CN115114626B - Industrial equipment code detection method, system, computer equipment and storage medium - Google Patents

Industrial equipment code detection method, system, computer equipment and storage medium Download PDF

Info

Publication number
CN115114626B
CN115114626B CN202211028837.8A CN202211028837A CN115114626B CN 115114626 B CN115114626 B CN 115114626B CN 202211028837 A CN202211028837 A CN 202211028837A CN 115114626 B CN115114626 B CN 115114626B
Authority
CN
China
Prior art keywords
code
sub
codes
test area
control code
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202211028837.8A
Other languages
Chinese (zh)
Other versions
CN115114626A (en
Inventor
杨浩
肖勇才
章玲玲
徐健
刘旷也
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Corp of China SGCC
Electric Power Research Institute of State Grid Jiangxi Electric Power Co Ltd
Original Assignee
State Grid Corp of China SGCC
Electric Power Research Institute of State Grid Jiangxi Electric Power Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Corp of China SGCC, Electric Power Research Institute of State Grid Jiangxi Electric Power Co Ltd filed Critical State Grid Corp of China SGCC
Priority to CN202211028837.8A priority Critical patent/CN115114626B/en
Publication of CN115114626A publication Critical patent/CN115114626A/en
Application granted granted Critical
Publication of CN115114626B publication Critical patent/CN115114626B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/563Static detection by source code analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/568Computer malware detection or handling, e.g. anti-virus arrangements eliminating virus, restoring damaged files
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/02Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Virology (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Tests Of Electronic Circuits (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention relates to the technical field of code detection, and particularly discloses a method and a system for detecting codes of industrial equipment, computer equipment and a storage medium, wherein the method comprises the steps of carrying out primary detection on control codes, and inputting the control codes into a preset test area containing a transmission regulation port when the control codes pass the primary detection; dividing the control code into sub-codes in the test area, performing secondary detection on the sub-codes, and determining the risk value of each sub-code; and packaging the secondary detection result in the test area according to the risk value of each subcode, feeding back the secondary detection result to the outside of the test area and displaying the secondary detection result. The feasibility detection is carried out on the control codes, when the feasibility detection process passes, the control codes are input into the relatively independent test area, the control codes are further detected, the detection results are encrypted and then fed back to workers, malicious monitoring programs are prevented from knowing the detection results and organizing attacks, and safety in the code detection process is improved.

Description

Industrial equipment code detection method, system, computer equipment and storage medium
Technical Field
The invention relates to the technical field of code detection, in particular to a code detection method for industrial equipment.
Background
The control code of the industrial equipment can reflect the production parameters of the production equipment, and the generation flow of the product can be determined according to the production parameters, so that if external personnel acquire the control code of the industrial equipment of the enterprise, the external personnel can completely produce the product of the enterprise; therefore, in the generation process of the industrial equipment control code, security management is required.
In the existing code compiling equipment, the safety can be mostly ensured, but in the code detection process, the safety needs to be improved; in the case that a malicious monitoring program is installed in the code detection equipment in advance, the malicious monitoring program can monitor which codes in the system have problems in the code detection process, and outside personnel can attack the problems in a time period when workers repair the problems; in a class ratio, when software such as a security guard is used for system repair, the security guard detects how many vulnerabilities exist in the system, then the vulnerability is displayed and told to a user, and in the process, the vulnerability is also told to be maliciously monitored, and the maliciously monitored can be conveniently attacked through the vulnerabilities. How to avoid this situation is a technical problem that the technical solution of the present invention intends to solve.
Disclosure of Invention
The present invention is directed to a method for detecting codes of industrial devices, so as to solve the problems mentioned in the background art.
In order to achieve the purpose, the invention provides the following technical scheme:
a method of industrial device code detection, the method comprising:
receiving a task linked list input by a user, inquiring a subcode corresponding to each task in a preset code library, and connecting the subcodes based on the task linked list to obtain a control code;
performing primary detection on the control code, and inputting the control code into a preset test area containing a transmission regulation port when the control code passes the primary detection;
dividing the control code into sub-codes in the test area, carrying out secondary detection on the sub-codes, and determining the risk value of each sub-code;
and packaging the secondary detection result in the test area according to the risk value of each subcode, feeding back the secondary detection result to the outside of the test area and displaying the secondary detection result.
As a further scheme of the invention: the step of receiving a task linked list input by a user, inquiring a subcode corresponding to each task in a preset code library, and connecting the subcodes based on the task linked list to obtain a control code comprises the following steps:
receiving a task chain table input by a user, and inquiring an execution module and a rated station thereof corresponding to each task in the task chain table; the rated station is used for representing a preset limit position of the execution module;
inquiring a control function of the execution module, and determining condition parameters of the control function according to a rated station to obtain a subcode;
and connecting the subcodes based on the sequence of the task linked list to obtain the control code.
As a further scheme of the invention: the step of performing primary detection on the control code, and inputting the control code into a preset test area containing a transmission regulation port when the control code passes the primary detection comprises the following steps:
traversing condition parameters of each sub-code in the query control code, and randomly determining input data containing module codes in the condition parameter range; the module codes point to the execution module corresponding to the sub-code;
inputting the input data into a control code according to the module code, and acquiring output data of all subcodes in the control code to obtain an output feature table;
sequentially inputting the input data and the corresponding output feature table into a preset equipment model, and receiving error reporting information;
and when the error reporting information is empty, inputting the control code into a preset test area containing a transmission adjusting port.
As a further scheme of the invention: the step of dividing the control code into sub-codes in the test area, performing secondary detection on the sub-codes, and determining the risk value of each sub-code includes steps S301 to S305:
step S301: traversing the condition parameters of all the sub-codes in the query control code in the test area, and determining a risk input set of all the sub-codes based on the condition parameters; the deviation rate of the data in the risk input set and the condition parameters is smaller than a preset deviation rate threshold value;
step S302: inquiring reference relations among all the sub-codes, and merging the risk input sets according to the reference relations;
step S303: sequentially and randomly reading input data in the combined risk input set, inputting the input data into a preset equipment model, and receiving error reporting information containing module codes;
step S304: repeating the steps S301 to S303, counting error information, inquiring and marking the corresponding subcodes of the module codes according to the module codes;
step S305: and counting the marking times of each sub-code, and determining the risk value of each sub-code according to the marking times.
As a further scheme of the invention: the step of traversing the condition parameters of each sub-code in the query control code in the test area and determining the risk input set of each sub-code based on the condition parameters comprises:
traversing the control codes, and positioning code distinguishing labels in the control codes;
splitting the control code into sub-codes according to the code distinguishing label;
extracting a judgment statement in the subcode, and reading a condition parameter in the judgment statement;
and calculating a condition range according to the condition parameters, and calculating a risk range taking the condition range as a center according to a preset deviation rate threshold and the condition range to serve as a risk input set.
As a further scheme of the invention: the test area opens the transmission adjusting port when receiving an input request of a control code, detects a data format in real time based on the transmission adjusting port, and reserves the control code based on the data format; and when the control code is transmitted, closing the transmission regulation port.
As a further scheme of the invention: the step of packing the secondary detection result in the test area according to the risk value of each subcode, feeding back the secondary detection result to the outside of the test area and displaying the secondary detection result comprises the following steps:
comparing the risk value with a preset risk threshold, and inquiring error reporting information corresponding to the subcode based on the established connection relation when the risk value reaches the preset risk threshold;
encrypting the position information and the error reporting information of the subcodes according to a preset encryption algorithm;
and feeding back the position information of the encrypted subcodes and the error reporting information thereof to the outside of the test area and displaying the position information and the error reporting information.
The technical scheme of the invention also provides an industrial equipment code detection system, which comprises:
the code generation module is used for receiving a task linked list input by a user, inquiring a subcode corresponding to each task in a preset code base, and connecting the subcodes based on the task linked list to obtain a control code;
the primary detection module is used for performing primary detection on the control code, and inputting the control code into a preset test area containing a transmission regulation port when the control code passes the primary detection;
the secondary detection module is used for segmenting the control code into sub-codes in the test area, carrying out secondary detection on the sub-codes and determining the risk value of each sub-code;
and the packaging display module is used for packaging the secondary detection result in the test area according to the risk value of each sub-code, feeding the secondary detection result back to the outside of the test area and displaying the secondary detection result.
The technical scheme of the invention also provides a computer device, which comprises one or more processors and one or more memories, wherein at least one program code is stored in the one or more memories, and when the program code is loaded and executed by the one or more processors, the industrial device code detection method is realized.
The technical scheme of the invention also provides a storage medium, wherein at least one program code is stored in the storage medium, and when the program code is loaded and executed by a processor, the industrial equipment code detection method is realized.
Compared with the prior art, the invention has the beneficial effects that: the feasibility detection is carried out on the control codes, when the feasibility detection process passes, the control codes are input into the relatively independent test area, the control codes are further detected, the detection results are encrypted and then fed back to workers, at the moment, the malicious monitoring program cannot know the detection results and cannot organize attacks naturally, and the safety in the code detection process is improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention.
FIG. 1 is a block flow diagram of a method for industrial equipment code detection.
FIG. 2 is a first sub-flow block diagram of an industrial equipment code detection method.
FIG. 3 is a second sub-flow block diagram of an industrial equipment code detection method.
FIG. 4 is a third sub-flow block diagram of an industrial equipment code detection method.
FIG. 5 is a fourth sub-flow block diagram of an industrial equipment code detection method.
Fig. 6 is a block diagram showing a configuration of the industrial equipment code detection system.
Detailed Description
In order to make the technical problems, technical solutions and advantageous effects of the present invention more clearly understood, the present invention is further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Example 1
Fig. 1 is a flowchart of an industrial device code detection method, and in an embodiment of the present invention, an industrial device code detection method includes steps S100 to S400:
step S100: receiving a task linked list input by a user, inquiring a subcode corresponding to each task in a preset code library, and connecting the subcodes based on the task linked list to obtain a control code;
for industrial equipment, it can receive and complete tasks, and this process involves many microprocessors and executors, which are controlled by programs, i.e. control codes; the control code corresponds to a task linked list; for each subtask, corresponding subcodes are obtained, in the existing intelligent industrial equipment, the subcodes are packaged in advance, and the subcodes can be directly generated only by inputting some simple instructions by workers.
Step S200: performing primary detection on the control code, and inputting the control code into a preset test area containing a transmission regulation port when the control code passes the primary detection;
after the control code is generated, detection is needed, and the purpose of the detection is to judge whether the control code can be downloaded to the industrial equipment and execute a task; if the detection result is that the control code can control the relevant microprocessor to execute the action, the control code is input into a test area for further detection; the test area comprises a transmission adjusting port which is an adjustable transmission port, in a colloquial way, the transmission speed of the transmission port can be adjusted, so that the detection process of the test area is not known by the outside;
step S300: dividing the control code into sub-codes in the test area, carrying out secondary detection on the sub-codes, and determining the risk value of each sub-code;
step S400: packing a secondary detection result in the test area according to the risk value of each sub-code, feeding back the secondary detection result to the outside of the test area and displaying the secondary detection result;
step S300 and step S400 both take place in the test area, carry out further detection to each subcode, the testing result is not known by the external world, and the external software of installing in the system can't know which subcodes are problematic, and only relevant staff can know, has greatly improved the security. If the test area is not set, the detection result is in a monitorable state, if some monitoring software has the authority, the detection result is easily inquired, in the process of bug repair by workers, the bug is completely in an exposed state, and the risk is extremely high.
Fig. 2 is a block diagram of a first sub-flow of the industrial device code detection method, where the step of receiving a task chain table input by a user, querying a sub-code corresponding to each task in a preset code library, and connecting the sub-codes based on the task chain table to obtain a control code includes steps S101 to S103:
step S101: receiving a task chain table input by a user, and inquiring an execution module corresponding to each task in the task chain table and a rated station thereof; the rated station is used for representing a preset limit position of the execution module;
step S102: inquiring a control function of the execution module, and determining condition parameters of the control function according to a rated station to obtain a subcode;
step S103: and connecting the subcodes based on the sequence of the task linked list to obtain the control code.
The task chain table is input by a user, each subtask corresponds to a related execution module, and a control function of the execution module can be inquired in a preset packaging library; on the basis, the rated stations of each task are inquired, some condition parameters are determined in the control function according to the rated stations, and the control function after the condition parameters are determined is the control code.
Fig. 3 is a second sub-flow block diagram of the industrial device code detection method, where the step of performing primary detection on the control code, and when the control code passes the primary detection, inputting the control code into a preset test area including a transmission adjustment port includes steps S201 to S204:
step S201: traversing condition parameters of each sub-code in the query control code, and randomly determining input data containing module codes in the condition parameter range; the module codes point to the execution module corresponding to the sub-code;
step S202: inputting the input data into a control code according to the module code, and acquiring output data of all subcodes in the control code to obtain an output feature table;
step S203: inputting the input data and the corresponding output feature table into a preset equipment model in sequence, and receiving error reporting information;
step S204: and when the error reporting information is empty, inputting the control code into a preset test area containing a transmission adjusting port.
The principle of the specific description of the primary detection process from step S201 to step S204 is that some data within an allowable range is determined based on each sub-code, and then the data is input into the control code, at this time, the output of other sub-codes is monitored, the output of all sub-codes is counted to obtain the output characteristics, the input and output characteristics are used as limits, the device model is input, and the primary detection process of the control code can be realized according to the error reporting information of the device model.
Specifically, the input and output characteristics are equivalent to defining the positions of the execution modules in the equipment model, and if a conflict exists between the execution modules, an error is reported.
Fig. 4 is a third sub-flow block diagram of the industrial device code detection method, where the step of dividing the control code into sub-codes in the test area, performing secondary detection on the sub-codes, and determining the risk value of each sub-code includes steps S301 to S305:
step S301: traversing condition parameters of all subcodes in the query control code in the test area, and determining a risk input set of all subcodes based on the condition parameters; the deviation rate of the data in the risk input set and the condition parameters is smaller than a preset deviation rate threshold value;
step S302: inquiring reference relations among all the sub-codes, and merging the risk input sets according to the reference relations;
step S303: sequentially and randomly reading input data in the combined risk input set, inputting the input data into a preset equipment model, and receiving error reporting information containing module codes;
step S304: repeating the steps S301 to S303, counting error information, inquiring and marking the corresponding subcodes of the module codes according to the module codes;
step S305: and counting the marking times of each sub-code, and determining the risk value of each sub-code according to the marking times.
Step S301 to step S305 describe the secondary detection process specifically, and the specific process is that firstly, the condition parameters of the subcode are counted, and the condition parameters refer to the conditions of some judgment or loop statements, which may be numerical values or logic;
secondly, clustering the subcodes, wherein the subcodes have the functions of controlling each execution module in the industrial equipment to move, each condition parameter corresponds to some preset limit positions, and research and development personnel often leave some room when setting the limit positions, and sometimes the execution modules can still work when exceeding the limit positions; the reason for clustering the subcodes is that the input of some subcodes is the output of another subcode, or the corresponding execution modules are mutually influenced, and the subcodes can be regarded as a whole;
finally, reading the condition parameters in sequence (one whole corresponds to one condition parameter), so that each execution module in the industrial equipment works at the limit position, and for a real industrial equipment which can be put into use, even if a plurality of execution modules work at the limit position, the interference between the execution modules is almost not existed (some extremely few interferences exist, and the staff can intentionally avoid the interference in work); the error reporting information fed back by each execution module reflects the specific interference condition, the interference condition is analyzed, and the subcodes are marked according to the analysis result; the risk of the execution module, which is the risk of possible damage to the equipment, can then be determined by counting the number of times each subcode is marked, typically by simulation in an equipment model.
Further, the step of traversing the condition parameters of each sub-code in the query control code in the test area and determining the risk input set of each sub-code based on the condition parameters includes:
traversing the control codes and positioning code distinguishing labels in the control codes;
splitting the control code into sub-codes according to the code distinguishing label;
extracting a judgment statement in the subcode, and reading a condition parameter in the judgment statement;
and calculating a condition range according to the condition parameters, and calculating a risk range taking the condition range as a center according to a preset deviation rate threshold and the condition range to serve as a risk input set.
The above description specifically describes the determination process of the risk input set, and the principle is similar to that of the primary detection process, but the difference is that the input data in the primary detection process is within the range of the composition of the condition parameters, and the input data in the secondary detection process is near the condition parameters.
It should be noted that the code distinguishing label is determined by the writing language of the code, for example, in C language, a bracket can be used as the code distinguishing label.
Specifically, when receiving an input request of a control code, the test area opens a transmission adjustment port, detects a data format in real time based on the transmission adjustment port, and reserves the control code based on the data format; and when the control code is transmitted, closing the transmission regulation port. The adjustment of the transmission adjustment port can ensure that the detection process of the test area is relatively independent.
Fig. 5 is a fourth sub-flow block diagram of the industrial device code detection method, where the step of packaging the secondary detection result in the test area according to the risk value of each sub-code, feeding back the secondary detection result to the outside of the test area and displaying the secondary detection result includes steps S401 to S403:
step S401: comparing the risk value with a preset risk threshold, and inquiring error reporting information corresponding to the subcode based on the established connection relation when the risk value reaches the preset risk threshold;
step S402: encrypting the position information and error reporting information of the subcodes according to a preset encryption algorithm;
step S403: and feeding back the position information of the encrypted subcodes and the error reporting information thereof to the outside of the test area and displaying the position information and the error reporting information.
Steps S401 to S403 are information feedback processes, and it is worth mentioning that the decryption algorithm corresponding to the encryption algorithm is saved by the staff.
Example 2
Fig. 6 is a block diagram of a component structure of an industrial device code detection system, and in an embodiment of the present invention, an industrial device code detection system 10 includes:
the code generation module 11 is configured to receive a task linked list input by a user, query a subcode corresponding to each task in a preset code base, and connect the subcode based on the task linked list to obtain a control code;
the primary detection module 12 is configured to perform primary detection on the control code, and when the control code passes the primary detection, input the control code into a preset test area that includes a transmission adjustment port;
a secondary detection module 13, configured to segment the control code into sub-codes in the test area, perform secondary detection on the sub-codes, and determine a risk value of each sub-code;
and the packaging display module 14 is used for packaging the secondary detection result in the test area according to the risk value of each sub-code, feeding the secondary detection result back to the outside of the test area and displaying the secondary detection result.
The functions that can be performed by the industrial device code detection method are performed by a computer device that includes one or more processors and one or more memories having at least one program code stored therein that is loaded into and executed by the one or more processors to perform the functions of the industrial device code detection method.
The processor fetches instructions and analyzes the instructions from the memory one by one, then completes corresponding operations according to the instruction requirements, generates a series of control commands, enables all parts of the computer to automatically, continuously and coordinately act to form an organic whole, realizes the input of programs, the input of data, the operation and the output of results, and the arithmetic operation or the logic operation generated in the process is completed by the arithmetic unit; the Memory comprises a Read-Only Memory (ROM) for storing a computer program, and a protection device is arranged outside the Memory.
Illustratively, a computer program can be partitioned into one or more modules, which are stored in memory and executed by a processor to implement the present invention. One or more of the modules may be a series of computer program instruction segments capable of performing certain functions, which are used to describe the execution of the computer program in the terminal device.
It will be appreciated by those skilled in the art that the above description of the serving device is merely an example and does not constitute a limitation of the terminal device, and may include more or less components than those described above, or some of the components may be combined, or different components may include, for example, input output devices, network access devices, buses, etc.
The Processor may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic, discrete hardware components, etc. The general-purpose processor may be a microprocessor or the processor may be any conventional processor or the like, which is the control center of the terminal equipment and connects the various parts of the entire user terminal using various interfaces and lines.
The memory may be used to store computer programs and/or modules, and the processor may implement various functions of the terminal device by operating or executing the computer programs and/or modules stored in the memory and calling data stored in the memory. The memory mainly comprises a storage program area and a storage data area, wherein the storage program area can store an operating system, application programs (such as an information acquisition template display function, a product information publishing function and the like) required by at least one function and the like; the storage data area may store data created according to the use of the berth-state display system (e.g., product information acquisition templates corresponding to different product types, product information that needs to be issued by different product providers, etc.), and the like. In addition, the memory may include high speed random access memory, and may also include non-volatile memory, such as a hard disk, a memory, a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), at least one magnetic disk storage device, a Flash memory device, or other volatile solid state storage device.
The terminal device integrated modules/units, if implemented in the form of software functional units and sold or used as separate products, may be stored in a computer readable storage medium. Based on such understanding, all or part of the modules/units in the system according to the above embodiment may also be implemented by instructing relevant hardware by a computer program, and the computer program may be stored in a computer-readable storage medium, and when executed by a processor, the computer program may implement the functions of the above embodiments of the system. Wherein the computer program comprises computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer readable medium may include: any entity or device capable of carrying computer program code, recording medium, U.S. disk, removable hard disk, magnetic disk, optical disk, computer Memory, read-Only Memory (ROM), random Access Memory (RAM), electrical carrier wave signals, telecommunications signals, software distribution media, and the like.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one of 8230, and" comprising 8230does not exclude the presence of additional like elements in a process, method, article, or apparatus comprising the element.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.

Claims (8)

1. An industrial device code detection method, the method comprising:
receiving a task linked list input by a user, inquiring a subcode corresponding to each task in a preset code library, and connecting the subcodes based on the task linked list to obtain a control code;
performing primary detection on the control code, and inputting the control code into a preset test area containing a transmission regulation port when the control code passes the primary detection;
dividing the control code into sub-codes in the test area, carrying out secondary detection on the sub-codes, and determining the risk value of each sub-code;
packing a secondary detection result in the test area according to the risk value of each sub-code, feeding back the secondary detection result to the outside of the test area and displaying the secondary detection result;
the test area opens the transmission adjusting port when receiving an input request of a control code, detects a data format in real time based on the transmission adjusting port, and reserves the control code based on the data format; when the control code transmission is completed, closing the transmission regulation port;
the step of packing the secondary detection result in the test area according to the risk value of each subcode, feeding back the secondary detection result to the outside of the test area and displaying the secondary detection result comprises the following steps:
comparing the risk value with a preset risk threshold, and inquiring error reporting information corresponding to the subcode based on the established connection relation when the risk value reaches the preset risk threshold;
encrypting the position information and the error reporting information of the subcodes according to a preset encryption algorithm;
and feeding back the position information of the encrypted subcodes and the error reporting information thereof to the outside of the test area and displaying the position information and the error reporting information.
2. The method for detecting the codes of the industrial equipment according to claim 1, wherein the step of receiving the task chain table input by the user, inquiring the subcodes corresponding to the tasks in a preset code library, and connecting the subcodes based on the task chain table to obtain the control codes comprises the steps of:
receiving a task chain table input by a user, and inquiring an execution module corresponding to each task in the task chain table and a rated station thereof; the rated station is used for representing a preset limit position of the execution module;
inquiring a control function of the execution module, and determining condition parameters of the control function according to a rated station to obtain a subcode;
and connecting the subcodes based on the sequence of the task linked list to obtain the control code.
3. The industrial equipment code detection method according to claim 1, wherein the step of performing primary detection on the control code, and when the control code passes the primary detection, inputting the control code into a preset test area containing a transmission adjustment port comprises:
traversing condition parameters of each sub-code in the query control code, and randomly determining input data containing module codes in the condition parameter range; the module codes point to the execution module corresponding to the sub-code;
inputting the input data into a control code according to the module code, and acquiring output data of all subcodes in the control code to obtain an output feature table;
inputting the input data and the corresponding output feature table into a preset equipment model in sequence, and receiving error reporting information;
and when the error reporting information is empty, inputting the control code into a preset test area containing a transmission regulation port.
4. The industrial equipment code detection method of claim 2, wherein the step of dividing the control code into sub-codes in the test area, performing secondary detection on the sub-codes, and determining the risk value of each sub-code comprises:
traversing the condition parameters of all the sub-codes in the query control code in the test area, and determining a risk input set of all the sub-codes based on the condition parameters; the deviation rate of the data in the risk input set and the condition parameters is smaller than a preset deviation rate threshold value;
inquiring reference relations among all the sub-codes, and merging the risk input sets according to the reference relations;
sequentially and randomly reading input data in the combined risk input set, inputting the input data into a preset equipment model, and receiving error reporting information containing module codes;
repeating the steps and counting error information, and inquiring and marking the corresponding subcodes of the module codes according to the module codes;
and counting the marking times of each sub-code, and determining the risk value of each sub-code according to the marking times.
5. The method of claim 4, wherein traversing the test area for the condition parameter of each sub-code in the query control code, the step of determining the set of risk inputs for each sub-code based on the condition parameter comprises:
traversing the control codes, and positioning code distinguishing labels in the control codes;
splitting the control code into sub-codes according to the code distinguishing label;
extracting a judgment statement in the subcode, and reading a condition parameter in the judgment statement;
and calculating a condition range according to the condition parameters, and calculating a risk range taking the condition range as a center according to a preset deviation rate and the condition range to serve as a risk input set.
6. An industrial equipment code detection system, the system comprising:
the code generation module is used for receiving a task linked list input by a user, inquiring a subcode corresponding to each task in a preset code base, and connecting the subcodes based on the task linked list to obtain a control code;
the primary detection module is used for performing primary detection on the control code, and inputting the control code into a preset test area containing a transmission regulation port when the control code passes the primary detection;
the secondary detection module is used for segmenting the control code into sub-codes in the test area, carrying out secondary detection on the sub-codes and determining the risk value of each sub-code;
the packaging display module is used for packaging the secondary detection result in the test area according to the risk value of each subcode, feeding the secondary detection result back to the outside of the test area and displaying the secondary detection result;
the test area opens the transmission adjusting port when receiving an input request of a control code, detects a data format in real time based on the transmission adjusting port, and reserves the control code based on the data format; when the control code is transmitted, closing the transmission adjusting port;
the packaging of the secondary detection result in the test area according to the risk value of each subcode, and the content fed back to the outside of the test area and displayed comprises the following steps:
comparing the risk value with a preset risk threshold, and inquiring error reporting information corresponding to the subcode based on the established connection relation when the risk value reaches the preset risk threshold;
encrypting the position information and the error reporting information of the subcodes according to a preset encryption algorithm;
and feeding back the position information of the encrypted subcodes and the error reporting information thereof to the outside of the test area and displaying the position information and the error reporting information.
7. A computer device comprising one or more processors and one or more memories having at least one program code stored therein, the program code when loaded and executed by the one or more processors, implementing an industrial device code detection method according to any one of claims 1 to 5.
8. A storage medium having at least one program code stored therein, which when loaded and executed by a processor, implements the industrial equipment code detection method according to any one of claims 1 to 5.
CN202211028837.8A 2022-08-26 2022-08-26 Industrial equipment code detection method, system, computer equipment and storage medium Active CN115114626B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211028837.8A CN115114626B (en) 2022-08-26 2022-08-26 Industrial equipment code detection method, system, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211028837.8A CN115114626B (en) 2022-08-26 2022-08-26 Industrial equipment code detection method, system, computer equipment and storage medium

Publications (2)

Publication Number Publication Date
CN115114626A CN115114626A (en) 2022-09-27
CN115114626B true CN115114626B (en) 2022-12-30

Family

ID=83336334

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211028837.8A Active CN115114626B (en) 2022-08-26 2022-08-26 Industrial equipment code detection method, system, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN115114626B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115659337B (en) * 2022-10-24 2023-04-11 国网山东省电力公司 Computer network defense method and system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109344611A (en) * 2018-09-06 2019-02-15 平安普惠企业管理有限公司 Access control method, terminal device and the medium of application
CN110765003A (en) * 2019-09-24 2020-02-07 贝壳技术有限公司 Code detection method, device and equipment, and storage medium
CN114488989A (en) * 2022-04-15 2022-05-13 广州赛意信息科技股份有限公司 Industrial control system based on internet of things technology

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20160001046A (en) * 2014-06-26 2016-01-06 삼성전자주식회사 Apparatus and Method for preventing malicious code in electronic device
CN106484606B (en) * 2015-09-01 2019-07-26 阿里巴巴集团控股有限公司 A kind of code submission method and apparatus
CN108319822B (en) * 2018-01-05 2020-05-12 武汉斗鱼网络科技有限公司 Method, storage medium, electronic device and system for protecting webpage code
US11416853B1 (en) * 2021-02-09 2022-08-16 iWallet, Inc. System and method for conducting secure financial transactions
CN114579972A (en) * 2022-01-17 2022-06-03 北京中科微澜科技有限公司 Vulnerability identification method and system for embedded development program

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109344611A (en) * 2018-09-06 2019-02-15 平安普惠企业管理有限公司 Access control method, terminal device and the medium of application
CN110765003A (en) * 2019-09-24 2020-02-07 贝壳技术有限公司 Code detection method, device and equipment, and storage medium
CN114488989A (en) * 2022-04-15 2022-05-13 广州赛意信息科技股份有限公司 Industrial control system based on internet of things technology

Also Published As

Publication number Publication date
CN115114626A (en) 2022-09-27

Similar Documents

Publication Publication Date Title
CN107657177B (en) Vulnerability detection method and device
CN115114626B (en) Industrial equipment code detection method, system, computer equipment and storage medium
JP2013536522A (en) Source code mining for programming rule violations
CN105320854A (en) Protection against signature matching program manipulation for an automation component
CN111190603B (en) Private data detection method and device and computer readable storage medium
EP3220218B1 (en) Program development support device, program development support method, and program development support program
CN113946825B (en) Memory horse processing method and system
Barabanov et al. Procedure for substantiated development of measures to design secure software for automated process control systems
CN105678168A (en) Method and apparatus for detecting Shellcode based on stack frame abnormity
CN109388946A (en) Malicious process detection method, device, electronic equipment and storage medium
CN113032240A (en) Software test automation management system and method
CN112671609A (en) Asset census and safety detection method and device and terminal equipment
Angermeir et al. Enterprise-driven open source software: A case study on security automation
CN106920022B (en) Safety vulnerability assessment method, system and equipment for cigarette industrial control system
CN104657259A (en) Android application testing method and device
CN114579972A (en) Vulnerability identification method and system for embedded development program
CN115659337B (en) Computer network defense method and system
CN111414348A (en) Method and device for modifying database instance parameters
KR102594207B1 (en) Security compliance automation method
CN112671741B (en) Network protection method, device, terminal and storage medium
RU168346U1 (en) VULNERABILITY IDENTIFICATION DEVICE
CN114741738A (en) Tracing data processing method and device based on block chain, electronic equipment and medium
CN114547590A (en) Code detection method, device and non-transitory computer readable storage medium
CN110858170B (en) Data anomaly monitoring method and device
CN106302304A (en) The method and apparatus in management information security specification storehouse

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant