CN117195205B - Trusted DCS upper computer program dynamic verification method, system, equipment and medium - Google Patents
Trusted DCS upper computer program dynamic verification method, system, equipment and medium Download PDFInfo
- Publication number
- CN117195205B CN117195205B CN202311462520.XA CN202311462520A CN117195205B CN 117195205 B CN117195205 B CN 117195205B CN 202311462520 A CN202311462520 A CN 202311462520A CN 117195205 B CN117195205 B CN 117195205B
- Authority
- CN
- China
- Prior art keywords
- dynamic
- trusted
- measurement
- trust
- areas
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 148
- 238000012795 verification Methods 0.000 title claims abstract description 38
- 238000004590 computer program Methods 0.000 title claims abstract description 35
- 238000005259 measurement Methods 0.000 claims abstract description 175
- 230000008569 process Effects 0.000 claims abstract description 119
- 238000003860 storage Methods 0.000 claims description 18
- 230000006870 function Effects 0.000 claims description 11
- 238000012545 processing Methods 0.000 claims description 6
- 230000008859 change Effects 0.000 claims description 4
- 230000002159 abnormal effect Effects 0.000 claims description 3
- 238000004540 process dynamic Methods 0.000 claims description 3
- 230000026676 system process Effects 0.000 description 7
- 238000004364 calculation method Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 230000000737 periodic effect Effects 0.000 description 2
- 230000009466 transformation Effects 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000004069 differentiation Effects 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
- 230000002787 reinforcement Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/02—Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]
Abstract
A method, a system, a device and a medium for dynamically verifying a trusted DCS upper computer program, wherein the method comprises the steps of formulating a dynamic measurement strategy corresponding to a node; setting a target process and a period of the trusted measurement of the DCS system, starting a dynamic measurement module, loading a dynamic measurement strategy corresponding to the node, and reading a process list needing to be added into the dynamic measurement module and the period of the trusted measurement; and carrying out the trust verification of the dynamic measurement module according to the process list and the trust measurement period, carrying out the dynamic trust measurement on the code areas of all the processes periodically through the dynamic trust measurement function under the condition that the dynamic measurement module is trusted, and carrying out assignment on the constant areas and the global variable areas of the processes as marks, continuing scanning the constant areas and the global variable areas after the dynamic trust measurement of the code areas is finished, and comparing whether the marks are changed or not, thereby judging whether the dynamic trust measurement results of the code areas are trusted or not. The invention can accurately and rapidly feed back the dynamic credible verification result.
Description
Technical Field
The invention belongs to the technical field of industrial control system safety, and particularly relates to a method, a system, equipment and a medium for dynamically verifying a trusted DCS upper computer program.
Background
Distributed control systems (abbreviated as "DCS systems") and their related derivatives have found wide application in the global power industry. Along with the deep integration of industrialization and informatization, a large amount of factory equipment and production data are continuously connected and converged, so that the originally closed and isolated control systems are gradually opened and interconnected. While the spanning of power production is developing, serious network security problems are brought about. At present, although the domestic DCS system starts to gradually advance autonomous controllable transformation, overhaul maintenance and upgrading transformation of equipment are limited by system manufacturers, and most manufacturers issue autonomous reinforcement risk statement and are not responsible for security events caused by unused network equipment of original factories. Therefore, the overall safety protection rate of the domestic DCS system is generally low. In order to improve the safety protection capability of an autonomous DCS system, it is necessary to design a trusted computing technology suitable for a DCS control scene.
In a thermal power plant industrial control system based on a trusted technology, all system programs need to be subjected to dynamic trusted verification regularly, so that the thermal power plant industrial control system is prevented from being tampered with by malicious software. Under different application scenarios, the program configured by each trusted node is different. Because of the differentiation of security levels, the trusted monitoring granularity of different nodes also needs to be customized. Due to the special safety requirements of the power plant, it is required to ensure that when a node is found to be tampered, the power plant owner can be notified quickly.
Disclosure of Invention
The invention aims to provide a dynamic verification method, a system, equipment and a medium for a trusted DCS upper computer program, aiming at the problems in the prior art, and the dynamic trusted verification result can be accurately and rapidly fed back.
In order to achieve the above purpose, the present invention has the following technical scheme:
in a first aspect, a method for dynamically verifying a trusted DCS host computer program is provided, comprising the steps of:
formulating a corresponding dynamic measurement strategy according to the security level of the area where the node is located and the role of the node;
setting a target process and a period of the trusted measurement of the DCS system, starting a dynamic measurement module, loading a dynamic measurement strategy corresponding to the node, and reading a process list needing to be added into the dynamic measurement module and the period of the trusted measurement;
and carrying out the trust verification of the dynamic measurement module according to the process list and the trust measurement period, carrying out the dynamic trust measurement on the code areas of all the processes periodically through the dynamic trust measurement function under the condition that the dynamic measurement module is trusted, and carrying out assignment on the constant areas and the global variable areas of the processes as marks, continuing scanning the constant areas and the global variable areas after the dynamic trust measurement of the code areas is finished, and comparing whether the marks are changed or not, thereby judging whether the dynamic trust measurement results of the code areas are trusted or not.
In the step of performing the trust verification of the dynamic measurement module according to the process list and the period of the trust measurement, the method generates a corresponding memory area according to the process list, and uses the platform security processor as the trust root of the dynamic measurement to perform the dynamic measurement on the dynamic measurement module.
As a preferable scheme, when the dynamic trust measurement is carried out on the code areas of all the processes, the memory address of each process and the first verification period information of the code areas are sent to a platform security processor for storage; and periodically sending the memory information of the code area of the process to a platform security processor through a trusted dynamic measurement module to carry out dynamic measurement and compare the memory information with a stored result, and judging whether the dynamic measurement result is trusted or not.
As a preferable scheme, in the step of assigning values as marks in the constant area and the global variable area of the process, a const constant with 6 byte lengths is set as the marks in the constant area of the process, and the constant value is 0xEB EB90; a global variable with the length of 6 bytes is also set in a global variable area of the process, and the variable value is 0xEB EB90EB90; after compiling, scanning the mark and the address and recording the mark and the address into a storage result;
and after the dynamic trusted measurement of the code area is finished, continuing to scan the constant area and the global variable area, and comparing whether the marks are changed or not, so that in the step of judging whether the dynamic trusted measurement result of the code area is trusted or not according to the change, comparing the marks obtained by scanning with the previously stored result, wherein the change comprises any one or more of assigned shift, loss and tampering.
In the step of judging whether the dynamic trusted measurement result of the code area is trusted, when the judgment results of the constant area and the global variable area are not trusted, trusted alarm information is generated, whether manual operation exists is confirmed on site, whether the on-site judgment is needed to switch the on-duty state of the untrusted on-duty to the alternative on-duty, and another alternative on-duty node is selected to be upgraded to the on-duty node.
In the step of verifying the trust of the dynamic measurement module, if the dynamic measurement module is not trusted, prohibiting the dynamic measurement module from performing dynamic trust measurement on a code area of a process, and outputting an alarm notification that the dynamic measurement module is not trusted; in the step of carrying out dynamic credibility measurement on the code areas of all the processes, under the condition that the code areas of the processes are not credible, generating credible alarm information; and switching the duty state of the untrusted process to the alternative duty, and selecting another alternative duty node to upgrade to the duty node.
As a preferable scheme, under the condition that a code area of a process is not trusted, generating prompt information, wherein the prompt information comprises a computer name, position information and an abnormal process name of an untrusted node corresponding to the process, printing the prompt information, and prompting an operator to perform related processing;
if the process is judged to be an untrusted process and is a very resident key process by the dynamic measurement module, setting the corresponding process to be in an automatic closing state; and if the corresponding process is in the automatic closing state, allowing the dynamic measurement module to forcibly close the corresponding process.
In a second aspect, a trusted DCS host computer program dynamic verification system is provided, comprising:
the dynamic measurement policy making module is used for making a corresponding dynamic measurement policy according to the security level of the area where the node is located and the role of the node;
the process dynamic measurement starting module is used for setting a target process and a period of the trusted measurement of the DCS system, starting the dynamic measurement module, loading a dynamic measurement strategy corresponding to the node, and reading a process list and a period of the trusted measurement which need to be added into the dynamic measurement module;
the dynamic credibility measuring module is used for carrying out credibility verification on the dynamic measurement module according to the process list and the credibility measuring period, under the condition that the dynamic measurement module is credible, the dynamic credibility measuring function is periodically used for carrying out dynamic credibility measurement on the code areas of all processes, the constant areas and the global variable areas of the processes are assigned as marks, after the dynamic credibility measurement of the code areas is finished, the constant areas and the global variable areas are continuously scanned, whether the marks are changed is compared, and accordingly whether the dynamic credibility measuring result of the code areas is credible is judged.
In a third aspect, there is provided an electronic device comprising:
a memory storing at least one instruction; and the processor executes the instructions stored in the memory to realize the dynamic verification method of the trusted DCS upper computer program.
In a fourth aspect, a computer readable storage medium is provided, where the computer readable storage medium stores a computer program, where the computer program when executed by a processor implements the trusted DCS upper computer program dynamic verification method.
Compared with the prior art, the invention has at least the following beneficial effects:
before dynamic measurement is deployed, a corresponding dynamic measurement strategy is formulated according to the security level of the area where the node is located and the role of the node, so that the key processes of the DCS system are ensured to be in a list of the dynamic measurement strategy. When the dynamic measurement module is started, loading a dynamic measurement strategy corresponding to a node, reading a process list needing to be added into a dynamic measurement process and a period of trusted measurement, generating a corresponding memory area according to the process list, and performing the trusted verification of the dynamic measurement module. And under the condition that the trust of the dynamic measurement module is determined, carrying out periodic trust measurement of the DCS application process based on the trust chain. The invention uses the code area, constant area and global variable area of the process to carry out multiple verification, and assigns values to the constant area and global variable area of the process as marks, and can ensure the safety of important variables on the basis of dynamic credibility verification of the measurement result of the code area by adding check points. The method and the system can reduce the interference of the trusted measurement on the daily operation and maintenance business to the greatest extent, and meet the deployment requirement of the power plant owners on the dynamic measurement.
Further, in the step of carrying out trusted measurement on all DCS system processes, under the condition that the DCS system processes are not trusted, the invention generates trusted alarm information; the on-duty state of the unreliable process is switched to the alternative on-duty, another alternative on-duty node is selected to be upgraded to the on-duty node, the requirement that the process of the system cannot be directly stopped due to the safety problem of the power plant unit is met, and under the condition that the process is not trusted, the influence of the unreliable process on the unit is limited through the modes of alarming and switching the main and the standby.
Furthermore, in the step of carrying out the trust verification of the dynamic measurement module according to the process list and the trust measurement period, the platform security processor is used as the trust root of the dynamic measurement to carry out the dynamic measurement on the dynamic measurement module, and the dynamic trust root of the hardware level is adopted to meet the requirements of the load trust calculation on the trust root, so that the security of the dynamic verification can be obviously improved, the information security of the thermal power unit is protected, and the influence on the thermal power unit is reduced.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed in the embodiments will be briefly described below, it being understood that the following drawings only illustrate some embodiments of the present invention, and that other related drawings can be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a dynamic verification method of a trusted DCS upper computer program in an embodiment of the invention;
FIG. 2 is a functional block diagram of dynamic trust metrics for process partitions in accordance with an embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, one of ordinary skill in the art may also obtain other embodiments without undue burden.
Referring to fig. 1, the method for dynamically verifying a trusted DCS upper computer program according to the embodiment of the invention includes the following steps:
s1, formulating a corresponding dynamic measurement strategy according to the security level of the area where the node is located and the role of the node;
s2, setting a trusted measurement target process and a trusted measurement period of the DCS, starting a dynamic measurement module, loading a dynamic measurement strategy corresponding to the node, and reading a process list needing to be added into the dynamic measurement module and the trusted measurement period;
s3, performing trust verification on the dynamic measurement module according to the process list and the trust measurement period, periodically performing dynamic trust measurement on code areas of all processes through the dynamic trust measurement function under the condition that the dynamic measurement module is trusted, assigning values to constant areas and global variable areas of the processes as marks, continuing scanning the constant areas and the global variable areas after the dynamic trust measurement of the code areas is finished, and comparing whether the marks are changed or not, thereby judging whether the dynamic trust measurement results of the code areas are trusted or not:
s31, when the dynamic measurement module is not trusted, the dynamic measurement module is prohibited from carrying out trusted measurement on the DCS system process, and an alarm notification that the dynamic measurement module is not trusted is output.
S32, under the condition that the dynamic measurement module is trusted, all DCS system processes are periodically subjected to trusted measurement through a dynamic trusted measurement function.
The step S32 of performing trusted measurement on all DCS system processes specifically includes:
the memory address of each process and the first verification period information of the code area are sent to a platform security processor for storage;
and periodically sending the memory information of the code area of the process to a platform security processor through a trusted dynamic measurement module to carry out dynamic measurement and compare the memory information with a stored result, and judging whether the dynamic measurement result is trusted or not.
S33, as shown in FIG. 2, according to the storage structure of the program, the memory area of the process can be divided into a code area, a constant area, a global data area, a heap area and a stack area. The code area is the area where the function body is located, and the hash value is required to be completely consistent when the measurement is carried out. The constant area stores const constant for inserting feature sequence for comparison. The global data area is used for inserting the characteristic sequences for comparison. In the program coding process, the embodiment of the invention sets a const constant with the length of 6 bytes in a constant area of a process, wherein the constant value is 0xEB EB90EB90 and is distributed at a position near the middle of a constant queue in sequence. Similarly, global variables with 6 byte lengths are set in the global variable area of the process, the variable value is 0xEB EB90EB90EB90, and the positions near the middle of the variable queue are distributed in sequence. In the whole program file, the constant and the global variable do not operate any more after being assigned, so that other variables are ensured not to be assigned as the feature sequence. After the program is compiled, the addresses of the constant area and the global variable area are confirmed and recorded into a storage result by scanning the memory area.
Further, after the dynamic measurement of the code area is finished, the constant area and the global variable area of the process are continuously scanned, the address position of the memory value of 0xEB EB90EB90EB90 is confirmed, the address position is compared with the previously stored result, whether the mark has the conditions of shift, loss, tampering and the like is confirmed, and whether the dynamic measurement result is credible is judged.
Under the condition that the judgment results of the constant area and the global variable area are not trusted, trusted alarm information is generated, a field operator confirms whether manual operations such as debug exist on the field, and the field operator judges whether the on-duty state of the untrusted on-duty is required to be switched to the alternative on-duty, and selects another alternative on-duty node to be upgraded to the on-duty node.
If step S32 judges that the current DCS system process is reliable, the process waits for the next period to return to the judgment.
And under the condition that the code area of the process is not trusted, generating trusted alarm information, switching the duty state of the untrusted process to the alternative duty, and selecting another alternative duty node to upgrade to the duty node.
Under the condition that a code area of a process is not trusted, generating prompt information, wherein the prompt information comprises a computer name, position information and an abnormal process name of an untrusted node corresponding to the process, printing the prompt information, and prompting an operator to perform related processing.
If the process is judged to be an untrusted process and is a very resident key process by the dynamic measurement module, setting the corresponding process to be in an automatic closing state; and if the corresponding process is in the automatic closing state, allowing the dynamic measurement module to forcibly close the corresponding process.
The embodiment of the invention is applied to dynamic trusted measurement of an upper computer DCS system, and firstly, when the dynamic measurement module is loaded, a platform security processor with a trusted root is used for carrying out the trusted measurement on the dynamic measurement module, so that the self-credibility of the dynamic measurement module is ensured; and secondly, under the condition that the trust of the dynamic measurement module is determined, carrying out periodic trust measurement of the DCS system application process based on a trust chain. The invention uses the code area, constant area and global variable area of the process to carry out multiple verification, and assigns values to the constant area and global variable area of the process as marks, and can ensure the safety of important variables on the basis of dynamic credibility verification of the measurement result of the code area by adding check points. Under the condition that the program is not trusted, the system process cannot be directly stopped due to the safety problem of the power plant unit, and the embodiment of the invention limits the influence of the untrusted process on the unit by means of alarming and switching the main and the standby. The embodiment of the invention has a hardware-level dynamic trusted root, and the load trust calculation requires the trusted root, so that the safety of dynamic verification can be obviously improved, the information safety of the thermal power unit is protected, and the influence on the thermal power unit is reduced.
The invention also provides a dynamic verification system for the trusted DCS upper computer program, which comprises:
the dynamic measurement policy making module is used for making a corresponding dynamic measurement policy according to the security level of the area where the node is located and the role of the node;
the process dynamic measurement starting module is used for setting a target process and a period of the trusted measurement of the DCS system, starting the dynamic measurement module, loading a dynamic measurement strategy corresponding to the node, and reading a process list and a period of the trusted measurement which need to be added into the dynamic measurement module;
the dynamic credibility measuring module is used for carrying out credibility verification on the dynamic measurement module according to the process list and the credibility measuring period, under the condition that the dynamic measurement module is credible, the dynamic credibility measuring function is periodically used for carrying out dynamic credibility measurement on the code areas of all processes, the constant areas and the global variable areas of the processes are assigned as marks, after the dynamic credibility measurement of the code areas is finished, the constant areas and the global variable areas are continuously scanned, whether the marks are changed is compared, and accordingly whether the dynamic credibility measuring result of the code areas is credible is judged.
Another embodiment of the present invention also proposes an electronic device, including: a memory storing at least one instruction; and the processor executes the instructions stored in the memory to realize the dynamic verification method of the trusted DCS upper computer program.
Another embodiment of the present invention further proposes a computer readable storage medium storing a computer program, which when executed by a processor implements the method for dynamically verifying a trusted DCS host computer program.
The instructions stored in the memory may be partitioned into one or more modules/units, which are stored in a computer-readable storage medium and executed by the processor to perform the trusted DCS-upper program dynamic verification method of the present invention, for example. The one or more modules/units may be a series of computer readable instruction segments capable of performing a specified function, which describes the execution of the computer program in a server.
The electronic equipment can be a smart phone, a notebook computer, a palm computer, a cloud server and other computing equipment. The electronic device may include, but is not limited to, a processor, a memory. Those skilled in the art will appreciate that the electronic device may also include more or fewer components, or may combine certain components, or different components, e.g., the electronic device may also include input and output devices, network access devices, buses, etc.
The processor may be a central processing unit (Central Processing Unit, CPU), but may also be other general purpose processors, digital signal processors (Digital Signal Processor, DSP), application specific integrated circuits (Application Specific Integrated Circuit, ASIC), off-the-shelf programmable gate arrays (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory may be an internal storage unit of the server, such as a hard disk or a memory of the server. The memory may also be an external storage device of the server, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash Card (Flash Card) or the like, which are provided on the server. Further, the memory may also include both an internal storage unit and an external storage device of the server. The memory is used to store the computer readable instructions and other programs and data required by the server. The memory may also be used to temporarily store data that has been output or is to be output.
It should be noted that, because the content of information interaction and execution process between the above module units is based on the same concept as the method embodiment, specific functions and technical effects thereof may be referred to in the method embodiment section, and details thereof are not repeated herein.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-described division of the functional units and modules is illustrated, and in practical application, the above-described functional distribution may be performed by different functional units and modules according to needs, i.e. the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-described functions. The functional units and modules in the embodiment may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit, where the integrated units may be implemented in a form of hardware or a form of a software functional unit. In addition, specific names of the functional units and modules are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present application. The specific working process of the units and modules in the above system may refer to the corresponding process in the foregoing method embodiment, which is not described herein again.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the present application implements all or part of the flow of the method of the above embodiments, and may be implemented by a computer program to instruct related hardware, where the computer program may be stored in a computer readable storage medium, where the computer program, when executed by a processor, may implement the steps of each of the method embodiments described above. Wherein the computer program comprises computer program code which may be in source code form, object code form, executable file or some intermediate form etc. The computer readable medium may include at least: any entity or device capable of carrying computer program code to a photographing device/terminal apparatus, recording medium, computer Memory, read-Only Memory (ROM), random access Memory (RAM, random Access Memory), electrical carrier signals, telecommunications signals, and software distribution media. Such as a U-disk, removable hard disk, magnetic or optical disk, etc.
In the foregoing embodiments, the descriptions of the embodiments are emphasized, and in part, not described or illustrated in any particular embodiment, reference is made to the related descriptions of other embodiments.
The above embodiments are only for illustrating the technical solution of the present application, and are not limiting; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present application, and are intended to be included in the scope of the present application.
Claims (9)
1. The dynamic verification method of the trusted DCS upper computer program is characterized by comprising the following steps of:
formulating a corresponding dynamic measurement strategy according to the security level of the area where the node is located and the role of the node;
setting a target process and a period of the trusted measurement of the DCS system, starting a dynamic measurement module, loading a dynamic measurement strategy corresponding to the node, and reading a process list needing to be added into the dynamic measurement module and the period of the trusted measurement;
performing trust verification on the dynamic measurement module according to the process list and the trust measurement period, periodically performing dynamic trust measurement on code areas of all processes through a dynamic trust measurement function under the condition that the dynamic measurement module is trusted, assigning values to constant areas and global variable areas of the processes as marks, continuing scanning the constant areas and the global variable areas after the dynamic trust measurement of the code areas is finished, and comparing whether the marks are changed or not, thereby judging whether the dynamic trust measurement results of the code areas are trusted or not;
in the step of performing the trust verification of the dynamic measurement module according to the process list and the trust measurement period, a corresponding memory area is generated according to the process list, and the dynamic measurement module is dynamically measured by using the platform security processor as a trust root of the dynamic measurement.
2. The method for dynamically verifying the trusted DCS upper computer program according to claim 1, wherein when the dynamic trusted measurement is performed on the code regions of all the processes, the memory address of each process and the first verification period information of the code regions are sent to the platform security processor for storage; and periodically sending the memory information of the code area of the process to a platform security processor through a trusted dynamic measurement module to carry out dynamic measurement and compare the memory information with a stored result, and judging whether the dynamic measurement result is trusted or not.
3. The method for dynamically verifying the trusted DCS upper computer program according to claim 1, wherein in the step of assigning values to the constant area and the global variable area of the process as the marks, a const constant of 6 bytes in length is set to the constant area of the process as the mark, and the constant value is 0xEB EB90; a global variable with the length of 6 bytes is also set in a global variable area of the process, and the variable value is 0xEB EB90EB90; after compiling, scanning the mark and the address and recording the mark and the address into a storage result;
and after the dynamic trusted measurement of the code area is finished, continuing to scan the constant area and the global variable area, and comparing whether the marks are changed or not, so that in the step of judging whether the dynamic trusted measurement result of the code area is trusted or not according to the change, comparing the marks obtained by scanning with the previously stored result, wherein the change comprises any one or more of assigned shift, loss and tampering.
4. The method for dynamically verifying a trusted DCS host computer program according to claim 3, wherein in the step of determining whether the dynamic trusted measurement result of the code region is trusted, if the determination result of the constant region and the global variable region is not trusted, trusted alarm information is generated, and whether there is a manual operation is confirmed on site, and whether the on-site determination is required to switch the on-duty state of the untrusted process to an alternative on-duty node is performed, and another alternative on-duty node is selected to be updated to the on-duty node.
5. The method for dynamically verifying a trusted DCS host computer program according to claim 1, wherein in said step of verifying the trust of the dynamic measurement module, if the dynamic measurement module is not trusted, the dynamic measurement module is prohibited from performing dynamic trusted measurement on the code region of the process, and an alarm notification that the dynamic measurement module is not trusted is output; in the step of carrying out dynamic credibility measurement on the code areas of all the processes, under the condition that the code areas of the processes are not credible, generating credible alarm information; and switching the duty state of the untrusted process to the alternative duty, and selecting another alternative duty node to upgrade to the duty node.
6. The method for dynamically verifying the trusted DCS upper computer program according to claim 1, wherein when a code area of a process is not trusted, prompt information is generated, the prompt information comprises a computer name, position information and an abnormal process name of an untrusted node corresponding to the process, the prompt information is printed, and an operator is prompted to perform related processing;
if the process is judged to be an untrusted process and is a very resident key process by the dynamic measurement module, setting the corresponding process to be in an automatic closing state; and if the corresponding process is in the automatic closing state, allowing the dynamic measurement module to forcibly close the corresponding process.
7. A trusted DCS host computer program dynamic verification system comprising:
the dynamic measurement policy making module is used for making a corresponding dynamic measurement policy according to the security level of the area where the node is located and the role of the node;
the process dynamic measurement starting module is used for setting a target process and a period of the trusted measurement of the DCS system, starting the dynamic measurement module, loading a dynamic measurement strategy corresponding to the node, and reading a process list and a period of the trusted measurement which need to be added into the dynamic measurement module;
the dynamic credibility measuring module is used for carrying out credibility verification of the dynamic measurement module according to the process list and the credibility measuring period, under the condition that the dynamic measurement module is credible, the dynamic credibility measuring function is periodically used for carrying out dynamic credibility measurement on code areas of all processes, the constant areas and the global variable areas of the processes are assigned as marks, after the dynamic credibility measurement of the code areas is finished, the constant areas and the global variable areas are continuously scanned, whether the marks are changed is compared, and accordingly whether the dynamic credibility measuring result of the code areas is credible is judged;
in the step of performing the trust verification of the dynamic measurement module according to the process list and the trust measurement period, a corresponding memory area is generated according to the process list, and the dynamic measurement module is dynamically measured by using the platform security processor as a trust root of the dynamic measurement.
8. An electronic device, comprising:
a memory storing at least one instruction; and a processor executing instructions stored in the memory to implement the trusted DCS upper computer program dynamic verification method of any one of claims 1 to 6.
9. A computer readable storage medium storing a computer program, characterized in that the computer program when executed by a processor implements the trusted DCS upper computer program dynamic verification method of any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311462520.XA CN117195205B (en) | 2023-11-06 | 2023-11-06 | Trusted DCS upper computer program dynamic verification method, system, equipment and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311462520.XA CN117195205B (en) | 2023-11-06 | 2023-11-06 | Trusted DCS upper computer program dynamic verification method, system, equipment and medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117195205A CN117195205A (en) | 2023-12-08 |
| CN117195205B true CN117195205B (en) | 2024-01-26 |
Family
ID=88990941
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311462520.XA Active CN117195205B (en) | 2023-11-06 | 2023-11-06 | Trusted DCS upper computer program dynamic verification method, system, equipment and medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117195205B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102436566A (en) * | 2012-01-12 | 2012-05-02 | 冶金自动化研究设计院 | Dynamic trusted measurement method and safe embedded system |
| CN107679393A (en) * | 2017-09-12 | 2018-02-09 | 中国科学院软件研究所 | Android integrity verification methods and device based on credible performing environment |
| CN111177708A (en) * | 2019-12-30 | 2020-05-19 | 山东超越数控电子股份有限公司 | PLC credibility measuring method, system and measuring device based on TCM chip |
| CN111967016A (en) * | 2020-07-28 | 2020-11-20 | 中国长城科技集团股份有限公司 | Dynamic monitoring method of baseboard management controller and baseboard management controller |
| CN112162782A (en) * | 2020-09-24 | 2021-01-01 | 北京八分量信息科技有限公司 | Method, device and related product for determining credible state of application program based on credible root dynamic measurement |
| CN113626772A (en) * | 2021-09-03 | 2021-11-09 | 大唐高鸿信安(浙江)信息科技有限公司 | Dynamic credibility measurement method, device, system and terminal of process |
| CN113868666A (en) * | 2021-09-29 | 2021-12-31 | 大唐高鸿信安(浙江)信息科技有限公司 | Dynamic credibility verification method, device and equipment for process |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7380276B2 (en) * | 2004-05-20 | 2008-05-27 | Intel Corporation | Processor extensions and software verification to support type-safe language environments running with untrusted code |
| US10964433B2 (en) * | 2018-05-22 | 2021-03-30 | International Business Machines Corporation | Assessing a medical procedure based on a measure of trust dynamics |
| US10657025B2 (en) * | 2018-10-18 | 2020-05-19 | Denso International America, Inc. | Systems and methods for dynamically identifying data arguments and instrumenting source code |
-
2023
- 2023-11-06 CN CN202311462520.XA patent/CN117195205B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102436566A (en) * | 2012-01-12 | 2012-05-02 | 冶金自动化研究设计院 | Dynamic trusted measurement method and safe embedded system |
| CN107679393A (en) * | 2017-09-12 | 2018-02-09 | 中国科学院软件研究所 | Android integrity verification methods and device based on credible performing environment |
| CN111177708A (en) * | 2019-12-30 | 2020-05-19 | 山东超越数控电子股份有限公司 | PLC credibility measuring method, system and measuring device based on TCM chip |
| CN111967016A (en) * | 2020-07-28 | 2020-11-20 | 中国长城科技集团股份有限公司 | Dynamic monitoring method of baseboard management controller and baseboard management controller |
| CN112162782A (en) * | 2020-09-24 | 2021-01-01 | 北京八分量信息科技有限公司 | Method, device and related product for determining credible state of application program based on credible root dynamic measurement |
| CN113626772A (en) * | 2021-09-03 | 2021-11-09 | 大唐高鸿信安(浙江)信息科技有限公司 | Dynamic credibility measurement method, device, system and terminal of process |
| CN113868666A (en) * | 2021-09-29 | 2021-12-31 | 大唐高鸿信安(浙江)信息科技有限公司 | Dynamic credibility verification method, device and equipment for process |
Non-Patent Citations (2)
| Title |
|---|
| Measure of trust among strategic partners within supply chain system operating framework;Yin Lisong 等;《Computer Engineering and Applications》;第48卷(第7期);第242-245页 * |
| 进程可信验证关键技术研究与实现;陶务升;《中国优秀硕士学位论文全文数据库 信息科技辑》(第11期);第I139-125页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117195205A (en) | 2023-12-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106775716B (en) | Trusted PLC (programmable logic controller) starting method based on measurement mechanism | |
| US10310992B1 (en) | Mitigation of cyber attacks by pointer obfuscation | |
| CN102708013B (en) | For equipment, signature blocks and method that the instruction stream of program statement control controls | |
| US20200089915A1 (en) | Method and apparatus for tamper-proof storage of information in respect of object-related measures | |
| US10268845B2 (en) | Securing of the loading of data into a nonvolatile memory of a secure element | |
| CN110222535B (en) | Processing device, method and storage medium for block chain configuration file | |
| CN104573497A (en) | Processing method and device for starting items | |
| CN111897711A (en) | Method and device for positioning bug in code, electronic equipment and readable storage medium | |
| CN117195205B (en) | Trusted DCS upper computer program dynamic verification method, system, equipment and medium | |
| CN108255735A (en) | Associated environment test method, electronic device and computer readable storage medium | |
| CN111967016B (en) | Dynamic monitoring method of baseboard management controller and baseboard management controller | |
| CN117216758B (en) | Application security detection system and method | |
| CN111125721B (en) | Control method for starting process, computer equipment and readable storage medium | |
| CN113468276A (en) | Trusted data acquisition method and device of on-chain prediction machine and electronic equipment | |
| CN111552989A (en) | Service data processing method, device, equipment and storage medium based on block chain | |
| US20220012233A1 (en) | Creation of a Blockchain with Blocks Comprising an Adjustable Number of Transaction Blocks and Multiple Intermediate Blocks | |
| CN111046377A (en) | Method and device for loading dynamic link library, electronic equipment and storage medium | |
| CN115481434A (en) | Private data protection method, device, equipment and storage medium of cloud platform | |
| CN112887674A (en) | Video monitoring system | |
| CN112783705A (en) | Test method, device, system, chip and electronic equipment | |
| CN112241533A (en) | Method and system for providing safety information of application container for industrial boundary equipment | |
| CN111309978A (en) | Transformer substation system safety protection method and device, computer equipment and storage medium | |
| CN117521087B (en) | Equipment risk behavior detection method, system and storage medium | |
| CN115981877B (en) | Data security operation method, device, server and medium of data center | |
| CN115829337B (en) | Storage area risk early warning method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |