CN114563996B - Physical watermark detection method for industrial control system replay attack - Google Patents
Physical watermark detection method for industrial control system replay attack Download PDFInfo
- Publication number
- CN114563996B CN114563996B CN202210065078.6A CN202210065078A CN114563996B CN 114563996 B CN114563996 B CN 114563996B CN 202210065078 A CN202210065078 A CN 202210065078A CN 114563996 B CN114563996 B CN 114563996B
- Authority
- CN
- China
- Prior art keywords
- data
- watermark
- replay attack
- industrial control
- control system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B23/00—Testing or monitoring of control systems or parts thereof
- G05B23/02—Electric testing or monitoring
- G05B23/0205—Electric testing or monitoring by means of a monitoring system capable of detecting and responding to faults
- G05B23/0218—Electric testing or monitoring by means of a monitoring system capable of detecting and responding to faults characterised by the fault detection method dealing with either existing or incipient faults
- G05B23/0243—Electric testing or monitoring by means of a monitoring system capable of detecting and responding to faults characterised by the fault detection method dealing with either existing or incipient faults model based detection method, e.g. first-principles knowledge model
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B2219/00—Program-control systems
- G05B2219/20—Pc systems
- G05B2219/24—Pc safety
- G05B2219/24065—Real time diagnostics
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/02—Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]
Landscapes
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Engineering & Computer Science (AREA)
- Automation & Control Theory (AREA)
- Selective Calling Equipment (AREA)
Abstract
The invention belongs to the field of industrial field detection, and discloses a physical watermark detection method for replay attack of an industrial control system. The distributed sensor network collects data in real time, and the data are uploaded to the SCADA system through the industrial control system PLC; before the threat detection function is put into operation, identifying the transient response of the system, and determining a dynamic data model of the system by injecting an excitation signal to observe and measure the response; after the threat detection function is put into operation, the system injects watermark signals with specific amplitude and specific width into the system at specific time points according to the watermark signal encryption table, and the replay attack detection module judges whether the system is under replay attack or not by detecting the measurement response at the specific time points and comparing the measurement response with a system model. The invention effectively improves the safety of the industrial control system.
Description
Technical Field
The invention belongs to the field of industrial field detection, and particularly relates to a physical watermark detection method for replay attack of an industrial control system.
Background
The traditional physical system runs in a relatively closed environment, and an attacker can only attack under a line by adopting a special line communication mode, so that the traditional physical system can effectively cope with various attacks all the time by default, and the system cannot be attacked without being in contact with the outside. The traditional physical system is an industrial control system for improving the operation efficiency of the system, realizing the intellectualization and informatization of the system and connecting a network.
Industrial Control Systems (ICS) refer to a collection of devices, systems, networks, and controllers used to operate, control, assist in automating an industrial process. Compared with the traditional physical system, the automation level is improved, the connection with the Internet is increased, the system becomes more open from the original relatively closed operating environment, more vulnerabilities which can be used as attacks are provided for attackers, and the industrial control system faces the crisis of double attack of inside and outside.
Since the industrial control system is a complex system with the physical system and the information system being in close integration, the system is attacked in a high-concealment and low-testability manner by an attacker through a network. If the system does not have enough security system or enough software defense measures, an attacker can attack the system in a specific mode to realize damage control on the system. The replay attack means that an attacker collects transmission data within a period of time and repeatedly transmits or delays the transmission of effective data in the transmission data. The replay attack uses data which is successfully accepted by the system, so that data sent by an attacker can easily pass through the check of a system encryption algorithm, so that the system is difficult to detect the attack in time, and a new method for carrying out replay attack safety protection by taking an industrial control system as a technical background is urgently needed to be developed.
Disclosure of Invention
The invention aims to provide a physical watermark detection method for the replay attack of an industrial control system, which aims to solve the problems in the prior art.
The technical scheme of the invention is as follows:
a physical watermark detection method for replay attack of an industrial control system specifically comprises the following steps:
the industrial control system comprises sensor acquisition equipment, an actuator, a PLC (programmable logic controller) and an SCADA (supervisory control and data acquisition) system; the SCADA system comprises watermark information key table design and replay attack detection; preparing before threat detection commissioning, including identifying a dynamic data model and randomly generating a watermark information key table; the detection flow of replay attack after threat detection and commissioning comprises the following steps: the sensor acquisition equipment acquires data in real time, the data is uploaded to the SCADA system through the PLC, and a watermark signal in a watermark information key table is injected into the industrial control system through the actuator; the replay attack detector judges the consistency of the estimated data and the data output by the industrial control system to determine whether replay attack exists or not;
the method comprises the following specific steps:
step one, dynamic data model identification
Under the condition that the system runs healthily, various excitation signals are injected into the system through an actuator, and a dynamic data model of the system is obtained according to a large number of input and output data relations and is expressed as follows:
wherein x is k Is a state vector, y k For the output data of the sensor, f and l are respectively a state vector iteration function and an output state correlation function, w (k) is process noise, and v (k) is sensor measurement noise;
step two, designing a watermark information key table
Firstly, designing a ternary table which respectively represents time, amplitude and width; each category of data is obtained using a random function, wherein the range of amplitude and width is selected to minimize fluctuations in the system equilibrium point; combining data in the ternary table into a watermark table, encrypting by using a DES (data encryption standard) method, and sending a generated ciphertext into a replay attack detector, wherein the ciphertext is a watermark information key table, and a new watermark information key table is updated when the watermark information injection in the last watermark information table is finished;
step three, injecting watermark signal
In an operation period of the system, the watermark table in the step two is transmitted to a PLC before being encrypted, the PLC analyzes the information after receiving the information and sends a control signal to an actuator, and the actuator performs injection at an injection point at the bottom layer of the industrial control system according to the received control signal;
fourthly, generating estimated data by the model
After the actuator injects watermark information into the system, the model of the system at this time is represented as:
wherein u (k) is an injection signal and carries information of injection time, amplitude and width; decrypting the ciphertext in the second step, and calculating the predicted value of the state vector after the system injects the watermark according to the state vector iterative function f in the first step
Then, the predicted value of system output after watermark injection is calculated according to the output state correlation function
Step five, judging by a replay attack detector
After the threat detection system is put into operation, supposing that watermark signals are injected at t moments, and collecting n groups of measurement data of the system sensor working after t moments; computing post-watermark prediction values
The satisfied probability distribution, the confidence interval with 95% confidence coefficient is calculated by utilizing the heavy tail distribution and Markov inequality, if the real response value y t+1 …y t+n The probability distribution is not in the predicted confidence interval, the system is considered to be attacked, and in order to balance the detection rate and the false alarm rate, the following two strategies are adopted:
(1) selecting n as 3, i.e. detecting from x t+1 To x t+3 If all the 3 groups of data can not pass the probability distribution test, the system state is considered to be changed and the system is attacked by replay;
(2) n is chosen to be 5, i.e. detected from x t+1 To x t+5 If three or more groups of 5 groups of data fail to pass the probability distribution test, the system state is considered to be changed and the replay attack is applied.
The invention has the beneficial effects that: in the industrial control system, the cost is low, only one physical watermark detection system needs to be designed in the industrial control system, the invention adopts a signal injection method to identify the unknown industrial control system, and designs the watermark signal by a triple encryption method to protect the industrial control system, and the stability is high. The invention combines the system data model and the control system knowledge, can timely and comprehensively detect replay attack threats in the system from multiple channels, and effectively improves the safety of the industrial control system.
Drawings
FIG. 1 is a schematic diagram of the flow structure operation of the present invention;
FIG. 2 is a system architecture diagram of the present invention;
FIG. 3 is a core control diagram of the industrial control system of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all embodiments. Other embodiments, which can be derived by one of ordinary skill in the art from the embodiments given herein without any creative effort, shall fall within the protection scope of the present invention.
In the description of the present invention, it should be noted that the terms "vertical", "upper", "lower", "horizontal", and the like refer to orientations or positional relationships based on those shown in the drawings, and are only for convenience of describing the present invention and simplifying the description, but do not indicate or imply that the referred device or element must have a specific orientation, be constructed in a specific orientation, and be operated, and thus, should not be construed as limiting the present invention. Furthermore, the terms "first" and "second" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
In the description of the present invention, it should also be noted that, unless otherwise explicitly stated or limited, the terms "disposed," "mounted," "connected," and "connected" are to be construed broadly and may be, for example, fixedly connected, detachably connected, or integrally connected; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meanings of the above terms in the present invention can be understood according to specific situations by those of ordinary skill in the art.
The embodiment equipment adopts Siemens S7-200PLC, the SCADA system adopts an interface designed by force control software, and the replay attack detection system adopts a control in the SCADA system. The sensors include temperature sensors, pressure sensors, level sensors, and the like. The connection mode of the sensor and the PLC adopts a wiring mode, the data collected by the sensor is analog quantity, the analog quantity is converted into digital quantity through the PLC, the connection mode of the PLC and the SCADA system adopts a network cable and is configured to the same gateway, and the protocol is S7 Ethernet communication protocol.
The method comprises the following steps: identification system data model
Firstly, the SCADA system is cut off from a network cable connected with the outside to ensure that the system can normally operate, and then identification signals including common pulse signals, step signals, ramp signals, parabola signals, sine signals, square wave signals, triangular wave signals, trapezoidal signals, sawtooth wave signals and the like and complex signals formed by combining the pulse signals, the step signals, the ramp signals, the parabola signals, the sine signals, the square wave signals, the triangular wave signals, the trapezoidal signals and the sawtooth wave signals are injected into the system through an actuator. The data distribution characteristics of one operating cycle of the industrial control system can be obtained through a large amount of input and output data, and then a dynamic data model of the system is obtained. The model is represented as:
wherein x k Is a state vector, y k For the output data of the sensor, f and l are the relationship of the state vector and the state vector after identification and the state vector and the output data, w (k) is the process noise, v (k) is the sensor measurement noise.
Step two: designing watermark information key table
A ternary table is designed, and three types of data, namely time, amplitude and width, exist in the table. Firstly, designing three groups of random functions, wherein the first group corresponds to injection time, the selection range is the time of the whole operation period, and the output result is some time points; the second group of corresponding amplitude values is selected within a range which does not influence the stability of the system in normal operation, and the output result is a value corresponding to a time point; the third set corresponds to the width, the selection range is a time span after the time is determined, and the output result is the duration of the amplitude. And then, combining the three groups of random function outputs, recording as watermark information, encrypting by using a DES method, and sending the generated ciphertext to a detector. The table is called a watermark information key table, the generated watermark information table is transmitted to the PLC before encryption, the PLC receives the information and then analyzes the information into a control signal to be transmitted to the actuator, the actuator injects the control signal into an injection point at the bottom layer of the industrial control system, a new watermark information table is generated after the injection of the last watermark information table is finished, and the new watermark information table is injected after the next operation period is started.
Step three: design replay attacks
The method comprises the steps of starting a network transmission port between a system and the outside, selecting a moment to invade the industrial control system when the industrial control system normally operates, monitoring and collecting sensor data of the system at first, ensuring that the collection duration is longer than one operation period of the industrial control system, analyzing one operation period of the system by checking distribution information of the collected data, sorting out data of one operation period of the system, storing the data, replaying the sorted data in a SCADA system database after a period of time, wherein the data are generated when the system stably operates and cannot cause an alarm for the same industrial control system. The real data of the sensor is simultaneously tampered during the replay of the data, thereby causing damage to the system.
Step four: verifying replay attacks
And in the operation process, data acquired by the sensor can be uploaded to the SCADA system through the PLC equipment to be displayed. After watermark signal injection, collecting n groups of system sensor working measurement data y after injection time t t+1 …y t+n At the same time, the watermark information is decrypted to obtain the injection information u (t), and the new model after injection is obtained
Iterative computation of post-watermark prediction values based on f in the model
Calculating a predicted value output after watermark signal injection according to l in the model
Then, the probability distribution satisfied by the predicted value is obtained according to the characteristics of the data, and the weighted distribution and the Markov inequality are utilized
Calculating a confidence interval with the confidence degree of 95 percent, and checking the calculated real response value y t+1 …y t+n The probability distribution of the system is in a confidence interval which is not in a predicted value, if the probability distribution is not in the confidence interval, the system is considered to be possibly attacked by replay, and in order to balance the detection rate and the false alarm rate, the following two strategies are adopted:
(1) selecting n as 3, i.e. detecting from x t+1 To x t+3 If none of the 3 groups of data can pass the probability distribution test, the system state is considered to be changed and the system is attacked by replay.
(2) N is chosen to be 5, i.e. detected from x t+1 To x t+5 If three or more groups of 5 groups of data fail to pass the probability distribution test, the system state is considered to be changed and the system is attacked by replay.
By combining the two detection strategies, the false alarm rate of the system can be further reduced, and the detection accuracy is improved.
In light of the foregoing description of the preferred embodiments of the present invention, those skilled in the art can now make various alterations and modifications without departing from the scope of the invention. The technical scope of the present invention is not limited to the contents of the specification, and must be determined according to the scope of the claims.
Claims (1)
1. A physical watermark detection method aiming at replay attack of an industrial control system is characterized in that the industrial control system comprises sensor acquisition equipment, an actuator, a PLC and an SCADA system; the SCADA system comprises watermark information key table design and replay attack detection; preparing before threat detection and commissioning, including identifying a dynamic data model and randomly generating a watermark information key table; the detection process of replay attack after threat detection and commissioning comprises the following steps: the sensor acquisition equipment acquires data in real time, the data is uploaded to an SCADA system through a PLC, and watermark signals in a watermark information key table are injected into the industrial control system through an actuator; the replay attack detector judges the consistency of the estimated data and the data output by the industrial control system to determine whether replay attack exists or not;
the method comprises the following specific steps:
step one, dynamic data model identification
Under the condition that the system runs healthily, various excitation signals are injected into the system through an actuator, and a dynamic data model of the system is obtained according to a large number of input and output data relations and is expressed as follows:
wherein x k Is a state vector, y k For the output data of the sensor, f and l are respectively a state vector iteration function and an output state correlation function, w (k) is process noise, and v (k) is sensor measurement noise;
step two, designing a watermark information key table
Firstly, designing a ternary table which respectively represents time, amplitude and width; each category of data is obtained by using a random function, wherein the amplitude and the width are selected within a range to reduce the fluctuation of a system balance point as much as possible; combining data in the ternary table into a watermark table, encrypting by using a DES (data encryption standard) method, and sending a generated ciphertext into a replay attack detector, wherein the ciphertext is a watermark information key table, and a new watermark information key table is updated when watermark information in the last watermark information table is injected;
step three, injecting watermark signal
In an operation period of the system, the watermark table in the step two is transmitted to a PLC before being encrypted, the PLC analyzes the information after receiving the information and sends a control signal to an actuator, and the actuator performs injection at an injection point at the bottom layer of the industrial control system according to the received control signal;
fourthly, generating estimated data by the model
After the executor injects watermark information into the system, the model of the system at this time is represented as:
wherein u (k) is an injection signal and carries information of injection time, amplitude and width; decrypting the ciphertext in the step two, and calculating the predicted value of the state vector after the watermark is injected into the system according to the state vector iterative function f in the step one
Then, according to the output state correlation function l, the predicted value of the system output after the system injects the watermark is calculated
Step five, judging by a replay attack detector
After the threat detection system is put into operation, supposing that watermark signals are injected at t moments, and collecting n groups of measurement data of system sensor working after t moments; computing post-watermark prediction values
The satisfied probability distribution, the confidence interval with 95% confidence is calculated by utilizing the heavy tail distribution and the Markov inequality, if the true response value y t+1 …y t+n The probability distribution is not in the predicted confidence interval, the system is considered to be attacked, and in order to balance the detection rate and the false alarm rate, the following two strategies are adopted:
(1) selecting n as 3, i.e. detecting from x t+1 To x t+3 If all the 3 groups of data can not pass the probability distribution test, the system state is considered to be changed and the system is attacked by replay;
(2) selecting n as 5, i.e. detectingx t+1 To x t+5 If three or more groups of 5 groups of data fail to pass the probability distribution test, the system state is considered to be changed and the replay attack is applied.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210065078.6A CN114563996B (en) | 2022-01-20 | 2022-01-20 | Physical watermark detection method for industrial control system replay attack |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210065078.6A CN114563996B (en) | 2022-01-20 | 2022-01-20 | Physical watermark detection method for industrial control system replay attack |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114563996A CN114563996A (en) | 2022-05-31 |
| CN114563996B true CN114563996B (en) | 2022-07-26 |
Family
ID=81712747
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210065078.6A Active CN114563996B (en) | 2022-01-20 | 2022-01-20 | Physical watermark detection method for industrial control system replay attack |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114563996B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106599997A (en) * | 2016-12-20 | 2017-04-26 | 中兴软创科技股份有限公司 | Zero dynamic-based industrial control attack detection and identification method and system |
| CN110852363A (en) * | 2019-10-31 | 2020-02-28 | 大连理工大学 | Anti-sample defense method based on deception attacker |
| CN111679657A (en) * | 2020-06-23 | 2020-09-18 | 中国核动力研究设计院 | Attack detection method and system based on industrial control equipment signals |
| CN111698257A (en) * | 2020-06-17 | 2020-09-22 | 武汉科技大学 | Industrial information physical system security detection method for multi-class malicious attacks |
| CN113778054A (en) * | 2021-09-09 | 2021-12-10 | 大连理工大学 | Double-stage detection method for industrial control system attack |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11159540B2 (en) * | 2018-09-27 | 2021-10-26 | General Electric Company | Dynamic physical watermarking for attack detection in cyber-physical systems |
| US11503045B2 (en) * | 2019-01-30 | 2022-11-15 | General Electric Company | Scalable hierarchical abnormality localization in cyber-physical systems |
-
2022
- 2022-01-20 CN CN202210065078.6A patent/CN114563996B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106599997A (en) * | 2016-12-20 | 2017-04-26 | 中兴软创科技股份有限公司 | Zero dynamic-based industrial control attack detection and identification method and system |
| CN110852363A (en) * | 2019-10-31 | 2020-02-28 | 大连理工大学 | Anti-sample defense method based on deception attacker |
| CN111698257A (en) * | 2020-06-17 | 2020-09-22 | 武汉科技大学 | Industrial information physical system security detection method for multi-class malicious attacks |
| CN111679657A (en) * | 2020-06-23 | 2020-09-18 | 中国核动力研究设计院 | Attack detection method and system based on industrial control equipment signals |
| CN113778054A (en) * | 2021-09-09 | 2021-12-10 | 大连理工大学 | Double-stage detection method for industrial control system attack |
Non-Patent Citations (4)
| Title |
|---|
| 《Secure Control Against Replay Attacks》;Yilin Mo, Bruno Sinopoli;《IEEE》;20091002;全文 * |
| 《网络控制系统中重放攻击的检测与对策》;甄玉磊-20170215;《中国优秀硕士学位论文全文数据库》;20170215;全文 * |
| 《重放攻击下多智能体系统的一致性问题研究》;王玲;《中国优秀硕士学位论文全文数据库》;20220115;全文 * |
| 《针对网络控制系统中隐蔽性重放攻击的水印检测方法研究》;史立明;《中国优秀硕士学位论文全文数据库》;20220115;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114563996A (en) | 2022-05-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10698378B2 (en) | Industrial control system smart hardware monitoring | |
| Carcano et al. | A multidimensional critical state analysis for detecting intrusions in SCADA systems | |
| US11689544B2 (en) | Intrusion detection via semantic fuzzing and message provenance | |
| Wang et al. | Detection and isolation of false data injection attacks in smart grids via nonlinear interval observer | |
| US20160330225A1 (en) | Systems, Methods, and Devices for Detecting Anomalies in an Industrial Control System | |
| Jiang et al. | Defense mechanisms against data injection attacks in smart grid networks | |
| KR20170121717A (en) | Domain level threat detection for industrial asset control system | |
| Raciti et al. | Embedded cyber-physical anomaly detection in smart meters | |
| CN104052730A (en) | Intelligent Cyberphysical Intrusion Detection And Prevention Systems And Methods For Industrial Control Systems | |
| US20200285738A1 (en) | Process-centric security measurement of cyber-physical systems | |
| Khalili et al. | SIDS: State-based intrusion detection for stage-based cyber physical systems | |
| US11657150B2 (en) | Two-dimensionality detection method for industrial control system attacks | |
| Milošević et al. | Quantifying the impact of cyber-attack strategies for control systems equipped with an anomaly detector | |
| Iturbe et al. | On the feasibility of distinguishing between process disturbances and intrusions in process control systems using multivariate statistical process control | |
| CA2927826C (en) | Industrial control system smart hardware monitoring | |
| CN110826888B (en) | Data integrity attack detection method in power system dynamic state estimation | |
| CN109344610A (en) | The detection method and device of sequence attack | |
| CN114563996B (en) | Physical watermark detection method for industrial control system replay attack | |
| Xu et al. | A unified framework for secured energy resource management in smart grid | |
| Gao | Cyberthreats, attacks and intrusion detection in supervisory control and data acquisition networks | |
| Golabi et al. | Detecting false data injection attacks in linear parameter varying cyber-physical systems | |
| McQueen et al. | ‘known secure sensor measurements’ for critical infrastructure systems: Detecting falsification of system state | |
| Ge et al. | Detecting Data Integrity Attacks in Smart Grid | |
| Qassim et al. | An anomaly detection technique for deception attacks in industrial control systems | |
| Turanzas et al. | A nested decision tree for event detection in smart grids |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |