CN117195240B - Trusted DCS upper computer data configuration verification and release method and system - Google Patents
Trusted DCS upper computer data configuration verification and release method and system Download PDFInfo
- Publication number
- CN117195240B CN117195240B CN202311448083.6A CN202311448083A CN117195240B CN 117195240 B CN117195240 B CN 117195240B CN 202311448083 A CN202311448083 A CN 202311448083A CN 117195240 B CN117195240 B CN 117195240B
- Authority
- CN
- China
- Prior art keywords
- verification
- release
- data
- trusted
- configuration
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000012795 verification Methods 0.000 title claims abstract description 104
- 238000000034 method Methods 0.000 title claims abstract description 39
- 238000005259 measurement Methods 0.000 claims abstract description 75
- 238000004364 calculation method Methods 0.000 claims abstract description 21
- 238000005192 partition Methods 0.000 claims description 27
- 238000013524 data verification Methods 0.000 claims description 19
- 238000004590 computer program Methods 0.000 description 7
- 238000010586 diagram Methods 0.000 description 7
- 230000006870 function Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 238000003860 storage Methods 0.000 description 3
- 230000006399 behavior Effects 0.000 description 2
- 238000009826 distribution Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004422 calculation algorithm Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/02—Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]
Landscapes
- Storage Device Security (AREA)
Abstract
The invention relates to the technical field of industrial automation, and discloses a method and a system for verifying and publishing data configuration of a trusted DCS upper computer, wherein the data configuration is stored in a logic cache, and the data configuration is published in a physical library for accessing data by the upper computer after the data configuration is verified; the method specifically comprises the following steps: identifying the current user identity, and ending release if the identity identification fails; if the identification is successful, carrying out SHA operation by using the ID of the current user data configuration release event to obtain a trusted measurement calculation value; referring to the trusted measurement hash table by using the key words of the ID of the current user data configuration release event, comparing the reference measurement value in the trusted measurement hash table with the trusted measurement calculation value, and if the reference measurement value is inconsistent with the trusted measurement calculation value, judging that the current user data configuration release event is invalid, and ending release; if the verification results are consistent, verifying the validity of the group configuration, and if the verification results are failed, ending the release; if the verification is successful, the data configuration in the logic cache is released to the physical library, and the release is finished.
Description
Technical Field
The invention relates to the technical field of industrial automation, in particular to a method and a system for verifying and issuing data configuration of a trusted DCS (distributed control system) upper computer.
Background
The Distributed Control System (DCS) upper computer database is a system operation basis and performs frequent data interaction with other data interfaces of the upper computer, so that the integrity and the effectiveness of the distributed control system are particularly important, and the data configuration in the common distributed control system is directly filled into the upper computer database, so that the problems of insufficient data effectiveness and integrity can exist. Meanwhile, with the development of informatization of the power system, aiming at the endless malicious threat of the power system, how to effectively improve the safety protection capability of the system is a problem to be solved.
Disclosure of Invention
The invention aims to provide a trusted DCS (distributed control system) upper computer data configuration verification and release method and system, which are used for overcoming the defects of the prior art.
In order to achieve the above purpose, the invention adopts the following technical scheme:
the method for verifying and releasing the data configuration of the upper computer of the trusted DCS comprises the steps of storing the data configuration in a logic cache, and releasing the data configuration in a physical library for accessing data by the upper computer after the data configuration is verified by the trusted DCS;
the trusted verification is issued to a host computer in a physical library to access data, and the method specifically comprises the following steps of:
S1: identifying the current user identity, and ending release if the identity identification fails; if the identity recognition is successful, S2 is executed;
s2: carrying out SHA operation by using the ID of the current user data configuration release event to obtain a trusted measurement calculation value; referring to the trusted measurement hash table by using the key words of the ID of the current user data configuration release event, comparing the reference measurement value in the trusted measurement hash table with the trusted measurement calculation value, and if the reference measurement value is inconsistent with the trusted measurement calculation value, judging that the current user data configuration release event is invalid, and ending release; if so, executing S3;
s3: verifying the validity of the array configuration, and ending release if the verification fails; if the verification is successful, S4 is executed;
S4: and (5) publishing the data configuration in the logic cache to the physical library, and ending the publishing.
Further, the data configuration includes: station configuration, device information, station group information and station information.
Further, the step S3 specifically includes the following steps:
s31: traversing the station configuration list in the logic cache, and carrying out station configuration verification one by one, wherein the method comprises the following steps:
(a) Traversing a device information list corresponding to the current station configuration, recording the device IP, and verifying the measuring point group information and the corresponding measuring point information under the current device, wherein the verification content comprises: the validity of the measurement point name, the rationality of the remote control measurement point opening and closing rule and the rationality of the measurement point threshold value, if the verification unreasonable item exists in the verification content, the verification unreasonable item is stored into the data verification report;
(b) After the traversing of the device information list is completed, if the device IP is repeated, the device IP is regarded as an unreasonable verification item, and the unreasonable verification item is stored into a data verification report;
S32: if the data verification report has a verification unreasonable item, the release fails; otherwise, S4 is performed.
Further, the step S4 specifically includes the following steps:
S41: performing trusted verification and integrity measurement on the physical library and the logic cache, and if the physical library or the logic cache is tampered or destroyed, sending a trusted verification failure report, and ending the release; otherwise, S42 is performed;
S42: comparing the physical library file with the logic cache file, if the comparison result of the data partition in the file is inconsistent, carrying out library loading operation on the partition which is changed or added, and loading the logic cache data in the partition which is changed or added into the physical library; if the data partition comparison results are consistent, the data of the two libraries are consistent and no update exists, and the library loading operation is not performed.
The trusted DCS upper computer data configuration verification and release system stores the data configuration in a logic cache, and releases the data configuration in a physical library for accessing data by an upper computer after the data configuration is verified by the trusted DCS upper computer data configuration verification and release system;
the system specifically comprises an identity recognition module, a comparison module, a verification module and a release module, wherein:
An identity recognition module: the method is used for identifying the current user identity, and if the identity identification fails, the release is ended; if the identity identification is successful, entering a comparison module;
and a comparison module: performing SHA operation on the ID of the release event according to the current user data configuration to obtain a trusted measurement calculation value; referring to the trusted measurement hash table by using the key words of the ID of the current user data configuration release event, comparing the reference measurement value in the trusted measurement hash table with the trusted measurement calculation value, and if the reference measurement value is inconsistent with the trusted measurement calculation value, judging that the current user data configuration release event is invalid, and ending release; if the two types of data are consistent, entering a verification module;
And (3) a verification module: the method comprises the steps of verifying the validity of an array configuration, and ending release if the verification fails; if the verification is successful, entering a release module;
and the release module is used for: and the method is used for publishing the data configuration in the logic cache to the physical library, and the publishing is finished.
Further, the data configuration includes: station configuration, device information, station group information and station information.
Further, the verification module specifically includes the following steps:
s31: traversing the station configuration list in the logic cache, and carrying out station configuration verification one by one, wherein the method comprises the following steps:
(a) Traversing a device information list corresponding to the current station configuration, recording the device IP, and verifying the measuring point group information and the corresponding measuring point information under the current device, wherein the verification content comprises: the validity of the measurement point name, the rationality of the remote control measurement point opening and closing rule and the rationality of the measurement point threshold value, if the verification unreasonable item exists in the verification content, the verification unreasonable item is stored into the data verification report;
(b) After the traversing of the device information list is completed, if the device IP is repeated, the device IP is regarded as an unreasonable verification item, and the unreasonable verification item is stored into a data verification report;
S32: if the data verification report has a verification unreasonable item, the release fails; otherwise, entering a release module.
Further, the publishing module specifically includes the following steps:
S41: performing trusted verification and integrity measurement on the physical library and the logic cache, and if the physical library or the logic cache is tampered or destroyed, sending a trusted verification failure report, and ending the release; otherwise, S42 is performed;
S42: comparing the physical library file with the logic cache file, if the comparison result of the data partition in the file is inconsistent, carrying out library loading operation on the partition which is changed or added, and loading the logic cache data in the partition which is changed or added into the physical library; if the data partition comparison results are consistent, the data of the two libraries are consistent and no update exists, and the library loading operation is not performed.
Compared with the prior art, the invention has the following beneficial technical effects:
The invention adopts the logic cache partition to store the user data configuration, and the user data configuration is filled into the physical library after data verification and credibility verification, so that the data integrity and the effectiveness of the upper computer physical library are ensured; meanwhile, the credibility verification is carried out on the system behaviors such as data configuration release and database loading, so that the credibility of the behavior of a host and a guest and the system data are guaranteed not to be tampered or destroyed maliciously, in addition, when the data are loaded to a physical library through a logic cache, a partition loading mode is adopted, only the partition is changed or added, and the data loading efficiency is guaranteed.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the invention.
FIG. 1 is a flow chart of a trusted DCS host computer data configuration verification and release method in accordance with an embodiment of the present invention;
FIG. 2 is a block diagram of a trusted DCS host computer data configuration verification and distribution system in accordance with a second embodiment of the present invention.
Detailed Description
The invention will be described in further detail with reference to the accompanying drawings and specific examples.
In order that those skilled in the art will better understand the present invention, a technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present invention without making any inventive effort, shall fall within the scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present invention and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the invention described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Example 1
Referring to fig. 1, the invention provides a trusted DCS upper computer data configuration verification and distribution method, wherein a data configuration is firstly stored in a logic cache, and is distributed in a physical library to access data after being trusted verification, so as to ensure the integrity and validity of the data configuration, and the data configuration comprises: station configuration, device information, station group information and station information.
The trusted verification is issued to a host computer in a physical library to access data, and the method specifically comprises the following steps of:
S1: identifying the current user identity, and ending release if the identity identification fails; if the identity recognition is successful, S2 is executed;
S2: carrying out SHA (secure hash algorithm) operation by using the ID (identity number) of the current user data configuration release event to obtain a trusted measurement calculation value; referring to the trusted measurement hash table by using the key words of the ID of the current user data configuration release event, comparing the reference measurement value in the trusted measurement hash table with the trusted measurement calculation value, and if the reference measurement value is inconsistent with the trusted measurement calculation value, judging that the current user data configuration release event is invalid, and ending release; if so, executing S3;
s3: verifying the validity of the array configuration, and ending release if the verification fails; if the verification is successful, S4 is executed;
The method specifically comprises the following steps:
s31: traversing the station configuration list in the logic cache, and carrying out station configuration verification one by one, wherein the method comprises the following steps:
(a) Traversing a device information list corresponding to the current station configuration, recording a device IP (Internet protocol), and verifying the measurement point group information and the corresponding measurement point information under the current device, wherein the verification content comprises: the validity of the measurement point name, the rationality of the remote control measurement point opening and closing rule and the rationality of the measurement point threshold value, if the verification unreasonable item exists in the verification content, the verification unreasonable item is stored into the data verification report;
(b) After the traversing of the device information list is completed, if the device IP is repeated, the device IP is regarded as an unreasonable verification item, and the unreasonable verification item is stored into a data verification report;
S32: if the data verification report has a verification unreasonable item, the release fails; otherwise, S4 is performed.
S4: the data configuration in the logic cache is released to the physical library, and release is finished;
The method specifically comprises the following steps:
S41: performing trusted verification and integrity measurement on the physical library and the logic cache, and if the physical library or the logic cache is tampered or destroyed, sending a trusted verification failure report, and ending the release; otherwise, S42 is performed;
S42: comparing the physical library file with the logic cache file, if the comparison result of the data partition in the file is inconsistent, carrying out library loading operation on the partition which is changed or added, and loading the logic cache data in the partition which is changed or added into the physical library; if the data partition comparison results are consistent, the data of the two libraries are consistent and no update exists, and the library loading operation is not performed.
Example two
Referring to fig. 2, the invention further provides a trusted DCS host computer data configuration verification and release system, which stores the data configuration in a logic cache, and releases the data configuration in a physical library for host computer access after trusted verification; the data configuration includes: station configuration, device information, station group information and station information.
The system specifically comprises an identity recognition module, a comparison module, a verification module and a release module, wherein:
An identity recognition module: the method is used for identifying the current user identity, and if the identity identification fails, the release is ended; if the identity identification is successful, entering a comparison module;
and a comparison module: performing SHA operation on the ID of the release event according to the current user data configuration to obtain a trusted measurement calculation value; referring to the trusted measurement hash table by using the key words of the ID of the current user data configuration release event, comparing the reference measurement value in the trusted measurement hash table with the trusted measurement calculation value, and if the reference measurement value is inconsistent with the trusted measurement calculation value, judging that the current user data configuration release event is invalid, and ending release; if the two types of data are consistent, entering a verification module;
And (3) a verification module: the method comprises the steps of verifying the validity of an array configuration, and ending release if the verification fails; if the verification is successful, entering a release module;
The method specifically comprises the following steps:
s31: traversing the station configuration list in the logic cache, and carrying out station configuration verification one by one, wherein the method comprises the following steps:
(a) Traversing a device information list corresponding to the current station configuration, recording the device IP, and verifying the measuring point group information and the corresponding measuring point information under the current device, wherein the verification content comprises: the validity of the measurement point name, the rationality of the remote control measurement point opening and closing rule and the rationality of the measurement point threshold value, if the verification unreasonable item exists in the verification content, the verification unreasonable item is stored into the data verification report;
(b) And after the traversing of the device information list is completed, if the device IP is repeated, the device IP is considered as an unreasonable verification item. Storing the unreasonable verification items into a data verification report;
S32: if the data verification report has a verification unreasonable item, the release fails; otherwise, entering a release module.
And the release module is used for: the method comprises the steps of publishing data configuration in a logic cache to a physical library, and ending the publishing;
The method specifically comprises the following steps:
S41: performing trusted verification and integrity measurement on the physical library and the logic cache, and if the physical library or the logic cache is tampered or destroyed, sending a trusted verification failure report, and ending the release; otherwise, S42 is performed;
S42: comparing the physical library file with the logic cache file, if the comparison result of the data partition in the file is inconsistent, carrying out library loading operation on the partition which is changed or added, and loading the logic cache data in the partition which is changed or added into the physical library; if the data partition comparison results are consistent, the data of the two libraries are consistent and no update exists, and the library loading operation is not performed.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
Finally, it should be noted that: the foregoing embodiments are merely for illustrating the technical aspects of the present invention and not for limiting the scope thereof, and although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those skilled in the art that various changes, modifications or equivalents may be made to the specific embodiments of the present invention after reading the present invention, and these changes, modifications or equivalents are within the scope of the invention as defined in the appended claims.
Claims (2)
1. The method for verifying and releasing the data configuration of the trusted DCS upper computer is characterized in that the data configuration is stored in a logic cache, and the data configuration comprises the following steps: the factory station configuration, the device information, the measuring point group information and the measuring point information are issued to a host computer in a physical library to access data after trusted verification;
the trusted verification is issued to a host computer in a physical library to access data, and the method specifically comprises the following steps of:
S1: identifying the current user identity, and ending release if the identity identification fails; if the identity recognition is successful, S2 is executed;
S2: performing SHAI operation on the ID of the current user data configuration release event to obtain a trusted measurement calculation value; referring to the trusted measurement hash table by using the key words of the ID of the current user data configuration release event, comparing the reference measurement value in the trusted measurement hash table with the trusted measurement calculation value, and if the reference measurement value is inconsistent with the trusted measurement calculation value, judging that the current user data configuration release event is invalid, and ending release; if so, executing S3;
s3: verifying the validity of the array configuration, and ending release if the verification fails; if the verification is successful, S4 is executed;
s31: traversing the station configuration list in the logic cache, and carrying out station configuration verification one by one, wherein the method comprises the following steps:
(a) Traversing a device information list corresponding to the current station configuration, recording the device IP, and verifying the measuring point group information and the corresponding measuring point information under the current device, wherein the verification content comprises: the validity of the measurement point name, the rationality of the remote control measurement point opening and closing rule and the rationality of the measurement point threshold value, if the verification unreasonable item exists in the verification content, the verification unreasonable item is stored into the data verification report;
(b) After the traversing of the device information list is completed, if the device IP is repeated, the device IP is regarded as an unreasonable verification item, and the unreasonable verification item is stored into a data verification report;
s32: if the data verification report has a verification unreasonable item, the release fails; otherwise, executing S4;
S4: the data configuration in the logic cache is released to the physical library, and release is finished;
S41: performing trusted verification and integrity measurement on the physical library and the logic cache, and if the physical library or the logic cache is tampered or destroyed, sending a trusted verification failure report, and ending the release; otherwise, S42 is performed;
S42: comparing the physical library file with the logic cache file, if the comparison result of the data partition in the file is inconsistent, carrying out library loading operation on the partition which is changed or added, and loading the logic cache data in the partition which is changed or added into the physical library; if the data partition comparison results are consistent, the data of the two libraries are consistent and no update exists, and the library loading operation is not performed.
2. The trusted DCS upper computer data configuration verification and release system is characterized in that the data configuration is stored in a logic cache, and the data configuration comprises: the factory station configuration, the device information, the measuring point group information and the measuring point information are formally released in a physical library to access data by a host computer after credible verification;
the system specifically comprises an identity recognition module, a comparison module, a verification module and a release module, wherein:
An identity recognition module: the method is used for identifying the current user identity, and if the identity identification fails, the release is ended; if the identity identification is successful, entering a comparison module;
And a comparison module: performing SHAI operation on the ID of the release event according to the current user data configuration to obtain a trusted measurement calculation value; referring to the trusted measurement hash table by using the key words of the ID of the current user data configuration release event, comparing the reference measurement value in the trusted measurement hash table with the trusted measurement calculation value, and if the reference measurement value is inconsistent with the trusted measurement calculation value, judging that the current user data configuration release event is invalid, and ending release; if the two types of data are consistent, entering a verification module;
And (3) a verification module: the method comprises the steps of verifying the validity of an array configuration, and ending release if the verification fails; if the verification is successful, entering a release module;
s31: traversing the station configuration list in the logic cache, and carrying out station configuration verification one by one, wherein the method comprises the following steps:
(a) Traversing a device information list corresponding to the current station configuration, recording the device IP, and verifying the measuring point group information and the corresponding measuring point information under the current device, wherein the verification content comprises: the validity of the measurement point name, the rationality of the remote control measurement point opening and closing rule and the rationality of the measurement point threshold value, if the verification unreasonable item exists in the verification content, the verification unreasonable item is stored into the data verification report;
(b) After the traversing of the device information list is completed, if the device IP is repeated, the device IP is regarded as an unreasonable verification item, and the unreasonable verification item is stored into a data verification report;
s32: if the data verification report has a verification unreasonable item, the release fails; otherwise, entering a release module;
and the release module is used for: the method comprises the steps of publishing data configuration in a logic cache to a physical library, and ending the publishing;
S41: performing trusted verification and integrity measurement on the physical library and the logic cache, and if the physical library or the logic cache is tampered or destroyed, sending a trusted verification failure report, and ending the release; otherwise, S42 is performed;
S42: comparing the physical library file with the logic cache file, if the comparison result of the data partition in the file is inconsistent, carrying out library loading operation on the partition which is changed or added, and loading the logic cache data in the partition which is changed or added into the physical library; if the data partition comparison results are consistent, the data of the two libraries are consistent and no update exists, and the library loading operation is not performed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311448083.6A CN117195240B (en) | 2023-11-02 | 2023-11-02 | Trusted DCS upper computer data configuration verification and release method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311448083.6A CN117195240B (en) | 2023-11-02 | 2023-11-02 | Trusted DCS upper computer data configuration verification and release method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117195240A CN117195240A (en) | 2023-12-08 |
| CN117195240B true CN117195240B (en) | 2024-05-28 |
Family
ID=88998346
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311448083.6A Active CN117195240B (en) | 2023-11-02 | 2023-11-02 | Trusted DCS upper computer data configuration verification and release method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117195240B (en) |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2001216020A (en) * | 2000-02-03 | 2001-08-10 | Hitachi Ltd | Distributed control system and data verification method therefor |
| US6393420B1 (en) * | 1999-06-03 | 2002-05-21 | International Business Machines Corporation | Securing Web server source documents and executables |
| KR20080021970A (en) * | 2006-09-05 | 2008-03-10 | 한국전력공사 | A on-line, real-time thermal performance monitoring system for fossil power plant |
| CN103941652A (en) * | 2013-01-22 | 2014-07-23 | 浙江安科网络技术有限公司 | Method and device suitable for security protection and security audit of various DCS production control systems |
| CN104751063A (en) * | 2014-12-31 | 2015-07-01 | 国家电网公司 | Operation system trusted guide method based on real mode technology |
| CN107689887A (en) * | 2017-08-23 | 2018-02-13 | 福建福清核电有限公司 | A kind of nuclear power plant's control system controls change online management system temporarily |
| CN108628872A (en) * | 2017-03-17 | 2018-10-09 | 广州康昕瑞基因健康科技有限公司 | Genetic analysis database batch data introduction method and system |
| CN110990336A (en) * | 2019-12-10 | 2020-04-10 | 北京慧虹远航科技有限公司 | Industrial control-oriented function design method and system |
| CN115712271A (en) * | 2022-11-11 | 2023-02-24 | 四川启睿克科技有限公司 | Automatic data acquisition system for old production equipment |
| CN115994122A (en) * | 2023-03-24 | 2023-04-21 | 北京江民新科技术有限公司 | Method, system, equipment and storage medium for caching information |
| CN116011026A (en) * | 2023-03-23 | 2023-04-25 | 西安热工研究院有限公司 | Database configuration security rapid verification method, system, equipment and storage medium |
| CN116405283A (en) * | 2023-04-06 | 2023-07-07 | 陈俊宏 | Data encryption authentication system based on information data protection |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150205966A1 (en) * | 2014-01-17 | 2015-07-23 | MalCrawler Co. | Industrial Control System Emulator for Malware Analysis |
-
2023
- 2023-11-02 CN CN202311448083.6A patent/CN117195240B/en active Active
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6393420B1 (en) * | 1999-06-03 | 2002-05-21 | International Business Machines Corporation | Securing Web server source documents and executables |
| JP2001216020A (en) * | 2000-02-03 | 2001-08-10 | Hitachi Ltd | Distributed control system and data verification method therefor |
| KR20080021970A (en) * | 2006-09-05 | 2008-03-10 | 한국전력공사 | A on-line, real-time thermal performance monitoring system for fossil power plant |
| CN103941652A (en) * | 2013-01-22 | 2014-07-23 | 浙江安科网络技术有限公司 | Method and device suitable for security protection and security audit of various DCS production control systems |
| CN104751063A (en) * | 2014-12-31 | 2015-07-01 | 国家电网公司 | Operation system trusted guide method based on real mode technology |
| CN108628872A (en) * | 2017-03-17 | 2018-10-09 | 广州康昕瑞基因健康科技有限公司 | Genetic analysis database batch data introduction method and system |
| CN107689887A (en) * | 2017-08-23 | 2018-02-13 | 福建福清核电有限公司 | A kind of nuclear power plant's control system controls change online management system temporarily |
| CN110990336A (en) * | 2019-12-10 | 2020-04-10 | 北京慧虹远航科技有限公司 | Industrial control-oriented function design method and system |
| CN115712271A (en) * | 2022-11-11 | 2023-02-24 | 四川启睿克科技有限公司 | Automatic data acquisition system for old production equipment |
| CN116011026A (en) * | 2023-03-23 | 2023-04-25 | 西安热工研究院有限公司 | Database configuration security rapid verification method, system, equipment and storage medium |
| CN115994122A (en) * | 2023-03-24 | 2023-04-21 | 北京江民新科技术有限公司 | Method, system, equipment and storage medium for caching information |
| CN116405283A (en) * | 2023-04-06 | 2023-07-07 | 陈俊宏 | Data encryption authentication system based on information data protection |
Non-Patent Citations (2)
| Title |
|---|
| "Automation framework for verification of LAMPS and DCS in airbag control unit (ACU)";A. Yamini等;《2017 International Conference on Inventive Communication and Computational Technologies (ICICCT)》;20170717;第1-4页 * |
| "核电厂非安全级DCS验证系统测试方法";王晋等;《中国高新技术企业》;20171231;第194-195页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117195240A (en) | 2023-12-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9514305B2 (en) | Code pointer authentication for hardware flow control | |
| US8739280B2 (en) | Context-sensitive taint analysis | |
| Kamtuo et al. | Machine Learning for SQL injection prevention on server-side scripting | |
| BR102015017215A2 (en) | computer-implemented method for classifying mobile applications, and computer program encoded on non-transient storage medium | |
| US11803461B2 (en) | Validation of log files using blockchain system | |
| CN109117201B (en) | Program exiting method and related equipment | |
| CN111400723A (en) | TEE extension-based operating system kernel mandatory access control method and system | |
| CN109271789B (en) | Malicious process detection method and device, electronic equipment and storage medium | |
| CN110647750A (en) | File integrity measurement method and device, terminal and security management center | |
| CN114095228A (en) | Safe access method, system and device for data of Internet of things based on block chain and edge calculation and storage medium | |
| CN112003824B (en) | Attack detection method and device and computer readable storage medium | |
| CN110443039A (en) | Detection method, device and the electronic equipment of plug-in security | |
| KR102308477B1 (en) | Method for Generating Information of Malware Which Describes the Attack Charateristics of the Malware | |
| CN117195240B (en) | Trusted DCS upper computer data configuration verification and release method and system | |
| KR102393913B1 (en) | Apparatus and method for detecting abnormal behavior and system having the same | |
| Matos et al. | Rectify: Black-box intrusion recovery in paas clouds | |
| CN108073411A (en) | A kind of kernel loads method and device of patch | |
| CN117235735A (en) | Main and customer security access control method and system of trusted DCS controller system | |
| US11693651B1 (en) | Static and dynamic correlation of software development pipeline events | |
| CN108647516B (en) | Method and device for defending against illegal privilege escalation | |
| CN117009931A (en) | Watermarking and watermarking application methods, devices, equipment and storage medium | |
| CN116502188A (en) | Remote proving method, device and system | |
| CN109472153B (en) | Authority auditing method | |
| CN110647771A (en) | Mysql database storage integrity verification protection method and device | |
| CN114640529B (en) | Attack protection method, apparatus, device, storage medium and computer program product |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |