CN116010932A - Guarantee system for credibility of industrial Internet of things equipment - Google Patents

Guarantee system for credibility of industrial Internet of things equipment Download PDF

Info

Publication number
CN116010932A
CN116010932A CN202211548260.3A CN202211548260A CN116010932A CN 116010932 A CN116010932 A CN 116010932A CN 202211548260 A CN202211548260 A CN 202211548260A CN 116010932 A CN116010932 A CN 116010932A
Authority
CN
China
Prior art keywords
module
credibility
file
driving
trusted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211548260.3A
Other languages
Chinese (zh)
Inventor
王昂哲
田直
王子鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yangtze Delta Region Institute of Tsinghua University Zhejiang
Original Assignee
Yangtze Delta Region Institute of Tsinghua University Zhejiang
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yangtze Delta Region Institute of Tsinghua University Zhejiang filed Critical Yangtze Delta Region Institute of Tsinghua University Zhejiang
Priority to CN202211548260.3A priority Critical patent/CN116010932A/en
Publication of CN116010932A publication Critical patent/CN116010932A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/02Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]

Abstract

A trusted guarantee system for industrial Internet of things equipment belongs to the technical field of industrial Internet of things. The invention is based on REE and TEE system architecture, comprising a REE terminal: the hardware trusted module is used for extracting hardware characteristics of the equipment when the equipment runs, and calling the characteristic comparison module at the TEE end to compare hardware characteristic codes; the driving trusted module reads a driving file in the driving loading process and invokes the characteristic comparison module to measure the integrity of the driving file; the application trusted module is used for calling and analyzing the binary program of the application in the application loading process, and calling the characteristic comparison module to measure the integrity of the binary program; locate the TEE end: the device comprises a hash algorithm module, a characteristic comparison module and a root file characteristic storage module. The method and the system can effectively ensure the credibility of the industrial Internet of things equipment, and are lower in cost and better in compatibility.

Description

Guarantee system for credibility of industrial Internet of things equipment
Technical Field
The invention relates to the technical field of industrial Internet of things, in particular to a system for guaranteeing credibility of industrial Internet of things equipment.
Background
Along with the development of informatization in the engineering construction field, the country puts forward relevant regulations on the platform, proposes an intelligent building site concept, and the construction of the intelligent building site relies on the technologies of the Internet of things, a mobile network, a BIM technology, big data, artificial intelligence and the like, so that the building site has a comprehensive perception function, data acquired by people, mechanical equipment, environment and the like are accurately acquired in real time, the data are analyzed and predicted, and a manager can be effectively assisted to make decisions, so that intelligent management is realized. The basis for achieving the purposes is that the credibility of the equipment is acquired, and the credibility of the acquired data can be ensured only if the credibility of the equipment is ensured.
Under the scene of industrial Internet of things, there is a universal demand for equipment credibility, and the following two schemes are mainly adopted.
The first is done using a TPM chip. In the general system design of the trusted device, a special Trusted Platform Module (TPM) is generally adopted, and the system ensures the safety of the device. The TPM is a microchip that is proposed by trusted computing organizations for measuring the integrity of computing platforms, designed as a stand-alone system on a chip with a separate CPU. The TPM may generally provide operations related to system security such as encryption, decryption, random number generation, hash computation, nonvolatile storage, and the like. In the scheme, the system is trusted based on the encryption chip, and the trusted system is built from hardware, an operating system and an application system, so that the requirements of the integrity, the authenticity and the privacy of the equipment can be met, but a special chip is required to be added in the equipment, the production cost is increased, the development difficulty is increased, and the equipment cannot be compatible with the existing equipment on the market.
The second, adopt the following scheme: 1. writing a private key file and a server public key into the equipment in an off-line manner; 2. collecting equipment information, realizing equipment registration through server-side service, verifying the validity of equipment by a server side, generating an equipment code after the verification is passed, and returning the equipment code to the equipment; 3. the device uses the device code and the private key to complete device data encryption and authentication. In this scheme, there are the following problems: 1. lack of device integrity verification, once information is illegally modified after registration, it cannot be detected; 2. lack of device authenticity verification, once a device program is illegally tampered, the device program cannot be detected; 3. the communication private key file and the device code are stored locally, and once the private key and the device code are leaked, whether the device terminal is a real device or is generated by using malicious program simulation cannot be detected.
In summary, the existing technology for guaranteeing the credibility of the equipment cannot coexist with reliability, cost and compatibility.
Disclosure of Invention
The invention aims to solve the problems in the prior art, and provides a system for guaranteeing the credibility of industrial Internet of things equipment, which can effectively guarantee the credibility of the industrial Internet of things equipment, and is lower in cost and better in compatibility.
The invention aims at realizing the following technical scheme:
the utility model provides a trusted guarantee system of industry thing networking equipment, based on REE, TEE system architecture, including locating REE end:
the hardware trusted module is used for extracting hardware characteristics of the equipment when the equipment runs, and calling the characteristic comparison module at the TEE end to compare hardware characteristic codes;
the driving trusted module reads a driving file in the driving loading process and invokes the characteristic comparison module to measure the integrity of the driving file;
the application trusted module is used for calling and analyzing the binary program of the application in the application loading process, and calling the characteristic comparison module to measure the integrity of the binary program;
locate the TEE end:
the hash algorithm module is used for calculating hash values of the hardware features, the driving file and the binary program;
the characteristic comparison module is used for comparing the new hash value calculated by the hash algorithm module with the original hash value of the same file in the file characteristic storage module and returning a comparison result;
and the file characteristic storage module is used for storing the original hash values of various files.
The invention is based on the trusted execution environment provided by ARM Trustzone technology, which realizes the isolation of REE (Rich Execution Environment, general execution environment) and TEE (Trusted Execution Environment ) inside a chip, and REE can not directly access the content of data in TEE and can only access interface service provided by TA (trusted application), thereby realizing the isolation of private data and key algorithm. Based on the architecture, the user can directly call the services of the REE end, namely the hardware trusted module, the driving trusted module and the application trusted module, and the data and the algorithm on which the function of the function modules depends are realized by the interface services provided by the trusted application of the TEE end, namely the hash algorithm module, the feature comparison module and the file feature comparison module. For the trusted detection of hardware, drivers and applications, the new hash value of the corresponding file information is calculated and compared with the stored original hash value, and if the new hash value is consistent with the stored original hash value, the corresponding file information is considered to be trusted; if the file information is inconsistent, the corresponding file information is considered to be tampered and not trusted.
Preferably, the REE end is further provided with a security module, and the driving trusted module and the application trusted module call the feature comparison module through the security module.
Preferably, in the present invention, the file feature storage module is provided with:
and the file characteristic updating unit updates the original corresponding hash value according to the updating code generated by the server and the hash value newly generated by the hash algorithm module.
Preferably, the driver trusted module adds a measurement calling function in an insmod program for loading the driver to call the feature comparison module to measure the integrity of the driver file.
Preferably, the application trusted module adds a hook function in the execution to call the feature comparison module to measure the integrity of the binary program before the binary program is loaded into the memory.
Preferably, if the binary program adopts static link, the integrity measurement is only carried out on the binary program; and if the binary program adopts dynamic link, carrying out integrity measurement on the binary program and a dynamic library called by the binary program.
Preferably, the user layer invokes the hardware trusted module, the driving trusted module and the application trusted module through the IMA module.
Preferably, the invention further comprises a security gateway for securely transmitting the data of the sensing device.
Preferably, the security gateway includes:
the network access module provides safe network access service for the equipment based on the IP technology and the equipment not based on the IP technology;
the equipment authentication module is used for detecting illegal tampering by acquiring the characteristic value of the service terminal;
the protocol data conversion module analyzes data of the business terminal to call related services, including read-write authentication block chain, read-write storage block chain system and distributed system node service;
the network message filtering and routing module provides safe network routing service for the business terminal;
the device management module is used for managing the device through the security gateway;
the block chain link point service module and the service terminal form an authentication block chain.
The invention has the advantages that:
1. the trust zone technology based on ARM is universal, so that the Internet of things equipment is reliable, the universality is higher, and the cost is lower;
2. when the equipment is started, detecting the hardware feature code of the equipment to ensure the credibility of the hardware information;
3. by adding a measurement calling function in the insmod driver loader, the integrity measurement of the driving file is realized, so that the driving credibility is ensured;
4. by reconstructing the exeve, the target application file is measured and detected before being loaded into the memory by using the hook function, so that the application credibility is ensured.
Drawings
Fig. 1 is a functional block diagram of a trusted assurance system for industrial internet of things equipment according to the present invention.
Detailed Description
The invention will be described in further detail with reference to the drawings and the detailed description.
The invention provides a trusted guarantee system for industrial Internet of things equipment, which generally adopts ARM chips, trustzone is defined by ARM authorities and provides a scheme of hardware design, which can provide protection and isolation of hardware resources at a chip level, is widely applied to the field of ARM mainstream chips at present, and a trusted execution environment based on ARM Trustzone technology is an isolation between REE (Trusted Execution Environment ) and TEE (Rich Execution Environment, general execution environment) in the chip, and the REE cannot directly access the content of data in the TEE and can only access interface services provided by TA (Trusted Application ), thereby realizing the isolation between privacy data and key algorithms.
Based on the architecture, as shown in fig. 1, the system mainly comprises a hardware trusted module, a driving trusted module and an application trusted module which are arranged at a REE (linux/android) end, and a hash algorithm module, a feature comparison module and a file feature storage module which are arranged at a TEE (OPTEE) end. The user layer can directly call the services of the hardware trusted module, the driving trusted module and the application trusted module, and the hardware trusted module, the driving trusted module and the application trusted module can realize the trusted detection function only by calling the interface service of the TEE end.
Specifically, the hardware trusted module is configured to extract hardware features of the device when the device is running, where the hardware features include CPU information, network information, memory information, and the like, and call services of the feature comparison module through an interface, where the feature comparison module calculates a hash value, that is, a hardware feature code, of the hardware features of the device through the hash algorithm module, and compares the hardware feature code with an original hardware feature code stored in the file feature storage module, and if the results are consistent, the hardware features of the device are considered to be unchanged, and the hardware is trusted; if the results are inconsistent, the hardware characteristics of the equipment are considered to be tampered, the hardware is not trusted, and related services are suspended. The first stored hardware feature code is written in when the equipment is produced, and if legal updating occurs later, the first stored hardware feature code is needed to be realized through a file feature updating unit in a file storage module.
The driving trusted module is used for reading a driving file in the process of loading the driving file into the kernel, the loading driving uses an insmod program, a measurement calling function is added into the insmod program, the measurement calling function is used for calling the service of the characteristic comparison module through an interface before loading is completed, the characteristic comparison module calculates the hash value of the driving file through the hash algorithm module, the obtained hash value is compared with the hash value of the original driving file stored in the file characteristic storage module, if the results are consistent, the driving file and the kernel are considered to be changed, and the driving is trusted; if the result is inconsistent, the drive file or the kernel is considered to be tampered, the drive is not trusted, and the related service is suspended. The hash value of the first stored drive file is written when the drive file is first loaded, and is generally completed in the production stage.
The application trusted module invokes and analyzes the binary program of the application in the loading process of the executable program of the application by reconstructing the exeve of the system and adding a hook function, before the application is loaded into a memory, the application trusted module invokes the service of the feature comparison module through an interface, the feature comparison module calculates the hash value of the binary program through the hash algorithm module, the obtained hash value is compared with the hash value of the original binary program stored in the file feature storage module, and if the results are consistent, the application is considered to be changed, namely the application trusted; if the results are inconsistent, the application is considered to be tampered, namely the application is not trusted, and the related service is suspended. If the binary program adopts a static link, the integrity measurement is only needed to be carried out on the binary program; if the binary program adopts dynamic link, the integrity measurement is needed to be carried out on the binary program and the dynamic library called by the binary program. The binary program hash stored for the first time is written in the process of first running of the application.
Furthermore, the driving trusted module and the application trusted module also need to call interface services of the TEE end through a security module (LSM), and call of a hook function can be inserted into different key points in the kernel code through the LSM, so that flexibility of integrity measurement is improved. The hardware trusted module does not need to call interface services of the TEE end through the LSM because the hardware trusted module does not involve kernel codes.
In addition, in order to simplify the operation, the process of calling the REE terminal service in the user layer is realized by using an IMA module of an integrity subsystem in a Linux kernel, and when a file object executes a specific kernel operation, the IMA module actively performs integrity check on the content of the file, so that the service of the REE terminal is called.
The hash algorithm arranged at the TEE end is used for calculating the hash values of hardware features, driving files and binary programs. The characteristic comparison module is used for comparing the new hash value calculated by the hash algorithm module with the original hash value of the same file in the file characteristic storage module and returning a comparison result. The file characteristic storage module is used for storing the original hash values of various files, wherein the original hash values comprise the hash values of the initial file information of the equipment and the hash values after the subsequent legal updating. The updating of the hash value needs to be performed by a file feature updating unit, which needs to acquire the updating authority according to the updating code generated by the server so as to replace and update the original hash.
The above-mentioned content is aimed at the credibility of the intelligent device, and the device further comprises a sensing device, such as a temperature sensor, a humidity sensor, a dust sensor, a noise sensor and the like, and the hardware generally adopts an mcu scheme, has no operating system or operates a simple real-time system, only has a simple data communication interface, such as RS232, RS485, bluetooth or WIFI, and has relatively poor expandability. Therefore, for such devices, the trustworthiness of the device cannot be guaranteed through the above scheme. Therefore, a security gateway is adopted to ensure the secure transmission of the data of the sensing device, so that the credibility of the sensing device is ensured. Of course, the security gateway can be used not only to transmit data of the sensing device, but also to provide services for the intelligent device. The security gateway mainly comprises the following functional units:
the network access module provides safe network access service for the equipment based on the IP technology and the equipment not based on the IP technology, and the service is basic and is not shown in the figure; wherein, the equipment based on the IP technology, such as face recognition equipment, uses an Ethernet interface for communication; and devices based on non-IP technology, such as various sensing devices, communication interfaces use RS485, bluetooth and the like.
And the equipment authentication module is used for providing services such as authentication, binding, configuration information and the like for the business terminal. The credibility of the service terminal is ensured mainly through authentication, authentication and binding. And meanwhile, detecting whether operations such as illegal tampering exist or not by acquiring the characteristic value of the service terminal. In addition, configuration information of the blockchain and the distributed system is also provided for the service terminal.
The protocol data conversion module is used for realizing the analysis and conversion of the service terminal network protocol; and analyzing the data of the service terminal, and calling related services, such as read-write authentication block chain, read-write storage block chain system, distributed system node service and the like after analyzing.
And the network message filtering and routing module provides network routing service for the business terminal, and provides an external network routing access function when the business terminal needs to provide basic network service and the access address is in a white list which allows access.
The device management module manages devices through the security gateway, for example, fault detection is performed on the service terminal;
the block chain link point service module and the service terminal form an authentication block chain. The function only supports intelligent equipment with stronger computing capacity, and does not support common sensing equipment.
The foregoing is merely a preferred embodiment of the present invention, which is based on one implementation of the overall concept of the present invention, and the scope of the present invention is not limited thereto, and any changes or substitutions easily contemplated by those skilled in the art within the technical scope of the present invention should be covered by the scope of the present invention. Therefore, the protection scope of the present invention should be subject to the protection scope of the claims.

Claims (9)

1. The utility model provides a guarantee system of industry thing networking equipment credibility, is based on REE, TEE system architecture, its characterized in that includes the support system who locates REE end:
the hardware trusted module is used for extracting hardware characteristics of the equipment when the equipment runs, and calling the characteristic comparison module at the TEE end to compare hardware characteristic codes;
the driving trusted module reads a driving file in the driving loading process and invokes the characteristic comparison module to measure the integrity of the driving file;
the application trusted module is used for calling and analyzing the binary program of the application in the application loading process, and calling the characteristic comparison module to measure the integrity of the binary program;
locate the TEE end:
the hash algorithm module is used for calculating hash values of the hardware features, the driving file and the binary program;
the characteristic comparison module is used for comparing the new hash value calculated by the hash algorithm module with the original hash value of the same file in the file characteristic storage module and returning a comparison result;
and the file characteristic storage module is used for storing the original hash values of various files.
2. The system for guaranteeing the credibility of industrial internet of things equipment according to claim 1, wherein the REE end is further provided with a safety module, and the driving credibility module and the application credibility module call the characteristic comparison module through the safety module.
3. The system for guaranteeing the credibility of industrial internet of things equipment according to claim 1, wherein the file feature storage module is provided with:
and the file characteristic updating unit updates the original corresponding hash value according to the updating code generated by the server and the hash value newly generated by the hash algorithm module.
4. The system for guaranteeing the credibility of industrial internet of things equipment according to claim 1, wherein the driver credibility module is used for calling the feature comparison module to measure the integrity of the driving file by adding a measurement calling function in an insmod program for loading a driver.
5. The system for guaranteeing the credibility of industrial internet of things equipment according to claim 1, wherein the application credibility module is used for calling the feature comparison module to measure the integrity of the binary program before the binary program is loaded into a memory by adding a hook function in an exeve.
6. The system for guaranteeing the credibility of industrial internet of things equipment according to claim 1, wherein if the binary program adopts a static link, the integrity measurement is only carried out on the binary program; and if the binary program adopts dynamic link, carrying out integrity measurement on the binary program and a dynamic library called by the binary program.
7. The system for guaranteeing the credibility of industrial internet of things equipment according to claim 1, wherein the user layer invokes the hardware credibility module, the driving credibility module and the application credibility module through an IMA module.
8. The system for guaranteeing trustworthiness of industrial internet of things equipment of claim 1, further comprising a security gateway for securely transmitting data of the sensing equipment.
9. The system for guaranteeing trustworthiness of industrial internet of things equipment of claim 8, wherein the security gateway comprises:
the network access module provides safe network access service for the equipment based on the IP technology and the equipment not based on the IP technology;
the equipment authentication module is used for detecting illegal tampering by acquiring the characteristic value of the service terminal;
the protocol data conversion module analyzes data of the business terminal to call related services, including read-write authentication block chain, read-write storage block chain system and distributed system node service;
the network message filtering and routing module provides safe network routing service for the business terminal;
the device management module is used for managing the device through the security gateway;
the block chain link point service module and the service terminal form an authentication block chain.
CN202211548260.3A 2022-12-05 2022-12-05 Guarantee system for credibility of industrial Internet of things equipment Pending CN116010932A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211548260.3A CN116010932A (en) 2022-12-05 2022-12-05 Guarantee system for credibility of industrial Internet of things equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211548260.3A CN116010932A (en) 2022-12-05 2022-12-05 Guarantee system for credibility of industrial Internet of things equipment

Publications (1)

Publication Number Publication Date
CN116010932A true CN116010932A (en) 2023-04-25

Family

ID=86036291

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211548260.3A Pending CN116010932A (en) 2022-12-05 2022-12-05 Guarantee system for credibility of industrial Internet of things equipment

Country Status (1)

Country Link
CN (1) CN116010932A (en)

Similar Documents

Publication Publication Date Title
CN102609662B (en) Anti-tamper location-based service
CN108399329B (en) Method for improving security of trusted application program
Saroiu et al. I am a sensor, and i approve this message
US8832461B2 (en) Trusted sensors
EP1182557A2 (en) Performance of a service on a computing platform
KR101276409B1 (en) System and method for n-ary locality in a security co-processor
CN104134021A (en) Software tamper-proofing verification method and software tamper-proofing verification device
US20100325040A1 (en) Device Authority for Authenticating a User of an Online Service
KR20090027578A (en) Method and apparatus for verifying digital data using trusted computing
CN101473335A (en) Information processing terminal and status notifying method
CN112861191B (en) Application program monitoring method and device
CN113569266B (en) Host remote monitoring method based on chip level privacy calculation
CN113221166A (en) Method and device for acquiring block chain data, electronic equipment and storage medium
CN113282946B (en) Information security method and system based on data access process in high-reliability environment
CN113111359A (en) Big data resource sharing method and resource sharing system based on information security
CN110647750A (en) File integrity measurement method and device, terminal and security management center
CN110969723B (en) Data management method, detection device, server, and computer-readable storage medium
Gallery et al. Trusted computing: Security and applications
CN107122664B (en) Safety protection method and device
CN113542191A (en) Block chain based data access and verification method and device
CN116010932A (en) Guarantee system for credibility of industrial Internet of things equipment
CN114006735B (en) Data protection method, device, computer equipment and storage medium
CN113364766B (en) APT attack detection method and device
CN116070191A (en) Information processing method and device, storage medium, and program product
CN113268737A (en) Environment security verification method, system and client

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination