information obtained by different rights information is different. The corresponding relation between the encryption information and the decryption information is realized by a verification algorithm in a PLC encryption program.
Specifically, the decryption information is a digital section, the digital section comprises six digits, and the range of the digits is-32767, for example: if the encryption information is 123456 and the authority information is a common user, the obtained decryption information is 147598, and if the authority information is an administrator user, the obtained decryption information is 187723.
S130, determining decoding attribute and obtaining authentication result
Comparing the decryption information with the authentication information to obtain a decoding attribute, wherein the decoding attribute comprises one of an aging decoding attribute, a permanent decoding attribute or an error decoding attribute;
and obtaining an authentication result according to the decoding attribute, if the decoding attribute is an aging decoding attribute, the authentication result is that the aging authentication is passed, if the decoding attribute is a permanent decoding attribute, the authentication result is that the permanent authentication is passed, if the decoding attribute is an error decoding attribute, the authentication result is that the authentication is failed, and the authentication failure times are recorded.
The aging authentication obtained by the aging decoding attribute specifically refers to: the PLC encryption program passes the authentication, the PLC program can be used, but the use time is limited, the use time is confirmed according to the user information, and different user information corresponds to different use times; if the secondary time-efficiency authentication is passed in the period, the operation of resetting the remaining time is carried out, and the service life is calculated according to the service life obtained after the secondary authentication.
The permanent authentication obtained by the permanent decoding attribute specifically refers to: the PLC encryption program passes the authentication, and the PLC program can be permanently used;
the authentication failure obtained by the wrong decoding attribute specifically refers to: the PLC encryption program fails authentication, the PLC program cannot be used, and the PLC encryption program records the number of authentication failures.
The above process is realized by a verification algorithm in a PLC encryption program, and the PLC encryption program consists of a plurality of programs. Specifically, in this embodiment, the PLC encryption program is composed of two programs, one of which is installed on the PLC and is used for implementing the step S110 and the step S130, and the other of which is installed on the upper computer and is used for implementing the step S120. The method of the embodiment is suitable for protecting the PLC equipment purchased by the buyer by the seller, and avoids the secondary sale of the PLC equipment purchased by the buyer.
In this embodiment, the authority information includes first authority information; acquiring first decryption information corresponding to the encryption information according to the first authority information; and comparing the first decryption information with the authentication information to obtain a first decoding attribute, wherein the first decoding attribute comprises one of an aging decoding attribute, a permanent decoding attribute and an error decoding attribute. Specifically, the first authority information is authority information of an administrator user, and the administrator user may be a seller user or a purchasing user.
The authority information also comprises second authority information; acquiring second decryption information corresponding to the encrypted information according to the second authority information; and comparing the second decryption information with the authentication information to obtain a second decoding attribute, wherein the second decoding attribute comprises one of an aging decoding attribute or an error decoding attribute. Specifically, the second authority information is authority information of a common user, and the final authentication of the second authority information is limited by time.
In this embodiment, when the first authentication result is that the time-efficient authentication passes or the permanent authentication passes, the address of the PLC program internal network card is bound, and if the address of the PLC internal network card changes, the authentication process is terminated. Specifically, after the PLC encryption program "binds the address of the internal network card of the PLC program", if all the PLC encryption programs are transplanted (including the data area), the PLC program cannot be continuously run due to the fact that the addresses of the internal network cards of the PLC program are not the same, and the address of the internal network card is the unique address.
Because the built-in network card address of the PLC program is bound after the first authentication is passed, even if data such as a decoder flag bit of the PLC encryption program is transplanted into the PLC program of other equipment by a complete transplanting means, all rights are lost because the built-in network card address is bound, and the safety of the PLC program is further improved.
In this embodiment, when the authentication failure times satisfy the predetermined times, the authentication process is stopped, and the authentication result obtained according to the decoding attribute is stopped. The preset times are selected according to needs, for example, the preset times are selected for 10 times, when the times of authentication failure reach 10 times, the decryption information is input again, the decryption information is not compared with the authentication information any more to obtain the decoding attribute, namely, the authentication work is stopped, and the PLC equipment is required to be restarted so as to restart the authentication work of the PLC encryption program. This approach further avoids third party software hacking operations.
The method provided by the embodiment of the invention automatically generates the encryption information at random through flexible encryption information, thereby preventing the decoding calculation of third-party software from being cracked; the decoding attribute can be freely selected according to different occasions, and the use right can be permanently opened or temporarily used; even if data such as the flag bit of the decoding information is transplanted into other PLC programs by a complete transplanting means, all rights are lost due to the fact that the address of the built-in network card is bound, and the safety is further improved.
Correspondingly, the invention also provides a computer readable storage medium embodiment, the computer readable storage medium has stored thereon a program of the authentication method of the PLC program, and the program of the authentication method based on the PLC program can be executed by one or more processors to implement the steps of the authentication method based on the PLC program. The processor typically includes a single-chip microcomputer including non-volatile and/or volatile memory. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
Fig. 2 is a schematic diagram of an embodiment of an authentication system for a PLC encryption program according to the present invention.
Referring to fig. 2, the system for encrypting and decrypting the PLC program includes a first device 100 and a second device 200. The PLC encryption program includes a first program 110 and a second program 210, the first program 110 is installed in the first device 100, and the second program 210 is installed in the second device 200.
The first program 110 includes an encrypted information generation module 111, a decode attribute module 112, and an authentication module 113. The encrypted information generating module 111 randomly generates encrypted information, the decoding attribute module 112 obtains a decoding attribute according to the input decrypted information, and the authentication module 113 obtains an authentication result according to the decoding attribute.
The second program 210 includes a permission information obtaining module 211 and a decryption module 212, where the permission information obtaining module 211 obtains permission information, and the decryption module 212 obtains decryption information corresponding to the encrypted information according to the permission information. The authority information obtaining module 211 is used for user login, and the authority information obtaining module 211 obtains the authority information according to the information of user login.
In this embodiment, the first device is a PLC device, and the second device is an upper computer. The first program 100 is installed on the PLC device and is an encryption program for PLC program encryption, the second program 200 is installed on an upper computer, specifically can be an upper decoding plug-in, and is matched with the first program 100 for use, so that the PLC program can be encrypted and decrypted, the safety of the PLC program is improved, and the loss of a third party to a manufacturer or a seller is avoided.
In this embodiment, the first program 110 randomly generates encrypted information, the encrypted information is decrypted to obtain decrypted information, the decrypted information is input in the first program 110, the first program 110 compares the input decrypted information with the authentication information in the first program 110 to obtain a decoding attribute, and the first program 110 obtains an authentication result according to the decoding attribute, where the decrypted information is obtained by the second program 210.
Specifically, the decoding property includes one of an aging decoding property, a permanent decoding property, or an error decoding property; if the decoding attribute is an aging decoding attribute, the authentication result is that the aging authentication is passed, if the decoding attribute is a permanent decoding attribute, the authentication result is that the permanent authentication is passed, if the decoding attribute is an error decoding attribute, the authentication result is that the authentication is failed, and the authentication failure times are recorded.
In this embodiment, the second program 210 is used to input the encrypted information generated by the first program 1110. The second program 210 is used for user login, and the second program 210 acquires authority information according to the information of the user login. The second program 200 obtains the decryption information corresponding to the input encryption information according to the authority information. In other embodiments, the first program 110 may also log in the user and display the authority information of the logged in user.
In this embodiment, the encrypted information includes a plurality of segments of numbers, specifically three segments of numbers, each segment of numbers includes six digits, and the range of the digits is-32767 to 32767, for example: 123456-123456-123456. Under the condition that the length of a register of a program is limited, the length of the encrypted information can be further increased by adopting a multi-segment digital form, so that the complexity of the encrypted information is increased, the cracking difficulty is improved, and the safety is improved. The time of random generation may be set to 1 second, and when the authentication process is unsuccessful, the internal verification algorithm of the first program 100 updates the encryption information once in 1 second. The decryption information is a digital section, the digital section comprises six digits, the range of the digits is-32767, for example: if the encryption information is 123456 and the authority information is a common user, the obtained decryption information is 147598, and if the authority information is an administrator user, the obtained decryption information is 187723.
According to the system embodiment provided by the invention, two programs are respectively installed in the PLC device and the upper computer, the PLC device and the upper computer belong to different owners respectively, the owner of the PLC device is a buyer or a user, and the owner of the upper computer is a seller or a producer. When a purchaser or a user uses the PLC device, the PLC encryption program needs to be decrypted, and the upper computer holder is matched to smoothly decrypt and use the PLC device, so that the decryption difficulty is increased, and the loss of some actions of the purchaser or the user to the seller or the producer is prevented.
Fig. 3 is a schematic flow chart of an operation method of an embodiment of the PLC encryption program authentication system according to the present invention.
Please refer to fig. 3, which includes the following steps:
s210, opening the first interface, clicking a first icon of the first interface, and displaying the encrypted information on an output frame of the first interface.
As shown in fig. 3, the first interface is a human-machine interface of the PLC encryption program, and the human-machine interface is composed of an upper portion, a middle portion and a lower portion. The top of the human-computer interface displays a PLC encryption program name 'program protection system' and a current authority information display column, and current authority information is obtained after user information is input in a first login window of the first interface. And a fourth icon is arranged beside the current permission information display column, the fourth icon is a lock-shaped icon, the fourth icon is clicked to delete the permission information, namely all permission information of the current PLC encryption program is deleted, and new permission information is acquired after the PLC encryption program needs to be logged in again.
The output frame is arranged in the middle of the human-computer interface and comprises a plurality of first sub-windows, and each first sub-window displays part of encrypted information. Specifically, the number of the first sub-windows in this embodiment is three, and six digits are displayed in each first sub-window. The first icon is arranged beside the output frame and is an 'obtaining' button, and after the 'obtaining' button is clicked, the encrypted information is displayed on the output frame.
S220, opening a second interface, inputting user information in a second login window of the second interface to acquire the authority, and clicking an authority icon of the second interface to select corresponding authority information.
As shown in fig. 4, the second interface is an upper computer decryption program interface, a "Login" button in the second interface is clicked to pop up a second Login window, and user information is input in the second Login window to obtain the related authority. After logging in, the authority of the current user, including the ordinary user or the administrator user, is displayed on the second interface, and is shown as the 'ordinary' user in the figure. After login, corresponding permissions can be selected by clicking the permission icon, the permission icon comprises a temporary permission and a permanent permission, wherein the ordinary user permission can only select the temporary permission, and the administrator user permission can select the temporary permission or the permanent permission.
And S230, inputting the encrypted information into a second input box of the second interface, and clicking a second icon of the second interface to obtain the decrypted information.
As shown in fig. 4, the second input box includes a number of second sub-windows, and the number of the second sub-windows is the same as the number of the first sub-windows, each of the second sub-windows inputting part of the encryption information. Specifically, the number of the second sub-windows in this embodiment is three, and six digits are input to each second sub-window. Inputting the encrypted character obtained from the first interface into a second input box, clicking a second icon which is an 'obtaining' button of the second interface, so as to pop up a display window (not shown) of the decryption information, and displaying the decryption information on the display window of the decryption information.
S240, inputting the decryption information into the first input box of the first interface, and clicking the third icon of the first interface to finish authentication.
As shown in fig. 3, the first input frame in the first interface is located below the first output frame, the third icon is a "confirm" button, and after the "confirm" button is clicked, the internal verification algorithm authenticates the input decryption information to obtain an authentication result, and the PLC program can be used after the authentication is passed.
In addition, a display status bar is arranged on the lower side of the first interface and used for displaying status information, such as: the password is authenticated correctly or is not authenticated incorrectly. In other embodiments, the first interface further displays a number of authentication errors for alerting the user.
The embodiment provided by the invention authenticates through the randomly generated encryption information, prevents decoding calculation and cracking of third-party software, improves the safety of a PLC program, and can acquire different decoding attributes according to the authority information so as to acquire different authentication results, such as authentication results with time limit or authentication results used permanently, so as to meet different use scenes, and an application scene is illustrated below.
The buyer purchases a Mitsubishi motor from a seller by paying in installments, the PLC program of the Mitsubishi motor equipment has the encryption program provided by the method of the embodiment of the invention, and the buyer can use the Mitsubishi motor after unlocking the PLC program when using the Mitsubishi motor. When the purchaser unlocks, according to the authentication operation method in the embodiment, firstly, the encryption information is obtained through the PLC encryption program, and the seller is informed of the encryption information; if the seller receives the option of the buyer, the encrypted information provided by the buyer is input into a decoding program of the upper computer to obtain the decrypted information, the decrypted information is sent to the buyer, and the buyer can use the equipment after inputting the decrypted information and passing the authentication. The use has a time limit, for example, the use time is 1 year, and after 1 year, the purchaser needs to pay off the money and then unlock the lock again to continue using the lock. The method can avoid the loss of the seller due to the default of the money by the buyer, and can prevent the embezzlement and modification by a third party.
In the above scenario, the purchaser may also have the decoding program and the PLC encryption program of the upper computer at the same time, if the purchaser purchases the entire money, the user provided by the seller is the administrator user, and the purchaser may use the program permanently or select the temporary use with the time limit after unlocking, and if the purchaser purchases the product in installments, the user provided by the seller is the general user, and the purchaser may select the temporary use with the time limit only after unlocking.
The Mitsubishi motor is mostly used in light industry, has large audience and more users, so that more people can crack the Mitsubishi motor.
In summary, the above-mentioned embodiments of the present invention are only preferred embodiments of the present invention, and not intended to limit the scope of the present invention, and all equivalent structural changes made by using the contents of the specification and the drawings, or other related technical fields directly/indirectly applied to the present invention are included in the scope of the present invention.
Claims (10)
1. An authentication method of a PLC encryption program, wherein the PLC encryption program encrypts a PLC program, and the PLC encryption program is authenticated to use the PLC program, the authentication method comprising the steps of:
acquiring encryption information of a PLC encryption program, wherein the encryption information is generated randomly;
acquiring authority information of a user, and acquiring decryption information corresponding to the encryption information according to the authority information;
comparing the decryption information with preset authentication information in the PLC encryption program to obtain decoding attributes, wherein the decoding attributes comprise any one of time-efficiency decoding attributes, permanent decoding attributes and error decoding attributes;
obtaining an authentication result according to the decoding attribute;
if the decoding attribute is the time-efficiency decoding attribute, the authentication result is that the time-efficiency authentication is passed, and the user can use the PLC program within the preset time;
if the decoding attribute is a permanent decoding attribute, the authentication result is that the permanent authentication is passed, and the user can use the PLC program permanently;
and if the decoding attribute is an error decoding attribute, the authentication result is authentication failure, the user cannot use the PLC program, and the authentication failure times are recorded.
2. The method for authenticating the PLC encryption program according to claim 1,
the permission information comprises first permission information;
the obtaining of the decryption information corresponding to the encryption information according to the authority information includes: acquiring first decryption information corresponding to the encryption information according to the first authority information;
the obtaining of the decoding attribute after comparing the decryption information with preset authentication information includes: and comparing the first decryption information with preset authentication information to obtain a first decoding attribute, wherein the first decoding attribute comprises any one of an aging decoding attribute, a permanent decoding attribute and an error decoding attribute.
3. The method for authenticating the PLC encryption program according to claim 1 or 2, wherein the authority information includes second authority information;
the obtaining of the decryption information corresponding to the encryption information according to the authority information includes: acquiring second decryption information corresponding to the encrypted information according to the second authority information;
the obtaining of the decoding attribute after comparing the decryption information with preset authentication information includes: and comparing the second decryption information with preset authentication information to obtain a second decoding attribute, wherein the second decoding attribute comprises an aging decoding attribute or an error decoding attribute.
4. The method for authenticating the PLC encryption program according to claim 1,
after obtaining the authentication result according to the decoding attribute, the method further comprises:
and when the first authentication result is that the time-efficiency authentication is passed or the permanent authentication is passed, binding the address of the PLC program built-in network card, and terminating the authentication process if the address of the PLC program built-in network card is changed.
5. The method of claim 1, wherein the encryption information is randomly generated based on a predetermined time.
6. The method of claim 1, wherein the encryption information comprises a number of fields, and the decryption information comprises a number of fields.
7. The method of claim 1, further comprising, after obtaining the authentication result according to the decoding attribute:
and if the authentication failure times meet the preset times, stopping the authentication process, and stopping obtaining the authentication result according to the decoding attribute.
8. The authentication system of the PLC encryption program is characterized by comprising a first device and a second device, wherein the PLC encryption program comprises a first program and a second program, the first device is provided with the first program, and the second device is provided with the second program;
the first program comprises an encrypted information generation module, a decoding attribute module and an authentication module;
the encrypted information generating module randomly generates encrypted information, the decoding attribute module obtains decoding attributes according to the input decrypted information, and the authentication module obtains authentication results according to the decoding attributes;
the second program comprises an authority information acquisition module and a decryption module, the authority information acquisition module acquires authority information, and the decryption module obtains decryption information corresponding to the encrypted information according to the authority information.
9. The system according to claim 8, wherein the permission information obtaining module is configured to log in by a user, and the permission information obtaining module obtains the permission information according to information of the user login.
10. The system according to claim 8, wherein the first device is a PLC device, and the second device is an upper computer.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111328040.5A CN114167804A (en) | 2021-11-10 | 2021-11-10 | Authentication method and system for PLC encryption program |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111328040.5A CN114167804A (en) | 2021-11-10 | 2021-11-10 | Authentication method and system for PLC encryption program |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114167804A true CN114167804A (en) | 2022-03-11 |
Family
ID=80478599
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111328040.5A Pending CN114167804A (en) | 2021-11-10 | 2021-11-10 | Authentication method and system for PLC encryption program |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114167804A (en) |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050229004A1 (en) * | 2004-03-31 | 2005-10-13 | Callaghan David M | Digital rights management system and method |
| CN101038489A (en) * | 2006-03-13 | 2007-09-19 | 富士电机机器制御株式会社 | Programming device of programmable controller |
| JP2008176544A (en) * | 2007-01-18 | 2008-07-31 | Mitsubishi Electric Corp | Information processing apparatus, communication system, and user authentication method and program |
| CN101329658A (en) * | 2007-06-21 | 2008-12-24 | 西门子(中国)有限公司 | Encryption and decryption method, and PLC system using the same |
| CN101866411A (en) * | 2009-04-16 | 2010-10-20 | 深圳市数智国兴信息科技有限公司 | Security certification and encryption method and system of multi-application noncontact-type CPU card |
| CN103425909A (en) * | 2012-05-15 | 2013-12-04 | 富士电机株式会社 | Control system, device and program execution control method |
| CN103809517A (en) * | 2014-02-21 | 2014-05-21 | 深圳市大族激光科技股份有限公司 | Control system of numerically-controlled machine tool and encryption method thereof |
| US20150271161A1 (en) * | 2012-12-20 | 2015-09-24 | Mitsubishi Electric Corporation | Control system, program transmission device, authentication server, program protection method, program transmission method, and program for program transmission device |
| CN106301793A (en) * | 2016-09-06 | 2017-01-04 | 中国电子技术标准化研究院 | A kind of PLC certification and the method for secure communication |
| CN106304040A (en) * | 2015-05-25 | 2017-01-04 | 阿里巴巴集团控股有限公司 | The management method of Mobile solution, device |
| CN108681663A (en) * | 2018-05-22 | 2018-10-19 | 广东润星科技有限公司 | A kind of encipher-decipher method having with the novel matrix formula operation panel of numerically-controlled machine tool binding function |
| CN111143856A (en) * | 2019-12-27 | 2020-05-12 | 郑州信大捷安信息技术股份有限公司 | PLC remote firmware upgrading system and method |
-
2021
- 2021-11-10 CN CN202111328040.5A patent/CN114167804A/en active Pending
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050229004A1 (en) * | 2004-03-31 | 2005-10-13 | Callaghan David M | Digital rights management system and method |
| CN101038489A (en) * | 2006-03-13 | 2007-09-19 | 富士电机机器制御株式会社 | Programming device of programmable controller |
| JP2008176544A (en) * | 2007-01-18 | 2008-07-31 | Mitsubishi Electric Corp | Information processing apparatus, communication system, and user authentication method and program |
| CN101329658A (en) * | 2007-06-21 | 2008-12-24 | 西门子(中国)有限公司 | Encryption and decryption method, and PLC system using the same |
| CN101866411A (en) * | 2009-04-16 | 2010-10-20 | 深圳市数智国兴信息科技有限公司 | Security certification and encryption method and system of multi-application noncontact-type CPU card |
| CN103425909A (en) * | 2012-05-15 | 2013-12-04 | 富士电机株式会社 | Control system, device and program execution control method |
| US20150271161A1 (en) * | 2012-12-20 | 2015-09-24 | Mitsubishi Electric Corporation | Control system, program transmission device, authentication server, program protection method, program transmission method, and program for program transmission device |
| CN103809517A (en) * | 2014-02-21 | 2014-05-21 | 深圳市大族激光科技股份有限公司 | Control system of numerically-controlled machine tool and encryption method thereof |
| CN106304040A (en) * | 2015-05-25 | 2017-01-04 | 阿里巴巴集团控股有限公司 | The management method of Mobile solution, device |
| CN106301793A (en) * | 2016-09-06 | 2017-01-04 | 中国电子技术标准化研究院 | A kind of PLC certification and the method for secure communication |
| CN108681663A (en) * | 2018-05-22 | 2018-10-19 | 广东润星科技有限公司 | A kind of encipher-decipher method having with the novel matrix formula operation panel of numerically-controlled machine tool binding function |
| CN111143856A (en) * | 2019-12-27 | 2020-05-12 | 郑州信大捷安信息技术股份有限公司 | PLC remote firmware upgrading system and method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8572392B2 (en) | Access authentication method, information processing unit, and computer product | |
| EP2149103B1 (en) | Method and apparatus for protecting simlock information in an electronic device | |
| US8650399B2 (en) | Memory device and chip set processor pairing | |
| JP4733840B2 (en) | How to sign | |
| JP3774260B2 (en) | Memory card security system device and memory card thereof | |
| JP2001255953A (en) | Method for applying competence by using license | |
| KR20140046476A (en) | Authenticator | |
| CN106971102A (en) | A kind of start authentication method and device based on harddisk password module | |
| CN107194237B (en) | Method and device for application program security authentication, computer equipment and storage medium | |
| CN109583162B (en) | Identity recognition method and system based on state cryptographic algorithm | |
| CN104104673A (en) | Method for realizing security payment through third party unified dynamic authorization code | |
| CN112468294B (en) | Access method and authentication equipment of vehicle-mounted TBOX | |
| JP2002373116A (en) | Method for protecting microcomputer system, memory device, computer program, smart card and microcomputer system | |
| CN103907309A (en) | Memory | |
| CN112241633B (en) | Bidirectional authentication implementation method and system for non-contact smart card | |
| US20150134534A1 (en) | Software Protection Method for Preventing Unauthorized Usage | |
| CN114167804A (en) | Authentication method and system for PLC encryption program | |
| JP2003076611A (en) | Memory card having security function | |
| CN112364316B (en) | High-security-level data access method and device based on structured light array identification | |
| CN115037492A (en) | Online security services based on security features implemented in memory devices | |
| CN112364324A (en) | High-security-level data access method and device based on voiceprint recognition | |
| CN112287305A (en) | Data processing method, user lock and server | |
| JP3123539B2 (en) | Portable information terminal and recording medium | |
| CN107733658A (en) | A kind of PIN code method to set up, authentication method and storage device | |
| CN107943721B (en) | Data encryption method and device for electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |