KR20220121745A - Smart factory system - Google Patents

Abstract

The present invention relates to a smart factory system and, more specifically, to a smart factory system for supporting Industrial Internet of Things (IIoT) devices monitoring of a smart factory and remote control. The smart factory system disclosed in the present invention comprises: at least one IIoT device (200) capable of transmitting and receiving data through a network; at least one terminal (300) which is connected and communicates with the at least one IIoT device (200) through the network; and an IIoT monitoring server (100) which is connected and communicates with the at least one IIoT device (200) and the at least one terminal (300) through the network. The present invention has an advantage of easily managing all types of devices, properties of devices, and structures of protocols.

Description

Smart factory system {Smart factory system}

The present invention relates to a smart factory system, and more particularly, to a smart factory system for supporting IIoT device monitoring and remote operation of the smart factory.

IIoT (Industrial Internet of Thing) is a technology that connects to the Internet and shares data with other things such as PLCs (Programmable Logic Controllers), sensors, IIoT applications inside factories or network-connected devices, or industrial equipment. It means many 'industrial things'.

Internet-connected devices can use built-in sensors to collect data and, in some cases, react accordingly, and IIoT-connected devices and machines are helping to improve the way we work and live.

It is being applied to various fields of smart factories that automatically solve problems to prevent failures after finding the cause and solution of problems through monitoring of IIoT devices, including various sensors, actuators, and control operation devices.

In a smart factory, the number of IIoT devices (various sensors, actuators, and control and operation devices) ranges from tens to hundreds (small and medium-sized factories), and at most hundreds of thousands to millions (large-scale factories, such as automobiles and electronics). In order to realize smart functions, embedded software is installed inside, and it has a function that connects to the Internet through LAN, WIFI, and mobile networks. There is a problem in that there is no way to confirm or prove the fact that even if you are actually hacked or seriously infringed on your privacy because you do not manage access and use information due to lack of human and material resources.

In addition, it is a reality that there is always a possibility that an accident may occur due to a device malfunction due to a malicious operation or a user's mistake.

In the case of IIoT devices, cyber threats are becoming intelligent and covert, unauthorized access to the network by unauthorized devices (authentication, security key exposure, MAC address theft, etc.), hardware security vulnerabilities (sensor spoofing, etc.), IIoT device OS security vulnerabilities (inappropriate) software patch, etc.), management and control vulnerabilities (insider attack, authentication, manipulation), etc. Data forgery / data confidentiality / integrity / privacy violation / unauthorized service access / unauthorized user access / information leakage / terminal confidentiality / unauthorized terminal access / replication Various security issues such as attacks exist.

In other words, in general, IIoT equipment is difficult to mount a high-function security prevention module due to its characteristics, so there is a risk of hacking (data leakage, etc.) There is a high possibility that serious damage (accident) will occur due to the above, and there is a problem that high cost is required to establish a security environment for each IIoT service.

It is an object of the present invention to recognize the above problems and necessity, to analyze the causes of accidents that may occur in the IIoT platform, to prevent similar accidents in advance, and to analyze the behavioral patterns and habits or contexts of users to prevent malfunctions of devices. It is to provide a smart factory system that can prevent abnormal behavior.

In addition, it is an object of the present invention to manage IIoT information, specifications, and protocols in the form of metadata in a smart factory composed of IIoT devices (various sensors or actuators, control/operation devices) and PCL to manage all types of devices and devices It is to provide a smart factory system that can easily manage the properties and protocol structure of

The present invention has been created to achieve the object of the present invention as described above, and one or more IIoT devices 200 capable of transmitting and receiving data through a network; One or more terminals 300 connected to and communicating with the one or more IIoT devices 200 through a network; Disclosed is a smart factory system including the one or more IIoT devices 200 and the one or more terminals 300 and the smart factory platform server 600 connected through a network and communicating.

The smart factory platform server 600 includes a meta information management module 610 that manages the IIoT device properties and protocols as meta information 30 , and the IIoT device 200 through the terminal 300 when operating A protocol generation module 620 that converts the meta information 30 of the IIoT device 200 into a protocol for each IIoT device, and the IIoT device 200 automatically generates a monitoring screen for each IIoT device using the protocol when the device operates A monitoring screen generating module 630 may be included.

The smart factory platform server 600 is an authentication module for authorizing the registration of the terminal 300 and the IIoT device 200 by authenticating whether there is a registration right of the terminal 300 and the IIoT device 200 . It may include a 110 and an abnormal behavior prevention module 120 for preventing abnormal behavior by monitoring the operations of the terminal 300 and the IIoT device 200 .

The smart factory platform server 600 is a block chain interworking module for interworking at least some of the information transmitted and received with the IIoT device 200 and the terminal 300 to the block chain network 400 for security and integrity verification (150) may be further included.

The smart factory platform server 600 may further include a big data analysis module 140 that generates a big data analysis model for detecting abnormal behavior through the user's usage pattern analysis of the terminal 300 .

The smart factory platform server 600 may further include an abnormal behavior analysis module 130 that collects risk cases and derives an abnormal behavior analysis model for each type.

In another aspect, the present invention discloses a method for supporting monitoring and remote operation of IIoT devices performed in the above-described smart factory system.

The monitoring and remote operation support method of the IIoT device includes: a registration request receiving step of receiving a registration request for the IIoT device 200 from the terminal 300; a registration approval step of authorizing registration by authenticating whether the terminal 300 has a legitimate authority; It may include an abnormal behavior prevention step of monitoring an operation during operation of the IIoT device 200 through the terminal 300 to prevent abnormal behavior.

The abnormal behavior prevention step may block the abnormal access or manipulation when an abnormal approach or manipulation causing an abnormal behavior is detected in the monitoring process.

The abnormal behavior prevention step may further include a warning message sending step of transmitting a warning message to the terminal 300 when an abnormal approach and manipulation of the terminal 300 is detected.

The monitoring and remote operation support method of the IIoT device includes the steps of: the smart factory platform server 600 receiving an operation request for the IIoT device 200 from the terminal 300; ) receives the operation request, an authorization authentication step of authenticating the authority of the terminal 300, and when the authorization authentication is completed, a protocol generation step of converting the meta information 30 of the IIoT device 200 into a protocol; , it may include a monitoring screen creation step of automatically generating a monitoring screen using the converted protocol when the IIoT device 200 operates.

The smart factory system according to the present invention manages IIoT information, specifications, and protocols in the form of metadata in a smart factory composed of IIoT devices and PCL to easily manage all types of devices and device properties and protocol structures. There are advantages that can be

1 is a conceptual diagram showing an IIoT monitoring system according to an embodiment of the present invention.
FIG. 2 is a block diagram showing the configuration of the IIoT monitoring system of FIG. 1 .
3 is a flowchart illustrating a method of developing a big data analysis model for preventing accidents through abnormal behavior in the IIoT monitoring system of FIG. 1 .
4 is a flowchart illustrating a method of deriving a scenario for preventing abnormal behavior by type through case analysis in the IIoT monitoring system of FIG. 1 .
5 is a conceptual diagram illustrating a smart home platform to which the IIoT monitoring system of FIG. 1 is applied.
6 is a configuration diagram illustrating the smart factory platform of FIG. 5 .
7 is a conceptual diagram illustrating an IIoT monitoring system according to another embodiment of the present invention.
FIG. 8 is a view showing IIoT device properties monitored and remotely operated in the IIoT monitoring system of FIG. 7 .

Hereinafter, an IIoT monitoring system according to the present invention will be described with reference to the accompanying drawings.

IIoT monitoring system according to the present invention, as shown in Figure 1, one or more IIoT devices 200 capable of transmitting and receiving data through a network; One or more terminals 300 connected to and communicating with the one or more IIoT devices 200 through a network; The one or more IIoT devices 200 and the one or more terminals 300 and an IIoT monitoring server 100 connected through a network to communicate.

IIoT communication may refer to an evolved form from USN (Ubiquitous Sensor Network) and M2M (Machine to Machine).

In other words, while M2M's main purpose was to communicate with end-devices and humans, IIoT broadens the scope of things to provide security devices, smart home appliances, air-conditioning devices, CCTVs, lighting devices, temperature control devices, and various sensors. Communication that enables objects to communicate with people.

In IIoT technology, sensing technology, communication technology, service technology, etc. exist. Through this, information of all things is built into a network like a wired/wireless Internet network, and various services can be provided through the acquired information.

The IIoT is a concept of an object-space connection network that forms intelligent relationships such as sensing, networking, and information processing in a cooperative manner without human intervention for three distributed environment elements, such as humans, objects, and services.

The objects, which are major components of the IIoT, include people, vehicles, bridges, various electronic equipment, cultural assets, and physical objects constituting the natural environment, as well as communication equipment in wired and wireless networks.

The IIoT expands the concept of M2M, which enables intelligent communication between people and things, and things and things, to the Internet using a network to interact with all information in the real world and virtual world as well as things.

The terminal 300 and the group (type) of the IIoT device 200 can be accessed as a group (1:m, n:1, n:m) between the terminal and the IoT device. Here, the wired/wireless Internet network may be, for example, a communication network capable of directly connecting to the IIoT device 200 such as a voice communication network, a data communication network, and a Wi-Fi network.

The IIoT device 200 may be configured in a configuration capable of transmitting and receiving data through a network (wired/wireless Internet network), and various configurations are possible.

The terminal 300 is a terminal that is connected to and communicates with the one or more IIoT devices 200 through a network, and various configurations are possible.

For example, the terminal 300 corresponds to a computing device connected through a network with the IIoT monitoring server 100 and IIoT device 200 to be described later, for example, as a desktop, notebook, tablet PC or smart phone. It may be implemented, and may include a network interface for network connection and a user input/output interface for user input/output.

For example, the terminal 300 may correspond to a mobile device 310 (eg, a smartphone) and may be connected through cellular communication or Wi-Fi communication.

As another example, the terminal 300 may correspond to the PC 320 and may be connected through the Internet.

The terminal 300 may refer to a user terminal device capable of remotely controlling the IIoT device 200 by accessing (accessing) the IIoT device 200 through a wired/wireless Internet network, etc. as an end user.

The terminal 300 may be, for example, a terminal device such as a mobile phone, a smart phone, a PAD, or a tablet using a voice communication network, a data communication network, and a Wi-Fi network to control the IIoT device 200, However, the present invention is not limited thereto.

In addition, the terminal 300 registers with the IIoT monitoring server 100 to be described later in order to perform remote control on the IIoT device 200, and access to the IIoT device 200 through the IIoT monitoring server 100 It is possible to perform remote control of the IIoT device 200 by receiving approval of the remote control and remote control authority.

As shown in FIG. 2 , for example, the terminal 300 may include a packet theft prevention module, a security module, a communication module, and a visualization module.

Data transmitted between the terminal 300 and the IIoT device 200 in the system may be transmitted through a wired/wireless Internet network, and the packet theft prevention module detects the transmitted packet within the terminal 300 or the IIoT device 200 to be described later. It is possible to ensure the safety of the transmitted packet by performing a self-security check (packet theft prevention) through an installed application, etc., and enables safe communication between the terminal 300 and the IIoT device 200 .

The visualization module is a configuration responsible for a visualization function for showing the remote control status in the IoT communication process, and may include different visualization classes depending on the terminal 300, such as for administrators, residents, self-employed people, and business use.

In addition, as shown in FIG. 2 , a smart contract module for performing a smart contract using a block chain may be installed in the terminal 300 .

Furthermore, the terminal 300 is an ID / password for logging in to a packet management unit that manages packet transmission and reception of transmitted data (security key, terminal information, etc.), the IIoT monitoring server 100 or the IIoT device 200, etc. ID / password management unit that manages the IIoT device 200, the terminal approval management unit that manages the use approval for the IIoT device 200 of another terminal 300 accessing the IIoT device 200, the terminal 300 is the IIoT device 200 or A login management unit that manages information logged into the IIoT monitoring server 100, an authentication management unit that manages the integrity verification key information of the application for remote control of the IIoT device installed in the terminal 300, and the terminal information of the terminal 300 is generated as a security key A module such as a security key management unit to manage the IIoT device 200 and an IIoT device operation management unit to manage information about the IIoT device 200 registered in the terminal 300 may be additionally mounted.

The terminal information of the terminal 300 generated by the security key may be used for registration with the IIoT monitoring server 100 for the terminal 300 and authentication for remote control of the IIoT device 200 .

The IIoT device 200 refers to an electronic device capable of wired/wireless Internet communication, and may include a security device for controlling various sensors, PLC, CCTV, lighting device, temperature control device, hub equipment, and the like.

That is, the IIoT device 200 may be an industrial facility/device responsible for a production/manufacturing process equipped with a communication function, or various electronic devices/equipment constituting a smart factory. In addition, the IIoT device 200 can communicate with the terminal 300 through a wired or wireless Internet network, and receives a remote control command transmitted from the terminal 300 authenticated by the IIoT monitoring server 100 to receive a remote control command. A corresponding operation may be performed.

The IIoT device 200 may be equipped with a packet theft prevention module and a security module.

Through the security module, communication management of the IIoT device 200, access control and interworking control of the terminal 300 may be performed.

In addition, the IIoT device 200, similar to the above-described terminal 300, a transmission packet management unit, ID / password management unit, operating terminal registration unit, login verification unit, authentication management unit, security key management unit, such as modules can be mounted have.

In addition, an application for controlling an IIoT device may be installed in the IIoT device 200 .

The IIoT monitoring server 100 is a server that provides a platform for various types of IIoT services such as smart factories, and in the process of using various IIoT services that operate sensors and actuators, PLCs, IIoT devices, etc., hacking, identity theft, It may be a server that provides a relay management platform to prevent leakage of sensitive personal information or trade secrets, invasion of personal privacy, and accidents caused by abnormal access or unintentional operation of mobile phones, PCs and mobile devices, etc. have.

Through the IIoT monitoring server 100, the user's access right to the device, the access right of the mobile device, the account hijacking, whether the program is forged or altered, whether the packet is stolen, etc. Security issues such as hacking, DDoS, and large amount of spam can be solved by inspecting and operating in normal cases.

In particular, it checks the security and safety of mobile devices such as cell phones and smart pads, and enables users of platforms such as smart factories to lead a more convenient life through an application system for mobile devices that operates IIoT devices.

The IIoT monitoring server 100 is a server connected to and communicating with one or more IIoT devices 200 and the one or more terminals 300 through a network, and the registration authority of the terminal 300 and the IIoT device 200 . An authentication module 110 for authorizing registration of the terminal 300 and the IIoT device 200 by authenticating whether there is an abnormal behavior by monitoring the operation of the terminal 300 and the IIoT device 200 It may include an abnormal behavior prevention module 120 to prevent.

The authentication module 110 is configured to authorize registration of the terminal 300 and the IIoT device 200 by authenticating whether there is a registration right of the terminal 300 and the IIoT device 200 . This is possible.

More specifically, the authentication module 110, the terminal 300 and the IIoT device 200 through third-party authentication to perform registration / change / deletion (access right and control right) operation, IIoT device 200 The operation of registering / changing / deleting the terminal 200 for accessing the terminal 300, the operation of registering / changing / deleting the IIoT device 200 in the terminal 300, the terminal 300 to control the IIoT device 200 is different An operation of registering/changing/deleting the terminal 300 and an operation of registering/changing/deleting the IIoT device 200 in the terminal 300 registered in another terminal 300 may be performed.

The authentication module 110, after registration of the terminal 300, when receiving an authentication request for accessing the IIoT device 200 from the terminal 300, the terminal information transmitted from the terminal 300 and the authentication module ( By comparing the terminal information of the terminal 300 registered in 110), and verifying whether the application program for controlling the IIoT device has been changed, and the like to authenticate the terminal 300, remote control of the IIoT device 230 from the terminal 300 can make it possible

The authentication module 110 is, in order to operate and access the IIoT device 200, the access right of the terminal 200 to the IIoT device 200, the access right, whether the account is stolen, whether the program is forged or altered, whether the packet is stolen, etc. can be inspected and verified.

On the other hand, the terminal 300 is a terminal that plays a role of having a main control authority for the IIoT device 200 , and must be registered in the authentication module 110 .

In order to perform operations such as registering/changing/deleting the terminal 300 in the authentication module 110 , an application for controlling an IIoT device should be installed and driven in the terminal 300 .

In the case of the process of registering the terminal 300 in the authentication DB of the authentication module 110, after logging in from the terminal 300 to the authentication module 110, the integrity verification key of the IIoT device control application and the terminal 300 of the terminal information is transmitted to the authentication module 110 .

In this case, the integrity verification key is information for determining whether the application program has been forged/falsified by hacking, etc., and may include, for example, version information or checksum information of the application, but is limited thereto. it's not going to be

In addition, the physical code among the terminal information of the mobile terminal 200 may be used as security key information for authentication for the terminal 300 in the authentication module 110 , and such terminal information is, for example, the terminal information of the terminal 300 . It may be a physical code, location information, and equipment identification information. In addition, the physical code may be MAC address information or USIM information of the terminal 300 , but is not limited thereto.

In this case, the terminal 300 may log in to the authentication module 110 by receiving a pre-allocated ID, password, etc. from a user.

When the authentication module 110 logs in and performs registration for the terminal 300 requesting registration, the terminal information and the integrity verification key of the application to the terminal 300 are normally registered in the authentication DB and the terminal DB for management. can be notified that

Next, in the case of the process of changing the information of the terminal 300 registered in the authentication module 110, the terminal 300 performs a login to the authentication server 100, and the terminal 300 to the terminal 300 The integrity verification key of the installed application and the changed terminal information of the terminal 300 are transmitted to the authentication module 110 . At this time, the changed terminal information may be a physical code, location information, and equipment identification information of a new terminal 300 according to the change of the terminal 300, and the physical code is the MAC address of the terminal 300 as described above. information or USIM information.

In addition, location and equipment identification information is information that confirms the location of the equipment to be transmitted and whether the equipment is correct during data transmission, for example, installation location, GPS location information, IP address, mobile terminal number (phone number), etc. This information can be included.

Then, the authentication module 200 compares and matches the integrity verification key of the application received from the terminal 300 with the previously registered application integrity verification key of the terminal 300, and manages the changed terminal information of the terminal 300 It is stored in the terminal DB.

On the other hand, in the above description, only the information change of the terminal 300 has been described as an example, but even in the case of deleting terminal information for the terminal 300, the terminal information for the terminal 300 registered through the same process as the change procedure. deletion is possible.

Hereinafter, in order to perform a process such as registering/changing/deleting the IIoT device 200 in the terminal 300, the same as in the case of registering/changing/deleting the terminal 300 to the authentication module 110, IIoT device control The application must be installed on the terminal 300 and run.

First, in the case of the process of registering the IIoT device 200 in the terminal 200, after logging in from the terminal 200 to the IIoT device 200, the integrity verification key of the application installed in the terminal 300 and the terminal ( 300) transmits the terminal information to the IIoT device 200 . In this case, the terminal information of the terminal 200 may be, for example, a physical code, location information, and equipment identification information of the terminal 300 .

At this time, in performing the login to the IIoT device 200, the terminal 300, for example, when the initial purchase of the IIoT device 200, ID, password, etc. assigned to the IIoT device 200 to the user of the terminal 300 It is possible to log in to the IIoT device 200 by receiving an input from.

Thereafter, the IIoT device 200 transmits the terminal information of the terminal 200 , the integrity verification key of the IIoT device control application installed in the terminal 300 , and the information of the IIoT device 200 to the authentication module 110 .

At this time, the information of the IIoT device may refer to, for example, a unique identification code recognized through the operational portability, attachment, engraving, and serial number given to the IIoT device 200, but is not limited thereto.

As described above, when receiving information for registration of the IIoT device 200 from the IIoT device 200, the authentication module 110 is an application of the terminal 300 previously registered in the terminal DB for management in the authentication module 110. The integrity verification key of the IIoT device 200 is compared with the integrity verification key of the application of the terminal 300 received.

As a result of the above comparison, if the integrity verification keys match each other, the authentication module 110 stores the information of the IIoT device 200 in the terminal DB for management, and the IIoT device 200 to the terminal 300 to the IIoT device ( 200) sends a registration completion message indicating that it has been successfully registered. However, when the integrity verification key does not match as a result of the comparison, the authentication module 110 sends a registration impossible message to the IIoT device 200 indicating that registration of the IIoT device 200 is impossible.

Then, the IIoT device 200 may transmit the registration completion message or the registration impossible message received from the authentication module 110 to the terminal 300 .

On the other hand, in the case of the process of changing the information of the IIoT device 200 registered in the terminal 200, after logging in from the terminal 300 to the IIoT device 200, the integrity verification key of the application and the terminal 300 of the terminal information is transmitted to the IIoT device 200 .

Next, the IIoT device 200 may transmit the terminal information of the terminal 300 , the integrity verification key of the application of the terminal 300 , and change information of the IIoT device 200 to the authentication module 110 .

Then, the authentication module 110 verifies the integrity of the application integrity verification key of the terminal 300 received from the IIoT device 200 and the application of the terminal 300 previously registered in the terminal DB for management in the authentication server 110 . You can compare keys.

Next, the authentication module 110 changes the information of the IIoT device 200 registered in the terminal 300 to the changed information of the IIoT device 200 when the two integrity verification keys match as a result of the comparison, and the IIoT device 200 ) to transmit a message indicating that the information change procedure of the IIoT device 200 has been completed, and if there is a discrepancy, a non-changeable message is transmitted to the IIoT device 200 .

Then, the IIoT device 200 transmits the change procedure completion message or the change impossible message received from the authentication module 200 to the terminal 300 .

Meanwhile, in the above description, only the change process among the change/deletion process has been described as an example, but even when information on the IIoT device 200 is deleted, the information on the IIoT device 200 registered through the same process as the change procedure is deleted. is possible

On the other hand, in order to register/change/delete another terminal 300 in the previously registered terminal 300 , an application for controlling an IIoT device must be installed and driven in each terminal 300 .

First, in the case of the process of registering the new terminal 200 to the previously registered terminal 200, after logging in from the previously registered terminal 200 to the new terminal 200, terminal information of the previously registered terminal 200 and transmits the integrity verification key of the IIoT device control application of the registered terminal.

Then, the new terminal 200 may transmit the terminal information of the new terminal 200 and the integrity verification key of the application together with the terminal information of the previously registered terminal 200 and the integrity verification key of the application to the authentication module 110 .

As described above, when the authentication module 110 receives information for registering the new terminal 200 in the previously registered terminal 200, the authentication module 110 of the terminal 200 previously registered in the management terminal DB The terminal information is compared with the terminal information of the previously registered terminal 200 received from the new terminal 200 .

As a result of the above comparison, when the two pieces of terminal information match each other, the authentication module 110 registers a new terminal 200 in the terminal 200 registered in the terminal DB for management.

Subsequently, the authentication module 110 may send to the new terminal 200 a registration completion message indicating that the information on the new terminal 200 has been normally registered in the previously registered terminal 200 or notifying that registration is impossible. .

However, as a result of the comparison, when the two pieces of terminal information do not match, the authentication module 110 sends a registration impossible message to the new terminal 200 informing that registration of the new terminal 200 is impossible.

Then, the new terminal 200 transmits the registration completion message or the registration impossible message received from the authentication module 110 to the previously registered terminal 200 . At this time, when receiving the registration completion message, the registration terminal 200 transmits a registration approval message to the new terminal 200. Then, the new terminal 200 responds to the registration approval message from the registration terminal 200. Accordingly, the registration procedure for the new terminal 200 is terminated.

On the other hand, in addition to the above process, a process of changing/deleting information of the terminal 200 registered in the pre-registration terminal 200, or registering the IIoT device 200 in the terminal 200 registered in the pre-registration terminal 200 For the terminal 300 and the IIoT device 200, such as the process of / change / deletion, the process of registering / changing / deleting the terminal 200 to control the IIoT device 200 to the pre-registered terminal (Master) 200 All registration/change/deletion processes may be configured the same as or similar to that of the applicant's Patent Registration No. 10-1810150, and a detailed description thereof will be omitted.

The security authentication process between the mobile terminal 200 and the IIoT device 230 may also be configured the same as or similar to Patent Registration No. 10-1810150, and accordingly, the authentication module 110 is transmitted from the IIoT device 200 By examining the integrity verification key of the application for controlling the IIoT device installed in the terminal 300 , it is possible to check whether there is an abnormality in the application program.

In this case, checking whether there is an abnormality may mean, for example, checking whether the application program is forged/falsified through hacking, but is not limited thereto.

In addition, in the authentication module 110, in the operation of checking whether the application program is abnormal, for example, the integrity verification key of the IIoT device control application installed in the terminal 300 is previously registered in the terminal DB for management. After comparing with the integrity verification key of the IIoT device control application, if it matches, it can be confirmed that there is no abnormality in the application program, but is not limited thereto.

As a result of the above check, if there is an error in the application program for controlling the IIoT device installed in the terminal 300, the authentication module 110 transmits an authentication failure message to the IIoT device 200, and this authentication failure message is the IIoT device ( 200 ) transmits it back to the terminal 300 to notify that authentication has failed.

As a result of the check, if there is no abnormality in the application program for controlling the IIoT device installed in the terminal 300, the authentication module 110 may notify the IIoT device 200 that there is no abnormality in the application program for controlling the IIoT device installed in the terminal 300. have.

When authentication for the terminal 300 is successful through the authentication module 110 , it becomes possible to remotely control the IIoT device 200 from the terminal 300 .

Meanwhile, the authentication module 110 may implement a third-party security authentication system between the terminal 300 and the IIoT device 200 .

Referring to FIG. 2 , when the authentication module 110 receives a registration request from the terminal 300 to the IIoT device 200 , the terminal 300 has a legitimate right to register with the IIoT device 200 . As a configuration to approve registration by authenticating whether there is, it is possible to authenticate whether the terminal 300 that accesses the IIoT device 200 and performs remote control is a legitimate mobile terminal.

That is, when the authentication module 110 receives an authentication request (registration request) for accessing the IIoT device 200 from the terminal 300 according to an embodiment of the present invention, the terminal information transmitted from the terminal 300 IIoT device 200 in the terminal 300 by comparing the terminal information of the registered terminal 300 and verifying whether the application program for controlling the IIoT device has been changed and authenticating whether the terminal 300 has a legitimate authority. You can enable remote control of

These, the authentication module 110 is a management log DB, authentication DB, packet theft prevention module, user management unit, security key management unit, source code tampering check unit, authentication approval management unit, DB encryption unit, app tampering check unit, authentication app version management unit , physical code value, device management unit, IIoT device management / inquiry unit, logging management unit, etc. can be mounted.

The authentication DB can store the result values for authentication approval, authentication rejection, and authentication error, version information management of the authenticated application and application program, and application integrity verification key information received from the terminal 300 or the IIoT device 200. .

The management log DB records logs of all jobs executed by the authentication module 110 to manage information data such as status inquiry and statistics.

The packet hijacking prevention module may prevent packets transmitted/received between the terminal 300 and the authentication module 110 from being hijacked.

The authentication module 110 manages information about the login ID/password assigned to the terminal 300 to log in to the authentication module 110, and requests a remote control for the IIoT device 200 from the terminal 300 In this case, it is possible to authenticate whether the terminal 300 is a legitimate mobile terminal having remote control authority.

In addition, the authentication module 110 can manage the terminal 300 registered in the authentication DB, can manage information about the IIoT device 630 registered in the authentication module 110, the authentication module ( Various log records of the terminal 300 logging in to 110 ) and information that the terminal 300 accesses the authentication module 110 to inquire can be managed.

In addition, the authentication module 110 can verify whether the application for controlling the IIoT device mounted on the terminal 300 is changed, and operation such as registering/changing/deleting the terminal 300 and the IIoT device 200 can be performed.

The main function of the authentication module 110 is to first perform terminal information management operation for the terminal 300 and IIoT device 200 registered in the management terminal DB, and to control the IIoT device mounted on the terminal 300 Perform application integrity verification.

The authentication module 110 may check whether the IIoT device control application installed in the terminal 300 is forged or tampered with by using a source code tampering check unit. In this case, in checking for tampering of the source code, forgery or falsification of the application may be checked using, for example, checksum information of the application included in the integrity verification key of the application transmitted from the terminal 300, but is limited thereto. it is not

As described above, the present invention introduces third-party security authentication between the terminal 300 and the IIoT device 200 by the authentication module 110 to prepare an IIoT device remote control application program for hacking of the terminal 300. The integrity and security of the security authentication process between the terminal and the IIoT device can be strengthened by applying a process that checks and authenticates the forgery/falsification check and the security authentication packet between the terminal and the IoT device by a third party.

According to the configuration of the authentication module 110, an app module that supports efficient management of IIoT devices as follows may be implemented.

The third-party security authentication performed in the present invention may be configured the same as or similarly to the above-described registered patent 10-1810150, and a detailed description thereof will be omitted.

The abnormal behavior prevention module 120 is configured to monitor the operations of the terminal 300 and the IIoT device 200 to prevent abnormal behavior, and various configurations are possible.

The present invention can prevent similar accidents in advance by analyzing the causes of accidents that may occur in the IIoT platform by including the abnormal behavior prevention module 120, and malfunction of the device by analyzing the user's behavioral patterns and habits or contexts It has the advantage of preventing abnormal behavior that prevents

Currently, in most cases, information on the access and use of smart home appliances and IIoT devices such as smart homes and smart factories are not managed, so even if you are actually hacked or seriously infringed on your privacy, you can The reality is that there is no way to prove it.

In order to solve this problem, the present invention can prevent similar accidents in advance by analyzing the causes of accidents that may occur in IIoT platforms such as smart homes and smart factories.

In addition, the present invention can prevent device malfunctions intentionally or accidentally by analyzing the behavioral patterns and habits or contexts of the users of the IIoT platform through the abnormal behavior prevention system.

More specifically, the present invention is based on the control and control through an expert system according to the characteristics of the IIoT device, and extracts the usage patterns of individual users and general users from big data, It is the key to preventing accidents caused by intentional or erroneous operation by detecting abnormal behaviors during operation and control of IIoT devices through supervised learning and deep learning and sending control or warning messages.

By performing the abnormal behavior prevention function of the abnormal behavior prevention module 120, security vulnerabilities due to hacking, loss, theft, erroneous operation, etc. of smart devices can be largely resolved.

Specifically, as shown in FIG. 2 , the abnormal behavior prevention module 120 includes a score management unit for each risk factor, a user management unit, an authority management unit, a risk pool management unit, an alarm management unit, a screen template unit, a linkage analysis unit, and a check list. It may include department, follow-up management department, scenario management department (abnormal behavior prevention scenario management), dashboard, and performance analysis department.

The score management unit for each risk factor, user management unit, authority management unit, risk pool management unit, alarm management unit, screen template unit, linkage analysis unit, checklist unit, follow-up management unit, scenario management unit, dashboard, performance analysis unit, etc. are abnormal behavior prevention modules As a configuration for managing an abnormal behavior prevention process through 120, it may be configured in various ways.

The abnormal behavior prevention module 120 monitors all manipulations and operations of the terminal 300 and the IIoT device 200, specifically, the access of the IIoT device 200 (eg, IIoT installed in a smart factory). Device access), all data generated during user operation (IP, device Mac addr, access time, accessor, etc.) can be logged and managed as a DB.

All information generated during operation of the IIoT device may be stored in the data dam. All of the logged information may be utilized as data such as cause analysis when an accident occurs later.

The abnormal behavior prevention module 120 monitors all manipulations and operations of the terminal 300 and the IIoT device 200, and abnormal access to the terminal 300 or the IIoT device 200 causing abnormal behavior And/or when a manipulation is detected, the corresponding abnormal access and/or manipulation may be blocked or a warning message may be transmitted to the terminal 300 .

The abnormal behavior prevention module 120 may prevent abnormal behavior of the operation of the terminal 300 and the IIoT device 200 based on an abnormal behavior prevention model to be described later.

At this time, the IIoT monitoring server 100 is a configuration for deriving an abnormal behavior analysis model for detecting abnormal access and/or manipulation among monitored approaches or manipulations, and collects risk cases to derive an abnormal behavior analysis model for each type. It may include an abnormal behavior analysis module 130 .

The abnormal behavior prevention model may be an abnormal behavior prevention scenario calculated by analyzing a threat factor (risk case) existing for each IIoT system component (IoT device, network, platform, service, etc.) and extracting a target.

More specifically, the abnormal behavior analysis module 130 performs exploratory data analysis (correlation analysis (eg, correlation analysis between SNS exposure keywords and the number of occurrences of abnormal behavior) for abnormal access of the IIoT device), statistical analysis (normal Iteratively repeats the analysis process for detecting abnormal behavior data through time series analysis (time series characteristics analysis of abnormal behaviors, characterization of irregular attempts by period, etc.) can be performed to derive an optimal analysis model.

The anomalous behavior analysis module 130 checks the degree of impact by risk factors, selects important risk factors, applies new patterns to existing strategies as unit simulations to review discriminatory power, adjusts grades for each important risk factor, and applies rules It can be modified to create a comparison strategy.

Next, the abnormal behavior analysis module 130 compares and analyzes the generated comparative strategy with the existing strategy, compares and analyzes scores and influences for each important risk factor, and applies a population to the comparison strategy to examine the discrimination power. Through this, an abnormal behavior prevention model can be extracted by examining the score result and detailed information for each unit and checking the performance score and influence by important risk factors.

The abnormal behavior analysis module 130 may derive similar cases such as identity theft by analyzing the electronic financial fraud cases of the Financial Supervisory Service and the US FFIEC using rules for extracting past occurrences to detect abnormal behavior.

(Anomaly detection case)

- Connection site anomaly and transaction detection algorithm

- Detection algorithm for inducing personal information input through spoofing site connection (pharming)

- Same IP fraud detection algorithm

- Terminal Designated Service Fraud Detection Algorithm

- Abnormal behavior detection algorithm according to service location

- Method of detecting cheating based on data mining (big data)

- Abnormal transaction pattern detection algorithm in the channel

- User media information collection design, etc.

In addition, the abnormal behavior analysis module 130 is, as shown in FIG. 4, a security incident/threat factor related to the IIoT platform (eg, remote access service DDoS attack, internal employee information leakage (with access rights) Cases of user control failure), smart home hacking, medical device hacking, identity theft, etc.) can be searched and classified using an artificial intelligence tool, and then anomaly detection methods can be extracted according to the type of accident.

The extracted anomaly detection method may be derived as an anomaly prevention scenario for each type of component, such as IIoT devices, networks, and platforms.

The abnormal behavior prevention scenario may be utilized and managed as an abnormal behavior prevention standard in the above-described abnormal behavior prevention module 120 .

In addition, the abnormal behavior prevention module 120 may prevent abnormal behavior of the operation of the terminal 300 and the IIoT device 200 based on a big data analysis model to be described later.

In this case, the IIoT monitoring server 100 may further include a big data analysis module 140 that generates a big data analysis model for detecting abnormal behavior through the user's usage pattern analysis of the terminal 300 . .

The big data analysis module 140 extracts the usage patterns of individual users and the usage patterns of general users from the above-described data dam (all information generated during terminal access and IIoT device operation), and big data through artificial intelligence learning An analytical model can be calculated.

That is, the big data analysis module 140 is a module for developing a big data analysis model for analyzing the usage habits and patterns of the IIoT device 200 of the user, and develops an analysis model considering the characteristics of the IIoT device 200 . Data modeling of the IIoT platform analysis mart for this purpose can be performed.

The big data analysis module 140 performs an operation based on an analysis process for detecting abnormal behavior data. The big data analysis process will be described with reference to FIG. 3 as follows.

The big data analysis process includes the steps of selecting a data set from the data dam (S301), performing data pre-processing (S302) such as noise, outlier, missing value identification and processing, and refining, variable creation, selection, dimension A data conversion step (S303) such as reduction, a data mining step (S304) for extracting necessary information from the converted data to derive a big data analysis model, and a big data analysis model derived through the data mining It may include a result interpretation and evaluation step (S305) of deriving the result interpretation, evaluation, and performance (concordance with the purpose). (a process for finding statistical patterns or knowledge based on profiling techniques)

To derive the big data analysis model, artificial intelligence-based supervised learning and deep learning may be utilized.

That is, the big data analysis module 140 can derive a big data analysis model based on data dam, big data, and artificial intelligence, and using this, the abnormal behavior prevention module 120 is configured to operate and control IIoT. Accidents caused by intentional or erroneous operation can be prevented by detecting abnormal behavior and sending control or warning messages.

Through the big data analysis model, it is possible to derive a pattern in the normal range for each user's IIoT manipulation and control, which is included in the abnormal range where any IIoT manipulation or control causes abnormal behavior when received It can provide a basis for judging whether

More specifically, the abnormal behavior prevention module 120 may detect whether the device access or manipulation monitored based on the big data analysis model in the monitoring process is an abnormal approach or manipulation that causes abnormal behavior, When such abnormal access or manipulation is detected, the abnormal access or manipulation may be blocked.

Since the big data analysis model is a model for a general device access pattern and manipulation pattern of each user of the IIoT platform, if any approach or manipulation that deviates from this model is detected, it may be determined as an abnormal approach or manipulation.

For example, when user A commands a device operation to set the operating temperature of the IIoT device, which is a heating machine, to 60 °, the abnormal behavior prevention module 120 converts this operation to an abnormal operation (user’s error) that deviates from the big data analysis model. operation) to block the operation or transmit a warning message to the terminal 300 of user A.

On the other hand, as shown in FIG. 2 , the IIoT monitoring server 100 links at least some of the information transmitted and received with the IIoT device 200 and the terminal 300 to the blockchain network for security and integrity verification. It may further include a block chain interworking module 150 for

The block chain interworking module 150 includes a user authentication unit for preventing the leakage of user's personal information, a smart contract SDK for a block chain-based smart contract service of IIoT platform users, and non-repudiation information for verifying actions based on a block chain. may include wealth.

Through the block chain interlocking module 150, there is an advantage that the user's personal information leakage prevention and the block chain-based personal information management function for behavior verification.

In addition, when applied to smart home service, various contracts and ID cards are distributed and managed using block chain, so that when a resident changes residence due to a sale or cheonsei contract, the authority can be managed based on the block chain. have.

The IIoT device operation risk detection and abnormal behavior prevention method performed in the above-described IIoT monitoring system includes: a registration request receiving step of receiving a registration request for the IIoT device 200 from the terminal 300; a registration approval step of authorizing registration by authenticating whether the terminal 300 has a legitimate authority; It may include an abnormal behavior prevention step of monitoring an operation during operation of the IIoT device 200 through the terminal 300 to prevent abnormal behavior.

In the IIoT device operation risk detection and abnormal behavior prevention method, the abnormal behavior prevention step may block the abnormal access or operation when an abnormal approach or operation causing an abnormal behavior is detected in the monitoring process.

In this case, the abnormal behavior prevention step may further include a warning message sending step of sending a warning message to the terminal 300 when the abnormal approach or manipulation is detected.

On the other hand, Figures 5 and 6 are diagrams showing an embodiment of the configuration in which the above-described IIoT monitoring server 100 is applied as an integrated security authentication center of a smart home platform.

In the case of a smart home platform, objects (including data) corresponding to the IIoT device 200, management costs, energy management (water, electricity, gas), home appliance management (TV, refrigerator, air conditioner), lighting equipment management (indoor lighting, It may include outdoor lighting, public lighting), security device management (CCTV, door lock, security window), healthcare device management, and the like.

In addition, in the case of a smart home platform, it can be linked with sharing economy platforms such as cars and bicycles. In addition, a community integrated platform for resident communities, an energy integrated platform for energy management, and a traffic control platform for traffic control within the complex. can be provided.

The IIoT monitoring server 100 according to the present invention may be an integrated server capable of implementing authentication, security, and abnormal behavior prevention functions by integrating IIoT platforms such as a smart home and a smart factory.

The IIoT monitoring system according to the present invention can support an app module that supports efficient management of smart home appliances and IIoT devices, and more specifically, an app integrity check function, smart home appliances and smart home IIoT used in apps. Device registration and management, setting of smart home appliances and smart home IIoT devices, automated management of smart home appliances and smart home IIoT devices, message setting of smart home appliances and smart home IIoT devices, friend setting function in a specific space, IIoT devices management of basic information (device name, producer, protocol, gateway, etc.), management of different and various types of properties by type, manufacturer, and specification of each IIoT device, and standard and threshold values for operation of IIoT devices installed in smart factories management can be performed.

The IIoT monitoring system according to the present invention can build a user management system with the highest level of security to classify members and manage users, and more specifically, personal authentication (user, mobile device, Access to computer, IP, IIoT devices, authentication of users, access rights, etc.), password protection function (account cancellation if incorrect more than 5 times, recovery function when password is lost), password encryption and history management function, members of households or factories Information management of mobile devices using stars (up to 5 - manufacturer, device version, OS, MAC Addr, etc.), management of standard and threshold values for smart factory IIoT device operation, management of change history of personal information, individual users It is possible to perform management and functions of addresses to be accessed and IIoT devices.

In addition, the IIoT monitoring system according to the present invention can log IIoT device operation information and use it as data such as cause analysis when an accident occurs later. , NETWORK, etc., it is possible to monitor the identification monitor (real-time identification log) and real-time anomalies (abnormal access and operation) of important logs among the real-time logs forwarded to the CEP (complex event processing) engine after log reception. , Windows, mobile devices, web users, etc. access attempt status monitoring (user monitoring) is possible, personal information change history management, IIoT device monitoring (devices that have been activated or deactivated by users among IIoT devices registered in the governance space) monitoring), status monitoring of all IIoT devices, user account monitoring (monitoring IIoT device users registered in the governance user and abnormal access), management of addresses and IIoT devices to be accessed by individual users, and organizing permissions (using blockchain Distributed management of contracts and ID cards), and other system operation-related monitoring (load, SSIS, IIoT device installation facility information in smart cities, etc.) can be enabled.

In addition, in terms of security, the IIoT monitoring system according to the present invention performs security verification, security key chain verification (a verification metric for security key issued when an inter-object chain is formed), pairing verification (mobile app, user , Verification of transmission and reception when a pairing event between IIoT devices occurs), authentication token verification (verification of issuance history when tokens generated and issued from the database are used), mobile app integrity verification (verification of tampering with integrity fingerprints received from distributed apps), (User terminal registration verification: verification of the owner of the terminal unique code associated with the user account), login verification (login attempt verification metric for users registered on the platform), household head verification verification (verification of the original and ambassador of the user's residence registered in the platform Confirmation and verification of one householder) and verification verification of household members (member of a household for a user who is guaranteed to be verified by the head of a household) functions can be performed.

When the registered device status, activated device status, user status, security authentication monitoring dashboard in the platform, verification of security key (Secure key) issued when a chain between security entities is formed, pairing between applications/users/IIoT terminals occurs Verification of transmission/reception messages / Verification of issuance history when issued tokens are used / Verification of forgery and falsification of integrity fingerprints received from applications / Verification of owners for unique terminal codes connected to user accounts / API calls provided by the platform City verification Verification of requests that exceed the critical time limit/Login attempts for users registered on the platform Verification of user residence registration on the platform Verification of the original and ambassador-verified head of household Verification/Token issuance, use, and extinction status in the in-memory database /Operation monitor dashboard for data processing logic consumed within the platform/Operation monitor dashboard for business applications generated within the platform/Platform stability check/Real-time anomaly monitoring/Monitoring of access attempts by Windows, application, and mobile users/Windows ·Application·Mobile user's navigation activity tracking log monitoring/user response dialog information registration management/other monitoring screen provided in the application can be provided as a screen to the user terminal for smart home platform monitoring.

In addition, the smart home platform may be provided as a screen to the user terminal through, for example, a mobile app. (Forgery verification screen, login screen, mobile device registration screen, living space registration IIoT device status screen, access authorization IIoT device list, IIoT device operation screen, etc.)

In addition, the IIoT monitoring system according to the present invention performs the user's authority management (IIoT device access right, real residence status, mobile device used), and stores information generated during IIoT device operation in the data dam, and the user, specific Abnormal access and manipulation can be blocked through a big data analysis model and artificial intelligence engine that prevents accidents through abnormal behavior through various types of analysis such as layers or devices.

On the other hand, as another embodiment, the present invention, one or more IIoT devices 200 capable of transmitting and receiving data through a network; One or more terminals 300 connected to and communicating with the one or more IIoT devices 200 through a network; Disclosed is a smart factory system including the one or more IIoT devices 200 and the one or more terminals 300 and the smart factory platform server 600 connected through a network and communicating.

The IIoT device 200 may be configured the same as or similar to the description in the above-described IIoT monitoring system.

However, the IIoT device 200 may include a PLC as an electronic device for controlling a machine or a processor to implement a smart factory.

The terminal 300 may be configured the same as or similar to the description in the above-described IIoT monitoring system, and a detailed description thereof will be omitted.

The smart factory platform server 600 may include a smart factory security platform engine as a server for supporting monitoring and remote operation of IIoT devices.

In addition, the smart factory platform server 600 may be implemented the same or similar to the above-described IIoT monitoring server 100, and the smart factory platform server 600 will be described in detail with a focus on the differences.

The smart factory platform server 600 may manage meta information of properties of the IIoT device 200 to support monitoring and remote operation of the IIoT device 200 .

More specifically, the smart factory platform server 600 includes a meta information management module 610 that manages the IIoT device properties and protocols as meta information, and the IIoT device 200 through the terminal 300 when operating A protocol generating module 620 for converting the meta information of the IIoT device 200 into a protocol for each IIoT device, and a monitoring screen for automatically generating a monitoring screen for each IIoT device using the protocol when the IIoT device 200 operates A generation module 630 may be included.

The meta information management module 160 is configured to manage the IIoT device properties and protocols as meta information 30 , and various configurations are possible.

That is, the meta information management module 160 may manage IIoT information, specifications, and protocols in the form of metadata.

As shown in FIG. 8 , the meta information 30 may include metadata such as IIoT device type, name, serial number, protocol type, gateway, data type, and data size.

The protocol generation module 620 is configured to convert the meta information of the IIoT device 200 into a protocol for each IIoT device when the IIoT device 200 is operated through the terminal 300, and various configurations are possible.

The converted protocol for each IIoT device may be loaded into the system memory, converted into a protocol of the corresponding IIoT device 200 when the IIoT device 200 is operated, and logged (Log DB).

The monitoring screen generation module 630 is configured to automatically generate a monitoring screen for each IIoT device using the converted protocol (protocol structure) when the IIoT device 200 operates, and various configurations are possible.

The smart factory platform server 600 according to the present invention has the advantage of managing IIoT information, specifications, and protocols in the form of metadata to easily manage all types of devices and device properties and protocol structures.

In addition, the smart factory platform server 600 may further include the configuration of the above-described IIoT monitoring server 100 .

On the other hand, the monitoring and remote operation support method of the IIoT device performed in the smart factory platform server 600, the smart factory platform server 600 receives the operation request for the IIoT device 200 from the terminal 300 Receiving, and when the smart factory platform server 600 receives the operation request, an authorization authentication step of authenticating the authority of the terminal 300, and meta information of the IIoT device 200 when the authorization authentication is completed It may include a protocol generation step of converting , into a protocol, and a monitoring screen generation step of automatically generating a monitoring screen using the converted protocol when the IIoT device 200 operates.

In another aspect, the monitoring and remote operation support method of the IIoT device performed in the smart factory platform server 600 includes a registration request receiving step of receiving a registration request for the IIoT device 200 from the terminal 300 and ; a registration approval step of authorizing registration by authenticating whether the terminal 300 has a legitimate authority; It may include an abnormal behavior prevention step of monitoring an operation during operation of the IIoT device 200 through the terminal 300 to prevent abnormal behavior.

The abnormal behavior prevention step may block the abnormal access or manipulation when an abnormal approach or manipulation causing an abnormal behavior is detected in the monitoring process.

The abnormal behavior prevention step may further include a warning message sending step of transmitting a warning message to the terminal 300 when an abnormal approach and manipulation of the terminal 300 is detected.

Since the above has only been described with respect to some of the preferred embodiments that can be implemented by the present invention, the scope of the present invention as noted should not be construed as being limited to the above embodiments, and It will be said that the technical idea and the technical idea accompanying the fundamental are all included in the scope of the present invention.

100: IIoT monitoring server 200: IIoT device
300: terminal 600: smart factory platform server

Claims (10)

One or more IIoT devices 200 capable of transmitting and receiving data through a network; One or more terminals 300 connected to and communicating with the one or more IIoT devices 200 through a network; As a smart factory system including the one or more IIoT devices 200 and the one or more terminals 300 and a smart factory platform server 600 connected through a network and communicating,
The smart factory platform server 600 includes a meta information management module 610 that manages the IIoT device properties and protocols as meta information 30 , and the IIoT device 200 through the terminal 300 when operating A protocol generation module 620 that converts the meta information 30 of the IIoT device 200 into a protocol for each IIoT device, and the IIoT device 200 automatically generates a monitoring screen for each IIoT device using the protocol when the device operates Smart factory system, characterized in that it comprises a monitoring screen generation module (630). The method according to claim 1,
The smart factory platform server 600,
An authentication module 110 for authorizing registration of the terminal 300 and the IIoT device 200 by authenticating whether there is a registration right of the terminal 300 and the IIoT device 200, and the terminal 300 and an abnormal behavior prevention module 120 for monitoring the operation of the IIoT device 200 to prevent abnormal behavior. 3. The method according to claim 2,
The smart factory platform server 600 is a block chain interworking module for interworking at least some of the information transmitted and received with the IIoT device 200 and the terminal 300 to the block chain network 400 for security and integrity verification (150) Smart factory system, characterized in that it further comprises. 3. The method according to claim 2,
The smart factory platform server 600 further comprises a big data analysis module 140 for generating a big data analysis model for detecting abnormal behavior through the user's usage pattern analysis of the terminal 300. smart factory system. 3. The method according to claim 2,
The smart factory platform server 600 is a smart factory system, characterized in that it further comprises an abnormal behavior analysis module 130 that collects risk cases and derives an abnormal behavior analysis model for each type. A method for supporting monitoring and remote operation of IIoT devices performed in the smart factory system according to any one of claims 1 to 5. 7. The method of claim 6,
The monitoring and remote operation support method of the IIoT device includes: a registration request receiving step of receiving a registration request for the IIoT device 200 from the terminal 300;
a registration approval step of authorizing registration by authenticating whether the terminal 300 has a legitimate authority;
Monitoring and remote operation support method of the IIoT device, characterized in that it comprises the step of preventing abnormal behavior by monitoring the operation of the IIoT device (200) through the terminal (300) to prevent abnormal behavior. 8. The method of claim 7,
The abnormal behavior prevention step, IIoT device monitoring and remote operation support method, characterized in that when an abnormal approach or operation that causes an abnormal behavior is detected in the monitoring process, the abnormal access or operation is blocked. 9. The method of claim 8,
The abnormal behavior prevention step further comprises a warning message sending step of sending a warning message to the terminal 300 when an abnormal approach and manipulation of the terminal 300 is detected. Monitoring and remote control of the IIoT device How to support operation. 7. The method of claim 6,
The monitoring and remote operation support method of the IIoT device,
The step of the smart factory platform server 600 receiving an operation request for the IIoT device 200 from the terminal 300, and when the smart factory platform server 600 receives the operation request, the terminal 300 ) authentication step of authenticating the authority, and when the authority authentication is completed, a protocol generation step of converting the meta information 30 of the IIoT device 200 into a protocol, and the converted when the IIoT device 200 operates A method for supporting monitoring and remote operation of an IIoT device, comprising the step of generating a monitoring screen for automatically generating a monitoring screen using a protocol.

Images