CN115543854A - Source code security analysis method, device, equipment and readable storage medium - Google Patents
Source code security analysis method, device, equipment and readable storage medium Download PDFInfo
- Publication number
- CN115543854A CN115543854A CN202211483198.4A CN202211483198A CN115543854A CN 115543854 A CN115543854 A CN 115543854A CN 202211483198 A CN202211483198 A CN 202211483198A CN 115543854 A CN115543854 A CN 115543854A
- Authority
- CN
- China
- Prior art keywords
- source code
- feature library
- rule feature
- rule
- analysis
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004458 analytical method Methods 0.000 title claims abstract description 76
- 238000003860 storage Methods 0.000 title claims abstract description 16
- 238000001514 detection method Methods 0.000 claims abstract description 57
- 230000007547 defect Effects 0.000 claims abstract description 56
- 230000002159 abnormal effect Effects 0.000 claims abstract description 20
- 230000006399 behavior Effects 0.000 claims description 73
- 230000006870 function Effects 0.000 claims description 46
- 238000000034 method Methods 0.000 claims description 40
- 238000000605 extraction Methods 0.000 claims description 9
- 238000010276 construction Methods 0.000 claims description 7
- 239000000126 substance Substances 0.000 claims 1
- 230000003014 reinforcing effect Effects 0.000 abstract 1
- 238000003754 machining Methods 0.000 description 16
- 238000005520 cutting process Methods 0.000 description 15
- 238000012545 processing Methods 0.000 description 13
- 238000004590 computer program Methods 0.000 description 9
- 238000004891 communication Methods 0.000 description 8
- 238000004519 manufacturing process Methods 0.000 description 8
- 230000008569 process Effects 0.000 description 8
- 238000010586 diagram Methods 0.000 description 7
- 230000003287 optical effect Effects 0.000 description 3
- 238000012550 audit Methods 0.000 description 2
- 239000002173 cutting fluid Substances 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 238000009411 base construction Methods 0.000 description 1
- 210000004556 brain Anatomy 0.000 description 1
- 230000015556 catabolic process Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 230000008094 contradictory effect Effects 0.000 description 1
- 239000000110 cooling liquid Substances 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000012938 design process Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 239000007788 liquid Substances 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000001953 sensory effect Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000007514 turning Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3688—Test management for test execution, e.g. scheduling of test suites
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F40/00—Handling natural language data
- G06F40/20—Natural language analysis
- G06F40/253—Grammatical analysis; Style critique
Abstract
The embodiment of the disclosure provides a source code security analysis method, a source code security analysis device, a source code security analysis equipment and a readable storage medium; relates to the technical field of source code detection. The source code security analysis method comprises the following steps: establishing a source code rule feature library and a business behavior baseline model rule feature library; extracting a source code; performing lexical feature and syntactic feature matching detection on the source code according to a source code rule feature library to obtain a defect detection result; performing behavior characteristic matching on the business behavior according to the business behavior baseline model rule characteristic library to obtain an abnormal operation detection result; and combining the defect detection result and the abnormal operation detection result for analysis to generate an analysis result. In this way, security defect analysis can be carried out to the source code from multiple dimensionality, and the analysis result is comprehensive reliable, and readability reinforcing has promoted the accuracy of detection and analysis.
Description
Technical Field
The present disclosure relates to the field of software detection, and more particularly, to the field of source code detection technology.
Background
Smart manufacturing is the main attack direction and breakthrough of the fusion of two depths in new potentials. Intelligent manufacturing is manifested in product and manufacturing equipment intelligence, design and manufacturing process intelligence, and process flow and service intelligence, all of which are carried by intelligent factories. The numerical control machine tool is an important component of an industrial control system, is core equipment in the field of intelligent manufacturing at present, is key equipment in the production and processing industry, and the numerical control system is used as the brain of the machine tool and determines the function and performance of the machine tool. However, once important data leakage, whole breakdown of the production line and other network security events occur, serious impact is inevitably caused to the development of the manufacturing industry.
The numerical control network environment is closed, the equipment is complex such as a CNC controller, a PLC controller and numerical control special application software, a special numerical control protocol and G processing numerical control codes are adopted, some static analysis tools aiming at the traditional code language are available on the market at present, but no system and method specially aiming at the numerical control device processing codes exist.
Disclosure of Invention
The disclosure provides a source code security analysis method, a source code security analysis device, a source code security analysis equipment and a readable storage medium.
According to a first aspect of the present disclosure, there is provided a source code security analysis method, including:
establishing a source code rule feature library and a business behavior baseline model rule feature library;
extracting a source code;
performing lexical feature and syntactic feature matching detection on the source code according to a source code rule feature library to obtain a defect detection result;
performing behavior characteristic matching on the business behavior according to the business behavior baseline model rule characteristic library to obtain an abnormal operation detection result;
and combining the defect detection result and the abnormal operation detection result for analysis to generate an analysis result.
In some implementations of the first aspect, the extracting the source code includes:
firmware extraction, namely extracting a source code through a debugging interface;
and copying the data, and exporting the source code to the USB flash disk through an export function of the equipment.
In some implementations of the first aspect, the source code rule feature library includes: the system comprises a source code subprogram naming rule feature library, a variable range rule feature library, a program definition rule feature library and a function instruction rule feature library.
In some implementations of the first aspect, the source code subroutine naming rule feature library includes: a macro program naming rule feature library and/or a function source code program naming rule feature library.
In some implementation manners of the first aspect, the performing, according to the business behavior baseline model rule feature library, behavior feature matching on the business behavior, and obtaining an abnormal operation detection result includes:
detecting the matching condition of the coordinate value in the control instruction in the functional source code and the service baseline value: if not, an exception operation is prompted to exist.
In some implementations of the first aspect, the source code includes a numerical control G, T, S, M code, and the business behavior baseline model rule feature library includes a business behavior baseline model rule feature library corresponding to the numerical control G, T, S, M code.
In some implementations of the first aspect, constructing the business behavior baseline model rule feature library includes:
respectively detecting the matching condition of coordinate values in motion control commands in a plurality of different functional source codes and a service baseline value: if not, then there is a defect result;
and constructing a business behavior baseline model rule characteristic library according to a plurality of defect detection results.
According to a second aspect of the present disclosure, there is provided a source code security analysis apparatus, including:
the rule characteristic library construction module is used for constructing a source code rule characteristic library and a business behavior baseline model rule characteristic library;
the source code extraction module is used for extracting a source code;
the lexical and syntactic matching detection module is used for performing lexical and syntactic characteristic matching detection on the source codes according to the source code rule characteristic library to obtain a defect detection result;
the business baseline behavior detection module is used for performing behavior characteristic matching on the business behavior according to the business behavior baseline model rule characteristic library to obtain an abnormal operation detection result;
and the source code security defect analysis module is used for combining the defect detection result and the abnormal operation detection result for analysis to generate an analysis result.
According to a third aspect of the present disclosure, there is provided an electronic device comprising: a memory having a computer program stored thereon and a processor implementing the method as described above when executing the program.
According to a fourth aspect of the present disclosure, there is provided a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements a method as in accordance with the first aspect of the present disclosure.
The numerical control code is extracted in various modes, the variable range of the numerical control code and the format, function and instruction analysis of a program are performed from various dimensions, a word and grammar defect feature library and an attribute feature library are constructed, the word and grammar defect features are performed, the security defect analysis is performed by matching the attribute features, and the security defect of the numerical control code is analyzed more comprehensively and accurately. The method comprises the steps of establishing a behavior feature library by adopting a security service baseline behavior feature analysis method, matching behavior feature defects by adopting a feature matching algorithm based on behavior flow traversal, analyzing security defects, and enabling the analyzed security defects to be more comprehensive and have stronger readability. Based on the method, the safety analysis can be carried out on the numerical control machining code, and the accuracy and the comprehensiveness of the audit code are improved.
It should be understood that the statements herein reciting aspects are not intended to limit the critical or essential features of the embodiments of the present disclosure, nor are they intended to limit the scope of the present disclosure. Other features of the present disclosure will become apparent from the following description.
Drawings
The above and other features, advantages and aspects of various embodiments of the present disclosure will become more apparent by referring to the following detailed description when taken in conjunction with the accompanying drawings. The drawings are included to provide a better understanding of the present solution and are not to be construed as limiting the present disclosure. In the drawings, like or similar reference characters designate like or similar elements, and wherein:
FIG. 1 illustrates an exemplary operating environment in which embodiments of the present disclosure can be implemented;
FIG. 2 illustrates a flow diagram of a source code security analytics method, in accordance with an embodiment of the present disclosure;
fig. 3 shows a block diagram of a source code security analysis apparatus according to an embodiment of the present disclosure;
FIG. 4 illustrates a block diagram of an exemplary electronic device capable of implementing embodiments of the present disclosure.
Detailed Description
To make the objects, technical solutions and advantages of the embodiments of the present disclosure more apparent, the technical solutions in the embodiments of the present disclosure will be described clearly and completely with reference to the drawings in the embodiments of the present disclosure, and it is obvious that the described embodiments are some, but not all embodiments of the present disclosure. All other embodiments, which can be derived by a person skilled in the art from the embodiments disclosed herein without making any creative effort, shall fall within the protection scope of the present disclosure.
In addition, the term "and/or" herein is only one kind of association relationship describing the association object, and means that there may be three kinds of relationships, for example, a and/or B, and may mean: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" herein generally indicates that the former and latter related objects are in an "or" relationship.
According to the method and the device, the numerical control codes are extracted in various modes, the variable ranges of the numerical control codes and the formats, functions and instructions of programs are analyzed from various dimensions, a word grammar defect feature library and an attribute feature library are built, the word grammar defect features are performed, the attribute features are matched to perform safety defect analysis, and the safety defects of the numerical control codes are analyzed more comprehensively and accurately. The method comprises the steps of establishing a behavior feature library by adopting a security service baseline behavior feature analysis method, matching behavior feature defects by adopting a feature matching algorithm based on behavior flow traversal, analyzing security defects, and enabling the analyzed security defects to be more comprehensive and have stronger readability. Based on the method, the safety analysis can be carried out on the numerical control machining code, and the accuracy and the comprehensiveness of the audit code are improved.
FIG. 1 illustrates an exemplary operating environment in which embodiments of the present disclosure can be implemented.
As shown in fig. 1, the present disclosure provides a source code security analysis method and apparatus.
In the present disclosure, first, a numerical control machining code is extracted, wherein the numerical control machining code includes a numerical control macro program, numerical control G, T, S, M codes. And inputting the extracted numerical control machining codes into a source code rule feature library, and performing lexical and grammatical feature matching and attribute feature matching on the numerical control machining codes according to dimensions such as program formats, macro variable ranges, macro program formats, macro program functions, instructions and the like of the numerical control machining codes to generate defect results of the numerical control machining codes. Meanwhile, a safety business baseline behavior characteristic analysis method is adopted to construct a business behavior baseline model rule characteristic library which comprises a linear cutting feed rule, a rapid positioning rule, an arc cutting feed rule and the like, a characteristic matching algorithm based on behavior flow traversal is adopted to carry out behavior characteristic defect matching, and when a violation business baseline rule is detected in a numerical control code, abnormal operation prompt corresponding to the baseline rule is carried out. And finally, analyzing and generating a source code safety analysis result according to the detected and analyzed generated source code safety defects and the abnormal operation prompt of the business behavior.
Fig. 2 shows a flow diagram of a source code security analysis method according to an embodiment of the present disclosure.
As shown in fig. 2, the source code security analysis method 200 includes:
s201: establishing a source code rule feature library and a business behavior baseline model rule feature library;
s202: extracting a source code;
s203: performing lexical feature and syntactic feature matching detection on the source code according to a source code rule feature library to obtain a defect detection result;
s204: performing behavior characteristic matching on the business behavior according to the business behavior baseline model rule characteristic library to obtain an abnormal operation detection result;
s205: and combining the defect detection result and the abnormal operation detection result for analysis to generate an analysis result.
In S201, the constructing a source code rule feature library and a business behavior baseline model rule feature library includes:
the source code rule feature library comprises: the system comprises a source code subprogram naming rule feature library, a variable range rule feature library, a program definition rule feature library and a function instruction rule feature library.
The source code subprogram naming rule feature library comprises: a macro program naming rule feature library and/or a function source code program naming rule feature library.
The method for establishing the business behavior baseline model rule feature library comprises the following steps:
respectively detecting the matching condition of coordinate values in motion control commands in a plurality of different functional source codes and a service baseline value: if not, there is a defect result;
and according to a plurality of defect detection results, establishing a business behavior baseline model rule feature library.
According to the embodiment of the disclosure, the numerical control processing codes comprise numerical control macro programs and numerical control G, T, S and M codes, lexical feature and grammatical feature matching is carried out by analyzing numerical control program naming specifications, code variable ranges, macro program formats and macro program function instructions, a defect feature library is constructed, and a macro process, G, T, S and M naming rule feature library, a variable range rule feature library, a program format rule feature library, a function instruction rule feature library and the like are respectively constructed. The rule base construction method comprises the following steps: (1) In the program naming rule, the former symbol must be letter or number, and the rest symbols can be letter, number and underline; the program name has 24 characters at most; no delimiter is allowed to be used between characters; the common program section formats are N \8230, G \8230, X \8230, Y \8230, Z \8230, F \8230S8230D 8230, T \8230, M \8230andM \8230. And establishing a program naming rule feature library by analyzing the program naming rule. (2) And macro variable ranges, wherein the macro variables can be assigned by "=", macro variable use ranges such as #0 to #199 represent parameters open to users, #200 to #999 represent system reserved intervals and other parameter use, and #1000 to #1499 represent channel sharing parameters. And establishing a macro variable rule characteristic library by analyzing the macro variable range. (3) And in the macro program format, the numerical control system macro program expression adopts "+ -/" to represent addition, subtraction, multiplication and division, the operation priority is improved by adopting "[ ]", and the IF condition jump expression format is an IF [ expression ] THEN. And establishing a program format rule feature library by analyzing the macro program format. (4) And establishing a function instruction rule feature library by analyzing built-in functions and parameters of the numerical control codes.
According to the embodiment of the disclosure, the macro program and the functional source code program are constructed independently or jointly, and one or two of the macro program and the functional source code program can be selected to construct the naming rule feature library in combination with the requirement of actual security analysis, so that the flexibility and convenience of the source code security analysis method can be improved, and the execution efficiency of the source code security analysis is ensured.
According to the embodiment of the disclosure, through setting of specific construction rules of the naming rules of the functional source code program, the corresponding character use rules, the limitation of the number of characters and the prohibition of use of separators between characters are respectively set at different use positions of the naming characters, so that the naming mode of the functional source code program can be standardized, and a complete naming rule feature library is further established.
In some embodiments, the function instruction rule feature library is constructed as follows:
analyzing all built-in functions and parameters of the source code, acquiring all built-in function instructions of the source code, and constructing a function instruction rule feature library.
According to the embodiment of the disclosure, the use range of the macro variable parameter can be distinguished, the use categories of different macro variable parameters can be effectively identified, the establishing speed of the macro variable rule feature library is further improved, and the high-reliability establishing of the macro variable rule feature library is realized.
According to the embodiment of the disclosure, all built-in function functions and instructions of the source code can be obtained based on the analysis of all built-in functions and parameters of the source code, and a function instruction rule feature library is constructed; and a function is obtained through analysis of built-in functions and parameters, and a function instruction rule feature library is further constructed, so that the function instruction rule feature library with high reliability is obtained.
In some embodiments, the source code subprogram naming rule feature library comprises a macro procedure naming rule feature library, and the macro procedure naming rule feature library construction method comprises the following steps: and constructing an operation rule, defining operation priority, and setting a program code format to complete the construction of a macro program naming rule feature library.
According to the embodiment of the disclosure, the construction of the macro program naming rule feature library can be completed based on the setting of the operation rule, the operation priority, the program code format and the like, so that the naming rule feature information can be effectively obtained, and a reliable macro program naming rule feature library can be constructed.
According to the embodiment of the disclosure, a business behavior baseline model rule feature library is constructed to analyze the business baseline behavior. Generally, the tool rest of a numerically controlled machine tool is operated to perform one or more specific machining actions, such as linear cutting feed G01, fast positioning G00, circular cutting feed (G02, G03), and the like. An example of establishing a service behavior baseline characteristic by linear cutting feed is shown, a G01X _ Y _ F _ motion control command is shown, X _ Y _ is an end point coordinate of each logic axis, F _ is a feed speed, so that a cutter is fed to the end point coordinate at a fixed speed F according to a linear and X, Y coordinate track, and the linear cutting feed baseline 1 is defined. When the X _ Y _ value in the G01 instruction in the numerical control code is detected to be unequal to the service baseline value, the defect that the linear cutting feeding rule is violated and the original motion track is deviated is analyzed, and when the F _ value in the G01 instruction in the numerical control code is detected to be greater than the baseline value, the defect that the linear cutting feeding rule is violated and the feeding speed is too high is analyzed. By analogy, a numerical control business behavior baseline characteristic library can be established, and the library comprises a linear cutting feeding rule, a rapid positioning rule, an arc cutting feeding rule and the like, and when the numerical control code is detected to have a violation business baseline rule, defect prompt corresponding to the baseline rule is carried out.
In the disclosure, in the field of numerical control machining, source code analysis of a numerical control G code program, a T code program, an S code program, and/or an M code program and the like is specifically realized, and a comprehensive code program rule feature library is established, so that safety defect detection and analysis of a comprehensive numerical control machining code are realized, and safety machining in the field of numerical control machining is effectively guaranteed.
In S202, the extracting the source code includes:
firmware extraction, namely extracting a source code through a debugging interface;
and copying the data, and exporting the source code to the USB flash disk through an export function of the equipment.
According to an embodiment of the present disclosure, two ways of code extraction specifically include: (1) firmware extraction: the debugging interface is extracted, for the firmware equipment with codes stored in the chip, part of firmware equipment manufacturers can reserve the debugging interface in the equipment to carry out subsequent debugging, and for the firmware equipment with the debugging interface, the storage code extraction mode mainly comprises two modes of debugging a port through a circuit board and debugging pins through a chip, reverse analysis is carried out on the firmware equipment, a source code is obtained, and in the field of numerical control processing, a numerical control code is obtained. (2) And copying data, namely inserting a U disk into a system hardware interface on a human-computer operation interface, clicking the export function of the interface, exporting the source code to the U disk, wherein the method can be applied to the field of numerical control processing, and exporting the numerical control source code of the cnc suffix to the U disk.
In S203, according to the source code rule feature library, lexical feature and syntactic feature matching detection is performed on the source code, so as to obtain a defect detection result.
According to the embodiment of the disclosure, the numerical control processing codes comprise numerical control macro programs and numerical control G, T, S and M codes, lexical feature and grammatical feature matching is carried out by analyzing numerical control program naming specifications, code variable ranges, macro program formats and macro program function instructions, a defect feature library is constructed, macro procedures, G, T, S and M naming rule feature libraries, variable range rule feature libraries, program format rule feature libraries, function instruction rule feature libraries and the like are respectively constructed, matching detection is carried out by combining corresponding rule feature libraries based on a lexical and grammatical feature matching algorithm, and then variable range errors, program format errors, function parameter errors, instruction error prompts and the like are output, so that source code defect analysis results are obtained.
In some embodiments, the lexical analysis is a process of traversing numerical control codes (in the form of character strings) opened in a file with cnc as a suffix or input from an interface in the system, searching whether the numerical control codes have out-of-specification characters and unrecognizable instructions, including G codes and M codes which do not belong to the numerical control system, and finally checking the numerical format behind the characters and limit errors. And giving error prompt to illegal characters which are not analyzed by the lexical method, and finally transmitting the correct character sequence to a syntax analysis program for syntax analysis.
The grammar analysis is a process of taking a program segment as a check unit, searching relevant grammar rules according to program instructions, then calling relevant grammar check units, requesting to continuously read fields according to the grammar rules, and judging whether the currently read fields are matched with the program instructions.
In some embodiments, semantic analysis is further included, and the semantic analysis refers to inquiring whether the logical relationship of the instructions between the program segments is correct or not according to the semantic rules of the numerical control codes, and checking whether semantic errors exist between the program segments and the program segments of the whole program. In the semantic analysis of the numerical control source program, the system does not generate intermediate codes, and mainly checks the logic errors of the numerical control program, namely the logic relations between the functional codes in one numerical control machining program section or the whole numerical control machining program are mutually exclusive and contradictory errors.
According to the embodiment of the disclosure, matching detection is performed by combining a corresponding rule base based on a lexical and syntactic characteristic matching algorithm, and then source code safety defects such as variable range errors, program format errors, function parameter errors, instruction error prompts and the like are output.
In S204, the performing behavior feature matching on the business behavior according to the business behavior baseline model rule feature library, and acquiring an abnormal operation detection result includes:
detecting the matching condition of the coordinate value in the control instruction in the functional source code and the service baseline value: if not, an exception operation is prompted to exist.
According to the above method, there is further provided an implementation:
the functional source code program comprises numerical control G, T, S and M codes, and the business behavior baseline model rule feature library comprises business behavior baseline model rule feature libraries corresponding to the numerical control G, T, S and M codes.
In general, according to the embodiments of the present disclosure, the tool rest of the numerically controlled machine tool operates to perform one or more specific machining actions, such as linear cutting feed G01, fast positioning G00, circular cutting feed (G02, G03), and the like. An example of establishing a business behavior baseline characteristic with a straight cut feed, a G01X _ Y _ F _ motion control command, is illustrated. X _, Y _, and F _ are the end point coordinates of each logical axis, and F _ is the feeding speed, so that the tool is fed to the end point coordinates in a straight line and in an X, Y coordinate path at a fixed speed F, and the straight line cutting feeding base line 1 is defined. When the X _ Y _ value in the G01 instruction in the numerical control code is detected to be unequal to the service baseline value, the defect that the feeding rule violates the straight line cutting and deviates from the original motion track is analyzed, and when the F _ value in the G01 instruction in the numerical control code is detected to be larger than the baseline value, the defect that the feeding rule violates the straight line cutting and the feeding speed is too large is analyzed.
In some embodiments, the program words in the numerical control programming may be classified into the following categories: g, M, F, and S instructions and work instruction code. The numerical control system uses the numerical control system to describe the operation mode, the machining type, the starting and stopping of the main shaft, the opening and closing of the cooling liquid and other auxiliary functions of the numerical control machine tool, the specified feeding speed, the rotating speed of the main shaft, the selected tool and the like.
In some embodiments, the ready function word is programmed with a letter G followed by a two digit number, also known as a G function or G instruction. There are 100 from G00 to G99. This is the basic numerical control command, followed by the target coordinate values of the machine tool motion, such as specifying the motion coordinate values by X, Y, Z, etc. The G command is mainly used for defining relative motion tracks of a cutter and a workpiece, a coordinate plane of a machine tool coordinate system, cutter compensation and other functions, and is prepared for interpolation operation of a numerical control system, so that the G command is generally positioned in front of a coordinate size word in a program segment.
Specifically, the commonly used G instruction is as follows: g00 rapid positioning, G01 linear interpolation, G02 clockwise circular interpolation or clockwise spiral interpolation, G03 anticlockwise circular interpolation or anticlockwise spiral interpolation, G40 cutter radius compensation cancellation, G41 left side cutter radius compensation, G42 right side cutter radius compensation, G43 cutter length establishment compensation, G44 cutter length compensation cancellation, G90 absolute value mode editing and G91 incremental value mode editing.
The auxiliary function words are also called M functions and are composed of letters M and two following digits, and the number is 100 from M00 to M99. The instructions are mainly used for process instructions during machining operation of a machine tool, and comprise operations of turning and starting and stopping a main shaft, opening and closing a cold liquid system, tightening and loosening a workbench, stopping a program and the like. The commonly used M instruction is as follows: the method comprises the following steps of M00 program pause, spindle stop, tool feed stop, cutting fluid off, M02 program end, stop, spindle, feed, cutting fluid stop, program start return, M03 spindle clockwise rotation, M04 spindle counterclockwise rotation, M05 spindle stop, and M06 tool changing.
Other functional words mainly have F, S and T functions. They are also composed of letters and numbers.
The F-feed function, the latter number directly specifies the feed speed of each shaft, which is given in mm/min.
S-Main shaft function, followed by a number, specifies the main shaft speed in r/min.
T-cutter function, used to select cutters. The T address is followed by a numerical value, i.e. the number of the tool.
In S205, the defect detection result and the abnormal operation detection result are combined and analyzed to generate an analysis result.
According to the embodiment of the disclosure, according to the rule feature library of the business baseline behavior model, in combination with the actual corresponding business baseline source code, under the condition that the business baseline source code is not matched with the actual business baseline value, the safety defect of the business baseline behavior is displayed; the method can match the actual baseline source code of the business baseline behavior with the actual business baseline value to detect the business baseline behavior defect, thereby improving the reliability of the source code security analysis result, directly positioning the specific business baseline behavior and quickly obtaining the source code defect corresponding to the actual business baseline behavior.
The above is a description of embodiments of the method, and the embodiments of the apparatus are further described below.
Fig. 3 shows a block diagram of a source code security analysis apparatus according to an embodiment of the present disclosure.
As shown in fig. 3, the source code security analysis apparatus 300 includes:
a rule feature library construction module 301, configured to construct a source code rule feature library and a business behavior baseline model rule feature library;
a source code extraction module 302, configured to extract a source code;
a lexical and syntactic matching detection module 303, configured to perform lexical feature and syntactic feature matching detection on the source code according to the source code rule feature library, to obtain a defect detection result;
the service baseline behavior detection module 304 is configured to perform behavior feature matching on the service behavior according to the service behavior baseline model rule feature library, and obtain an abnormal operation detection result;
and a source code security defect analysis module 305, configured to combine the defect detection result and the abnormal operation detection result for analysis, so as to generate an analysis result.
It is noted that while for simplicity of explanation, the foregoing method embodiments have been described as a series of acts or combination of acts, it will be appreciated by those skilled in the art that the present disclosure is not limited by the order of acts, as some steps may, in accordance with the present disclosure, occur in other orders and concurrently. Further, those skilled in the art should also appreciate that the embodiments described in the specification are exemplary embodiments and that acts and modules referred to are not necessarily required by the disclosure.
It can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working process of the described module may refer to the corresponding process in the foregoing method embodiment, and is not described herein again.
The present disclosure also provides an electronic device, a readable storage medium, and a computer program product according to embodiments of the present disclosure.
FIG. 4 shows a schematic block diagram of an electronic device 400 that may be used to implement embodiments of the present disclosure. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital processing, cellular phones, smart phones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be examples only, and are not meant to limit implementations of the disclosure described and/or claimed herein.
The device 400 comprises a computing unit 401 which may perform various suitable actions and processes in accordance with a computer program stored in a Read Only Memory (ROM) 402 or a computer program loaded from a storage unit 408 into a Random Access Memory (RAM) 403. In the RAM 403, various programs and data required for the operation of the device 400 can also be stored. The computing unit 401, ROM 402, and RAM 403 are connected to each other via a bus 404. An input/output (I/O) interface 405 is also connected to bus 404.
A number of components in device 400 are connected to I/O interface 405, including: an input unit 406 such as a keyboard, a mouse, or the like; an output unit 407 such as various types of displays, speakers, and the like; a storage unit 408 such as a magnetic disk, optical disk, or the like; and a communication unit 409 such as a network card, modem, wireless communication transceiver, etc. The communication unit 409 allows the device 400 to exchange information/data with other devices via a computer network, such as the internet, and/or various telecommunication networks.
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuitry, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), system on a chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.
Program code for implementing the methods of the present disclosure may be written in any combination of one or more programming languages. These program codes may be provided to a processor or controller of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the program codes, when executed by the processor or controller, cause the functions/operations specified in the flowchart and/or block diagram to be performed. The program code may execute entirely on the machine, partly on the machine, as a stand-alone software package partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. A machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on a computer having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user can provide input to the computer. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic, speech, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), and the Internet.
The computer system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server may be a cloud server, a server of a distributed system, or a server with a combined blockchain.
It should be understood that various forms of the flows shown above may be used, with steps reordered, added, or deleted. For example, the steps described in the present disclosure may be executed in parallel or sequentially or in different orders, and are not limited herein as long as the desired results of the technical solutions of the present disclosure can be achieved.
The above detailed description should not be construed as limiting the scope of the disclosure. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made in accordance with design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present disclosure should be included in the scope of protection of the present disclosure.
Claims (10)
1. A source code security analysis method is characterized by comprising the following steps:
establishing a source code rule feature library and a business behavior baseline model rule feature library;
extracting a source code;
performing lexical feature and syntactic feature matching detection on the source code according to a source code rule feature library to obtain a defect detection result;
performing behavior characteristic matching on the business behavior according to the business behavior baseline model rule characteristic library to obtain an abnormal operation detection result;
and combining the defect detection result and the abnormal operation detection result for analysis to generate an analysis result.
2. The method for security analysis of source code according to claim 1, wherein said extracting the source code comprises:
firmware extraction, namely extracting a source code through a debugging interface;
and copying the data, and exporting the source code to the USB flash disk through an export function of the equipment.
3. The source code security analysis method of claim 1,
the source code rule feature library comprises: the method comprises a source code subprogram naming rule feature library, a variable range rule feature library, a program definition rule feature library and a function instruction rule feature library.
4. The source code security analysis method of claim 3,
the source code subprogram naming rule feature library comprises: a macro program naming rule feature library and/or a function source code program naming rule feature library.
5. The source code security analysis method of claim 1, wherein the performing behavior feature matching on the business behavior according to the business behavior baseline model rule feature library, and obtaining the abnormal operation detection result comprises:
detecting the matching condition of the coordinate value in the control instruction in the functional source code and the service baseline value: if not, an exception operation is prompted.
6. The source code security analysis method of claim 1,
the source code comprises numerical control G, T, S and M codes,
the business behavior baseline model rule feature library comprises a business behavior baseline model rule feature library corresponding to numerical control G, T, S and M codes.
7. The source code security analysis method of claim 4, wherein constructing the business behavior baseline model rule feature library comprises:
respectively detecting the matching condition of coordinate values in motion control commands in a plurality of different functional source codes and a service baseline value: if not, then there is a defect result;
and according to a plurality of defect detection results, establishing a business behavior baseline model rule feature library.
8. A source code security analysis apparatus, comprising:
the rule feature library construction module is used for constructing a source code rule feature library and a business behavior baseline model rule feature library;
the source code extraction module is used for extracting a source code;
the lexical and syntactic matching detection module is used for performing lexical and syntactic characteristic matching detection on the source codes according to the source code rule characteristic library to obtain a defect detection result;
the business baseline behavior detection module is used for performing behavior characteristic matching on the business behavior according to the business behavior baseline model rule characteristic library to obtain an abnormal operation detection result;
and the source code security defect analysis module is used for combining the defect detection result and the abnormal operation detection result for analysis to generate an analysis result.
9. An electronic device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1-7.
10. A non-transitory computer readable storage medium having stored thereon computer instructions for causing the computer to perform the method according to any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211483198.4A CN115543854A (en) | 2022-11-24 | 2022-11-24 | Source code security analysis method, device, equipment and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211483198.4A CN115543854A (en) | 2022-11-24 | 2022-11-24 | Source code security analysis method, device, equipment and readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115543854A true CN115543854A (en) | 2022-12-30 |
Family
ID=84721266
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211483198.4A Pending CN115543854A (en) | 2022-11-24 | 2022-11-24 | Source code security analysis method, device, equipment and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115543854A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115994099A (en) * | 2023-03-22 | 2023-04-21 | 中科航迈数控软件(深圳)有限公司 | Automatic checking method, device and equipment for numerical control machine tool codes and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130014093A1 (en) * | 2010-03-29 | 2013-01-10 | Soft4Soft Co., Ltd. | Code inspection executing system for performing a code inspection of abap source codes |
| CN106774168A (en) * | 2016-12-09 | 2017-05-31 | 中国电子科技网络信息安全有限公司 | A kind of numerical control NC code safety filtering system |
| CN113849413A (en) * | 2021-10-15 | 2021-12-28 | 上海航天计算机技术研究所 | Code rule checking method and system based on knowledge base feature matching |
| CN114282376A (en) * | 2021-12-27 | 2022-04-05 | 含光微纳科技(深圳)有限公司 | Anti-collision and over-cutting-based NC code detection method and device and intelligent terminal |
-
2022
- 2022-11-24 CN CN202211483198.4A patent/CN115543854A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130014093A1 (en) * | 2010-03-29 | 2013-01-10 | Soft4Soft Co., Ltd. | Code inspection executing system for performing a code inspection of abap source codes |
| CN106774168A (en) * | 2016-12-09 | 2017-05-31 | 中国电子科技网络信息安全有限公司 | A kind of numerical control NC code safety filtering system |
| CN113849413A (en) * | 2021-10-15 | 2021-12-28 | 上海航天计算机技术研究所 | Code rule checking method and system based on knowledge base feature matching |
| CN114282376A (en) * | 2021-12-27 | 2022-04-05 | 含光微纳科技(深圳)有限公司 | Anti-collision and over-cutting-based NC code detection method and device and intelligent terminal |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115994099A (en) * | 2023-03-22 | 2023-04-21 | 中科航迈数控软件(深圳)有限公司 | Automatic checking method, device and equipment for numerical control machine tool codes and storage medium |
| CN115994099B (en) * | 2023-03-22 | 2023-05-30 | 中科航迈数控软件(深圳)有限公司 | Automatic checking method, device and equipment for numerical control machine tool codes and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101206467B (en) | Universal numerical control code analysis method | |
| US8577655B2 (en) | System and method for constructing virtual NC controllers for machine tool simulation | |
| CN115543854A (en) | Source code security analysis method, device, equipment and readable storage medium | |
| CN101968767A (en) | Macroprogram-based code debugging and simulation method and device | |
| CN110780879B (en) | Decision execution method, device, equipment and medium based on intelligent compiling technology | |
| CN109710518A (en) | Script checking method and device | |
| US20210397148A1 (en) | Analysis device, analysis method, and recording medium | |
| CN107861721A (en) | Reverse graphical intelligence programming method and apparatus, equipment and storage medium | |
| CN111158663B (en) | Method and system for handling references to variables in program code | |
| CN112445775A (en) | Fault analysis method, device, equipment and storage medium of photoetching machine | |
| US10678514B2 (en) | Method and device for generating code assistance information | |
| CN114282376A (en) | Anti-collision and over-cutting-based NC code detection method and device and intelligent terminal | |
| CN103793653A (en) | Program dependence relationship analysis method and system based on tree optimization | |
| CN107526730B (en) | Translation data management method, storage medium and electronic device | |
| CN108681503A (en) | Safety detection method, device and the equipment of programmable controller program | |
| US20230161319A1 (en) | Computer-implemented method for recognizing an input pattern in at least one time series of a plurality of time series | |
| CN113962211A (en) | Multi-text difference identification method and device and electronic equipment | |
| CN114089980A (en) | Programming processing method, device, interpreter and nonvolatile storage medium | |
| CN112987653B (en) | Method and device for converting Chinese program into G code | |
| CN114328687B (en) | Event extraction model training method and device and event extraction method and device | |
| CN115982059B (en) | Implementation method of Shell script inspection tool | |
| CN115982058B (en) | Error positioning method, device, equipment and medium for computational fluid dynamics code | |
| EP4286966A1 (en) | Analyzing input data of a respective device and/or controlling the respective device method and system | |
| CN107273134B (en) | Numerical control program execution method and device | |
| Xie et al. | Design and implementation of an efficient program interpreter for industrial robot |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20221230 |
|
| RJ01 | Rejection of invention patent application after publication |