CN115134433A - Semantic analysis method, system, equipment and storage medium of industrial control protocol - Google Patents

Semantic analysis method, system, equipment and storage medium of industrial control protocol Download PDF

Info

Publication number
CN115134433A
CN115134433A CN202210723745.5A CN202210723745A CN115134433A CN 115134433 A CN115134433 A CN 115134433A CN 202210723745 A CN202210723745 A CN 202210723745A CN 115134433 A CN115134433 A CN 115134433A
Authority
CN
China
Prior art keywords
protocol
data
field
data stream
industrial control
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210723745.5A
Other languages
Chinese (zh)
Other versions
CN115134433B (en
Inventor
李勇
田晓芸
郝怡
贾江凯
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Digital Technology Holdings Co ltd
State Grid E Commerce Technology Co Ltd
Original Assignee
State Grid Digital Technology Holdings Co ltd
State Grid E Commerce Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Digital Technology Holdings Co ltd, State Grid E Commerce Technology Co Ltd filed Critical State Grid Digital Technology Holdings Co ltd
Priority to CN202210723745.5A priority Critical patent/CN115134433B/en
Publication of CN115134433A publication Critical patent/CN115134433A/en
Application granted granted Critical
Publication of CN115134433B publication Critical patent/CN115134433B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/18Multiprotocol handlers, e.g. single devices capable of handling multiple protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/02Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Communication Control (AREA)

Abstract

The embodiment of the invention provides a semantic analysis method, a semantic analysis system, semantic analysis equipment and a storage medium for an industrial control protocol, wherein the method comprises the following steps: the method comprises the steps of identifying each data stream from bus protocol streams by utilizing a preset multi-mode matching algorithm, determining the protocol type of the data stream meeting the requirement of a preset protocol header format as an industrial Ethernet protocol type, determining the protocol type of the data stream not meeting the requirement of the preset protocol header format as a field bus protocol type, dividing each data stream by using a protocol format corresponding to the protocol type, carrying out semantic analysis on each field according to the protocol format, obtaining a semantic analysis result of each field, obtaining an industrial human-computer interface, identifying, obtaining industrial control data of each display area in the industrial human-computer interface, and determining the positions and meanings of an area identification field and a variable data field in each data stream based on the industrial control data and the industrial control data field. The invention improves the resolution precision and the resolution efficiency of the industrial control protocol.

Description

Semantic analysis method, system, equipment and storage medium of industrial control protocol
Technical Field
The invention relates to the technical field of information processing, in particular to a semantic analysis method, a semantic analysis system, semantic analysis equipment and a semantic analysis storage medium for an industrial control protocol.
Background
With the development of information technology, Industrial Internet (Industrial Internet) is widely used in the field of Industrial control as an infrastructure for Industrial digitization, networking and intelligent transformation. However, due to industry control protocols in the industrial internet, the number and the protocol complexity are much higher than those of the traditional ethernet protocol. The method results in low resolution precision and efficiency when the prior art uses the resolution method based on the traditional Ethernet protocol to resolve the industrial control protocol. And because the analysis precision and the analysis efficiency of the industrial control protocol are low, the risk of data transmission delay of the industrial internet can be caused, and the operation reliability of each access device in the industrial internet is influenced. Therefore, how to improve the resolution precision and resolution efficiency of the industrial control protocol becomes a problem to be solved urgently.
Disclosure of Invention
The embodiment of the invention aims to provide a semantic analysis method, a semantic analysis system, equipment and a storage medium for an industrial control protocol, so as to achieve the purpose of improving the analysis precision and the analysis efficiency of the industrial control protocol. The specific technical scheme is as follows:
a semantic parsing method of an industrial control protocol comprises the following steps:
and identifying each data stream from bus protocol streams according to the requirement of a preset protocol header format by using a preset multi-mode matching algorithm, determining the protocol type of the data stream meeting the requirement of the preset protocol header format as an industrial Ethernet protocol type, and determining the protocol type of the data stream not meeting the requirement of the preset protocol header format as a field bus protocol type.
And using a protocol format corresponding to the protocol type to divide fields of each data stream, and performing semantic analysis on each field of each data stream according to the protocol format to obtain a semantic analysis result of each field.
And obtaining an industrial human-computer interface, identifying the industrial human-computer interface, obtaining industrial control data of each display area in the industrial human-computer interface, and determining the positions and meanings of an area identification field and a variable data field in each data stream based on the industrial control data and an industrial control data field, wherein the industrial control data field is a field of which the data type is the industrial control data in the semantic analysis result.
Optionally, the identifying, by using a preset multi-pattern matching algorithm, each data stream from bus protocol streams according to a preset protocol header format requirement, determining a protocol type of a data stream that meets the preset protocol header format requirement as an industrial ethernet protocol type, and determining a protocol type of a data stream that does not meet the preset protocol header format requirement as a field bus protocol type, includes:
for each data stream in the bus protocol stream:
and judging whether the data stream contains protocol header data or not by using the preset multi-mode matching algorithm, and if so, determining the industrial Ethernet protocol type matched with the protocol header data of the data stream in the preset protocol header format requirement as the protocol type of the data stream.
And determining the protocol type of the data stream as the field bus protocol type under the condition that the data stream does not contain the protocol header data.
Optionally, when the protocol type of the data stream is the industrial ethernet protocol type, the performing field division on each data stream by using a protocol format corresponding to the protocol type, and performing semantic analysis on each field of each data stream according to the protocol format to obtain a semantic analysis result of each field, where the protocol type of the data stream is the industrial ethernet protocol type, includes:
for each data stream with the protocol type being the industrial Ethernet protocol type:
and calculating the information entropy of each byte in the data stream and the mutual information quantity between adjacent bytes by using a preset character string segmentation algorithm, and determining each segmentation point of the data stream according to the information entropy and the mutual information quantity.
The data stream is divided into a plurality of fields according to the respective division points.
And acquiring a protocol format matched with the Ethernet protocol stream identifier according to the Ethernet protocol stream identifier in the protocol type of the data stream.
For each field: and determining a first semantic analysis result of each field according to the protocol format matched with the Ethernet protocol stream identifier by using a preset reverse analysis algorithm, wherein the first semantic analysis result comprises the semantics and the data type of each field.
Optionally, when the protocol type of the data stream is the fieldbus protocol type, the method further includes:
for each data stream with the protocol type being the fieldbus protocol type:
and determining the bus protocol stream identifier of the data stream according to the byte length of the data stream, and obtaining a protocol format matched with the bus protocol stream identifier.
And dividing the data stream into a control command field, a protocol data field and an end character field according to the protocol format matched with the bus protocol stream identifier by using a preset byte semantic inference algorithm.
And determining each subfield in the protocol data field according to the protocol format matched with the bus protocol stream identification by using the preset byte semantic inference algorithm, and performing semantic analysis on the control command field, each subfield and the end identifier field to obtain a second semantic analysis result of each field and each subfield, wherein the second semantic analysis result comprises the semantics and the data type of each field or each subfield.
Optionally, the obtaining an industrial human-machine interface, identifying the industrial human-machine interface, obtaining industrial control data of each display area in the industrial human-machine interface, and determining positions and meanings of an area identification field and a variable data field in each data stream based on the industrial control data and an industrial control data field, includes:
and acquiring industrial control data of each display area in the industrial human-computer interface by using a preset image recognition algorithm.
And for the industrial control data of each display area:
and acquiring a target data stream according to the industrial control data of the display area, wherein the target data stream is a data stream with a field matched with the data code of the industrial control data of the display area.
And comparing a constant data sequence in the industrial control data of the display area with an industrial control data field of the target data stream by using a preset sequence comparison algorithm, determining a comparison consistent field in the industrial control data field as the area identification field, and determining the meaning of the constant data sequence identified by the preset image identification algorithm as the meaning of the area identification field.
And comparing the non-constant data sequence in the industrial control data of the display area with the industrial control data field of the target data stream by using the preset sequence comparison algorithm, determining the comparison consistent field in the industrial control data field as the variable data field, and determining the meaning of the non-constant data sequence identified by the preset image identification algorithm as the meaning of the variable data field.
A semantic parsing system of an industrial control protocol, the semantic parsing system comprising:
and the protocol type determining unit is used for identifying each data stream from the bus protocol stream according to the requirement of the preset protocol header format by utilizing a preset multi-mode matching algorithm, determining the protocol type of the data stream meeting the requirement of the preset protocol header format as an industrial Ethernet protocol type, and determining the protocol type of the data stream not meeting the requirement of the preset protocol header format as a field bus protocol type.
And the field semantic analysis unit is used for dividing fields of each data stream by using a protocol format corresponding to the protocol type, and performing semantic analysis on each field of each data stream according to the protocol format to obtain a semantic analysis result of each field.
And the key field determining unit is used for obtaining an industrial human-computer interface, identifying the industrial human-computer interface, obtaining industrial control data of each display area in the industrial human-computer interface, and determining the positions and meanings of an area identification field and a variable data field in each data stream based on the industrial control data and the industrial control data field, wherein the industrial control data field is a field of which the data type is industrial control data in the semantic analysis result.
Optionally, the protocol type determining unit is configured to:
for each data stream in the bus protocol stream:
and judging whether the data stream contains protocol header data, if so, determining the industrial Ethernet protocol type matched with the protocol header data of the data stream in the preset protocol header format requirement as the protocol type of the data stream.
In the case where the data stream does not contain the protocol header data, the protocol type of the data stream is determined as the fieldbus protocol type.
Optionally, in a case that the protocol type of the data stream is the industrial ethernet protocol type, the field semantic parsing unit is configured to:
for each data stream with the protocol type being the industrial Ethernet protocol type:
and calculating the information entropy of each byte in the data stream and the mutual information quantity between adjacent bytes by using a preset character string segmentation algorithm, and determining each segmentation point of the data stream according to the information entropy and the mutual information quantity.
The data stream is divided into a plurality of fields according to the respective division points.
And acquiring a protocol format matched with the Ethernet protocol stream identifier according to the Ethernet protocol stream identifier in the protocol type of the data stream.
For each field: and determining a first semantic analysis result of each field according to the protocol format matched with the Ethernet protocol stream identifier by using a preset reverse analysis algorithm, wherein the first semantic analysis result comprises the semantics and the data type of each field.
Optionally, in a case that the protocol type of the data stream is the fieldbus protocol type, the field semantic parsing unit is further configured to:
for each data stream with the protocol type being the fieldbus protocol type:
and determining the bus protocol stream identifier of the data stream according to the byte length of the data stream, and obtaining a protocol format matched with the bus protocol stream identifier.
And dividing the data stream into a control command field, a protocol data field and an end identifier field according to the protocol format matched with the bus protocol stream identification by using a preset byte semantic inference algorithm.
And determining each subfield in the protocol data field according to the protocol format matched with the bus protocol stream identification by using the preset byte semantic inference algorithm, and performing semantic analysis on the control command field, each subfield and the end identifier field to obtain a second semantic analysis result of each field and each subfield, wherein the second semantic analysis result comprises the semantics and the data type of each field or each subfield.
Optionally, the key field determining unit is configured to:
and acquiring industrial control data of each display area in the industrial human-computer interface by using a preset image recognition algorithm.
And for the industrial control data of each display area:
and acquiring a target data stream according to the industrial control data of the display area, wherein the target data stream is a data stream with a field matched with the data code of the industrial control data of the display area.
And comparing a constant data sequence in the industrial control data of the display area with an industrial control data field of the target data stream by using a preset sequence comparison algorithm, determining a comparison consistent field in the industrial control data field as the area identification field, and determining the meaning of the constant data sequence identified by the preset image identification algorithm as the meaning of the area identification field.
And comparing the non-constant data sequence in the industrial control data of the display area with the industrial control data field of the target data stream by using the preset sequence comparison algorithm, determining the comparison consistent field in the industrial control data field as the variable data field, and determining the meaning of the non-constant data sequence identified by the preset image identification algorithm as the meaning of the variable data field.
A semantic parsing device of an industrial control protocol, the semantic parsing device comprising:
a processor;
a memory for storing the processor-executable instructions.
Wherein the processor is configured to execute the instructions to implement the semantic parsing method of the industrial control protocol according to any one of the above items.
A computer readable storage medium, instructions in which, when executed by a processor of a semantic parsing device of an industrial control protocol, enable the semantic parsing device to perform the semantic parsing method of the industrial control protocol as described in any one of the above.
The semantic analysis method, the semantic analysis system, the semantic analysis equipment and the semantic analysis storage medium of the industrial control protocol provided by the embodiment of the invention can set the format requirement of the protocol header by introducing a preset multi-mode matching algorithm and based on the structure and the type of the industrial control protocol encapsulation header. The method and the device can effectively identify a plurality of data streams meeting the requirement of the preset protocol header format from a large number of bus protocol streams, and accurately determine the protocol type of each data stream. Meanwhile, the protocol format of the generated data stream is determined through the protocol type, and the data stream is subjected to field division and semantic analysis according to the protocol format, so that the semantic analysis of each field in the same data stream is realized. And finally, comparing the numerical value of the industrial control data with the industrial control data field in the data stream by acquiring the industrial control data of each display area, so that compared with the prior art, the method and the device for analyzing the industrial control data in the data stream realize accurate analysis of the field with undefined meaning and position in the data stream. Therefore, the invention achieves the aim of improving the resolution precision and the resolution efficiency of the industrial control protocol.
Of course, it is not necessary for any product or method of practicing the invention to achieve all of the above-described advantages at the same time.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart of a semantic parsing method of an industrial control protocol according to an embodiment of the present invention;
FIG. 2 is a diagram illustrating a data structure of a default multi-pattern matching algorithm according to an alternative embodiment of the present invention;
FIG. 3 is a schematic diagram of field partitioning and semantic parsing of an industrial Ethernet protocol type data stream according to another alternative embodiment of the present invention;
FIG. 4 is a schematic illustration of an industrial human machine interface provided in accordance with another alternative embodiment of the present invention;
FIG. 5 is a block diagram of a system provided in accordance with another alternate embodiment of the present invention;
fig. 6 is a block diagram of an apparatus provided in another alternative embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The embodiment of the invention provides a semantic analysis method of an industrial control protocol, which comprises the following steps of:
s101, identifying each data stream from bus protocol streams according to the requirement of a preset protocol header format by using a preset multi-mode matching algorithm, determining the protocol type of the data stream meeting the requirement of the preset protocol header format as an industrial Ethernet protocol type, and determining the protocol type of the data stream not meeting the requirement of the preset protocol header format as a field bus protocol type.
Optionally, in an optional embodiment of the present invention, the preset multi-pattern matching algorithm may be an algorithm that is constructed according to a protocol header format of the industrial ethernet protocol and based on a multi-pattern matching algorithm (multi-pattern matching algorithm). In the transmission process of the industrial control protocol, the data volume and transmission efficiency of the transmission are higher than those of the common communication protocol, and the protocol formats of different industrial control protocols are greatly different. Therefore, in the application scenario of large-scale data transmission, the prior art cannot realize accurate and efficient identification of different industrial control protocols. The multi-pattern matching algorithm is an algorithm proposed aiming at a large-scale multi-keyword matching problem. Therefore, the invention can accurately and efficiently identify a plurality of data streams meeting the requirement of the preset protocol header format from a large number of bus protocol streams by introducing the preset multi-mode matching algorithm.
Optionally, in another optional embodiment of the present invention, the fieldbus protocol is an industrial control protocol for transmitting control signals between machine devices in a plant. The above-mentioned industrial ethernet protocol is a communication protocol for transmitting other types of data while transmitting control signals. Due to the data flow of the industrial Ethernet protocol type, compared with the data flow of the field bus protocol type, the industrial control protocol encapsulation header is added in the data structure. Therefore, the invention can realize the accurate identification of the data streams of different protocol types by setting the format requirements of the protocol header based on the structure and the type of the industrial control protocol encapsulation header.
Optionally, in another optional embodiment of the present invention, specific types of the fieldbus protocol types may be multiple, for example, a Controller Area Network (CAN) protocol, a Process Field Bus (Profibus) protocol, and the like.
Optionally, in an optional embodiment of the present invention, the specific types of the industrial EtherNet protocol types may be multiple, for example, a Transmission Control Protocol (TCP), an industrial EtherNet communication protocol (EtherNet industrial protocol, EtherNet/IP), and the like.
Optionally, in another optional embodiment of the present invention, in an actual application scenario, the implementation manner of determining the protocol type of each data stream may be that a specific protocol type of each data stream is determined, and a corresponding electronic tag is generated according to the protocol type.
S102, using a protocol format corresponding to the protocol type to divide fields of each data stream, and performing semantic analysis on each field of each data stream according to the protocol format to obtain a semantic analysis result of each field.
The protocol format refers to a frame format (frame format) defined by different protocols. The fields at different locations in the data stream, due to different industrial control protocols, characterize different meanings. And for the data stream generated by the same industrial control protocol, the length of the character string varies with the amount of data information carried by the data stream. However, the industrial control protocol may be used for differentiation by adding a separation marker before the character strings that characterize different data types. Therefore, the protocol format of the generated data stream is determined through the protocol type, and the data stream is subjected to field division and semantic analysis according to the protocol format, so that the semantic analysis of each field in the same data stream is realized.
Optionally, in an optional embodiment of the present invention, the content of the semantic parsing result may be a meaning of the field, a data type of data represented by the field, and the like.
S103, obtaining an industrial human-computer interface, identifying the industrial human-computer interface, obtaining industrial control data of each display area in the industrial human-computer interface, and determining the positions and meanings of area identification fields and variable data fields in each data stream based on the industrial control data and industrial control data fields, wherein the industrial control data fields are fields of which the data types are industrial control data in semantic analysis results.
The Industrial Human Machine Interface (Industrial HMI) is an Interface for Human-Machine interaction and control, which is generated by Human-Machine Interface configuration software applied to the Industrial control field.
Optionally, in an optional embodiment of the present invention, the implementation manner of identifying the industrial human-machine interface to obtain the industrial control data of each display area in the industrial human-machine interface may be implemented by performing regional acquisition on image data in the industrial human-machine interface through a preset image identification algorithm.
Optionally, in another optional embodiment of the present invention, the image content displayed on the industrial human-computer interface is important industrial control data that affects the operational reliability of the device, such as the operational state or the operational parameter. Because these industrial control data are often in a variable state. Therefore, the industrial control protocol can not reflect the specific meaning and position of the corresponding field of the industrial control data in the data stream, and only displays the value of the corresponding field. The existing analysis method can only realize the analysis of fields with specific meanings set in the industrial control protocol. Therefore, compared with the prior art, the method and the device have the advantage that accurate analysis of fields with unclear meanings and positions in the data stream is realized by acquiring the industrial control data of each display area and comparing the numerical value of the industrial control data with the industrial control data fields in the data stream.
The invention sets the format requirement of the protocol header by introducing a preset multi-mode matching algorithm and based on the structure and the type of the industrial control protocol encapsulation header. The method and the device can effectively identify a plurality of data streams meeting the requirement of the preset protocol header format from a large number of bus protocol streams, and accurately determine the protocol type of each data stream. Meanwhile, the protocol format of the generated data stream is determined through the protocol type, and the data stream is subjected to field division and semantic analysis according to the protocol format, so that the semantic analysis of each field in the same data stream is realized. And finally, comparing the numerical value of the industrial control data with the industrial control data field in the data stream by acquiring the industrial control data of each display area, so that compared with the prior art, the method and the device for analyzing the industrial control data in the data stream realize accurate analysis of the field with undefined meaning and position in the data stream. Therefore, the invention achieves the aim of improving the resolution precision and the resolution efficiency of the industrial control protocol.
Optionally, the identifying, by using a preset multi-mode matching algorithm, each data stream from the bus protocol stream according to a preset protocol header format requirement, determining a protocol type of the data stream that meets the preset protocol header format requirement as an industrial ethernet protocol type, and determining a protocol type of the data stream that does not meet the preset protocol header format requirement as a field bus protocol type, includes:
for each data stream in the bus protocol stream:
and judging whether the data stream contains protocol header data or not by using a preset multi-mode matching algorithm, and if so, determining the industrial Ethernet protocol type matched with the protocol header data of the data stream in the preset protocol header format requirement as the protocol type of the data stream.
In the case where the data stream does not contain protocol header data, the protocol type of the data stream is determined as the fieldbus protocol type.
It should be noted that, in an actual application scenario, there are various implementations of determining whether the data stream includes the protocol header data and determining the protocol type of the data stream by using the preset multi-pattern matching algorithm. Exemplary provided herein is a method of:
for convenience of description, a multi-pattern matching AC (Aho-corescick) algorithm is adopted in this example as the above-described preset multi-pattern matching algorithm, and a data structure thereof is shown in fig. 2.
The data streams to be currently identified are set to Q1, Q2, Q3, Q4, and Q5, respectively. Wherein, the character string of the data stream Q1 is represented as: 001820. the string of data stream Q2 is represented as: 002030. the string of data stream Q3 is represented as: 042030. the string of data stream Q4 is represented as: 002026. the string of data stream Q5 is represented as: 132746.
referring to fig. 2, the process of performing header recognition on the Q1, Q2, Q3, Q4 and Q5 by using the multi-pattern matching AC algorithm is as follows:
the first characters of Q1, Q2, and Q4 are all "00". The first character of Q3 is "04". And the first characters of Q1, Q2, Q3, and Q4 all have a match in the multi-pattern matching AC algorithm described above. Thus, the second character of Q1, Q2, Q3, and Q4 can be recognized. And the first type codes of Q1, Q2, and Q4 are determined to be "1". The first type code for Q3 is determined to be "6".
It should be noted that the data "00-1", "20-2", "30-3", etc. shown in fig. 2 are characterized by specific numerical values of characters at different positions in the data stream. For example, "00-1" characterizes the first character as 00 and "30-3" characterizes the third character as 30. The present invention will not be described in detail.
It should be noted that, the inside of the circle in fig. 2 is a number, and the meaning of the representation is the type code corresponding to the character position. The type encoding may be used to determine the particular industrial ethernet protocol type of the data stream. Root inside the circle in the figure is a virtual follower used for determining the protocol type of each data stream.
The first character of data stream Q5 has no match in the multi-pattern matching AC algorithm described above. Therefore, the multi-pattern matching AC algorithm described above judges that the data stream Q5 does not contain protocol header data, and determines the protocol type of the data stream Q5 as the fieldbus protocol type.
It should be noted that there are many specific types of fieldbus protocols. The multi-pattern matching AC algorithm described above can only determine the protocol type of the data stream Q5 as being the fieldbus protocol type, but cannot determine to which particular type of fieldbus protocol the data stream Q5 belongs.
In recognizing the second character of Q1, Q2, Q3, and Q4, the second character of Q1 is "18". The second characters of Q2, Q3, and Q4 are all "20". However, due to the first character of Q2 and Q4, there is no agreement with the first character of Q3. Therefore, the second type code of Q1 is determined to be "2". The second type of encoding of Q2 and Q4 is determined to be "4". The second type code of Q3 is determined to be "7".
In recognizing the third character of Q1, Q2, Q3, and Q4, the third character of Q1 is "20". The third characters of Q2 and Q3 are both "30". The third character of Q4 is "26". Therefore, the third type code of Q1 is determined to be "3". The third type of encoding of Q2 is determined to be "5". The third type of encoding of Q3 is determined to be "8". The third type code of Q4 is determined to be "9".
There are matches in the multi-pattern matching AC algorithm described above due to the characters at each position of Q1, Q2, Q3, and Q4. Therefore, the protocol types of Q1, Q2, Q3 and Q4 are all determined to be industrial Ethernet protocols. And the integrated type code of each data stream can be determined according to the first to third type codes of each data stream. Wherein the integrated type of Q1 is coded as "123". The integrated type of Q2 is coded as "145". The integrated type of Q3 is encoded as "678". The general type of Q4 is coded as "149". And determining the specific industrial Ethernet protocol type of each data stream according to the comprehensive type code of each data stream.
Optionally, when the protocol type of the data stream is an industrial ethernet protocol type, the field division is performed on each data stream by using a protocol format corresponding to the protocol type, and semantic parsing is performed on each field of each data stream according to the protocol format to obtain a semantic parsing result of each field, where the semantic parsing result includes:
for each data stream whose protocol type is an industrial ethernet protocol type:
and calculating the information entropy of each byte in the data stream and the mutual information quantity between adjacent bytes by using a preset character string segmentation algorithm, and determining each segmentation point of the data stream according to the information entropy and the mutual information quantity.
The data stream is divided into a plurality of fields according to the respective division points.
And acquiring a protocol format matched with the Ethernet protocol stream identifier according to the Ethernet protocol stream identifier in the protocol type of the data stream.
For each field: and determining a first semantic analysis result of each field according to the protocol format matched with the Ethernet protocol stream identifier by using a preset reverse analysis algorithm, wherein the first semantic analysis result comprises the semantics and the data type of each field.
Optionally, in an optional embodiment of the present invention, the implementation manner of performing field division and semantic parsing on the industrial ethernet protocol type data stream may be:
please refer to fig. 3. d is a radical of 1 To d n Is the byte position of the data stream. Calculating the information entropy H (d) of the byte at each byte position by using a preset information entropy algorithm j ). Using a preset mutual information quantity calculation algorithm to calculate the mutual information quantity MIS (d) between adjacent bytes according to the information entropy of the adjacent two bytes j-1 ,d j ). And judging whether the mutual information quantity between the adjacent bytes is smaller than a preset segmentation threshold value or not, and if not, determining that a segmentation point g needs to be set between the two adjacent bytes. For example, MIS (d) in FIG. 3 is set j-1 ,d j ) Not less than the preset segmentation threshold. Setting d j-1 And d j Mutual information quantity of other adjacent bytes than that of MIS (d) 1 ,d 2 )、MIS(d n-1 ,d n ) And the like are all smaller than a preset segmentation threshold. Then at d j-1 And d j And adding a label with the content as a segmentation point g. Tags with content as consecutive l are added at other nodes.
Optionally, the preset character string segmentation algorithm may be a combined algorithm formed by the preset information entropy algorithm and a preset mutual information amount calculation algorithm.
And then, after the segmentation is carried out according to the label content, two fields are obtained: f. of 1 And f 2
By going through the above steps, the specific industrial ethernet protocol type of the data stream is already known. The protocol format for that protocol type is retrieved based on the ethernet protocol stream identification. And the protocol format should also consist of two fields. Then using preset reverse analysis algorithm to process the field f according to the semanteme and data type of each field in the protocol format 1 And f 2 And performing semantic analysis. For example: in the protocol format, the semantic meaning of the first field is equipment identification, and the data type is text data. The semantics of the second field are device parameters, and the data type is dynamic data. Determining the semantics and data type of the first field as the fieldf 1 The first semantic parsing result of (1). Determining the semantics and data type of the second field as field f 2 The first semantic parsing result of (1).
Optionally, in an optional embodiment of the present invention, the ethernet protocol stream identifier may be a tag for determining a specific protocol type.
It can be understood by those skilled in the art that the above-mentioned pre-set information entropy algorithm and pre-set mutual information amount calculation algorithm can be formulated according to the related concepts and calculation formulas of the information entropy mutual information in the information theory. The invention does not excessively limit and describe the specific construction process of the two algorithms.
Optionally, when the protocol type of the data stream is a fieldbus protocol type, the method further includes:
for each data stream whose protocol type is a fieldbus protocol type:
and determining the bus protocol stream identifier of the data stream according to the byte length of the data stream, and obtaining a protocol format matched with the bus protocol stream identifier.
And dividing the data stream into a control command field, a protocol data field and an end identifier field according to a protocol format matched with the bus protocol stream identification by using a preset byte semantic inference algorithm.
And determining each subfield in the protocol data field according to the protocol format matched with the bus protocol stream identification by using a preset byte semantic inference algorithm, and performing semantic analysis on the control command field, each subfield and the end character field to obtain a second semantic analysis result of each field and each subfield, wherein the second semantic analysis result comprises the semantics and the data type of each field or each subfield.
Alternatively, in another alternative embodiment of the present invention, due to the data stream structure of the fieldbus protocol type, it is generally "start character + control command field + protocol data field + end character field". And the length of each field is relatively fixed. Thus, by the above-described byte length, the specific fieldbus protocol type of the data stream can be determined.
It will be understood by those skilled in the art that the preset byte semantic inference algorithm may be constructed by using existing Java code that extracts a character string based on a set byte length. The construction process of the preset byte semantic inference algorithm is not limited and described in detail.
Optionally, the method includes obtaining an industrial human-computer interface, identifying the industrial human-computer interface, obtaining industrial control data of each display area in the industrial human-computer interface, and determining positions and meanings of area identification fields and variable data fields in each data stream based on the industrial control data and industrial control data fields, and includes:
and acquiring industrial control data of each display area in the industrial human-computer interface by using a preset image recognition algorithm.
And for the industrial control data of each display area:
and acquiring a target data stream according to the industrial control data of the display area, wherein the target data stream is a data stream with a field matched with the data code of the industrial control data of the display area.
And comparing the constant data sequence in the industrial control data of the display area with the industrial control data field of the target data stream by using a preset sequence comparison algorithm, determining a comparison consistent field in the industrial control data field as an area identification field, and determining the meaning of the constant data sequence identified by the preset image identification algorithm as the meaning of the area identification field.
And comparing the non-constant data sequence in the industrial control data of the display area with the industrial control data field of the target data stream by using a preset sequence comparison algorithm, determining a comparison consistent field in the industrial control data field as a variable data field, and determining the meaning of the non-constant data sequence identified by the preset image identification algorithm as the meaning of the variable data field.
It should be noted that, in practical applications, there are various implementations of determining the positions and meanings of the area identification field and the variable data field in each data stream based on the industrial control data and the industrial control data field, and here, an example is provided as follows:
as shown in fig. 4, an industrial human machine interface 401 is provided for monitoring the internal operating conditions of the boiler. And performing image recognition on the industrial human-computer interface 401 by using a preset image recognition algorithm to obtain a plurality of display areas and industrial control data thereof. Wherein: region 402 is the boiler body. Region 403 is a pressure valve.
For convenience of description, the target data stream a that has acquired the area 402 and the target data stream B of the area 403 are set. The target data stream A comprises two fields, wherein the meaning of the field A is the device type, and the meaning of the field B is the device number. The target data stream B contains four fields, field c meaning instrument class, field d meaning value 1, field e meaning value 2, and field e meaning value 3.
Then for region 402, a constant data sequence consisting of a device type of boiler and a device number of "boiler one" has a sequence of fields corresponding to the two fields of the target data stream a, respectively. The meaning of the field a of the target data stream a is determined as the boiler plant and the meaning of the field b is determined as the boiler number according to the above-mentioned constant data sequence.
For the area 403, the industrial control data of the area obtained after image recognition comprises the instrument class of the pressure valve and the pressure value in the furnace of 11 MPa. The pressure valve belongs to constant data, and the pressure value in the furnace is fluctuated non-constant data. Therefore, after the above comparison, the field c in the target data stream B is determined to mean a pressure valve. The meaning of the field from the field in the target data stream B to the field already is determined as the furnace pressure. And the field position from the field D to the field already is positioned after the field C.
Correspondingly to the above method embodiment, the present invention further provides a semantic parsing system of an industrial control protocol, as shown in fig. 5, the semantic parsing system includes:
the protocol type determining unit 501 identifies each data stream from the bus protocol stream according to the preset protocol header format requirement by using a preset multi-mode matching algorithm, determines the protocol type of the data stream meeting the preset protocol header format requirement as an industrial ethernet protocol type, and determines the protocol type of the data stream not meeting the preset protocol header format requirement as a field bus protocol type.
The field semantic analysis unit 502 performs field division on each data stream by using a protocol format corresponding to the protocol type, and performs semantic analysis on each field of each data stream according to the protocol format to obtain a semantic analysis result of each field.
And a key field determining unit 503, configured to obtain an industrial human-computer interface, recognize the industrial human-computer interface, obtain industrial control data of each display area in the industrial human-computer interface, and determine positions and meanings of an area identification field and a variable data field in each data stream based on the industrial control data and the industrial control data field, where the industrial control data field is a field whose data type is industrial control data in a semantic analysis result.
Optionally, the protocol type determining unit 501 is configured to:
for each data stream in the bus protocol stream:
and judging whether the data stream contains protocol header data or not by using a preset multi-mode matching algorithm, and if so, determining the industrial Ethernet protocol type matched with the protocol header data of the data stream in the preset protocol header format requirement as the protocol type of the data stream.
In the event that the data stream does not contain protocol header data, the protocol type of the data stream is determined to be a fieldbus protocol type.
Optionally, in a case that the protocol type of the data stream is an industrial ethernet protocol type, the field semantic parsing unit 502 is configured to:
for each data stream whose protocol type is an industrial ethernet protocol type:
and calculating the information entropy of each byte in the data stream and the mutual information quantity between adjacent bytes by using a preset character string segmentation algorithm, and determining each segmentation point of the data stream according to the information entropy and the mutual information quantity.
The data stream is divided into a plurality of fields according to the respective division points.
And acquiring a protocol format matched with the Ethernet protocol stream identifier according to the Ethernet protocol stream identifier in the protocol type of the data stream.
For each field: and determining a first semantic analysis result of each field according to the protocol format matched with the Ethernet protocol stream identifier by using a preset reverse analysis algorithm, wherein the first semantic analysis result comprises the semantics and the data type of each field.
Optionally, in a case that the protocol type of the data stream is a fieldbus protocol type, the field semantic parsing unit 502 is further configured to:
for each data stream whose protocol type is a fieldbus protocol type:
and determining the bus protocol stream identifier of the data stream according to the byte length of the data stream, and obtaining a protocol format matched with the bus protocol stream identifier.
And dividing the data stream into a control command field, a protocol data field and an end identifier field according to a protocol format matched with the bus protocol stream identification by using a preset byte semantic inference algorithm.
And determining each subfield in the protocol data field according to the protocol format matched with the bus protocol stream identification by using a preset byte semantic inference algorithm, and performing semantic analysis on the control command field, each subfield and the end character field to obtain a second semantic analysis result of each field and each subfield, wherein the second semantic analysis result comprises the semantics and the data type of each field or each subfield.
Optionally, the key field determining unit 503 is configured to:
and acquiring industrial control data of each display area in the industrial human-computer interface by using a preset image recognition algorithm.
And for the industrial control data of each display area:
and acquiring a target data stream according to the industrial control data of the display area, wherein the target data stream is a data stream with a field matched with the data code of the industrial control data of the display area.
And comparing the constant data sequence in the industrial control data of the display area with the industrial control data field of the target data stream by using a preset sequence comparison algorithm, determining a comparison consistent field in the industrial control data field as an area identification field, and determining the meaning of the constant data sequence identified by the preset image identification algorithm as the meaning of the area identification field.
And comparing the non-constant data sequence in the industrial control data of the display area with the industrial control data field of the target data stream by using a preset sequence comparison algorithm, determining a comparison consistent field in the industrial control data field as a variable data field, and determining the meaning of the non-constant data sequence identified by the preset image identification algorithm as the meaning of the variable data field.
An embodiment of the present invention further provides a semantic parsing device for an industrial control protocol, and as shown in fig. 6, the semantic parsing device includes:
a processor 601;
a memory 602 for storing instructions executable by the processor 601.
Wherein, the processor 601 is configured to execute instructions to implement the semantic parsing method of any industrial control protocol as shown in fig. 1.
An embodiment of the present invention further provides a computer-readable storage medium, where when an instruction in the computer-readable storage medium is executed by a processor of a semantic parsing device of an industrial control protocol, the semantic parsing device is enabled to execute any one of the above semantic parsing methods of the industrial control protocol as shown in fig. 1.
The memory may include volatile memory in a computer readable medium, Random Access Memory (RAM) and/or nonvolatile memory such as Read Only Memory (ROM) or flash memory (flash RAM), and the memory includes at least one memory chip. The memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Disks (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in the process, method, article, or apparatus that comprises the element.
All the embodiments in the present specification are described in a related manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
The above are merely examples of the present application and are not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.

Claims (10)

1. A semantic parsing method of an industrial control protocol is characterized by comprising the following steps:
identifying each data stream from bus protocol streams according to the requirement of a preset protocol header format by using a preset multi-mode matching algorithm, determining the protocol type of the data stream meeting the requirement of the preset protocol header format as an industrial Ethernet protocol type, and determining the protocol type of the data stream not meeting the requirement of the preset protocol header format as a field bus protocol type;
using a protocol format corresponding to the protocol type to divide fields of each data stream, and performing semantic analysis on each field of each data stream according to the protocol format to obtain a semantic analysis result of each field;
and acquiring an industrial human-computer interface, identifying the industrial human-computer interface, acquiring industrial control data of each display area in the industrial human-computer interface, and determining the positions and meanings of area identification fields and variable data fields in each data stream based on the industrial control data and industrial control data fields, wherein the industrial control data fields are fields of which the data types in the semantic analysis results are industrial control data.
2. The method according to claim 1, wherein the identifying each data stream from bus protocol streams according to a preset protocol header format requirement by using a preset multi-pattern matching algorithm, determining a protocol type of a data stream meeting the preset protocol header format requirement as an industrial ethernet protocol type, and determining a protocol type of a data stream not meeting the preset protocol header format requirement as a field bus protocol type comprises:
for each data stream in the bus protocol stream:
judging whether the data stream contains protocol header data or not by using the preset multi-mode matching algorithm, if so, determining the industrial Ethernet protocol type matched with the protocol header data of the data stream in the preset protocol header format requirement as the protocol type of the data stream;
and determining the protocol type of the data stream as the field bus protocol type under the condition that the data stream does not contain the protocol header data.
3. The method according to claim 2, wherein in a case that a protocol type of a data stream is the industrial ethernet protocol type, the performing field division on each data stream by using a protocol format corresponding to the protocol type, and performing semantic parsing on each field of each data stream according to the protocol format to obtain a semantic parsing result of each field, includes:
for each data stream with the protocol type being the industrial Ethernet protocol type:
calculating the information entropy of each byte in the data stream and the mutual information quantity between adjacent bytes by using a preset character string segmentation algorithm, and determining each segmentation point of the data stream according to the information entropy and the mutual information quantity;
dividing the data stream into a plurality of fields according to each division point;
according to the Ethernet protocol stream identification in the protocol type of the data stream, acquiring a protocol format matched with the Ethernet protocol stream identification;
for each field: and determining a first semantic analysis result of each field according to the protocol format matched with the Ethernet protocol stream identifier by using a preset reverse analysis algorithm, wherein the first semantic analysis result comprises the semantics and the data type of each field.
4. The method according to claim 3, wherein in the case that the protocol type of the data stream is the fieldbus protocol type, the method further comprises:
for each data stream whose protocol type is the fieldbus protocol type:
determining a bus protocol stream identifier of the data stream according to the byte length of the data stream, and obtaining a protocol format matched with the bus protocol stream identifier;
dividing the data stream into a control command field, a protocol data field and an end character field according to the protocol format matched with the bus protocol stream identification by using a preset byte semantic inference algorithm;
and determining each subfield in the protocol data field according to the protocol format matched with the bus protocol stream identification by using the preset byte semantic inference algorithm, and performing semantic analysis on the control command field, each subfield and the end identifier field to obtain a second semantic analysis result of each field and each subfield, wherein the second semantic analysis result comprises the semantics and the data type of each field or each subfield.
5. The method of claim 1, wherein the obtaining an industrial human machine interface, identifying the industrial human machine interface, obtaining industrial control data for each display region in the industrial human machine interface, and determining the location and meaning of a region identification field and a variable data field in each data stream based on the industrial control data and the industrial control data fields comprises:
acquiring industrial control data of each display area in the industrial human-computer interface by using a preset image recognition algorithm;
and for the industrial control data of each display area:
acquiring a target data stream according to the industrial control data of the display area, wherein the target data stream is a data stream with a field matched with the data code of the industrial control data of the display area;
comparing a constant data sequence in the industrial control data of the display area with an industrial control data field of the target data stream by using a preset sequence comparison algorithm, determining a comparison consistent field in the industrial control data field as the area identification field, and determining the meaning of the constant data sequence identified by the preset image identification algorithm as the meaning of the area identification field;
and performing sequence comparison on a non-constant data sequence in the industrial control data of the display area and an industrial control data field of the target data stream by using the preset sequence comparison algorithm, determining a comparison consistent field in the industrial control data field as the variable data field, and determining the meaning of the non-constant data sequence identified by the preset image identification algorithm as the meaning of the variable data field.
6. A semantic analysis system of an industrial control protocol, which is characterized by comprising:
the protocol type determining unit is used for identifying each data stream from bus protocol streams according to the requirement of a preset protocol header format by utilizing a preset multi-mode matching algorithm, determining the protocol type of the data stream meeting the requirement of the preset protocol header format as an industrial Ethernet protocol type, and determining the protocol type of the data stream not meeting the requirement of the preset protocol header format as a field bus protocol type;
a field semantic analysis unit, which uses a protocol format corresponding to the protocol type to divide fields of each data stream, and performs semantic analysis on each field of each data stream according to the protocol format to obtain a semantic analysis result of each field;
and the key field determining unit is used for obtaining an industrial human-computer interface, identifying the industrial human-computer interface, obtaining industrial control data of each display area in the industrial human-computer interface, and determining the positions and meanings of an area identification field and a variable data field in each data stream based on the industrial control data and the industrial control data field, wherein the industrial control data field is a field of which the data type is industrial control data in the semantic analysis result.
7. Semantic parsing system according to claim 6, characterized in that the protocol type determination unit is arranged to:
for each data stream in the bus protocol stream:
judging whether the data stream contains protocol header data, if so, determining the industrial Ethernet protocol type matched with the protocol header data of the data stream in the preset protocol header format requirement as the protocol type of the data stream;
and determining the protocol type of the data stream as the field bus protocol type under the condition that the data stream does not contain the protocol header data.
8. The semantic parsing system of claim 6 wherein the key field determination unit is configured to:
acquiring industrial control data of each display area in the industrial human-computer interface by using a preset image recognition algorithm;
and for the industrial control data of each display area:
acquiring a target data stream according to the industrial control data of the display area, wherein the target data stream is a data stream with a field matched with the data code of the industrial control data of the display area;
comparing a constant data sequence in the industrial control data of the display area with an industrial control data field of the target data stream by using a preset sequence comparison algorithm, determining a comparison consistent field in the industrial control data field as the area identification field, and determining the meaning of the constant data sequence identified by the preset image identification algorithm as the meaning of the area identification field;
and comparing the non-constant data sequence in the industrial control data of the display area with the industrial control data field of the target data stream by using the preset sequence comparison algorithm, determining the comparison consistent field in the industrial control data field as the variable data field, and determining the meaning of the non-constant data sequence identified by the preset image identification algorithm as the meaning of the variable data field.
9. A semantic analysis device of an industrial control protocol is characterized by comprising:
a processor;
a memory for storing the processor-executable instructions;
wherein the processor is configured to execute the instructions to implement the semantic parsing method of the industrial control protocol according to any one of claims 1 to 5.
10. A computer-readable storage medium, wherein instructions in the computer-readable storage medium, when executed by a processor of a semantic resolution device of an industrial control protocol, enable the semantic resolution device to perform the semantic resolution method of the industrial control protocol according to any one of claims 1 to 5.
CN202210723745.5A 2022-06-24 2022-06-24 Semantic analysis method, system and equipment of industrial control protocol and storage medium Active CN115134433B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210723745.5A CN115134433B (en) 2022-06-24 2022-06-24 Semantic analysis method, system and equipment of industrial control protocol and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210723745.5A CN115134433B (en) 2022-06-24 2022-06-24 Semantic analysis method, system and equipment of industrial control protocol and storage medium

Publications (2)

Publication Number Publication Date
CN115134433A true CN115134433A (en) 2022-09-30
CN115134433B CN115134433B (en) 2024-03-29

Family

ID=83379282

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210723745.5A Active CN115134433B (en) 2022-06-24 2022-06-24 Semantic analysis method, system and equipment of industrial control protocol and storage medium

Country Status (1)

Country Link
CN (1) CN115134433B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116112409A (en) * 2023-02-17 2023-05-12 上海致景信息科技有限公司 Industrial equipment protocol automatic analysis method, system, medium and computer

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101035111A (en) * 2007-04-13 2007-09-12 北京启明星辰信息技术有限公司 Intelligent protocol parsing method and device
CN103188267A (en) * 2013-03-27 2013-07-03 中国科学院声学研究所 Protocol analyzing method based on DFA (Deterministic Finite Automaton)
CN103595729A (en) * 2013-11-25 2014-02-19 北京锐安科技有限公司 Protocol analysis method and device
CN109547409A (en) * 2018-10-19 2019-03-29 中国电力科学研究院有限公司 A kind of method and system for being parsed to industrial network transport protocol
WO2020143226A1 (en) * 2019-01-07 2020-07-16 浙江大学 Industrial control system intrusion detection method based on integrated learning
CN111585832A (en) * 2020-04-01 2020-08-25 浙江树人学院(浙江树人大学) Industrial control protocol reverse analysis method based on semantic pre-mining
CN111723579A (en) * 2020-06-17 2020-09-29 国家计算机网络与信息安全管理中心 Industrial control protocol field and semantic reverse inference method
CN114553983A (en) * 2022-03-03 2022-05-27 沈阳化工大学 Deep learning-based high-efficiency industrial control protocol analysis method

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101035111A (en) * 2007-04-13 2007-09-12 北京启明星辰信息技术有限公司 Intelligent protocol parsing method and device
CN103188267A (en) * 2013-03-27 2013-07-03 中国科学院声学研究所 Protocol analyzing method based on DFA (Deterministic Finite Automaton)
CN103595729A (en) * 2013-11-25 2014-02-19 北京锐安科技有限公司 Protocol analysis method and device
CN109547409A (en) * 2018-10-19 2019-03-29 中国电力科学研究院有限公司 A kind of method and system for being parsed to industrial network transport protocol
WO2020143226A1 (en) * 2019-01-07 2020-07-16 浙江大学 Industrial control system intrusion detection method based on integrated learning
CN111585832A (en) * 2020-04-01 2020-08-25 浙江树人学院(浙江树人大学) Industrial control protocol reverse analysis method based on semantic pre-mining
CN111723579A (en) * 2020-06-17 2020-09-29 国家计算机网络与信息安全管理中心 Industrial control protocol field and semantic reverse inference method
CN114553983A (en) * 2022-03-03 2022-05-27 沈阳化工大学 Deep learning-based high-efficiency industrial control protocol analysis method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
程必成;刘仁辉;赵云飞;许凤凯;: "非标工业控制协议格式逆向方法研究", 电子技术应用, no. 04, 6 April 2018 (2018-04-06) *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116112409A (en) * 2023-02-17 2023-05-12 上海致景信息科技有限公司 Industrial equipment protocol automatic analysis method, system, medium and computer

Also Published As

Publication number Publication date
CN115134433B (en) 2024-03-29

Similar Documents

Publication Publication Date Title
JP5671320B2 (en) Information processing apparatus, control method therefor, and program
JP2020027649A (en) Method, apparatus, device and storage medium for generating entity relationship data
CN112417515B (en) Configuration software protocol processing method and system
CN115134433B (en) Semantic analysis method, system and equipment of industrial control protocol and storage medium
CN103095726A (en) Processing method and device of protocol interpreter
CN112085087A (en) Method and device for generating business rules, computer equipment and storage medium
CN113315851A (en) Domain name detection method, device and storage medium
CN112437064A (en) Data transmission method, data reading method, device, equipment and storage medium
CN115017441A (en) Asset classification method and device, electronic equipment and storage medium
CN112839055B (en) Network application identification method and device for TLS encrypted traffic and electronic equipment
CN113590421B (en) Log template extraction method, program product and storage medium
CN107329947A (en) Determination method, device and the equipment of Similar Text
US11490134B2 (en) Method and system for codec of visual feature data
CN113536770A (en) Text analysis method, device and equipment based on artificial intelligence and storage medium
CN109660627A (en) A kind of integrated management control platform of internet of things equipment
CN116033048B (en) Multi-protocol analysis method of Internet of things, electronic equipment and storage medium
CN112527862A (en) Time sequence data processing method and device
WO2020211380A1 (en) Intelligent recognition method for front-end code in page design, and related device
CN115529475B (en) Method and system for detecting and wind controlling video flow content
KR20240081721A (en) Name service-based processing method and system using communication data of iot collected data
CN115392238A (en) Equipment identification method, device, equipment and readable storage medium
CN111160334B (en) Labeling attribution confirmation method, device and equipment
CN114385468A (en) Log analysis method, system and related components
CN114254642A (en) Entity information processing method, device, electronic equipment and medium
CN112131858A (en) Power grid panoramic model importing automatic adaptation method and device and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant