CN115037649A - Safety monitoring method and monitoring machine for operation environment of field station - Google Patents
Safety monitoring method and monitoring machine for operation environment of field station Download PDFInfo
- Publication number
- CN115037649A CN115037649A CN202210680791.1A CN202210680791A CN115037649A CN 115037649 A CN115037649 A CN 115037649A CN 202210680791 A CN202210680791 A CN 202210680791A CN 115037649 A CN115037649 A CN 115037649A
- Authority
- CN
- China
- Prior art keywords
- equipment
- information
- model
- downloadable
- devices
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000012544 monitoring process Methods 0.000 title claims abstract description 32
- 238000000034 method Methods 0.000 title claims abstract description 27
- 238000012216 screening Methods 0.000 claims abstract description 9
- 238000001514 detection method Methods 0.000 claims description 23
- 238000012795 verification Methods 0.000 claims description 7
- 238000004891 communication Methods 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000015556 catabolic process Effects 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 230000009545 invasion Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0631—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0805—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
- H04L43/0817—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking functioning
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/02—Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Environmental & Geological Engineering (AREA)
- Small-Scale Networks (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method and a monitoring machine for monitoring the operation environment safety of an outdoor station, wherein the method comprises the following steps: scanning each device in the field station according to a preset network segment to obtain an IP address and an MAC address of each device; determining an open port number of each device according to the IP address of each device, and determining the device model of each device according to the open port number; acquiring firmware information of each device according to the device model of each device; screening a plurality of second devices with downloadable running programs according to the device models of the devices, and downloading the corresponding downloadable running programs; calculating the one-way hash value of each downloaded running program; and matching the device model, the IP address, the MAC address and the firmware information of each device and the one-way hash value of the downloadable operation program of each second device with the pre-stored device information in the preset device information database, and judging that the operation environment of the field station is unsafe and generating early warning information when unmatched devices are determined.
Description
Technical Field
The invention relates to the technical field of safety monitoring of a field station, in particular to a safety monitoring method and a monitoring machine for a field station operating environment.
Background
In order to meet the requirements of weather detection, field communication, field environment monitoring and the like, various types of field stations/cabinets are usually arranged in the field, and data acquisition, uploading or downloading is realized through various detection devices and communication devices arranged in the field stations so as to complete various field tasks. And because the outdoor station is unsupervised, easily receive the deliberate destruction, steal or replace various equipment of outdoor station, maliciously falsify the operation procedure of equipment etc. if do not monitor the operational environment of outdoor station, the data of outdoor station is revealed, control center receives the invasion scheduling problem very easily to take place, therefore how to realize the operational environment safety monitoring to outdoor station is a problem that needs to solve urgently.
Disclosure of Invention
The embodiment of the invention provides a method and a monitoring machine for monitoring the operating environment safety of a field station, which can monitor the operating environment safety of the field station.
An embodiment of the invention provides a method for monitoring the safety of an operation environment of an off-site station, which comprises the following steps: scanning each device in the field station according to a preset network segment to obtain an IP address and an MAC address of each device;
determining an open port number of each device according to the IP address of each device, and then determining the device model of each device according to the open port number;
acquiring firmware information of each device according to the device model of each device;
screening a plurality of second devices with downloadable running programs according to the device models of the devices, and downloading the downloadable running programs corresponding to the second devices; calculating the one-way hash value of each downloaded running program;
and matching the equipment model, the IP address, the MAC address and the firmware information of each piece of equipment and the one-way hash value of the downloadable operation program corresponding to each piece of second equipment with pre-stored equipment information in a preset equipment information database, and judging that the operating environment of the field station is unsafe when unmatched equipment is determined to exist, so as to generate early warning information.
Further, before scanning each device in the field station according to the preset network segment, the method further includes:
and detecting the current CPU occupancy rate and the current memory occupancy rate of the switch in the off-site station, and starting scanning of each device in the off-site station when the current CPU occupancy rate and the current memory occupancy rate meet preset threshold conditions.
Further, the determining the device model of each device according to the open port number specifically includes:
matching suspected equipment models corresponding to the equipment and handshake protocols corresponding to the suspected equipment models in a preset detectable equipment information base according to the open port numbers of the equipment;
and performing handshake verification on each device one by one according to the handshake protocol of the suspected device model corresponding to each device, and determining the device model of each device according to the handshake protocol based on which handshake is successful.
Further, the acquiring the firmware information of each device according to the device model of each device specifically includes:
matching a firmware information question-answering protocol corresponding to each device from a preset detectable device information base according to the device model of each device;
and accessing each device according to the firmware information question-answering protocol of each device so as to enable each device to feed back the firmware information of each device.
Further, a plurality of second devices that possess downloadable operation program are screened out according to the device model of each device, specifically include:
and inquiring whether a corresponding downloadable program exists in a preset detectable device information base according to the device model of each device, and then using the device with the corresponding downloadable running program as the second device.
On the basis of the above method embodiment, another embodiment of the present invention correspondingly provides a safety monitoring machine for operation environment of an external station, where the safety monitoring machine for operation environment of an external station includes: the device comprises an ARP detection module, an equipment basic information detection module, an equipment firmware detection module, an operating program detection module and an alarm module;
the ARP detection module is used for scanning each device in the field station according to a preset network segment to obtain the IP address and the MAC address of each device;
the device basic information detection module is used for determining the open port number of each device according to the IP address of each device and then determining the device model of each device according to the open port number;
the equipment firmware detection module is used for acquiring the firmware information of each equipment according to the equipment model of each equipment;
the running program detection module is used for screening a plurality of second devices with downloadable running programs according to the device models of the devices and downloading the downloadable running programs corresponding to the second devices; calculating the one-way hash value of each downloaded running program;
and the alarm module is used for matching the equipment model, the IP address, the MAC address and the firmware information of each piece of equipment and the one-way hash value of the downloadable operation program corresponding to each piece of second equipment with the pre-stored equipment information in the preset equipment information database, judging that the operation environment of the field station is unsafe when unmatched equipment is determined, and generating early warning information.
Further, the method also comprises the following steps: a detection arrangement module; the detecting and arranging module is used for detecting the current CPU occupancy rate and the current memory occupancy rate of the switch in the off-site station and controlling the ARP detecting module to start scanning each device in the off-site station when the current CPU occupancy rate and the current memory occupancy rate meet the preset threshold condition.
Further, the device basic information detecting module determines the device model of each device according to the open port number, and specifically includes: matching suspected equipment models corresponding to the equipment and handshake protocols corresponding to the suspected equipment models in a preset detectable equipment information base according to the open port numbers of the equipment; and performing handshake verification on the devices one by one according to the handshake protocols of the suspected device models corresponding to the devices, and determining the device models of the devices according to the handshake protocols based on successful handshake.
Further, the device firmware detecting module obtains the firmware information of each device according to the device model of each device, and specifically includes: matching a firmware information question-answer protocol corresponding to each device from a preset detectable device information base according to the device model of each device; and accessing each device according to the firmware information question-answering protocol of each device so as to enable each device to feed back the firmware information of each device.
Further, the running program detecting module screens out a plurality of second devices with downloadable running programs according to the device models of the devices, and the method specifically comprises the following steps: and inquiring whether a corresponding downloadable program exists in a preset detectable device information base according to the device model of each device, and then using the device with the corresponding downloadable running program as the second device.
The embodiment of the invention has the following beneficial effects:
the embodiment of the invention provides a method and a device for monitoring the operating environment safety of a field station, wherein the method monitors the operating environment of the field station in several dimensions of equipment model, IP address, MAC address, firmware information and one-way hash value of a downloadable operating program of each equipment in the field station, judges whether the operating environment of the field station is safe or not, and carries out early warning if the operating environment is not safe, thereby realizing the monitoring of the operating environment safety of the field station.
Drawings
Fig. 1 is a schematic flow chart of a method for monitoring safety of an operating environment of an external station according to an embodiment of the present invention.
Fig. 2 is a schematic flow chart of a method for monitoring safety of an operating environment of an outstation according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
As shown in fig. 1, an embodiment of the present invention provides a method for monitoring safety of an operating environment of an outstation, which at least includes the following steps:
step S101: scanning each device in the field station according to a preset network segment to obtain an IP address and an MAC address of each device;
step S102, determining an open port number of each device according to the IP address of each device, and then determining the device model of each device according to the open port number;
step S103, acquiring firmware information of each device according to the device model of each device;
s104, screening a plurality of second devices with downloadable running programs according to the device models of the devices, and downloading the downloadable running programs corresponding to the second devices; calculating the one-way hash value of each downloaded running program;
and S105, matching the device model, the IP address, the MAC address and the firmware information of each device and the one-way hash value of the downloadable operation program corresponding to each second device with pre-stored device information in a preset device information database, judging that the operation environment of the field station is unsafe when unmatched devices are determined, and generating early warning information.
For step S101, in a preferred embodiment, before scanning each device in the off-site station according to the preset network segment, the method further includes: the method comprises the steps of scanning an internal network of the switch of the field station through a network card interface, detecting the current CPU occupancy rate and the current memory occupancy rate of the switch of the field station, and starting scanning of each device in the field station when the current CPU occupancy rate and the current memory occupancy rate meet the preset threshold condition. It can be understood that when the current CPU occupancy rate and the current memory occupancy rate do not satisfy the preset threshold condition, subsequent operations such as scanning each device in the field station according to the preset network segment are not executed. Illustratively, the preset threshold condition is: the current CPU occupancy is smaller than a first preset threshold and the memory occupancy is smaller than a second preset threshold, and it should be noted that the specific values of the first preset threshold and the second preset threshold may be limited according to actual situations. By setting the limiting condition for starting scanning before scanning, whether to start subsequent scanning operation can be determined according to the real-time network condition, and the switch breakdown caused by scanning is avoided.
After scanning is started, ping response access is firstly carried out in a preset network segment, IP addresses corresponding to all the equipment are obtained after the equipment responds, then a network ARP protocol is operated, MAC addresses corresponding to all the IP addresses are obtained, and therefore the IP addresses and the MAC addresses of all the equipment are obtained.
For step S102, in a preferred embodiment, the determining the device model of each device according to the open port number specifically includes:
matching suspected equipment models corresponding to the equipment and handshake protocols corresponding to the suspected equipment models in a preset detectable equipment information base according to the open port numbers of the equipment; and performing handshake verification on each device one by one according to the handshake protocol of the suspected device model corresponding to each device, and determining the device model of each device according to the handshake protocol based on which handshake is successful.
Specifically, for a certain device, for example, device a, after acquiring an IP address and a MAC address of device a, each port of device a is scanned according to the IP address of device a to find an open port of device a, and then an open port number of device a is determined. The open port number is matched with information stored in a preset detectable device information base, each open port number, the device model corresponding to each open port number and the handshake protocol of each device model (one open port number can correspond to a plurality of device models) are stored in the detectable device information base, the device model corresponding to the open port number of the device A can be obtained from the detectable device information base through simple matching, the device models are used as the suspected device models, and the handshake protocol corresponding to each suspected device model is further obtained. After the handshake protocol is acquired, handshake verification is performed on the equipment A one by one according to the acquired handshake protocol, and finally the suspected equipment model corresponding to the handshake protocol when the handshake is successful is used as the equipment model of the equipment A.
For step S103, the acquiring the firmware information of each device according to the device model of each device specifically includes: matching a firmware information question-answering protocol corresponding to each device from a preset detectable device information base according to the device model of each device; and accessing each device according to the firmware information question-answering protocol of each device so as to enable each device to feed back the firmware information (including the firmware version number) of each device.
Specifically, taking the device a as an example, the detectable device information base stores each device model and a firmware information access protocol corresponding to each device model, the device model of the device a is matched with the device model stored in the detectable device information base, the firmware information access protocol corresponding to the device a is obtained, then the device a is accessed according to the firmware information access protocol, and the device a feeds back corresponding firmware information.
For step S104, in a preferred embodiment, screening out a plurality of second devices having downloadable running programs according to the device model of each device specifically includes: and inquiring whether a corresponding downloadable program exists in a preset detectable device information base according to the device model of each device, and then using the device with the corresponding downloadable running program as the second device.
Specifically, each device model and a downloadable running program corresponding to each device model are stored in the detectable device information base (if the device does not have the downloadable running program, the corresponding downloadable running program in the detectable device information base is empty), and whether each device has the downloadable running program or not can be determined by matching the device model of each device in the detectable device information base, and if so, the corresponding downloadable running program is downloaded from the detectable device information base; for example, assume that device a has a downloadable running program, at which time the downloadable program of device a is downloaded, and then a one-way hash value of the program is calculated.
For step S105, specifically, the preset device information database stores the pre-stored device information of each legal device in the field station; the pre-stored device information includes: the device model, the IP address, the MAC address, the firmware information and the one-way hash value of the downloadable running program corresponding to each device model (the value of the device without the downloadable running program is null); matching the device model, the IP address, the MAC address and the firmware information of each device obtained in the previous steps and the one-way hash value of the downloadable running program corresponding to each second device with pre-stored device information, and if the device model, the IP address, the MAC address and the firmware information of each second device are not matched, judging that the operating environment of the field station is unsafe and generating early warning information;
the following cases are schematically classified:
1. and if the equipment with the consistent equipment model, IP address and MAC address is not matched with the preset equipment information database, judging that unmatched illegal equipment exists, and generating early warning information of existence of illegal equipment and unsafe operation environment of the field station.
2. If the equipment with the same model, IP address and MAC address is matched and the equipment firmware information is not consistent, judging that the equipment firmware is abnormally changed, and generating early warning information of 'abnormal equipment firmware and unsafe operation environment of a field station';
3. the device with the consistent device model, IP address, MAC address and device firmware information is matched, but the one-way hash value of the downloadable running program is inconsistent, the running program of the device is judged to be illegally modified, and the early warning information of 'the running program is tampered and the running environment of the field station is unsafe' is generated.
As shown in fig. 2, on the basis of the above embodiment of the method, another embodiment of the present invention provides a safety monitoring machine for operation environment of an outstation, including: the device comprises an ARP detection module, a device basic information detection module, a device firmware detection module, an operation program detection module and an alarm module;
the ARP detection module is used for scanning each device in the field station according to a preset network segment to obtain the IP address and the MAC address of each device;
the device basic information detection module is used for determining an open port number of each device according to the IP address of each device, and then determining the device model of each device according to the open port number;
the equipment firmware detection module is used for acquiring the firmware information of each equipment according to the equipment model of each equipment;
the running program detection module is used for screening a plurality of second devices with downloadable running programs according to the device models of the devices and downloading the downloadable running programs corresponding to the second devices; calculating the one-way hash value of each downloaded running program;
and the alarm module is used for matching the equipment model, the IP address, the MAC address and the firmware information of each piece of equipment and the one-way hash value of the downloadable operation program corresponding to each piece of second equipment with the pre-stored equipment information in the preset equipment information database, judging that the operation environment of the field station is unsafe when unmatched equipment is determined, and generating early warning information.
In a preferred embodiment, further comprising: a detection arrangement module; the detecting and arranging module is used for detecting the current CPU occupancy rate and the current memory occupancy rate of the switch in the off-site station and controlling the ARP detecting module to start scanning each device in the off-site station when the current CPU occupancy rate and the current memory occupancy rate meet the preset threshold condition.
In a preferred embodiment, the determining, by the device basic information detecting module, the device model of each device according to the open port number specifically includes: matching suspected equipment models corresponding to the equipment and handshake protocols corresponding to the suspected equipment models in a preset detectable equipment information base according to the open port numbers of the equipment; and performing handshake verification on each device one by one according to the handshake protocol of the suspected device model corresponding to each device, and determining the device model of each device according to the handshake protocol based on which handshake is successful.
In a preferred embodiment, the acquiring, by the device firmware detecting module, the firmware information of each device according to the device model of each device specifically includes: matching a firmware information question-answering protocol corresponding to each device from a preset detectable device information base according to the device model of each device; and accessing each device according to the firmware information question-answering protocol of each device so as to enable each device to feed back the firmware information of each device.
In a preferred embodiment, the screening, by the running program detecting module, a plurality of second devices having downloadable running programs according to the device model of each device specifically includes: and inquiring whether a corresponding downloadable program exists in a preset detectable device information base according to the device model of each device, and then using the device with the corresponding downloadable running program as the second device.
While the foregoing is directed to the preferred embodiment of the present invention, it will be understood by those skilled in the art that various changes and modifications may be made without departing from the spirit and scope of the invention.
Claims (10)
1. A method for monitoring the safety of the operation environment of an off-site station is characterized by comprising the following steps:
scanning each device in the field station according to a preset network segment to obtain an IP address and an MAC address of each device;
determining an open port number of each device according to the IP address of each device, and then determining the device model of each device according to the open port number;
acquiring firmware information of each device according to the device model of each device;
screening a plurality of second devices with downloadable running programs according to the device models of the devices, and downloading the downloadable running programs corresponding to the second devices; calculating the one-way hash value of each downloaded running program;
and matching the equipment model, the IP address, the MAC address and the firmware information of each piece of equipment and the one-way hash value of the downloadable operation program corresponding to each piece of second equipment with pre-stored equipment information in a preset equipment information database, and judging that the operating environment of the field station is unsafe when unmatched equipment is determined to exist, so as to generate early warning information.
2. The method for monitoring the operation environment safety of the field station according to claim 1, wherein before scanning each device in the field station according to the preset network segment, the method further comprises:
and detecting the current CPU occupancy rate and the current memory occupancy rate of the switch in the off-site station, and starting scanning of each device in the off-site station when the current CPU occupancy rate and the current memory occupancy rate meet the preset threshold condition.
3. The method for monitoring the operating environment safety of the field station according to claim 1, wherein the determining the device model of each device according to the open port number specifically includes:
matching suspected equipment models corresponding to the equipment and handshake protocols corresponding to the suspected equipment models in a preset detectable equipment information base according to the open port numbers of the equipment;
and performing handshake verification on the devices one by one according to the handshake protocols of the suspected device models corresponding to the devices, and determining the device models of the devices according to the handshake protocols based on successful handshake.
4. The method for monitoring the operating environment safety of the field station according to claim 1, wherein the acquiring the firmware information of each device according to the device model of each device specifically comprises:
matching a firmware information question-answering protocol corresponding to each device from a preset detectable device information base according to the device model of each device;
and accessing each device according to the firmware information question-answering protocol of each device so as to enable each device to feed back the firmware information of each device.
5. The method for monitoring the operating environment safety of the field station according to claim 1, wherein a plurality of second devices with downloadable operating programs are screened out according to the device model of each device, and the method specifically comprises the following steps:
and inquiring whether a corresponding downloadable program exists in a preset detectable device information base according to the device model of each device, and then using the device with the corresponding downloadable running program as the second device.
6. The utility model provides an outstation operational environment safety monitoring machine which characterized in that includes: the device comprises an ARP detection module, a device basic information detection module, a device firmware detection module, an operation program detection module and an alarm module;
the ARP detection module is used for scanning each device in the field station according to a preset network segment to obtain the IP address and the MAC address of each device;
the device basic information detection module is used for determining the open port number of each device according to the IP address of each device and then determining the device model of each device according to the open port number;
the equipment firmware detection module is used for acquiring the firmware information of each equipment according to the equipment model of each equipment;
the running program detection module is used for screening a plurality of second devices with downloadable running programs according to the device models of the devices and downloading the downloadable running programs corresponding to the second devices; calculating the one-way hash value of each downloaded running program;
and the alarm module is used for matching the equipment model, the IP address, the MAC address and the firmware information of each piece of equipment and the one-way hash value of the downloadable operation program corresponding to each piece of second equipment with the pre-stored equipment information in the preset equipment information database, judging that the operation environment of the field station is unsafe when unmatched equipment is determined, and generating early warning information.
7. The off-site station operational environment safety monitoring machine of claim 6, further comprising: a detection arrangement module; the detecting and arranging module is used for detecting the current CPU occupancy rate and the current memory occupancy rate of the switch in the off-site station and controlling the ARP detecting module to start scanning each device in the off-site station when the current CPU occupancy rate and the current memory occupancy rate meet the preset threshold condition.
8. The safety monitoring machine for operation environment of an outstation according to claim 6, wherein the device basic information detecting module determines the device model of each device according to the open port number, and specifically includes:
matching suspected equipment models corresponding to the equipment and handshake protocols corresponding to the suspected equipment models in a preset detectable equipment information base according to the open port numbers of the equipment;
and performing handshake verification on each device one by one according to the handshake protocol of the suspected device model corresponding to each device, and determining the device model of each device according to the handshake protocol based on which handshake is successful.
9. The safety monitoring machine for operation environment of an outside plant as claimed in claim 6, wherein the device firmware detecting module obtains the firmware information of each device according to the device model of each device, and specifically comprises:
matching a firmware information question-answering protocol corresponding to each device from a preset detectable device information base according to the device model of each device;
and accessing each device according to the firmware information question-answering protocol of each device so as to enable each device to feed back the firmware information of each device.
10. The safety monitoring machine for operation environment of an outside-field station as claimed in claim 6, wherein the operation program detecting module screens out a plurality of second devices having downloadable operation programs according to device models of the devices, specifically comprising:
and inquiring whether a corresponding downloadable program exists in a preset detectable device information base according to the device model of each device, and then using the device with the corresponding downloadable running program as the second device.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210680791.1A CN115037649B (en) | 2022-06-16 | 2022-06-16 | Method and machine for safely monitoring running environment of field station |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210680791.1A CN115037649B (en) | 2022-06-16 | 2022-06-16 | Method and machine for safely monitoring running environment of field station |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115037649A true CN115037649A (en) | 2022-09-09 |
| CN115037649B CN115037649B (en) | 2024-03-01 |
Family
ID=83124692
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210680791.1A Active CN115037649B (en) | 2022-06-16 | 2022-06-16 | Method and machine for safely monitoring running environment of field station |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115037649B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108696544A (en) * | 2018-09-05 | 2018-10-23 | 杭州安恒信息技术股份有限公司 | Security breaches detection method based on industrial control system and device |
| CN111830928A (en) * | 2020-06-08 | 2020-10-27 | 杭州电子科技大学 | Fuzzy test method for industrial control equipment firmware |
| US20200389472A1 (en) * | 2019-06-05 | 2020-12-10 | Vmware, Inc. | Stateful rule generation for behavior based threat detection |
| CN112198538A (en) * | 2020-09-11 | 2021-01-08 | 中交第二公路勘察设计研究院有限公司 | Beidou-based field reconnaissance personnel safety monitoring method and system |
| WO2021046771A1 (en) * | 2019-09-11 | 2021-03-18 | 华为技术有限公司 | Security detection method and device |
| CN113095189A (en) * | 2021-04-01 | 2021-07-09 | 武汉一维路科技有限公司 | Machine vision and data analysis-based intelligent monitoring and management system for operating environment safety of power system transformer substation |
| CN114462046A (en) * | 2022-01-07 | 2022-05-10 | 济南超级计算技术研究院 | Decompilation-based intelligent IoT equipment firmware safety detection method and system |
-
2022
- 2022-06-16 CN CN202210680791.1A patent/CN115037649B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108696544A (en) * | 2018-09-05 | 2018-10-23 | 杭州安恒信息技术股份有限公司 | Security breaches detection method based on industrial control system and device |
| US20200389472A1 (en) * | 2019-06-05 | 2020-12-10 | Vmware, Inc. | Stateful rule generation for behavior based threat detection |
| WO2021046771A1 (en) * | 2019-09-11 | 2021-03-18 | 华为技术有限公司 | Security detection method and device |
| CN111830928A (en) * | 2020-06-08 | 2020-10-27 | 杭州电子科技大学 | Fuzzy test method for industrial control equipment firmware |
| CN112198538A (en) * | 2020-09-11 | 2021-01-08 | 中交第二公路勘察设计研究院有限公司 | Beidou-based field reconnaissance personnel safety monitoring method and system |
| CN113095189A (en) * | 2021-04-01 | 2021-07-09 | 武汉一维路科技有限公司 | Machine vision and data analysis-based intelligent monitoring and management system for operating environment safety of power system transformer substation |
| CN114462046A (en) * | 2022-01-07 | 2022-05-10 | 济南超级计算技术研究院 | Decompilation-based intelligent IoT equipment firmware safety detection method and system |
Non-Patent Citations (1)
| Title |
|---|
| 邓科;张海庭;孙振;李挺;王广民;王向宇;: "智能变电站站控层设备监测系统设计及应用", 电力系统保护与控制, no. 19 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115037649B (en) | 2024-03-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR102666283B1 (en) | System and method for monitoring intrusion anomalies in an automotive environment | |
| CN109922160B (en) | Terminal secure access method, device and system based on power Internet of things | |
| US9817391B2 (en) | Security system for industrial control infrastructure | |
| CN108092970B (en) | Wireless network maintenance method and equipment, storage medium and terminal thereof | |
| CN112469044A (en) | Edge access control method and controller for heterogeneous terminal | |
| CN107395451B (en) | Processing method, device and equipment for internet traffic abnormity and storage medium | |
| CN113381876A (en) | Bus log collection method based on intelligent gateway and intelligent gateway | |
| CN106604316B (en) | Method, device and system for positioning fault of wireless access equipment | |
| CN109561487B (en) | Method and device for reducing energy consumption of mobile terminal and mobile terminal | |
| CN115037649A (en) | Safety monitoring method and monitoring machine for operation environment of field station | |
| US20180316700A1 (en) | Data security inspection mechanism for serial networks | |
| US11621972B2 (en) | System and method for protection of an ICS network by an HMI server therein | |
| CN109936528B (en) | Monitoring method, device, equipment and system | |
| CN110493240B (en) | Website tampering detection method and device, storage medium and electronic device | |
| CN111510443B (en) | Terminal monitoring method and terminal monitoring device based on equipment portrait | |
| CN114969798B (en) | Industrial data safety management method based on digital middlebox | |
| CN113987515A (en) | Vulnerability threat discovery method and system based on intelligent matching | |
| CN111866003A (en) | Risk assessment method and device for terminal | |
| CN111950040A (en) | Environment sensing method and device of terminal equipment, computer equipment and storage medium | |
| CN116095683B (en) | Network security protection method and device for wireless router | |
| US20210266240A1 (en) | Embedded intrusion detection system on a chipset or device for use in connected hardware | |
| CN115664737B (en) | Intrusion detection system and method | |
| US20200258090A1 (en) | Device safety notification method and system | |
| CN112233389A (en) | Local area energy Internet system and alarm method | |
| CN107992735B (en) | Information processing method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |