RU2783917C1 - Interface with dynamic information encryption used to protect the transmitted data from unauthorised access in communication systems - Google Patents

Abstract

FIELD: computing technology.

SUBSTANCE: technical result is achieved by a method for protecting the transmitted information, wherein an "Initialisation" stage is included before each start of operation of the automated system, wherein unpredictable, inaccessible to the developer and the operations personnel, identical for all terminals "blocks" are automatically generated for further use in the work process of encrypting the transmitted messages; each terminal participating in the work of the system secretly generates a new digital footprint; a stage of dynamic encryption of the transmitted information is included; non-matching of the original numbers of data encryption logic and numbers of combinations of the encrypted subsections of control packets to the numbers of encryption logic and numbers of combinations of subsections of control packets resulting from the randomisation operation is ensured; conditions eliminating the need for direct transmission to the receiver of the ciphers used by the source during encryption to decrypt the received message are created.

EFFECT: higher level of security of the control object.

2 cl, 12 dwg, 7 tbl

Description

The claimed group of inventions relates to the field of microelectronics and computer technology and can be used to build high-performance computing systems that protect data from any abnormal influences, including deliberate substitution.

Introduction. The responsibility of the developers of automated control systems (ACS) to ensure the optimal and safe operation of the complex, expensive and dangerous object controlled by it makes them spend huge efforts in the synthesis of control algorithms. But all their efforts may be in vain if these algorithms operate on false or erroneous source information. And therefore, today the trend in the development of complex control systems is shifting towards providing automated control systems with reliable information, i.e. information that exactly matches that sent by the source.

The task that all developers solve in one way or another can be formulated as follows: "To ensure maximum protection of information used in the automated control system without a significant loss in system performance." But a wide variety of conditions in which the system operates (the level of interference, the characteristics of the processor devices used, safety requirements, the possibility of contactless external influence, operating conditions, etc.) and the inconsistency of different criteria for assessing the quality of its work (performance and level protection of information from external information influences, etc.) determine the additional desire of the Customer to obtain an adaptive system that adapts to the emerging (specific) situation.

The cyber-resistant interface described below provides a high level of information protection in any abnormal situations (intentional impact, accidental failure, operator error, etc.) and provides the ability to simply adapt it to real operating conditions to ensure optimal control.

The level of technology. The reliability of information in the automated control system is of great importance, since it is used to control the technological process and make decisions in emergency situations. Inaccurate information can lead to making wrong decisions that have negative consequences in terms of the safety of the operation of the control object.

Reliable information for the receiver can only be that which exactly matches the information transmitted by the transmitter, and therefore it is very important to be able to protect and check the received data directly for their reliability. In this way, the pitfalls of misinformation can be avoided.

The issue of protecting information by modifying it, excluding its reading by an unfriendly person, has been relevant since ancient times. The history of information encryption is almost the same age as the history of human speech. Since writing became widespread, information encryption (cryptography) began to develop as a science. The rapid development of encryption systems fell on the period of the first and second world wars.

The emergence of modern computing systems gave impetus to the next stage in the development of cryptography, the cause of which was a significant expansion of the scope of digital information, where the solution to the problem of obtaining reliable information became simply necessary. This is due to the need to solve new urgent and much more complex tasks that require:

- work with huge arrays of information for various purposes, including information with limited access to it by unauthorized persons;

- optimal control in all the variety of conditions for the functioning of the control object;

- accurate assessment of the current quality of functioning and prediction of changes in the functional quality involved in the operation of unique and expensive devices and systems;

- protection of the control object from various emergency situations arising in the process of operation and from unauthorized influences on the system to minimize the damage caused by this;

- strict accounting of incurred costs for their subsequent minimization. Cryptography is the science of methods for ensuring confidentiality (the impossibility of reading information to outsiders) and authenticity (the integrity and authenticity of authorship, as well as the impossibility of refusing authorship) of information. Initially, cryptography studied methods of information encryption - the reversible transformation of an open (source) text based on a secret algorithm and / or key into ciphertext (ciphertext). Traditional cryptography forms a section of symmetric cryptosystems [1] in which encryption and decryption are performed using the same secret key. In addition to this section, modern cryptography includes asymmetric cryptosystems, electronic digital signature (EDS) systems, hash functions, key management, obtaining hidden information, and quantum cryptography. But all known encryption methods are static, that is, in the process of designing a system, the chief architect chooses a specific method and parameters for encrypting information that do not change during the operation of the system.

The information encryption methods used are quite complex and it is not easy for a specialist who does not know the coding algorithm, but has access to the results of the work, but it is still possible to recognize the coding algorithm in a certain time, infiltrate, deceive the receiver and create problems in the operation of the managed object, up to a serious emergency. situations.

Known methods for encrypting information based on the use of cryptographic transformation of information using random replacement tables. In the first of the well-known methods of such encryption, called "Polybian Square", it is supposed to use a table in which the values of the letters of the alphabet used are randomly recorded. The value of the encrypted letter is used as the address at which the letter written there is read from the table, which is the result of a cryptographic transformation. From the point of view of modern cryptography, such a transformation does not change the probability of the appearance of individual letters in the encrypted text, but only changes the ratio of the probabilities of individual letters in the cryptogram. If the letter "a", in accordance with the replacement table, goes into the letter "t", then the probability of the letter "a" appearing in the source text will be equal to the probability of the letter "t" appearing in the cryptogram. It is known that the analysis of the statistics of individual letters in the text of the cryptogram makes it possible for the opponent to decrypt the test, and therefore such replacement tables are used in various cryptographic algorithms, including in the Russian encryption standard GOST 28147-89 [2], as one of the operations to complicate the transformation.

There are known mathematical principles for constructing absolutely secure ciphers, formulated by K. Shannon [3], according to which only a cipher can be absolutely secret if it provides a sequence at the encoder output that is close in its statistical properties to a random equiprobable sequence, regardless of the statistics of the appearance of individual letters in the original encrypted sequence.

But a common drawback of the known methods for encrypting binary information is their static nature. Encryption methods are selected, modified and incorporated into the hardware circuit at the design stage and do not change during the operation of the system. With the current level of development of computer technology, in this case, it becomes possible to open the cipher and decrypt the transmitted information in real time. In addition, a decrease in system performance due to the provision of full-fledged information protection is simply unacceptable in most cases. It significantly limits the scope of systems that implement these methods.

There is a known method of protecting information based on the use of the properties of a random natural process - meteor propagation of radio waves [4], where binary equivalents of measurements of the random time of meteor propagation of radio waves from the transmitter to the receiver are used as elements of the symmetric encryption key.

The disadvantage of this method [4] is the bulkiness, high power consumption, high cost of the equipment used and its operation. These shortcomings significantly limit the use of the method in communication systems to improve the reliability of information protection, for example, make it impossible to use the method in mobile radio communication systems. Another significant disadvantage of this method is the low (~10 ² bps) throughput of the meteor radio channel used, which "slows down" and slows down the process of exchanging confidential information.

A known method of protecting information based on the use of the properties of a random natural process - a random trajectory of multipath propagation of radio waves [5]. In the method, as elements of the symmetric encryption key, binary equivalents of measurements of the random phase of the resulting radio signal that has undergone propagation through a multipath radio channel are used. However, the existing disadvantages of the method significantly limit the scope of its use. The disadvantages of the method [5] include:

- difficult to implement in practice requirements for the accuracy of synchronization of the time scales of communication devices located on both sides of the mutual multipath radio channel;

- the need to provide a high ratio (signal/noise) to perform accurate coherent measurements of the carrier phase and/or intermediate frequency;

- concentration of high power of probing signals in a narrow frequency band, which creates intense interference for other information and telecommunication systems (ITS) and does not provide electromagnetic compatibility (EMC) with them that meets the standards [6, 7].

The analogue (prototype) that is closest in essence and functions to the claimed is a method for protecting information based on two-way transmission and subsequent detection of probing radio signals that carry time stamps of the moment of their emission, tied to previously reduced time scales, and emanating from located at both ends of the radio link communication devices, performing irreversible mathematical transformations on numerical sequences, encrypting and decrypting messages using a key [8]. In the method, the operation of mutual identification of participants in the information exchange is performed, the time scales of the communication devices of the participants are synchronized, the time interval for the operation of information protection means is set, during which two sets of binary equivalents of digitized measurement results of random relative delays of the moments of arrival at a receiving point of different copies of the signal probing the multipath environment. The accumulated sets of measurements, in each of the communication devices, are subjected to the same irreversible mathematical transformations, a pair of identical copies of the symmetric encryption key is formed at the receiving and transmitting ends. The accumulated sets of binary equivalents are replenished with binary equivalents of the digitized results of regular measurements of random relative delays of the moments of arrival at the receiving point of various copies of the signal probing the multipath environment that have reached the receiver along independent paths of random length, while the reciprocity properties of the multipath propagation conditions are used as a mechanism for distributing instances of the symmetric encryption key radio waves

The disadvantages of the prototype method [8] are:

- the need to install transceivers operating at the same frequencies in the request-response mode on all devices participating in the information exchange, which significantly increases the cost of the equipment used and its operation;

- the need to allocate from the total memory of each transceiver memory to store its time scale;

- the need for periodic organization of the procedure for polling each terminal for identification and issuing, upon a counter request, to each of amendments to its time scale, which makes it impossible to organize continuous operation of the system.

These shortcomings significantly limit the use of the method in systems that need reliable information protection and support a continuous process for a long time, for example, make it impossible to use this method in automated control systems (ACS) with a continuous process.

The purpose of the claimed group of inventions is to eliminate the shortcomings of the prior art. The technical result of the claimed group of inventions is to increase the level of information and functional security of the control object in the harsh conditions of information counteraction due to the guaranteed provision of automated control systems with reliable information.

A technical solution that allows achieving the set goal, that is, guaranteeing the ACS with reliable information, is the development of a method for protecting the transmitted information and an automated control system (ACS) for objects that implements an interface with dynamic information encryption that provides the ACS with information exactly corresponding to the information transmitted by the source , and excluding the possibility of deliberate distortion and substitution of transmitted information.

The specified goal and technical result are achieved:

1. The introduction of the "Initialization" stage, applied before each start of the automated system, at which:

- secretly automatically (without the participation of the operational staff and without the possibility of influencing the results) when using a generator of non-stationary natural random numbers (GNNSCH), obeying a uniform distribution law, unpredictable, independent of prehistory, unknown and inaccessible to the developer and operational staff, the same for all terminals "blocks", which will be further used in the workflow of encrypting forwarded messages:

a) New "Cipher Table" containing a wide range of lists of encrypted parameters, ciphers and logics for their application;

b) A new randomized set of options for different data encryption logics;

c) A new randomized set of options for various combinations of encrypted subsections of the control package;

- each terminal participating in the operation of the system secretly generates a new digital fingerprint with the help of GNNSCH;

- at least three groups of formulas for calculating checksums are formed, divided by the amount of information sent, each of which contains two formulas that provide, with a given degree of reliability, verification of the integrity of the received information at a given, different from the maximum, and maximum level of information protection from malicious information impact (when the specified protection level coincides with the maximum one, each group contains one formula).

2. Ensuring the secrecy of storing the generated blocks, formulas for calculating checksums and digital fingerprints in the protected RAM of the processor of each terminal, inaccessible to the operational staff.

3. The use of dynamic encryption of the transmitted information at the stage "Regular operation", in which the encryption parameters (the list of encrypted parameters, the ciphers themselves and the logic of their application) of each packet in each message of each information source are determined using the GNNSCH.

4. Ensuring the non-stationarity and unpredictability of the numbers produced by the GNNS, obeying a uniform distribution law, due to the input of the generator of variables of a non-stationary nature - the temperature inside the integrated circuit and the signal from the trigger output, which is in a metastable state when the signal transitions to a new synchronization domain.

5. Ensuring that the initial numbers (a priori given) of the data encryption logics and the numbers of combinations of encrypted CP subsections do not correspond to the numbers of encryption logics and the numbers of combinations of CP subsections obtained as a result of the randomization operation, that is, the formation of practically new sets of encryption logics and combinations of CP subsections unknown to the software developer support and operational staff.

6. Creation of conditions (all terminals have the same "blocks" for choosing a cipher), excluding the need for direct transmission to the Receiver of the ciphers used by the Source in encryption to decrypt the received message.

The essence of the claimed invention. 1. A method is claimed for protecting transmitted information based on encryption and decryption of messages using the operation of mutual identification of exchange participants and the formation at the receiving and transmitting ends of a pair of identical copies of the symmetric encryption key, while: the stage is introduced - “initialization”, at which the Master device-leader), preparing the system for regular operation, automatically, without the possibility of the operational staff to influence the procedure and the result, forms in itself, with the help of a generator of non-stationary natural random numbers (GNNSCH), non-stationarity, which is ensured by supplying to the input of the generator of variables having non-stationary nature, temperature inside the integrated circuit and the signal from the output of the trigger, which is in a metastable state when the signal passes into a new synchronization domain, and the law of distribution of random numbers obeys the uniform distribution law, the “Code Table”, dimensions Lo x Mo, where Lo is the total number the number of encrypted parameters and data in the control packet (CP) and data packet (PD) (number of columns), and Mo - the number of different combinations of lists of encrypted parameters and data, their ciphers and encryption logics of the CP and PD of each message (number of rows), randomizes a priori given sets (blocks) of PD data encryption options with their corresponding features kj and options for combinations of encrypted CP subsections with the corresponding features qi, creates its own digital imprint, and also forms a set (block) of formulas for calculating the checksum (CRC), providing, with accuracy not worse than required, checking the integrity of the information sent in each packet, depending on its volume and the level of protection against malicious information impact, divided into at least three groups according to the amount of information sent and containing within each group no more than two formulas corresponding to different levels of protection, which, together with their address and address space number, are transferred via a request gives over a closed (secure) channel to all Slaves (Slave devices - Slaves) participating in the system operation, receives from each Slave via a closed (secure) channel a unique digital fingerprint of the device, generated by the Slave himself with the help of his GNNSCH, the use of which in the process of information exchange significantly increases the security level of the system, the address and the number of its address space, after which it forms a correspondence table "Terminal address - Fingerprint" that includes its digital fingerprint, its address and its address space number, digital fingerprints of Slave devices, their addresses and address numbers spaces, which, together with the "Table of ciphers", a set of formulas for calculating CRC, randomized sets (blocks) of data encryption options for PD with the corresponding signs kj, and options for combinations of encrypted subsections of the CP with the corresponding signs qi, is placed in a protected memory area of its processor inaccessible to the operational staff , and each Slave device of the system places its digital fingerprint, the address of its terminal and the number of its address space, and transmitted by the Master: “Cipher table”, a set (block) of CRC calculation formulas, to check the integrity of information , randomized sets (blocks) of PD data encryption options with their corresponding features kj and options for combinations of encrypted CP subsections with the corresponding features qi, the digital fingerprint of the Master, his address and the number of his address space, which ensures strict confidentiality of information on encryption in each terminal and in the system as a whole, the impossibility of access to it by the operational staff and the system developer's ignorance of the list of parameters selected for encryption, the ciphers themselves and the encryption logic in all cases of using the system, and transmits to the Master a signal of its readiness for operation, which, after receiving a signal from all Slave devices, readiness for work generates the signal "The system is ready for work" and after the operator's command (pressing the button) "Start" proceeds directly to the working stage in the conditions of informational counteraction - "normal work", which differs in that during the work process the Leader in the cycle receives from all The slaves of the system encrypted information, decrypts it, integrates and transmits the ACS in the logic defined by the system algorithm, and to encrypt the transmitted information, the Slaves and the Master use the dynamic encryption method, which consists in the fact that each packet (KP and PD) is encrypted in each message of each source information (of the Master and Follower) with a changeable, random, history-independent, unpredictable, unknown to the operational staff and the developer, the cipher, determined immediately before sending the message using its own GNNSCH, obeying a uniform distribution law, which randomly generates specific numbers before each message is sent a variant from a randomized set of PD data encryption options, a variant from a randomized set of options for combinations of encrypted CP subsections and a line from the "Cipher Table", with a list of encrypted parameters and data indicated in them, ciphers and the logic of their application, which together determine a complex, multi-stage and unknown to the operational staff and the developer of the system, the encryption algorithm of the transmitted message, and the encryption parameters used by the information source (the list of encrypted parameters and data, ciphers and the logic of their application) are not directly transmitted to the information receiver in the message, in the message the information source transmits the numbers of options in sets and the line number or line numbers, depending on the encryption mode, in the “Cipher Table”, which are random numbers that are changed in each transmission, independent of history, generated by its GNNSC, understandable to the receiver and allowing it, with the help of its randomized blocks of options encryption of PD data and options for combinations of encrypted subsections of the CP, as well as the “Cipher Table”, identical with the blocks of options and the “Cipher Table” of the source, determine the message encryption parameters used by the source and decrypt the transmitted message, while a subsection is additionally entered into the CP format, in which The Master, immediately before sending the message to the Slave, writes down a “code word”, which is a random number that is changed in each transmission, generated by the GNNSCH, which the Slave returns to the CP of the response message, confirming his authority to respond to a specific request from the Master, which greatly complicates the possibility of replacing a standard device with a malicious one, at the same time, the technical feasibility and effectiveness of the proposed method of dynamic encryption of information is confirmed on the hardware-software interface model (the model of interaction between the program and the user), including the receiving / transmitting unit developed for it, designed to implement of the system protocol for the exchange of information TSI between the central processing unit (CPU) and peripheral modules, GNNSCH, which generates random numbers that obey a uniform distribution law, the non-stationarity of which is ensured by supplying to the input of the generator variables of a non-stationary nature, the temperature inside the integrated circuit and the signal from the output a trigger that is in a metastable state when the signal transitions to a new synchronization domain, and a dedicated internal BCP circuit designed to select encryption parameters at the “initialization” stage: “Cipher table”, which determines possible options for using lists of encrypted parameters, ciphers themselves and encryption logics data, randomization of the initial sets of encryption options for PD data and options for combinations of encrypted subsections of the CP, and in the process of regular work to secretly determine the list of encrypted parameters, specific ciphers, the specific logic of their application and formulas, to check whether accuracy not worse than required, the integrity of information sent by the source of various volumes and ensuring the protection of transmitted data from unauthorized access in communication systems.

2. An automated control system (ACS) for objects is claimed in which an interface with dynamic information encryption is implemented, based on the encryption and decryption of messages using the operation of mutual identification of exchange participants and the formation at the receiving and transmitting ends of a pair of identical copies of the symmetric encryption key, while: a stage is introduced - “initialization”, at which the Master (Master-Main), preparing the system for regular operation, automatically, without the possibility of the operational staff to influence the procedure and the result, forms at itself, using a non-stationary natural random number generator (GNNSCH), non-stationarity, which is ensured by applying to the input of the generator of variables of a non-stationary nature, the temperature inside the integrated circuit and the signal from the output of the trigger, which is in a metastable state when the signal passes into a new synchronization domain, and the random number distribution law obeys uniformly mu distribution law, "Table of ciphers", dimensions Lo x Mo, where Lo is the total number of encrypted parameters and data in the control package (CP) and data package (PD) (number of columns), and Mo is the number of different combinations of lists of encrypted parameters and data, their ciphers and encryption logics of the CP and PD of each message (number of lines), randomizes a priori given sets (blocks) of PD data encryption options with their corresponding features kj and options for combinations of encrypted CP subsections with the corresponding features qi, creates its own digital imprint, and also forms a set (block) of formulas for calculating the checksum (CRC), which, with an accuracy no worse than the required one, checks the integrity of the information sent in each packet, depending on its volume and the level of protection against malicious information impact, divided into at least three groups according to the amount of information sent and containing within each group no more than two formulas corresponding to different levels of protection bits, which, together with their address and address space number, are transmitted through a request via a closed (secure) channel to all Slaves (Slave devices - Slaves) participating in the system operation, receive from each Slave via a closed (secure) channel a unique digital fingerprint of the device, generated by the Slave himself with the help of his GNNSCH, the use of which in the process of exchanging information significantly increases the security level of the system, the address and number of its address space, after which it forms a correspondence table “Terminal address - Fingerprint”, including its digital fingerprint, its address and its number. address space, digital fingerprints of Slave devices, their addresses and numbers of address spaces, which, together with the “Cipher Table”, a set of CRC calculation formulas, randomized sets (blocks) of PD data encryption options with their corresponding features kj, and options for combinations of encrypted CP subsections with corresponding features qi p places its processor's memory area inaccessible to the operational staff, and each Slave device of the system places its digital fingerprint, the address of its terminal and the number of its address space into the protected memory area inaccessible to the operational staff, and transmitted by the Master: "Cipher table", set ( block) CRC calculation formulas, to check the integrity of information, randomized sets (blocks) of PD data encryption options with their corresponding features kj and options for combinations of encrypted CP subsections with the corresponding features qi, Master's digital fingerprint, his address and number of his address space, which provides strict confidentiality of information on encryption in each terminal and in the system as a whole, the impossibility of access to it by the operational staff and the system developer's ignorance of the list of parameters selected for encryption, the ciphers themselves and the encryption logic in all cases of using the system, and transmits a signal to the Master from its readiness for operation, which, after receiving a signal of readiness for operation from all Slave devices, generates the signal "System is ready for operation" and after the operator's command (pressing the button) "Start" proceeds directly to the working stage in the conditions of information countermeasures - "normal operation", characterized in that in the process of operation, the Master in a cycle receives encrypted information from all the Slaves of the system, decrypts it, integrates and transmits the ACS in the logic determined by the system algorithm, and to encrypt the transmitted information, the Slaves and the Master use the dynamic encryption method, which consists in the fact that each packet (KP and PD) is encrypted in each message of each information source (Master and Slave) with a variable, random, history-independent, unpredictable, unknown to the operational staff and the developer, the cipher, determined immediately before sending the message using its GNNSCH, subject to a uniform distribution law , cat which, before each message sending, randomly generates specific variant numbers from a randomized set of options for encrypting PD data, a variant from a randomized set of options for combinations of encrypted CP subsections and a line from the “Cipher Table”, with the list of encrypted parameters and data indicated in them, ciphers and their logic applications that together determine a complex, multi-stage and unknown to the operational staff and the system developer, the encryption algorithm of the transmitted message, and the encryption parameters used by the information source (the list of encrypted parameters and data, ciphers and the logic of their application) are not directly transmitted to the information receiver in the message, in the message the source information, the numbers of options in the sets and the line number or line numbers, depending on the encryption mode, are transmitted in the “Cipher Table”, which are random, independent of the history, numbers generated by its GNNSC, which are changed in each transmission, understandable to the receiver and allowing him, with the help of his randomized blocks of options for encrypting PD data and options for combinations of encrypted subsections of the CP, as well as the “Cipher Table”, identical with the blocks of options and the “Cipher Table” of the source, to determine the message encryption parameters used by the source and decrypt the transmitted message, at the same time, a subsection is additionally introduced into the CP format, in which the Master, immediately before transmitting a message to the Slave, writes a “code word”, which is a random number that changes in each transmission, generated by the GNNSCH, which the Slave returns to the CP of the response message, confirming its authority to respond to a specific request The host, which significantly complicates the possibility of replacing a standard device with a malicious one, at the same time, the technical feasibility and effectiveness of the proposed method of dynamic encryption of information is confirmed on the hardware-software interface model (the model of interaction between the program and the user z), which includes a receiving / transmitting unit developed for it, designed to implement the system protocol for the exchange of information TSI between the central processing unit (CPU) and peripheral modules, GNNSC, which generates random numbers that obey a uniform distribution law, the non-stationarity of which is ensured by supplying a variable generator to the input values that have a non-stationary nature, temperatures inside the integrated circuit and the signal from the trigger output, which is in a metastable state when the signal passes to a new synchronization domain, and a dedicated internal circuit of the BCP, designed to select encryption parameters at the “initialization” stage: “Cipher tables”, determining possible options for using lists of encrypted parameters, the ciphers themselves and data encryption logics, randomizing the initial sets of PD data encryption options and options for combinations of encrypted CP subsections, and in the process of regular work to secretly determine the list of encrypted pairs meters, specific ciphers, specific logic of their application and formulas, to verify, with an accuracy no worse than required, the integrity of information sent by the source of various volumes and to ensure the protection of transmitted data from unauthorized access in communication systems.

The method of dynamic encryption of transmitted information with a list of encrypted parameters, ciphers and the logic of their application randomly changing during the operation of the system makes it possible to deliver to the ACS receiver information exactly corresponding to the information transmitted by the source with a high probability. The hardware-software implementation of the encryption method in the form of the TSI interface allows you to confirm:

- the possibility of implementing the proposed method of dynamic encryption of transmitted information with a list of encrypted parameters, ciphers and the logic of their application randomly changing during the operation of the system;

- a significant increase in the level of functional safety of the system (ACS with a control object), due to the practical impossibility of intentional substitution of information or acceptance of accidentally distorted information (for example: due to operator error or failure of the ACS) as reliable.

The claimed TSI interface can operate in two modes: without encryption and with information encryption. Work without encryption of information is used in conditions where the possibility of distortion and substitution of any transmitted information is excluded. Working with information encryption - when it is necessary to ensure the regular operation of the control object in harsh conditions of information counteraction.

Thanks to a new set of essential features, the claimed method achieves an increase in the level of information and functional security of the control object in harsh conditions of information counteraction due to the guaranteed provision of the ACS with reliable information (ensuring the delivery to the Receiver of information exactly corresponding to the information transmitted by the Source), which is ensured by the use of dynamic information encryption (encryption of each packet of each source in each cycle) by randomly changing unpredictable encryption parameters unknown to the operational staff and the developer and the creation of conditions (all terminals have the same “Cipher Table”, the same sets of algorithms and formulas for choosing a cipher), eliminating the need for direct transmission to the Receiver of ciphers, used by the Source to encrypt the sent message.

The claimed objects of the invention are illustrated by drawings, diagrams and tables, which show:

Fig. 1. Functional diagram of the "Initialization" stage. Fig. 2. Functional diagram of the stage "Regular work". Fig. 3. Applied message formats. Fig. 4. CP structure in the "With data encryption" mode.

Fig. 5. Structure of PD.

Fig. 6. CP structure in the "No data encryption" mode.

Fig. 7. Formation by the Slave of a response message to the Master in the "Read" mode in case of violation of the integrity of the incoming message.

Fig. 8. Formation by the Slave of a response message to the Master in the "Read" mode upon confirmation of the integrity of the incoming message.

Fig. 9. Determining the format of the received message.

Fig. 10. Evaluation by the Leader of the reliability of the received message.

Fig. 11. The structure of the system that implements the claimed dynamic data encryption.

Fig. 12. Scheme of data exchange on the bus according to the TSI protocol.

Tab. 1. "Table of ciphers".

Tab. Fig. 2. The structure of the CP subsections in the "With data encryption" and "Without data encryption" modes.

Tab. 3. CP structure in the "No data encryption" mode

Tab. 4. CP structure in the "With data encryption" mode.

Tab. 5. The structure of the field of the subsection “Control Field” of the CP.

Tab. 6. Structure of PD.

Tab. 7. Randomization scheme for a set of encryption algorithms.

1. A method for dynamic encryption of transmitted information with a list of encrypted parameters, ciphers and the logic of their application randomly changing during the operation of the system.

The proposed encryption method is divided into two stages:

- stage 1 - "Initialization" - this is an automatic, hidden from the operational staff, a way to configure the internal loop of the interface of each terminal of the system in terms of the formation of the same lists of encrypted parameters, their ciphers and encryption logic, the same for all terminals of the system of randomized sets of data encryption algorithms and options combinations of various subsections of the CP to be encrypted, as well as in terms of determining a set of formulas that provide verification with an accuracy no worse than the required integrity of the information sent by the source, depending on its volume and the specified level of protection against malicious information impact (The functional diagram of the "Initialization" stage is given in Fig. 1).

- stage 2 - "Regular operation" - this is the operation of the external interface loop with the "configured" at stage 1 internal loop, that is, a method for directly encrypting and decrypting information during the operation of the automated control system in order to significantly increase the reliability of the received information and, as a result, significantly reduce the probability of using deliberately spoofed or unintentionally (accidentally) distorted due to an operator error or a failure in the operation of the automated control system information in the management of the object. (The functional diagram of the stage "Regular work" is shown in Fig. 2). 1.1. "Initialization".

The setting of the internal loop of the interface, to which the user does not have direct access, at the stage "Initialization" is carried out automatically without the participation of the operator in the following sequence (see Fig. 1):

1.1.a. First, the Host, with the help of his GNNSCH, forms a "Table of ciphers" (see Table 1.) with dimensions L ₀ ^x M ₀ , where

L ₀ - the number of columns - the total number of signs of encrypted parameters (lc _j , n _j rd _j , m _j , k _j , dr _j , p _j ) in the forwarded packets of information KP and PD (in the above example L ₀ =7); M ₀ - the number of lines, each of which determines the list (composition) and (composition) and the values of the signs of the encrypted parameters in the forwarded packet, depending on the type of packet (KP (i=0) or PD (i=l)) and the encrypted parameter in packet (in CP it is “CRC (z=0)”, in PD it is “CRC (z=1)” and “Data (z=2)”); in the claimed version, in the CP (i=0) only CRC is encrypted, with two parameters (lc _j and n _j ), and in PD (i=l) CRC is encrypted with two parameters (rd _j , m _j ) and data - with three parameters ( k _j , dr _j , p _j ); the received value of M ₀ is limited from below by the value M _0min , which allows to provide the necessary variety of options for encrypting the transmitted information to make it difficult to counter information on the system (in the claimed version, M _0min =10), and from above - by the value of M _0max , limited by the capabilities of the RAM of the microprocessor of the device that houses "Table of ciphers" (in the claimed version M _0max =32). To do this, he, with the help of his GNNSCH, the non-stationarity of which is ensured by supplying variables of a non-stationary nature to the input (temperature inside the integrated circuit and the signal from the trigger output, which is in a metastable state when the signal passes into a new synchronization domain), and the distribution law of numbers obeys a uniform distribution law, consistently generates random numbers, which in a certain way writes down in columns [3], [5] and [8] of the “Cipher Table”. Columns [2], [4], [6] and [7] of the "Cipher Table" are filled according to the algorithms proposed here based on the results of filling columns [3], [5] and [8] with random numbers (see paragraph 2 subsection 2.2 "Preparing the system for "regular" work).

Each cell of the "Cipher Table" (j, 1), where j is the row number, and the 1-column number determines the specific cipher used to encrypt the transmitted parameter (lc _j , n _j , rd _j , m _j , dr _j or p _j ) or the logic of its application (k _j ) in a particular package.

The “cipher table” is generated automatically without the participation of an operator.

The complete algorithm for its formation is presented in paragraph 2 d of subsection 2.2. "Preparing the system for "regular" work." The table is stored in the protected memory of the processor. It is hidden from the user and the user does not have direct access to it;

1.1.6. Then, a priori formed and numbered from 1 to K ₀ by the Master, the set of options (algorithms) for encrypting PD data, where K ₀ is their total number, is automatically randomized with the help of GNNSCH (the randomization algorithm for the set of options for encrypting PD data is given in paragraph 2a of subsection 2.2. “Preparing the system for “regular” work”.).

Then, from the randomized set K ₀ of encryption algorithms, a truncated working set k _j ^max of the first renumbered encryption algorithms is formed, where k _j ^max <=K ₀ . The resulting set of encryption algorithms k _j ^max with their corresponding features k _j , is a randomly numbered initial set, in which each algorithm is assigned a new number k _j , where k _j ,=l,k _j ^max , in ascending order, that is, a set , in which the correspondence between the number of the encryption algorithm and the algorithm itself is artificially violated, in contrast to the initial set specified by the operator. And since the procedure for randomizing the initial set is not available to the operational staff and the new set of algorithms is located in an inaccessible area of the processor memory, and when transmitting information from the source to the receiver in the normal mode, only the algorithm number is transmitted, it is very difficult to establish the correspondence of the new number to the encryption algorithm used during the operation of the system, and when K ₀ >=10 and k _j ^max >=5 for a limited time is almost impossible.

The operation of assigning a new number k _j to each algorithm is carried out automatically. It is not available for intervention by the operational staff. The number of different algorithms (k _j ^max ) that will be used in data encryption is specified in the initial data and cannot exceed the number of a priori formed algorithms - K ₀ .

The generated randomized set of PD data encryption options, as well as the “Cipher table”, is stored in the protected memory of the processor. It is hidden from the user and the user does not have direct access to it;

a 3<=q₀<=10), подлежащих шифрованию шифром, записанным в строке «Таблицы шифров» (см. Табл. 1, раздел Контрольный пакет (i=0)), номер которой в каждом варианте указан в битах подраздела «Shift step» КП (номера бит подраздела «Shift step», в которые занесен номер строки «Таблицы шифров», в каждом варианте q_i различные), Ведущим с помощью ГННСЧ автоматически (случайным образом) рандомизируется и аналогично приведенному выше набору вариантов (алгоритмов) шифрования данных ПД усекается, то есть из него формируется новое (перенумерованное1.1.c. Further, a priori formed and numbered set of options for various combinations of subsections of the CP (except for the subsections "Sync", "Sync", "Control Field", "Shift step" and "CRC32") - I(q _i ) (The structure of the subsections of the CP in the modes "Without data encryption” and “With data encryption” are given in Table 2.), where q _i is the number of the option of combinations of subsections of the CP on the set of options I(q _i ), in which

a 3<=q ₀ <=10) to be encrypted with the cipher recorded in the line "Cipher Table" (see Table 1, section Control package (i=0)), the number of which in each option is indicated in the bits of the subsection "Shift step" KP (numbers of bits of the "Shift step" subsection, in which the line number of the "Cipher Table" is entered, q _i are different in each variant), is automatically (randomly) randomized by the host with the help of GNNSCH and is similar to the above set of encryption options (algorithms) data TD is truncated, that is, a new one (renumbered

a 3<=q₁<=5 и q₁<=q₀.and truncated) set I*(q _i ), where

a 3<=q ₁ <=5 and q ₁ <=q ₀ .

The algorithm for randomization and truncation of the a priori formed set of options for various combinations of CP subsections to be encrypted is given in clause 2b of subsection 2.2. "Preparing the system for "regular" work."

The generated randomized and truncated set of options for various combinations of CP subsections to be encrypted, as well as the "Cipher Table" and the randomized and truncated set of options for encrypting PD data, are stored in the secure memory of the processor. It is also hidden from the user and the user does not have direct access to it;

- then, from a predetermined and stored in the processor RAM set of formulas for calculating the checksum (CRC) for various amounts of transmitted information and levels of its protection from malicious information impact, three groups of formulas are automatically formed by the Master, divided by the amount of transmitted information:

- the first group of formulas for calculating CRC when the amount of transmitted information is less than V ₁ , i.e. V _i < V ₁ ;

- the second group of calculation formulas with the amount of transmitted information not less than V ₁ and not more than V ₂ , TeV ₁ <=V _i <=V ₂ ;

- the third group of formulas for calculating CRC when the amount of transmitted information is more than V ₂ , i.e. V _i >V ₂ , where V ₁ <V ₂ ).

And since the amount of information transmitted in the task (V _i ) is determined by two factors: the accepted PD structure, that is, the number of words transmitted in the PD (N) and the length of each word (L) - 8, 16 or 32 bits, then as the boundary values of the generated groups in the proposed method are taken V ₁ =8xN; V2 ₌ 16xN.

Each group includes three CRC calculation formulas corresponding to different levels of system protection against malicious information impact (Ys), where s is the level of malicious information impact (s=1, 3):

- s=1 - corresponds to the minimum level of impact, requiring a minimum level of information protection (Y ₁ =1);

- s=2 - corresponds to the average level, requiring an average level of protection (Y ₂ =2);

- s=3 - corresponds to the maximum level of protection (Y ₃ =3).

The algorithm for generating a working set of formulas for calculating CRC is given in paragraph 2c of subsection 2.2. "Preparing the system for "normal" work" in section 2. "Implementation of the invention."

A priori formed block is a set of nine formulas divided into three groups, each of which corresponds to a certain amount of transmitted information and contains three formulas that provide a reliable check of the integrity of the message received by the receiver (Slave or Master) from the transmitter (Master or Slave) at different the level of protection of information from malicious impact. The generated working block of formulas, as well as the generated randomized set of PD data encryption options, is stored in the protected memory of the processor, is also hidden from the user and the user does not have direct access to it;

- then the Master generates, with the help of his GNNSCH, his unique digital fingerprint, which is necessary for the Followers working with him in the same system to correctly address their messages to him;

- then it determines the address and address space, which contains all the information needed by the Slaves;

- then the Master transmits via a closed (secure) channel to all Slaves (Slave) participating in the system operation:

- formed "Table of ciphers";

- formed set (block) of CRC calculation formulas, for three ranges of information: [V _i <8xN], [8xN<=V _i <=16xN] and [V _i >16xN], consisting of no more than six formulas (see p. 2c subsection 2.2.- two formulas in each range - for two levels of protection Y _i and Y _max );

- a randomized set of "PD data encryption options" with the corresponding features k _j ;

- a randomized set of options for combinations of ciphered subsections of the CP with indicators of places for recording line numbers of the “Cipher Table” to determine the cipher in each option and the corresponding signs q _i ;

- your unique digital fingerprint;

- their address and the number of the address space by which the Slaves can contact the Master;

- further, at the command of the Master, each Slave (Slave) forms with the help of its GNNSCH its own unique digital fingerprint, which allows the Master to uniquely identify the source (Slave) of the message, determines its address and address space, which the Master must access;

- having received through a closed (secure) channel from all Slaves unique digital fingerprints of devices, with the address and number of the address space of each, the Master forms a correspondence table "Terminal address - address space number - fingerprint" (hereinafter the table "Terminal address - fingerprint") , including its digital fingerprint, its terminal address and its address space number, which, together with the “Cipher Table”, with the generated set of CRC calculation formulas, with a randomized set of “PD data encryption options” with signs k _j and a randomized set of options for combinations of encrypted subsections of the CP with pointers to the places where the line numbers of the “Cipher Table” are recorded and the corresponding signs are placed in a protected memory area of its processor inaccessible to the operational staff;

- after transferring the digital fingerprint to the Master, each Slave device of the system places its digital fingerprint, its terminal address and the number of its address space into the protected memory area of its processor, inaccessible to the operational staff, and the set of CRC calculation formulas transmitted by the Master "Cipher Table" to check the integrity of the received information, a set of "PD data encryption options" with the corresponding features k _j , a randomized set

options for combinations of subsections of the CP to be encrypted, with indicators of places for recording the line number of the “Cipher Table” and the corresponding signs, a digital imprint, the address and address space number of the Master and transmits to him a signal of his readiness for work;

- Master, after receiving from all Slaves a signal of readiness for operation, generates a signal of readiness for "normal operation" of the system as a whole.

After the completion of the "Initialization" stage, all terminals (Master and all Slaves) in the protected memory of their processors, inaccessible to the operational staff, contain the same "blocks":

- "Table of ciphers";

- blocks of "CRC calculation formulas";

- a randomized set of "PD data encryption options" with the corresponding features k _j ;

- a randomized set of options for combinations of ciphered subsections of the CP with indicators of the place where the line numbers of the "Cipher Table" are recorded to determine the cipher and signs (numbers) q _i , which eliminate the need for direct (direct) transmission of ciphers (the list of encrypted parameters, the ciphers themselves and the logic of their application) as part of the transmitted information and covertly encrypt and decrypt the transmitted information with a cipher unknown to the operational staff and the developer.

And since in the "Normal operation" communication of the Slaves is assumed only with the Master, and the Master communicates with all the Slaves, the protected memory of the processor of the Master additionally contains a correspondence table "Terminal address - fingerprint", including digital fingerprints, addresses and numbers of address spaces of all Slaves, its own fingerprint, your terminal address, and your address space number. The protected memory of the processor of each Slave additionally contains the Master's digital fingerprint, its address and address space number, its digital fingerprint, its terminal address and its address space number.

At the initialization stage, due to the automatic (without the participation of the operational staff) the formation by the Master (with the help of the GNNSCH, which generates random numbers that obey a uniform distribution law) of the “Cipher Table”, a randomized set of “PD data encryption options” and a randomized set of “combination options for encrypted CP subsections ”, and also due to their transmission to all Slaves over a closed secure channel, all terminals of the system form the same “encryption blocks” unknown to the developer and operational staff (“Cipher table”, a randomized set of “options for encrypting PD data”, a randomized set of “options for combinations of encrypted subsections of the CP"), designed to encrypt forwarded messages with a random, previously unknown, unpredictable, independent of history, cipher inaccessible to the operational staff and their exact decryption by the Receiver.

Due to the storage of settings (encryption blocks) in a protected area of memory of its processors inaccessible to the operational staff and due to the elimination of the need to directly transfer to the Receiver the ciphers used by the Source when encrypting information to decrypt it, at the initialization stage, the prerequisites are created for the implementation of highly reliable information transfer, which practically excludes the possibility of its deliberate substitution or acceptance of information that was accidentally distorted, due to an operator error or a malfunction of the system, as reliable information. 1.2. "Regular work".

During “Regular work”, in the conditions of information counteraction, in order to obtain reliable information from the required source, its bidirectional protection is used, that is:

- First, the Master's request to the Slave is encrypted. The received encrypted request is checked by the Slave for integrity and, in case of a positive check, decrypted. Further, the Slave performs the actions ordered by the Master and generates a response;

- then the Slave's response is encrypted and sent to the Master in encrypted form. The master checks the integrity of the received information and, in case of a positive check, decrypts the response of the slave. The Master sends the received decrypted information to the ACS for generating a control signal by the control object.

1.2.1. Initial data for work.

Regular work always begins with an assessment of the expected operating conditions of the system, with an assessment of the threats of malicious information impact and the choice of the structure and parameters of the external circuit of the encryption system to ensure that the automated control system is provided with reliable information. The desired, in this case, the logic of the system is provided by setting the following initial data, which include:

- sign (Si), which determines the level of harmful information impact on the system in the expected operating conditions of the system Y _s , which is set by the system operator. With the expected minimum level of information harmful impact, the minimum level of protection is set - Y ₁ :=1, with the expected average - medium - Y ₂ :=2 and with the expected maximum - maximum - Y ₃ :=3;

- signs that determine the mode of operation of the system, under the expected conditions of information impact:

- a sign of information encryption (Pk), denoting:

- when Рk=1 - all transmitted information is encrypted;

- when Рk=0 - all transmitted information is not encrypted;

- a sign of the encryption mode (Rk), denoting:

- with Rk=0 - simple encryption mode, that is, the encryption mode of the CP and PD with a cipher from one line of the "Cipher Table", the number of which is determined with a single call to the GNNSCH;

- when Rk=1 - complicated encryption mode, that is, the mode of encrypting each packet with its own cipher, obtained from its line "Cipher Table", the number of which is determined by a separate call to the GNNSCH - double access to the GNNSCH;

- a sign of using an additional encryption algorithm of increased complexity (q _i ), denoting the use (not use) of encryption of subsections of the CP:

- when q _i =0 - CP subsections are not encrypted, the encryption algorithm of increased complexity is not applied:

- when specifying any natural number from q ₁ =1 or 2 or 3, an encryption option (algorithm) of increased complexity corresponding to the accepted value q _i is additionally applied (subsections of the CP are encrypted);

(All variants (algorithms) of encryption of increased complexity of the set I(q _i ) differ from each other by a non-repeating list of encrypted subsections of the CP, by non-repeating pointers of the cell numbers of the Shift step subsection of the CP, in which it is written, changed in each transmission, determined using the GNNSCH, random line number _of the “Cipher Table” directly containing the encryption parameters _of the subsections to be encrypted. ).

The setting by the system operator of any natural number q _i (in our case - 1, 2 or 3) corresponds to the acceptance of a variant of the list of encrypted CP subsections and their encryption parameters unknown to the operational staff, since the initial set of ciphered CP subsection options, known to software developers, at the stage initialization was automatically covertly randomized and truncated (see section 1.1.));

- a sign of the provision (use) of the full amount of memory for recording information in the PD (ADP), denoting:

- when ADP=0 - to write each word of information is provided (used) the full amount of memory (all 32 bits);

- with ADP=1 - to write data to the PD, it is necessary and sufficient to have a smaller amount of memory (less than 32 bits);

- a sign of the level of information protection "Ys" at Pk=0 - Y ₁ :=l. Accepted initial data at the stage "Regular work" do not change.

Correction of the initial data is carried out only in case of discrepancy in terms of the level of harmful information impact on the system of the previously assumed operating conditions with the real ones. 1.2.2. Record mode.

1.2.2.1. Formation by the Host of a request for a “record”.

The “recording” mode is used by the Master, if necessary, to partially correct the settings of the external circuit, previously set by the initial data, due to changes in the operating conditions of the system or, if necessary, reconfigure the system due to the inclusion of a backup terminal in it, instead of the failed one:

- changes in the operating conditions of the system (working in new conditions of information counteraction different from those specified in the initial data) determines the expediency of:

- either switching to information encryption (Рк:=1, instead of Рк=0) with different, depending on the threat, degree of complexity of the encryption algorithm, which is determined by setting different values of the features: Ys, Rк, and q _i (Ys=: 2 or Ys=: 3, instead of Ys=1; Rk=:1 instead of Rk=0; q _i :=1, 3, instead of q _i =0);

- either increasing the level of information protection: Ys:=2 or Ys:=3, instead of Ys=1;

- or complication of the encryption algorithm when Рк=1: Rк:=1 instead of Rк=0;

- either when Рк:=1 transition from the "standard" encryption algorithm (q _i =0) to the encryption algorithm of increased complexity -

(The "standard" encryption algorithm here is the algorithm for encrypting the CRC of the CP, the PD data and the CRC of the PD with a random cipher, the choice of which is carried out using the GNNSC according to the "Table of ciphers" formed at the initialization stage. The encryption algorithm of increased complexity assumes an additional (in relation to the "standard » encryption algorithm) encryption of individual subsections of the CP unknown to the operational staff with a cipher, the random values \u200b\u200bof which are determined using the GNNSC according to the "Cipher Table" formed at the initialization stage):

- or transition to a simplified encryption algorithm due to:

- reducing the level of information protection when Ys:=2 or Ys:=1 instead of Ys=3, or when Ys:=l, instead of Ys=2;

- or switching to simple encryption when Rk:=0 instead of Rk=1;

- or transition from an encryption algorithm of increased complexity, in which 1=<q _i <=3, to a "standard" encryption algorithm, in which q _i =0;

- or transition to work without encryption of information (Рк:=0).

- reconfiguration of the system when a backup terminal is included in it (instead of a failed one), which has passed the initialization stage, but has outdated settings of the external interface circuit, involves:

- when replacing the Follower:

- the master, following the command generated by the system operator “Replace Slave”, transmits to him, via a closed (secure) channel, the actual initial data, his address, his address space number and digital imprint, and the Slave to the Master - his address, address space number and digital imprint;

having received this information, the Master replaces the row of the table “Terminal address - fingerprint”, where the information about the failed terminal was located, with a new one, including the digital fingerprint, address and address space number of the new Slave and generates a signal of system readiness for “Regular” operation;

- when replacing the Leader:

- according to the command generated by the system operator, "Replacing the Master" over a closed (secure) channel, the terminal declared as the "Master" transmits its address, address space and digital fingerprint to all the Slaves, and receives a digital fingerprint, address and address space from each Slave, which should be addressed in the course of work; Having received from all Slaves unique digital fingerprints of devices, with the address and address space of each, the Master generates a correspondence table “Terminal address - fingerprint”, including its digital fingerprint, its address and its address space number, and places it in a secure, inaccessible operational composition of the memory area of its processor; then the Master updates, in accordance with the latest version of the source data, the settings of its external encryption circuit and generates a signal of system readiness for "Regular" operation; "Regular" work in the cases described above begins with the initiation of the "record" mode by the Master. In this mode, the Master generates a message in the KP + PD format (see Fig. 3a. Applied message formats) and sends it in accordance with the system algorithm either to each Slave newly included in the system, or to all Slaves, if the Master himself has been replaced or changes have been made apply to all Slaves. In fact, new initial data are transmitted in the message (previously specified initial data are corrected), which make it possible to provide the ACS with reliable information in the current conditions. The choice of the source data correction option is carried out by the system administrator.

Information transmitted in the "record" mode is always encrypted, regardless of the conditions specified in the source data.

The structure of the CP in the "record" mode is a clock signal (3 bits), control (service) information - (2 words - 32 bits per word) and CRC (32 bits) (see Fig. 4. Structure of the CP in the "Encrypted" mode data").

The PD structure used in all operating modes of the system is a Sync signal (3 bits), transmitted data (DATA word N), where N can take values from 1 to 256 words (32 bits per word) and CRC (32 bits) ( see Fig. 5. PD structure).

Encryption parameters for the "write" mode correspond to the operating conditions of the system in the most severe conditions of information counteraction and have values meaning:

P _k =1 - all information is encrypted;

Y _s =3 - the level of protection of information from external opposition maximum; q _i =2 - encryption of increased complexity is used;

R _k =l - complication of encryption is used,

They, together with the confirmation of the “record” mode, are immediately entered into the corresponding bits of the CP subsections:

- a sign of the information transfer mode - the Master's request for a “record”, is entered in the “Control Field” subsection, in bits [20:19] (they contain “00”). The order of application of information transmission modes (the Master's request for "recording" or the Master's request for "reading") and, accordingly, the message formats are regulated by the system algorithm of the Master's work. When a "write" request is made, the message format CP+PD is used, and when a "read" request is made, the message format is CP. When the Slave responds to a "write" - CP, and when responding to a "read" - CP + PD or CP, depending on the result of the Master's request;

- then, the parameters that determine the encryption conditions are entered:

- sign of encryption "Pk" - in the subsection "Control Field", bit [22];

- a sign of the level of protection Ys - into the subsection "Table Line number", into [25:24];

- a sign of using encryption of increased complexity "q _j " - into bits [9:8] of the subsection "Shift step";

- a sign of complication of encryption "Rk" - in the subsection "Control Field", bit [21].

Next, PD is formed (see page 34, label Fpd * ⁾ ).

The remaining unfilled subsections of the CP are filled in after filling out the PD (see page 35, label Fkp * ⁾ ), since the information necessary to fill them out appears after filling out the PD.

Fpd* ^} For each parameter intended to be written to the PD, two 32-bit words are first provided, one of which is intended to record the identifier of the parameter being changed, and the second to record its value.

For example, when a backup Slave device is included in the system (instead of a failed one), which has passed the stage of setting up the internal loop of the interface at the initialization stage, it is necessary to write in its memory the address and number of the address space of the Master to which the Slave must access. In this case, the Master, when forming a request to the backup Slave, writes the identifier of the Master's address to the first word of the PD, and directly to his address in the second word. The procedure for recording in the PD the data necessary to prepare for operation the backup terminal included in the system (updating its structure and parameters) is performed automatically. The system automatically determines the terminal type (Slave or Master, its address, type and address space number) and the list of data required for its updating. The system programmer only needs to periodically confirm his access rights and monitor the progress of the procedure. In the first word of the next pair of PD words, the Master writes the identifier of the number of the Master's address space, and in the second word, directly, the number of the Master's address space, which the Slave must access during the operation of the system.

When using only a part of the provided volume for recording this or that information (less than 32 bits provided for writing a word), at the end of the record, the identifier of the end of the record of the word - "F" is put, and at the end of the last record of the PD, the identifier of the end of the record "FF" is put.

When using for recording this or that information only a part of the provided volume (the presence of the identifier "FF"), the attribute ADP:=1. After filling the PD with data, by the amount of information recorded in it (the number of occupied bits), a group of formulas for calculating the CRC of the PD is determined and then proceed to filling in the blank subsections of the CP.

Fkp * ⁾ Taking into account the results of filling out the PD, the following are entered in the subsections of the CP:

- first, the number of the group of formulas for calculating the CRC PD-in bits [17:16] of the “Shift Direction” subsection;

- then the parameters that determine the logic of the encryption system as a whole:

- a sign of using the maximum amount of memory (field size) when writing data to the PD (ADP) - in the "Control Field" subsection, bit [23] (formed based on the results of filling in the PD):

- ADP=0 - means that 32 bits provided for data recording in PD are used completely;

- ADP=1" - means that when writing data to the PD, the provided amount of memory is not completely used (less than 32 bits are occupied);

- the number of words transmitted in the generated PD (Nset _i ), which cannot be more than 256 (Nset _i =<256) - in the subsection "Data size" bits [7:0];

- then the parameters that determine the order (scheme) of accessing the GNNSC to provide the necessary degree of complexity for encrypting the CP and PD:

- in the CP and PD encryption mode for different cipher sets (Rk=1), when the list of parameters to be encrypted, the ciphers and the logic of their use for encrypting the CP and PD are determined by different lines of the "Cipher Table", the corresponding sections of the CP are filled with numbers obtained using HNNSC with consecutive double access to it: first, to determine the “line number of the “Cipher Table” for encrypting the CP”, which is entered in the “Table Line number” subsection in bits [31:26], and then to determine the “line number of the “Cipher Table” "for PD encryption", which is entered in the "Shift Direction" subsection)) bits [23:18];

- then, in the second word of the CP, the subsection “Shift step” bits [15:10] is filled in with a “code word”, which is a random number generated by the GNNSCH, entered into each CP sent by the Master, which makes it possible to eliminate errors with the identification of the Slave’s response to a given Master’s request and significantly hinder the possibility of replacing a standard device with a malicious one, which means significantly increasing the level of system security, since the system algorithm provides for the mandatory repetition of the code word in the CP of the Slave's response message;

- in the CP subsection "Terminal Stamp" bits [7:0], the digital fingerprint of the Master - the terminal sending the "request" is recorded;

- after filling in the CP, the number of the group of formulas for calculating the CRC of the CP is determined, depending on the amount of information transmitted to the CP, that is, on the structure of the CP, which in a system with encryption differs from the format of the CP in a system without encryption (see Fig. 6. Structure of the CP in mode "Without data encryption"), that is, it depends on the sign of encryption "Рк" in the CP;

- then the number of the formula for calculating the CRC of the CP in this group is determined, depending on the value of the attribute - "Ys" specified in the bits [25:24] of the subsection "TableLine number" of the CP;

- further, according to the formula for calculating the CRC of the CP, which is determined by the above-defined number of the group of formulas for calculating the CRC and the number of the formula within the group, the CRC of the CP is directly calculated;

- then, according to the line number (j), recorded in the subsection of the CP "TableLine number" in bits [31:26], of its "Cipher Table" in the CRC section (z=0), the Host determines the cipher (n _j and lc _j ), using which encrypts the CRC and encrypts it into the CRC32 subsection of the CP;

- further by the line number (j) of its "Cipher Table", recorded in the subsection of the CP "Shift Direction") bits [23:18], in the "Data" section (z = 2) The host (source of information) determines the cipher (p _j , dr _j and k _j ), using which encrypts the data and writes them in encrypted form instead of previously recorded unencrypted data in the PD;

- then according to the number of the group of formulas for calculating the CRC PD, specified in the subsection "Shift Direction") bits [17:16] of the CP, and the level of information protection from malicious information impact - Ys, specified in the subsection "Table Line number" bits [25: 24] KP, the formula for calculating the CRC PD is determined;

- further, according to the formula for calculating the PD CRC, the PD CRC of the encrypted PD data is directly calculated;

- then, according to the line number (j), recorded in the subsection of the CP "Shift Direction)) in bits [23:18], the Leader determines the cipher (m _j and rd _j ) using his "Cipher Table" in the CRC section (z=l) , using which encrypts the CRC, and encrypts it into the CRC32 subsection of the PD.

- then, since the "record" mode provides for the use of an encryption algorithm of increased complexity:

- according to the number q _i recorded in bits [9:8] of the “Shift step” subsection, from the randomized set of options for combinations of subsections of the CP subsections (see clause 1.1.), an option is selected (in this case q _i =2), in which defined:

- a list of encrypted subsections of the CP;

- number of bits of the "Shift step" subsection, where the line number of the "Cipher Table" is indicated, in which the cipher used to encrypt the subsections is recorded in the CRC section (z=0);

- further, according to the number of the specified line, the ciphers themselves are determined by the "Table of ciphers";

- with the help of these ciphers, the fixed subsections are encrypted and entered in encrypted form into the corresponding subsections of the CP; the generated CP is ready for shipment;

- then a message is generated in the KP + PD format, which, in accordance with the logic of the system algorithm, when redundant Slaves are introduced into the system structure, is sent to the Master only to them, and when a backup Master is introduced into the system structure or changes relating to all Slaves - to all Slaves, sequentially indicating in the CP:

- address of the Slave addressed by the Master ("Terminal address" bits [31:24]);

- Slave address space type - a place for "recording" the transmitted data (the sequence of the Master's access to the Slaves that are part of the system is determined by the system algorithm, which knows the numbers of address spaces and configuration spaces of each Slave):

- if this is a data address space, bits [18:16] of the "Control Field" subsection are filled with [0:0:0];

- if the configuration address space, bits [18:16] of the “Control Field” subsection are filled with [1:1:1];

- the number of the address space of the Slave, which is currently accessed by the Master (subsection "Page Address") bits [15:8]);

The format of the generated message sent to the Slave in the "write request" mode contains two PC+PD packets.

PD prepared for transfer, since in the “record” mode the “With data encryption” mode is always applied, is:

a) The set of data encrypted with a cipher (p _j , dr _j and k _j ) taken from the line “Cipher Table”, the number of which is indicated in bits [23:18] of the subsection “Shift Direction)) of the CP, in the section “Data (z =2)";

b) PD CRC calculated from encrypted data according to the formula, which is determined by the group number recorded in bits [17:16] of the subsection "Shift Direction)) of the CP, and the number of the formula in the group,

corresponding to the maximum level of information protection from malicious information impact - Ys=3, written in bits [25:24] of the subsection “Table Line number” of the CP, and then encrypted with a cipher (rd _j , m _j ) recorded in the same line of the “Cipher table ”, which is the cipher for encrypting PD data (its number is indicated in bits [23:18] of the “Shift Direction” subsection)) of the CP), but in the “CRC (z=1)” section of the “Cipher Table”.

The structure of the CP and its content in the "record" mode always correspond to the "With data encryption" mode:

a) The CP structure is a clock signal (Zbita), control (service) information - (2 words - 32 bits per word) and CRC (32 bits);

b) The information entered in the CP is always encrypted (Рk=1). To encrypt the CP, sophisticated encryption (Rk=1) of increased complexity (q _i =2) is used, as when the system is operating under conditions of severe information counteraction (Ys=3);

c) The sequence of functions performed during encryption is as follows:

- first, all subsections of the CP are filled with unencrypted information;

- according to the formula determined by the encryption attribute "Рk=1", entered in bit [22] of the "Control Field" subsection of the CP, and the level of information protection from malicious information impact "Ys=3", entered in bits [25:24] of the subsection "Table Line number" of the CP, the CRC of the CP is calculated from the unencrypted information;

- the calculated CRC is encrypted with the cipher (lc _j , n _j ) specified in the “Cipher Table” in the “CRC (z=0)” section in the line number of which is indicated in bits [31:26] of the “Table Line number” subsection, and in encrypted form is recorded in the CRC32 subsection of the CP;

- according to the number q _i entered in bits [9:8] of the subsection “Shift step” of the CP (in this case q _i =2), the logic of the subsequent actions is determined:

- from the randomized set of variants of combinations of CP subsections to be encrypted, formed at the initialization stage, the option q _i =2 is selected, in which the list of additionally encrypted subsections and the number of bits of the “Shift step” subsection are determined, in which the line number is indicated, by which in the section CRC (z=0) "Table of ciphers" defines the ciphers used in the encryption of the information of the selected subsections of the CP;

- information encrypted with this cipher is entered (replaces unencrypted) in the relevant subsections of the CP.

1.2.2.2. Checking the integrity of the sent message by the Slave.

The integrity check procedure is universal, since always before starting the work provided for by the working algorithm, the message received by the receiver is checked for integrity.

The slave in the "write" mode receives the message intended for it (KP + PD), selecting it from the message stream at the address recorded in the CP Subsection "Terminal address" bits [31:24], and first checks it for integrity.

Since in this mode the Master always encrypts transmitted information (Рк=1) and uses a 99-byte CP structure (see Fig. 4. CP structure in the “With data encryption” mode and Table 2. Structure of the CP subsections in the “C” modes data encryption” and “Without data encryption”), and the parameters q _i , Rк, Ys, which determine the encryption algorithm used by him, are fixed (see clause 1.2.2.1.), to check the integrity of the message sent, the Followers perform the following actions:

(см. п. 1.1.) выбирается заданный вариант q_i, с указанными в нем перечнем зашифрованных подразделов КП и номерами бит подраздела «Shift step», в которых записан номер строки «Таблицы шифров», используемый Ведущим при выборе шифра;- first, in accordance with the number q _i =2 entered in bits [9:8] of the “Shift step” subsection of the incoming CP, from the randomized working set of options I ₀ (q _i ) of the Follower, where

(see clause 1.1.) the given variant q _i is selected, with the list of encrypted CP subsections indicated in it and the bit numbers of the “Shift step” subsection, which contain the number of the “Cipher Table” line used by the Master when choosing a cipher;

- then, according to the line number recorded in the specified bits of the “Shift step” subsection, the Slave determines the ciphers used by the Master when encrypting the subsections of the CP using his “Cipher Table” in the CP section (i=0);

- then, using the received ciphers, the Follower decrypts the list of subsections of the CP specified in option q _i and proceeds to determine the formula for calculating the CRC of the CP:

- according to the amount of information transmitted to the CP (sign Pk, recorded in bit [22] of the “Control Field” subsection), the number of the group of formulas for calculating the CRC of the CP is determined;

- then, according to the level of information protection Ys from malicious information impact, recorded in bits [25:24] of the subsection “Table Line number”, the number of the formula in the group is determined;

- further, according to the group number and the number of the formula within the group in the block of formulas formed at the initialization stage, the formula for calculating the CRC of the CP, which was used by the Host, is determined;

- then, according to this formula, the CRC of the CP is calculated;

- then the calculated CRC is encrypted, for which the Slave determines the cipher ( n _j and lc _j ), with which the Master encrypted its CRC, and with which the Slave encrypts the calculated CRC, and compares it by bits with the one recorded in the CRC32 subsection (bits [31:0]) of the incoming CP.

The result of the operation of comparing the calculated CRC value of the CP with the CRC value recorded in the CRC32 subsection of the incoming CP can be two outcomes, depending on which the algorithm of subsequent actions changes:

- mismatch of the compared values means that the received data differs from the transmitted ones, that is, the integrity of the transmitted message is violated (see further p. 42, label NSkpz* ⁾ );

- the coincidence of the compared values means confirmation of the integrity of the received message (see further p. 43, label Skpz * ⁾ ); NSkpz* ⁾ : if the checksums of the CP do not match, the integrity of the PD is not analyzed, the Slave in the format "one packet - CP" (see Fig. 3a. Applied message formats) generates a response message to the Master (see clause 1.2.2.4. ), informing him in the “Control Field” subsection in bits [20:19] about the type of response (“response to write” - [1:0]), and in bits [18:16] - about the impossibility of fulfilling the request sent by the Master and reasons for its non-execution, for example: “package error” -[0:1:0], or “impossible

read data" - [0:1:1], or "invalid address of the address space" - [1:0:0], or "rewrite request - [1:1:1].

Skpz* ⁾ : - in case of full match of the CRC checksums of the CP, Followed by the number of the PD CRC calculation group specified in the subsection of the CP "Shift Direction" in bits [17:16], and the level of information protection specified in the subsection of the CP "Table Line number" in bits [25:24], defines the formula for calculating the CRC PD;

- further, according to this formula, the CRC of the sent PD is calculated;

- then the calculated CRC is encrypted; the calculated CRC is encrypted in the following sequence:

- first, the line number of the “Cipher Table” (j) is determined, recorded in bits [23:18] of the subsection “Shift Direction” of the CP;

- then, according to its "Cipher Table", identical to the "Cipher Table" of the Master, in the CRC section (z=1) by line number (j), the Slave determines the cipher (m _j and rd _j ), with which the Master encrypted the PD CRC calculated by him;

- then Cipher-Driven (m _j and rd _j ), encrypts the calculated CRC;

- and then the encrypted CRC bit by bit is compared with the PD recorded in the CRC32 subsection (bits [31:0]) of the incoming PD; The result of the operation of comparing the calculated encrypted CRC value with the CRC value recorded in the CRC32 subsection of the incoming PD can be two outcomes, depending on which the algorithm of subsequent actions changes:

- mismatch of the compared values, which means that the received data differs from the transmitted ones, that is, the integrity of the transmitted message is violated (see further p. 44, label NSpd* ⁾ );

- full match of the compared values, which means the integrity of the received message (see further p. 44, label Spd* ⁾ .

NSpd* ⁾ : in case of mismatch between the compared CRC checksums, the Slave in the format “one packet - KP” (see Fig. 3a. Applied message formats) generates a response message to the Master (see clause 1.2.2.4.), informing him in the “Control Field” subsection in bits [20:16] that the sent message did not pass the integrity check, indicating in bits [20:19] of the “Control Field” subsection the type of response (“write response” - [1: 0]), and in bits [18:16] - the reasons for the failure of the check (see section 2.1. "Interface structure") section 1.2.2.6. Completion of the “write” procedure by the Master, for example: “package error” - [0:1:0]; or "unable to read data" - [011]; or "invalid address of the address space" - [100]; or "wrong data size to write" - [010]; Spd* ⁾ : - if the PD checksums match, the integrity of the incoming message is confirmed and the Slave proceeds to decrypt the received PD (See clause 1.2.2.3.)

1.2.2.3. Decryption by the Slave of the sent encrypted message.

Decryption of the sent message is carried out after confirmation of its integrity (See clause 1.2.2.2.) in the following order:

- first, the Slave according to his "Cipher Table", identical to the "Cipher Table" of the Leader, in the "Data" section (z=2) according to the line number (j) indicated in the "Shift Direction" subsection bits [23:18] of the incoming CP, determines the variant of data encryption logic (k _j ) and ciphers (p _j and dr _j ) (see Table 1) used by the Master when encrypting PD data;

- then, in accordance with the logic k _j data PD using ciphers p _j and dr _j decrypted.

- and then the decrypted actual data in accordance with their identifiers specified in the PD are entered into the RAM of the Slave (replace the previously received ones) for further use in work.

After the regular completion of the procedure for entering actual data into the protected RAM memory, the Slave in the format "one packet - CP" (see Fig. 3a. Applied message formats) forms a response message to the Master (see clause 1.2.2.4.).

1.2.2.4. Formation by the Slave of a response message to the Master.

The format of the regular response message of the Slave to the Master's request "for recording" is KP.

The structure of the CP in the "write" mode always corresponds to the "With data encryption" mode (see Fig. 4. The structure of the CP in the "With data encryption" mode).

In other modes ("Read" and "Unable to issue the requested data") the structure of the CP depends on whether the transmitted information is encrypted or not. In the case of encryption of the transmitted information (Pk=1), a 99-bit structure is used (see Fig. 4), in the case of the exchange of unencrypted information (Pk=0) - 67-bit (see Fig. 6.).

The procedure for filling in the response message by the Slave to the Master in the "Record" mode is as follows:

First, the first word of service information is filled in:

- in the subsection “Terminal address” bits [31:24] of the CP, the address of the Master is written;

- in the subsection "Control Field" are written:

- in bit [23] - sign ADP=0, which means that in the generated CP all bits provided for recording information are used in full;

- bits [22:21] are overwritten with signs Pk and Rk, respectively, recorded in bits [22:21] of the “Control Field” subsection of the incoming CP;

- in the “Control Field” subsection, bits [20:16] are written:

-in bits [20:19] - information transmission mode "response to record" (code (1:0);

-in bits [18:16] - explanations for the "reply to the record":

- either "there are no errors and there is no need for service" - [0:0:0];

- either "there are no errors, but due to the expiration of the period of operation of the Slave without service, it is necessary to perform it" - [0:0:1];

-in the subsection «Page address» bits [15:8] the number of the address space of the Master is written;

- in the “Data Size” subsection, bits [7:0] are filled with the number of parameters written by the Slave in the RAM.

Then proceed to filling in the second word of service information:

- in the subsections of the CP "Table Line number" bits [31:26] and "Shift Direction" bits [23:18], since the format of the transmitted message is one packet - CP, the same number is written, which is obtained with one call to the GNNSCH and identified as the line number (j) of the "Cipher Table" for encrypting the CRC of the CP;

- bits [25:24] of the subsection "Table Line number" are rewritten from the subsection "Table Line number" of bits [25:24] of the incoming CP with the specified level of information protection "Ys";

-bits [17:16] of the “Shift Direction” subsection)) are written with “00” and are not read by the receiver;

-then in the “Shift step” subsection, bits [15:10] are overwritten by the “code word” sent by the Master in the “Shift step” subsection, bits [15:10] of the “write request” CP, which makes it possible to significantly simplify the procedure for the Master to recognize the Slave’s response to a given request and significantly complicate the possibility of replacing a standard device with a malicious one;

- bits [9:8] of the “Shift step” subsection are rewritten with the value q _i , which was sent by the Master in bits [9:8] of the “Shift step” subsection of the CP at the “write request”;

- in the CP subsection "Terminal Stamp" bits [7:0], The digital fingerprint of the Slave - the terminal that sends the message is recorded.

Then the formula for calculating the checksum of the CP is determined:

- first, the number of the group of formulas for calculating the CRC of the CP is determined, depending on the amount of information transmitted to the CP, that is, on the encryption sign "Рк" recorded in bit [22] of the subsection "Control Field)) of the CP;

- further - the number of the formula for calculating the CRC of the CP in this group, depending on the sign - "Ys", recorded in bits [25:24] of the subsection "TableLine number)) of the sent CP;

- further, by the number of the group of CRC calculation formulas and the number of the formula of the formula within the group, the formula for calculating the CRC of the CP is determined. Further, according to the formula, the CRC of the CP is directly calculated. Further, according to the line number (j), recorded in the CP subsection “Table Line number” in bits [31:26] in its “Cipher Table”, in the CRC (z=0) section, the Slave determines the cipher (n _j and lc _j ), using which encrypts the CRC and encrypts it into the CRC32 subsection of the CP.

Then, from the randomized set of options for combinations of subsections of the CP to be encrypted I ₀ (q _i ), the option numbered q _i =2 is selected, which defines a list of additionally encrypted subsections and the bit numbers of the “Shift step” subsection, in which the line number is indicated, according to which in the section CRC (z=0) "Table of ciphers" ciphers (n _j and lc _j ) are defined to encrypt the corresponding subsections of the CP.

Further, the information encrypted with this cipher is entered (replaces the unencrypted one) in the corresponding subsections of the CP. This operation completes the process of forming a CP for sending to the Host.

Then the CP formed by the Follower is sent to the Master (See clause 1.2.2.5.).

1.2.2.5. Verification by the Master of the integrity of the response message of the Slave.

The master receives the message intended for him (MC), selecting it from the message flow at the address recorded in the MC subsection "Terminal address" bits [31:24], and first checks it for integrity.

Since in the “Record” mode the sign Pk = 1, that is, the Slave always transmits encrypted information to the Master using a 99-bit CP structure (see Fig. 4. CP structure in the “With data encryption” mode and Table 2. Structure subsections of the CP ... ("With data encryption" mode)), and always uses an encryption algorithm of increased complexity (q _i is not equal to zero), the logic of checking the incoming message for integrity is as follows:

- at the beginning, in accordance with the number q _i entered in bits [9:8] of the “Shift step” subsection of the incoming CP, Leading from his randomized set of options I ₀ (q _i ), where q _i =1.3 (see Fig. 1.1.) selects the option q _i =2 with the list of encrypted subsections of the CP indicated in it and the cell numbers of the subsection “Shift step”, in which the line number of the “Cipher Table” is recorded, used by the Follower when choosing the cipher;

- further, according to the specified line number, the Leader determines the ciphers (n _j and lc _j ) using his “Cipher Table” in the CP section (i=0) that the Follower used when encrypting information in the subsections of the CP specified in the option q _i =2;

- then, using the received ciphers, the Host decrypts the information, writes it to the appropriate subsections of the CP instead of the encrypted one;

- then the formula for calculating the CRC of the CP is determined:

- first, according to the amount of information transmitted to the CP (sign Pk, recorded in bit [22] of the “Control Field” subsection), the number of the group of formulas for calculating the CRC of the CP is determined;

- then, according to the level of information protection Ys from malicious information impact, recorded in bits [25:24] of the subsection “Table Line number”, the number of the formula in the group is determined;

- further, according to the group number and the formula number within the group in the block of formulas formed at the initialization stage, the Master determines the formula for calculating the CRC of the CP, which was used by the Follower.

- then, using this formula, the CRC of the CP is directly calculated;

- then the CRC is encrypted:

- first, according to the line number (j), recorded in the CP subsection “Table Line number” in bits [31:26], according to its “Cipher table” in the CRC section (z=0) The host determines the cipher (n _j and lc _j ) , with which the Slave encrypted its calculated CRC;

- then, using this cipher, the Master encrypts the calculated CRC;

- then the encrypted CRC bit by bit is compared with the one recorded in the CRC32 subsection (bits [31:0]) of the incoming CP; The result of the operation of comparing the calculated encrypted CRC value with the CRC value recorded in the CRC32 subsection of the incoming CP can be two outcomes:

- mismatch of the compared values, which means that the received data differs from the transmitted ones, that is, the integrity of the transmitted message is violated;

- the match of the compared CRC values, which means that the integrity of the received message is confirmed.

Depending on the result of the comparison, the Host makes various decisions:

- in case of violation of the integrity of the adopted CP, the Leader in the logic of the system algorithm analyzes the reasons for the violation of integrity, evaluates possible options for correcting the situation and makes a decision on subsequent actions, which include:

- the transmitting device is faulty - it is necessary to technically replace the Slave device with a backup device;

- reception / transmission problem - it is necessary to repeat the "write request" to this Slave with parameters that provide a higher level of system protection from malicious information impact. The decision on the need to repeat the “write request” is made by the Master in the absence of insurmountable reasons for its fulfillment and the sufficiency of the remaining time reserve (treserve _i ), which must be greater than the maximum necessary operating time of the i-th Slave in the normal implementation of the “recording” procedure (trecord _i ):

treserve _i =(tres _i - tzatp _i ), where: tres _i - the time allotted by the Master to work with the i-th Slave in the "record" mode, which provides for the possibility of repeating the procedure in the current communication session after the Slave checks the integrity of the incoming PD, equal to:

tres _i - (t*zap _i +trecord _i ), where

t*zatp _i - the maximum time of work of the i-th Slave from the moment he receives the Master's request until the moment the PD integrity check is completed;

trecord _i - the maximum time of operation of the i-th Slave from the moment he receives the request of the Master until the moment of the regular completion of the "record" procedure (until the moment the CP is sent to the Master about the regular completion of the "record"procedure); tzatp _i - real time spent by the i-th Slave from the moment of receiving the Master's request for recording” until the moment of evaluating the integrity of the incoming message (tzatp _i <=t*zatr _i ). But since, after checking the integrity of the CP, the remaining time margin is always more than the time required to re-conduct the “record” procedure (tzap _i > trecord _i ), then the possibility of re-request in this case always remains, and the expediency of a re-request remains if it is possible to eliminate the causes failure of the first request, such as "correcting the address of the address space", "specifying the size of the data to be written", or fixing another identified error. The final decision to repeat the “request” to this Slave in a given cycle of working with it or to switch to working with another Slave is made in accordance with a priori developed system algorithm, one of the tasks of which is to ensure the specified requirements for the exchange cycle with the Slaves in the “write” mode. » with the available technical capabilities of the system - if the compared CP CRC values match completely, which means that the integrity of the received message from this Slave is confirmed, the Master, in accordance with the system algorithm, makes a decision to form a new “write request” to the next Slave, or, upon completion write request mode for all Slaves and the transition to the read mode. 1.2.2.6. Completion of the "record" procedure by the Leader.

At the normal completion of the “write” procedure, in the messages received from each Slave in the “Control Field” subsection of the CP, the bits [20:19] contain the digits [1:0], indicating that the operation performed by the Slave is “response to writing”, and writing in bits [18:16] of this subsection - zeros ([0:0:0]), fixes "the absence of errors during the execution of the request". The Master perceives such messages as a signal that each Slave is ready for further work. Having received a signal of readiness for operation from all the Slaves of the system, the Master can directly start regular work - “reading mode”: receive information from the Slaves and transfer it to the ACS to control the object. 1.2.3. Reading mode.

1.2.3.1. Formation of a request from the Master to the Slave "for reading".

In the "request for reading" mode, the Master sequentially interrogates each Slave of the system and receives the necessary information from them (the Master's request to a specific Slave in the form of a CP, the response of a specific Slave to the Master in the form of a CP + PD - a small cycle in the "request for reading" mode; number small cycles is equal to the number of Slaves in the system). Having received information from all Slaves, the Master combines the received data into an information array, binds it to time and transfers it to the ACS to generate an object control signal (large cycle in the "request for reading" mode).

The “read request” mode differs from the “write request” mode in that a message in the “KP” format is sent from the Master to the Slave, and the response message of the Slave comes in the “KP + PD” format. The procedures for forming packets remain the same, and the same sequence of operations as described above is used to encrypt packets.

The procedure for generating and encrypting the CP of the Master in the “reading” mode corresponds to the one given above (see clause 1.2.2.1.), but in the logic of the adopted system algorithm, which determines the sequence of calls and the alternation of “requests” to the Slaves. The procedure provides for the interruption of calls for maintenance and the repetition of "requests" to clarify previously received information. Parameters and features that determine the operating conditions of the system (the level of malicious information countermeasures, features of the use of encryption and the applied encryption algorithm for transmitted information) are set in the initial data immediately before the start of regular operation (see clause 1.2.1.). Filling in the subsections of the Master’s CP at the “request for reading”, regardless of whether the information encryption mode is used or not, always begins with filling in the first word of service information:

First, the CP subsections are filled with parameters and features that determine the mode of operation of the system:

- the number of words that the Slave should send to the Master in the response message in the generated PD - Nset _i (Nset _i =<256), is recorded in the “Data size” subsection of bits [7:0];

- information transfer mode - Master's request for “reading” (in the “Control Field” subsection, “01” is written in bits [20:19], (see Table 2.);

- the address space from where to read the information is written to the “Control Field” subsection in bits [18:16]), moreover, when reading from the data address space, “000” is written to the bits, and when reading from the configuration address space - “111”, (see .Table 2.);

- the encryption mode "Rk" is written to the "Control Field" subsection in bit [21] in accordance with the initial data (it is written "0" when encrypting the CP and PD using a single cipher and "1" when encrypting the CP and PD using different ciphers);

- sign of encryption "Рк" - in the subsection "Control Field" bit [22] in accordance with the initial data - when working with encryption Рк:=1, without encryption Рк:=0;

- sign "ADP" (a sign of providing the Slave with the maximum amount of memory (32 bits) for writing read data to the PD) - in the subsection ((Control Field" bit [23] is written "O"). Then - variable data determined by the logic of the system algorithm :

- the address of the remote terminal, which, in accordance with the system algorithm, is currently accessed by the Master is recorded in the subsection ((Terminal address" bits [31:24]);

- the number of the address space of the remote terminal, which, in accordance with the system algorithm, is currently accessed by the Master - in the subsection ((Page address" bits [15:8].

The further sequence of actions depends on the sign of information encryption Рk:

a) When Рк=0 (information is not encrypted), the Master in the “request for reading” mode uses a 67-bit CP structure (see Fig. 6.), containing only one word of service information, after filling which they proceed to determine the calculation formula RC CRC (see p. 56, label OprF _CRC ^cpch) ). At the same time, the sign Ys, which characterizes the level of malicious information impact on the system and is necessary in the future to determine the formula for calculating the CRC CP, is not contained in the structure of the first service word, in this case it is taken equal to the minimum value (Ys=1).

b) If Pk=1 (information is encrypted), proceed to filling in the second word of service information:

- first, the second word of the CP is filled with constant parameters and features from the composition of the initial data, which determine the mode of operation of the system:

(подраздел «Table Line number» биты [25:24]);- the level of protection of information from malicious information impact - Ys, where

(subsection "Table Line number"bits[25:24]);

- then - the parameters obtained using the GNNSCH, identified as the line numbers of the "Table of ciphers" for encrypting the CP:

- in the mode of operation of the Master “request for reading”, when only the CP is sent and encrypted, to the subsection “Table Line number” bits [31:26], identified as the “line number of the “Cipher Table” for encrypting the CP”, and to the subsection ( (Shift Direction)) bits [23:18], identified as “line number of the “Cipher Table” for encryption of PD”, the same number is recorded, obtained with one call to the GNNSCH;

- in the mode of the Master “request for reading”, when only the CP is sent and encrypted, subsection “Shift Direction)) bits [17:16], in which the number of the group of formulas for calculating the CRC PD should be written, are filled with “00” and

Followers are not read;

-then, the “Shift step” subsection is filled in the CP with bits [15:10] with a “code word”, which is a random number generated by the GNNSCH, entered into each CP sent by the Master, to make it difficult to replace the regular Slave with a malicious one and increase the security level system, since the system algorithm provides for the mandatory repetition by the Follower of the code word in the CP of the response message;

- then two bits [9:8] of the "Shift step" subsection are filled with a feature q _i , the value of which is taken from the source data:

- when the value q _i is equal to any natural number from the set of numbers 1, 2 or 3, an encryption algorithm of increased complexity is used, in which the sign is identified as the number of the variant of the randomized set of combinations of encrypted subsections of the CP, indicating the location of the entry of the line number of the "Cipher Table", in which ciphers for encrypting subsections are written (see clause 1.2.1. "Initial data for work");

- assigning zero to the attribute q _i (bits [9:8] of the “Shift step” subsection are entered [0:0]) means that the encryption algorithm of increased complexity is not used, due to the low probability of malicious information impact on the system;

- then, bits [7:0] are written to the “Terminal Stamp” subsection of the CP, the digital fingerprint of the terminal that sends the “request”, in this case, the digital fingerprint of the Master.

Next, you need to fill in the subsection CRC 32 of the CP, but for this, the formula for calculating the CRC of the CP is first determined (see page 56, label OprF _CRC ^kpzch) ). _{OprF CRC} ^CRC) : To determine the formula for calculating the CRC of the CRC, it is necessary to determine the group number for calculating the CRC and the number of the formula in the group:

- first, the number of the group of formulas for calculating the CRC of the CP is determined, depending on the amount of information transmitted to the CP, and since, in the "with encryption" mode of information, when Рk=1, the amount of information transmitted to the CP is 99 bits, and in the "without encryption" mode » information, when Рk=0, -67 bits, actually depending on the sign of encryption Рk entered in bit [22] of the subsection «Control Field» of the CP;

- then the number of the formula for calculating the CRC of the CP in this group is determined, depending on the sign "Ys", entered at Pk=1 in bits [25:24] of the subsection "Table Line number" of the CP, and at Pk=0 taken equal to one (Ys= l);

- further, according to the formula for calculating the CRC of the CP, which is determined by the above-defined number of the group of formulas for calculating the CRC and the number of the formula within the group, the CRC of the CP is directly calculated, which:

- in the case of system operation “without encryption”, the transmitted information is entered in the CRC32 subsection of the CP and the generated CP is sent to the Follower (see section 1.2.3.2. below).

- in the case of operation of the system “with encryption” of information, the calculated CRC of the CP is first encrypted, and then in encrypted form is entered into the CRC32 subsection of the CP; encryption of the calculated CRC CP is performed in the following sequence:

- according to the line number (j) recorded in the CP subsection “Table Line number” in bits [31:26], in the CRC (z=0) section of the “Cipher Table”, the Master determines the cipher (n _j and lc _j );

- using this cipher, the Master encrypts the CRC and enters it in encrypted form in the CRC32 subsection of the CP;

- then the feature q _i is analyzed and:

- if any of three possible natural numbers (1, 2 or 3) is assigned to the attribute q _i , entered in bits [9:8] of the “Shift step” subsection, an encryption algorithm of increased complexity is applied, in which subsections corresponding to option q _i are additionally encrypted KP (the list of encrypted subsections of the KP and the place of recording the line number of the “Cipher Table”, in which the ciphers are recorded, for encrypting the subsections are indicated in the accepted version q _i ); after encrypting these subsections and entering them instead of unencrypted ones, the CP is fully formed and sent to the Follower in the generated form (further, see clause 1.2.3.2.);

- if the attribute q _i , entered in bits [9:8] of the "Shift step" subsection, is assigned "0" ([0:0]) - the encryption algorithm of increased complexity is not applied - the CP subsections are not encrypted; The CP in the generated form is sent to the Slave (further see clause 1.2.3.2.).

1.2.3.2. Checking the integrity of the sent message by the Slave.

The procedure for checking the integrity of the message sent by the Master in the "request for reading" mode by the Slave is similar to that in the "request for writing" mode (see clause 1.2.2.2.) and differs from it only in that the message sent contains one package - CP (see Fig. 3b Message format in the "Reading" mode.

In this case, the integrity check procedure is the following sequence of actions:

- first, the Slave selects the message sent to him by the Master at the address recorded in the subsection of the CP "Terminal address" bits [31:24];

- then, according to the sign of encryption Pk, recorded in the “Control Field” subsection of bit [22] of the CP, it determines the logic of subsequent actions, which upon receipt of encrypted information ( _Pk =1 ⁾ is given on p. unencrypted information (Pk=0) - on page 61, label L _ptsn * ⁾ ,): L _pts * ⁾ : If Pk=1- the Master transmitted encrypted information to the Slave and used a 99-bit CP structure for transmission (see Fig. Table 2. Structure of the CP subsections in the "With data encryption" and "Without data encryption" modes). But the sign Рk allows to determine only the fact of encryption and does not allow to determine the encryption algorithm used by the Master. To determine the encryption algorithm used by the Master, it is necessary to additionally analyze the attribute q _i :

- when the value of q _i is equal to zero (q _i =0), written in bits [9:8] of the “Shift step” subsection as [0:0], additional encryption of the CP subsections was not performed; The Master used standard encryption (encryption of the CRC of the CP) and the Slave immediately proceeds to the definition of the formula for calculating the CRC of the CP (see page 60 label OprF _CRC ^{of the CKP)} );

- for any of the three values q _i not equal to zero (q _i =1, q _i =2 or q _i =3), written in binary form in bits [9:8] of the “Shift step” subsection of the CP, which means that the Master applied an additional encryption algorithm (encryption of CP subsections), before directly determining the integrity of the incoming message, it is necessary to decrypt the CP subsections encrypted in accordance with option q _i .

For this:

a) In accordance with the number q _i entered in bits [9:8] of the “Shift step” subsection of the incoming CP and the randomized working set of options I ₀ (q _i )

(см. п. 1.1.) выбирается вариант q_i, с указанными в нем перечнем зашифрованных подразделов КП и номерами ячеек подраздела «Shift step», в которых записан номер строки «Таблицы шифров», использованной Ведущим при выборе шифра;Slave where

(see clause 1.1.) option q _i is selected, with the list of encrypted subsections of the CP indicated in it and the cell numbers of the “Shift step” subsection, in which the line number of the “Cipher Table” used by the Master when choosing the cipher is recorded;

b) According to the specified line number (j), the Follower determines the ciphers (n _j and lc _j ) used by the Lead when encrypting the subsections of the CP, using his “Table of ciphers” in the CP section (i=0);

c) Using the received ciphers, the Follower decrypts the list of CP subsections specified in option q _i , replaces the encrypted information of the corresponding subsections with the decrypted one, and proceeds to determining the formula for calculating the CP CRC (see p. 60, label OprF _CRC ^ckp) ). _{OprF CRC} ^CKP) : - first, according to the amount of information transmitted to the CP (sign Pk, recorded in bit [22] of the “Control Field” subsection), the number of the group of formulas for calculating the CRC of the CP is determined;

- then, according to the level of information protection Ys from malicious information impact, recorded in bits [25:24] of the subsection "Table Line number" - the number of the formula in the group;

- then, according to the group number and the formula number inside the group, in the block of formulas formed at the initialization stage, the formula for calculating the CRC of the CP used by the Host is determined (if, previously, at the initialization stage, after splitting the formulas into groups, the formula for calculating the CRC within the group was selected for the specified in initial data "Ys", then the procedure for determining the formula is reduced to determining only the group number, since the selected group contains only one formula corresponding to the given "Ys");

- then, according to this formula, the CRC of the CP is calculated;

- further, the calculated CRC is encrypted, for this:

- first, the Follower determines the cipher (n _j and lc _j ) by the line number (j) recorded in Bits [31:26] of the CP subsection “Table Line number”, by its “Cipher table” in the CRC section (z=0), with which the Host encrypted the calculated CRC before sending the message;

- then, using this cipher, the Slave encrypts the calculated CRC;

- then the encrypted CRC is compared by bits with the one recorded in the CRC32 subsection (bits [31:0]) of the incoming CP;

- Further, depending on the result of the comparison of checksums, two outcomes can take place:

- mismatch of the compared values, which means that the received data differs from the transmitted ones, that is, the integrity of the transmitted message is violated;

- full match of the compared values, which means confirmation of the integrity of the received message;

- and each outcome determines its own algorithm for the formation of a response message by the Slave to the Master:

- in case of CP checksum mismatch, the Slave informs the Master in the “one packet - CP” format about the abnormal completion of the “read” procedure (see clause 1.2.3.3., p. 62, label Ncpch* ^} );

- in case of full match of the checksums of the CP CRC, the integrity of the incoming message is confirmed and the Slave proceeds to the regular execution of the specified “read” program (see clause 1.2.3.3., p. 67, label Skpch* ⁾ ). L _ptsn * ⁾ : If Рк=0 - the Master transmitted unencrypted information to the Slave and used the 67-bit CP structure for its transmission (see Fig. 6. CP structure in the “No data encryption” mode and Table 2. Subsection structure KP in the modes "With data encryption" and "Without data encryption"). To confirm the integrity of unencrypted information, it is necessary and sufficient to have a bitwise match of the checksum calculated from the data of the incoming CP (CRC CP) with the CP entered in CRC32. The formula for calculating the checksum in the group Рк=0 is determined by the attribute "Ys" specified in the initial data. The result of the operation of bitwise comparison of the calculated CRC value with the CRC value recorded in the CRC32 subsection of the incoming CP can be two outcomes:

- Mismatch of compared CP CRC values, which means that the integrity of the transmitted message is violated;

- full match of the compared values of the CRC checksums of the CP, which means confirmation of the integrity of the received message;

- and each outcome determines its own algorithm for the formation of a response message by the Slave to the Master:

- in case of a CP checksum mismatch, the Slave informs the Master in the “one packet - CP” format about the abnormal completion of the “reading” procedure (see clause 1.2.3.3., p. 62, label Ncpch * ⁾ );

- in case of full match of the CP CRC checksums, the integrity of the incoming message is confirmed and the Slave proceeds to the normal execution of the specified “read” program (see clause 1.2.3.3., p. 67, label Skpch* ⁾ ).

1.2.3.3. Formation by the Slave of a response message to the Master The format of the response message of the Slave to the Master's request for "reading" depends on the result of checking the integrity of the message (MS) sent by the Master (see clause 1.2.3.2.), which is determined by the match of the checksums of the sent and received messages. If the checksums of the CP do not match, the sequence of forming the response message of the format is given on page 62 (label Ncpch* ⁾ ), if the checksums of the CP match - on page 67 (label Scchp* ⁾ ).

Nkpch * ⁾ : If the checksums of the CP do not match (the integrity of the transmitted information is violated), the Slave in the format “one packet - CP” informs the Master about the impossibility of executing the “request for reading” sent by the Master and the reasons for its non-execution, while the subsections of the CP are filled in the following sequence (see Fig. 7. “Formation by the Slave of a response message to the Master in the “reading” mode in case of violation of the integrity of the incoming message”):

- first, regardless of whether the transmitted information is encrypted or not, similarly to that set out in clause 1.2.2.4, subsections of the first word of the CP are filled in, namely:

- in the subsection “Terminal address” bits [31:24] of the CP, the address of the Master is written;

- in the "Control Field" subsection:

- bit [23] is overwritten with the value of the attribute "ADP" from the "Control Field" bit [23] of the CP that came from the Master (ADP=0), since in this case the Slave did not even start filling in the PD;

- in bit [22] the sign of information encryption "Рk" from the "Control Field" of bit [22] of the CP that came from the Master is overwritten;

(When the system is operating in the “Encrypted” mode (“Рк=1”), a 99-bit CP structure is used to transmit information and, depending on the required degree of information protection, either standard encryption is used (at q _i =0), when CP CRC, PD CRC are encrypted, and PD data and encrypted are entered in the corresponding subsections of the CP and PD, or encryption of increased complexity (with q _i equal to 1 or 2, or 3)), when encryption of the CP CRC, PD CRC and PD data is added encryption of CP subsections specified in option q _i .

When the system is operating in the “No encryption” mode (“Рк=0”), a 67-bit CP structure is used to transmit information, and the calculated unencrypted CP CRC, PD CRC and PD data are entered in the corresponding subsections of the CP and PD (when Рк=0 encryption of subsections of the CP is also not applied; the sign q _i is not used in the logic of the system)).

- bit [21] is overwritten with the sign of the encryption mode "Rk" from the "Control Field" subsection of bit [21] of the CP that came from the Master;

- in bits [20:19] is written [1:1], which means

- “response of the Slave to read”, and in bits [18:16] - the reason for the refusal to execute the request from the list of provided:

- "Package error" - [010];

- "Unable to read data" - [011];

- "Invalid address of the address space" - [100];

- "Wrong data size for writing" - [101];

- in subsection «Page address» bits [15:8] the number of the address space of the Master is written;

- zero is written to the “Data Size” subsection of bits [7:0], because, due to the violation of the integrity of the received CP, the Slave did not even start reading the given words; - then the sign of information encryption is analyzed - Рk:

a) If Рk=0 (in bit [22] of the “Control Field” subsection of the CP, “0” is entered) - the second word is not filled in and the information is not encrypted, and the formula for calculating the CRC of the CP is immediately determined (see page 65, label _RasF resp. * ⁾ ).

b) If Рк=1 (in bit [22] of the subsection “Control Field” of the CP, “1” is entered), then the transmitted information is encrypted; in this case, similarly to that set out in clause 1.2.2.4, the second word of the CP is filled in, and:

- in the subsections of the CP "Table Line number" bits [31:26] and "Shift Direction)) bits [23:18] the same number is recorded, obtained with one call to the GNNSC, identified as the line number of the "Cipher Table" for encrypting the KP, since the format of the transmitted message is one packet - KP;

- in the subsection "Table Line number" bits [25:24] the provided (given) level of information protection "Ys" is written (the value is transferred from the subsection "Table Line number" bits [25:24] of the incoming CP), and in the subsection "Shift Direction)) bits [17:16] are written to zero, since in this case the TD was not formed and the format of the transmitted message is KP (information for writing to bits [17:16] of the “Shift Direction” subsection)) KP before the formation of the TD. Missing; writing to the indicated bits is carried out after the formation of the PD);

- further, in the “Shift step” subsection, bits [15:10] are rewritten the “code word” sent by the Master in the “Shift step” subsection, bits [15:10] of the “read request” CP, which makes it possible to significantly simplify the procedure for the Master to recognize the Slave’s response to a given request and significantly complicate the possibility of replacing a standard device with a malicious one. In bits [9:8] of the “Shift step” subsection, q _i is transferred from the subsection “Shift step” of bits [9:8] of the CP that came from the Master;

- in the CP subsection "Terminal Stamp" bits [7:0] the digital fingerprint of the Slave - the terminal that sends the message is entered;

- then the formula for calculating the CRC of the CP is determined (see page 65, mark _RasF rep * ⁾ ).

_RasF resp * ⁾ - to determine the formula for calculating the CRC of the CP, the following actions are sequentially performed:

- first, the number of the group of formulas for calculating the CRC of the CP is determined, depending on the encryption attribute "Rk" recorded in bit [22] of the "Control Field" subsection of the generated CP;

- then the number of the formula for calculating the CRC of the CP in this group is determined, depending on the sign of the information protection level "Ys", entered in bits [25:24] of the subsection "Table Line number", if Рк = 1, or specified in the initial data, if Рk =0 (see item 1.2.1.);

- further, according to the above-defined number of the group of formulas for calculating the CRC and the number of the formula within the group of formulas, the formula for calculating the CRC of the CP is determined;

- further according to this formula the CRC of the CP is directly calculated;

- then the sign of information encryption Pk is analyzed again:

- if Pk=0, then the calculated and unencrypted CRC of the CP is directly entered into the CRC32 subsection of the CP; after this operation is completed, the CP is fully formed and ready to be sent to the Master (further see page 75, label Otprl* ⁾ );

- if Рк=1, then according to the line number (j) recorded in the CP subsection "TableLine number" in bits [31:26]), according to its "Cipher Table" in the CRC section (z=0) the Slave determines the cipher (n _j and lc _j ), which encrypts the CRC:

- in the case of using the standard CP encryption (q _i =0), the operation of entering the encrypted CRC into the CP CRC32 completes the CP formation process; The CP is ready to be sent to the Master (further see page 75, label Otpr1* ⁾ );

(см. п. 1.1.), выбирается вариант, соответствующий q_i, в котором указан перечень подразделов КП, которые требуется зашифровать и номера ячеек подраздела «Shift step», в которых записан номер строки «Таблицы шифров», из которой в разделе CRC (z=0) берется шифр для их шифрования; зашифрованная этим шифром информация подразделов КП замещает ранее записанную информацию соответствующих подразделов; операция замещения ранее записанной в подразделах незашифрованной информации зашифрованной завершает процесс формирования КП (далее см. стр. 75, метка Otpr1*⁾). S_кпч*⁾ _: При полном совпадении контрольных сумм КП, когда целостность пришедшего сообщения подтверждена, Ведомым готовится ответное сообщение в формате «КП+ПД» в следующей последовательности (см. Фиг. 8. «Формирование Ведомым ответного сообщения Ведущему в режиме «чтение» при подтверждении целостности входящего сообщения»):- if an algorithm of increased encryption complexity is used (q _i written in bits [9:8] of the “Shift step” subsection of the CP being filled in is not equal to zero), then after the operation of entering the Slave encrypted CRC from the randomized set of options I ₀ into the CRC32 subsection of the CP (q _i ), where where

(see clause 1.1.), the option corresponding to q _i is selected, which indicates the list of CP subsections that need to be encrypted and the cell numbers of the “Shift step” subsection, which contain the number of the “Cipher Table” line, from which in the CRC section (z=0) a cipher is taken to encrypt them; the information of the CP subsections encrypted with this cipher replaces the previously recorded information of the corresponding subsections; the operation of replacing the unencrypted information previously recorded in the subsections with the encrypted information completes the process of forming the CP (further on, see p. 75, label Otpr1* ⁾ ). S _chp * ⁾ _: If the checksums of the CP match completely, when the integrity of the incoming message is confirmed, the Slave prepares a response message in the format “CP + PD” in the following sequence (see Fig. 8. “Formation by the Slave of a response message to the Master in the “reading” mode) when confirming the integrity of an incoming message"):

- first, the first word of the generated CP is overwritten from the received CP with the parameters that determine the operating conditions of the Slave:

- in bit [22] of the "Control Field" subsection - a sign of encryption of information "Рk" from the "Control Field" subsection of bit [22] of the CP that came from the Master;

- in bit [21] of the "Control Field" subsection - a sign of the encryption mode "Rk" from the "Control Field" subsection of bit [21] of the CP that came from the Master;

- then parameters are written that specify the addressing and type of this transmitted message:

- in the “Terminal address” subsection of bit [31:24] of the CP, the address of the terminal to which the message is addressed (in this case, the Master) is written;

- in bits [20:19] of the “Control Field” subsection, the sign of information transfer [1:1] is written, meaning - the response to the “read request”;

- in the “Page address” subsection, bits [15:8] contain the number of the address space of the terminal to which the call is addressed (in this case, the Master) (information to be written to the unfilled bits [18:16] and [23] of the “Control Field” subsection and in bits [7:0] of the “Data Size” subsection of the CP before the formation of the PD is absent; the entry in the specified bits of the CP is carried out after the formation of the PD);

- then the feature Рk is analyzed:

- if the attribute Рk=0 (the operating mode of the system is “Without encryption” and the CP structure contains only one word of service information), then proceed to the formation of PD (see p. 69, label Rpd * ⁾ ).

- if the attribute Рk=1 - the operating mode of the system "With encryption" of the transmitted information is applied and the CP structure contains two words of service information; in this case, the following parameters are first rewritten from the received CP into the second word of the service information of the generated CP:

- the level of protection of information from malicious information impact (Y ₃ ) - from the subsection "Table Line number" bits [25:24] of the incoming CP to the subsection "Table Line number" bits [25:24] of the generated one;

- number of the variant of the list of encrypted subsections of the CP (sign q _i ) - from the subsection "Shift step" bits [9:8] of the incoming CP to bits [9:8] of the subsection "Shift step" being formed;

- "code word" sent by the Host in the "Shift step" subsection (bits [15:10]), - in the "Shift step" subsection, bits [15:10] of the generated CP,

- then in bits [31:26] of subsection CP "Table Line number" and bits [23:18] of subsection "Shift Direction)) are written:

- at Rk=l, different numbers obtained by consecutive double access to the GNNSC and identified as line numbers of the “Cipher Table”, in which the ciphers for encryption, respectively, of the CP and PD are defined;

- at Rk=0, the same number obtained with a single call to the GNNSCH and identified as a single line number of the "Cipher Table" for encrypting the CP and PD;

- further, in the “Terminal Stamp” subsection, bits [7:0] of the CP, the digital fingerprint of the Slave sending the message is entered (information to be written to the blank bits [17:16] of the “Shift Direction” subsection)) of the CP of the group number of the CRC calculation formula for the PD before the formation of the PD missing. Writing to the indicated CP bits is carried out after the formation of the PD);

- and then proceed to the formation of PD (see page 69, label Fpd* ⁾ ).

Fpd* ⁾ : Current values of the measured and controlled parameters by each Slave are recorded in the generated PD. For example, the number of serviced modules by type, the number of serviced analog and discrete sensors and their output data, the status of technological interlocks and protections, the status of redundant systems, the results of compliance checks, data of the event chronicle recorder, etc. Each parameter has two 32-bit words for writing. One - to record the parameter identifier, the second - to record its value. The maximum number of 32-bit words that the Slave can write to the PD is at least 256 (Nset _i =<256). The place of the parameter in the PD is determined by a single system algorithm that allows the Slave to write and the Master to read the messages sent without additional clarifications. When the Slave uses to write a parameter only a part of the provided volume (less than 32 bits provided for writing a word), at the end of the recording of each parameter, the identifier of the end of the record is put - "F". The beginning of the recording of each parameter is indicated by the index "n". At the end of the last record in the PD, the identifier of the end of the PD record is set - "FF". All values of the measured and controlled parameters, service words and their identifiers are entered in the PD.

After the completion of the recording in the PD of the current values of the measured and controlled parameters, their service characteristics and identifiers, in order to ensure reliable verification of the integrity of the packet (PD) received by the Master, the Slave provides for the calculation of the checksum (CRC PD) and its recording in the CRC32 subsection of the PD. The PD CRC generation procedure depends on the system operation mode. When the system is operating in the "With encryption" mode of the transmitted information (Pk=1), all data entered in the PD is first encrypted, then the CRC of the PD is calculated from these data, which is also encrypted, and when the system is operated in the "Without encryption" mode of the transmitted information ( Рk=0) encryption of PD and CRC of PD is not provided:

- if the operating mode of the system is “With encryption” of transmitted information (Рk=1), then:

- first, by the line number of the "Cipher Table" for encrypting the PD, entered in the bits [23:18] of the "Shift Direction" subsection)) of the Formed CP, in the subsection of its "Cipher Table"(i=1; z=2) the Slave determines the ciphers ( dr _j and p _j ) and the logic of their application (k _j ) to encrypt PD data;

- then the ciphers (dr _j and p _j ) in the logic (k _j ) encrypt the PD data and replace the unencrypted data previously entered in the PD;

- further by the amount of data recorded in the PD (the number of bits occupied by the recording of the read (set for reading) parameters, their service characteristics (type "n", "F" and "FF"), and their identifiers, as well as 32 bit for the record CRC PD) the number of the group of formulas for calculating the CRC PD is determined, which is immediately entered into bits [17:16] of the subsection “Shift Direction)) of the generated CP (see p. 69, label ¹² * ⁾ );

- then, according to the level of protection of information from malicious information impact (Y ₃ ), recorded in the subsection “Table Line number” of bits [25:24] of the generated CP, the number of the formula for calculating CRC PD in this group is determined;

- further, according to the number of the group of formulas for calculating the CRC PD and the number of the formula for calculating the CRC PD in the group, the formula for calculating the CRC PD is determined;

- further, according to the encrypted PD data, using this calculation formula, the PD CRC is directly calculated, which is entered in the CRC32 subsection of the PD of the generated PD;

- then according to the line number of the "Cipher Table" for encrypting the PD, entered in the bits [23:18] of the "Shift Direction" subsection)) of the generated CP, in the subsection of its "Cipher Table"(i=1; z=1) the Slave determines the ciphers ( rd _j and m _j ) for PD CRC encryption;

- then the ciphers (rd _j and m _j ) PD CRC is encrypted and the encrypted PD CRC replaces the unencrypted data previously entered in the PD CRC32.

The PD has been generated, but in order to prepare a message in the CP + PD format, it is necessary to complete the formation of the CP (see further on page 72, label Zkp* ⁾ );

- if the operating mode of the system is “No encryption” of the transmitted information (Рk=0), then:

- first, according to the amount of data entered in the PD (the number of bits occupied by the recording of the read (set for reading) parameters, their service characteristics (type "n", "F" and "FF"), their identifiers, as well as 32 bits under the entry CRC PD) the number of the group of formulas for calculating the CRC PD is determined;

- then, according to this number of the group of formulas for calculating the CRC PD and the minimum level of information protection from malicious information impact Y ₁ =l (see clause 1.2.1.) specified in the initial data for the operating mode of the system "Without encryption", the number of the calculation formula is determined CRC PD in the group;

- further, using this calculation formula, the PD CRC is directly calculated, which is entered in the CRC32 subsection of the generated PD; The PD is completely formed, but in order to prepare a message in the CP+PD format, it is necessary to complete the formation of the CP (see p. 72, label Zkp* ⁾ );

Zkp * ⁾ : - completion of the formation of the CP, is carried out in the following sequence:

- first, based on the analysis of PD data, the following are determined:

- the number of words recorded in the PD (N);

- ADP - a sign of using the maximum amount of memory provided for recording (32 bits):

- "ADP:=1", if it took less than 32 bits to write at least one value of a parameter, attribute or identifier into the PD;

- "ADP:=0", if each of the recorded values of parameters, features and identifiers required the entire provided amount of memory (all 32 bits) to write to the PD;

- then the quality of the system performance is evaluated when a “read” request is executed (from the list of provided assessments):

- [000] - "No errors";

- [001] - “No errors + service request;

- further, all calculated parameters and an assessment of the quality of the system operation are entered in the corresponding subsections of the CP (the number of the group of formulas for calculating the CRC of the PD is entered in the subsection "Shift Direction" bits [17:16] of the CP earlier - after calculating the volume of encrypted data transmitted in the PD);

- "N" - to subsection "Data Size" bits [7:0];

- "ADP" - to the subsection "Control Field" bit [23];

- evaluation of the system operation - in the subsection "Control Field" bits [18:16];

After that, they proceed to the definition of the formula for calculating the CRC of the CP, to determine which the following steps are sequentially performed:

- first, the number of the group of formulas for calculating the CRC of the CP is determined, depending on the encryption attribute "Rk" recorded in bit [22] of the "Control Field" subsection of the generated CP;

- then the number of the formula for calculating the CRC of the CP in this group is determined, depending on the sign of the information protection level "Ys", entered in bits [25:24] of the subsection "Table Line number", if Pk=l, or specified in the initial data, if Рk =0 (see item 1.2.1.);

- further, according to the above-defined number of the group of formulas for calculating the CRC and the number of the formula within the group of formulas, the formula for calculating the CRC of the CP is determined;

- further according to this formula the CRC of the CP is directly calculated;

- then the sign Pk is analyzed again:

- if Pk=0, then the calculated and not encrypted CRC CP is entered in the CRC32 subsection of the CP; the operation of entering the calculated CRC into the subsection CRC32 of the CP completes the process of generating the CP; CP and PD are ready to be sent to the Master (further see page 75, label Otpr2* ⁾ ); - if sign Pk=1, then by the line number (j) recorded in the CP subsection "Table Line umber" in bits [31:26]), by its "Cipher Table" in the CRC section (z=0) the cipher is determined ( n _j and lc _j ), with which the CRC is encrypted, and is entered in encrypted form in the CRC32 subsection of the CP: - then the feature qi is analyzed, which determines the use of sophisticated encryption (included in bits [9:8] of the Shift step subsection of the CP):

- if q _i =0 - standard (not complicated) CP encryption is used; the operation of entering the encrypted CRC into the CRC32 of the CP completes the process of forming the CP; CP and PD are ready to be sent to the Master (further see page 75, label Otpr2* ₎ );

- if q _i is not equal to zero (an algorithm of increased encryption complexity is used), then after the operation of entering the encrypted CRC from the randomized working set of options I ₀ (q _i ) of the Slave, where q _i =l,3 (see p. 1.1.), the option corresponding to q _i entered in bits [9:8] of the “Shift Step” subsection is selected, which indicates the list of CP subsections that need to be encrypted and the cell numbers of the “Shift step” subsection, in which the line number “ Cipher tables”, from which the cipher is taken in the CRC section (z=0) to encrypt them; the information of the CP subsections encrypted with this cipher replaces the previously recorded information of the corresponding subsections; the operation of replacing the unencrypted information previously recorded in the subsections with the encrypted information completes the process of forming the CP; The CP and PD are ready to be sent to the Master (further see page 75, label Otpr2* ⁾ ).

Otprl* ⁾ - here the Slave generates a message in the KP format, which is sent to the Master.

Otpr2* ⁾ - here a message of the CP+PD format is formed, which is sent to the Master.

1.2.3.4. Evaluation by the Leader of the reliability of the received message.

The master receives the message intended for him, selecting it from the message stream at the address recorded in the CP subsection ((Terminal address ”bits [31:24]. Slave messages can have two formats:

- KP + PD format, when the Follower fully complied with the Master's request;

- CP format, when there were problems with the execution of the Leader's request;

and therefore the assessment of reliability is preceded by the determination of the format of the received message (see Fig. 9. "Definition by the Master of the format of the received message"):

- to determine the format of the received message, the information contained in the bits [18:16] of the subsection ((Control Field" CP) is used and explains the positive result of the Slave's work when the Master's request is "read":

- "000" - "no errors" or

- "001" - "no errors + service request.

That is, if the bits [18:16] of the subsection ((Control Field) of the CP contain "000" or "001", the received message has the format CP + PD. Any other content in them corresponds to the CP format. Moreover, in the case of the format ( KP + PD) the sign of the format R _f is assigned one (R _f :=1), and in the case of the format (KP) the sign of the format R _f is assigned zero (R _f :=0).

However, the evaluation of the reliability (integrity) of a message of any format, as provided by the system algorithm, always begins with a check for the integrity of the CP (see Fig. 10. “Evaluation by the Host of the reliability of the received message” - the received message is considered reliable if all the information packets included in If at least one packet fails the integrity check, the message is considered invalid):

- if Рk=1 (the attribute is entered in bit [22] of the “Control Field” subsection) - the Slave transmitted the encrypted information to the Master using the 99-bit CP structure, and in this case, in order to determine the encryption algorithm used by the Slave, feature q _i is analyzed:

- with the value q _i equal to zero (q _i =0), written in bits [9:8] of the “Shift step” subsection as (0:0), meaning that the Slave did not use encryption of the CP subsections, but only standard encryption took place (CRC encryption without encryption of CP subsections) The host immediately proceeds to the definition of the formula for calculating the CP CRC (see page 77, label OprF* ⁾ );

- for any of the three values q _i not equal to zero (q _i =l, q _i =2 or q _i =3), written in binary code in bits [9:8] of the “Shift step” subsection of the CP, which means that the Slave applied an additional encryption algorithm (encryption of subsections of the CP), before determining the formula for calculating the CRC of the CP of the incoming message, it is necessary to decrypt the subsections of the CP encrypted in accordance with option q _i .

For this:

(см. п. 1.1.), выбирает вариант q_i с указанными в нем перечнем зашифрованных подразделов КП и номерами ячеек подраздела «Shift step», в которых записан номер строки «Таблицы шифров», используемой Ведомым при выборе шифра.a) In accordance with the number q _i entered in bits [9:8] of the “Shift step” subsection of the incoming CP, the Leader from his randomized set of options I ₀ (q _i ), where

(see clause 1.1.), selects option q _i with the list of encrypted CP subsections indicated in it and the cell numbers of the “Shift step” subsection, in which the line number of the “Cipher Table” used by the Follower when choosing a cipher is recorded.

b) According to the specified line number, the Master determines the ciphers (n _j and lc _j ) using his “Cipher Table” in the CP section (i=0) that the Follower used when encrypting the CP subsections indicated in option q _i .

c) Using the received ciphers, the Host decrypts the indicated encrypted CP subsections, writes the decrypted values to the corresponding CP subsections instead of the encrypted ones, and proceeds to determining the formula for calculating the CP CRC (see page 77, label OprF * ⁾ ).

- if Pk=0 - the Host immediately proceeds to the definition of the formula for calculating the CRC of the CP (see page 77, label OprF* ⁾ ).

OprF* ⁾ : - here, first, according to the amount of information transmitted to the CP (sign Pk, recorded in bit [22] of the “Control Field” subsection), the number of the group of formulas for calculating the CRC of the CP is determined;

- then, according to the level of information protection Ys from malicious information impact, recorded at Pk=1 in bits [25:24] of the subsection “Table Line minnbeg”, and at Pk=0 - in the initial data, the number of the formula in the group is determined;

- further, according to the group number and the formula number within the group in the block of formulas formed at the initialization stage, the Master determines the formula for calculating the CRC of the CP, which was used by the Follower;

- then, according to this formula, the CRC of the CP is calculated;

- further, depending on the value of the encryption attribute Рk (Рk=0 or Рk=1) recorded in bit [22] of the “Control Field” subsection of the incoming CP, the following actions are performed:

- if Pk=0 - (working with unencrypted information) the calculated CRC CP is compared by bits with the one recorded in the CRC32 subsection (bits [31:0]) of the incoming CP (see page 78, label Srkp* ⁾ );

- if Pk=1 - (work with encrypted information) by the line number for encrypting the CP, specified in the subsection "Table Line number" bits [31:26], Master according to his "Cipher table", identical to the "Cipher table" of the Slave, in section of the table "CRC (z=0)" defines the cipher (n _j and lc _j ) used by the Slave to encrypt the CRC of the CP; then the calculated CRC with this cipher (n _j and lc _j ) is encrypted and the already encrypted CRC bit by bit is compared with the CRC recorded in the CRC32 subsection of the CP (bits [31:0]) that came from the Slave CP (see p. 78, label Srkp* ⁾ ).

Srkp* ⁾ : Depending on the result of comparing the CP CRC calculated by the Master with the CRC recorded in the CP CRC32 subsection (bits [31:0]) of the Slave, and the Slave's evaluation of its work to fulfill the Master's request indicated in bits [18:16] of the subsection "Control Field" of the CP that came from the Follower, the following actions are performed, moreover:

- if the calculated CRC CP does not match the CP recorded in subsection CRC32, which means a violation of the integrity of the message received from the Guided message, the main reason for creating the current situation is assumed to be the impact on the system of aggressive information impact, and therefore, first, the a priori set level of information protection and the parameters that provide it are evaluated ( see page 78, mark U _code * ⁾ ). U _cipher * ⁾ : - if encryption was not applied (aggressive informational countermeasures were not expected) or were applied, but the applied encryption parameters were set based on the condition of ensuring the minimum or medium level of protection (not the maximum), then the Masters first set the encryption parameters that provide the maximum level of protection from harmful information impact, and:

- if, previously, the operating mode of the system "With encryption" was used, then:

- the level of information protection (Y _i ) is increased to the maximum - Y _i :=Y ₃ and entered into bits [25:24] of the subsection "Table Line number";

- an algorithm of increased encryption complexity is introduced (q _i :=l and its value is entered into bits [9:8] of the “Shift step” subsection);

- CP and PD encryption is set according to various ciphers (Rk:=l and its value is entered in bit [21] of the “Control Field” subsection).

- if the operating mode of the system "Without encryption" was previously used - they switch to the "With encryption" mode, the sign of which Pk=1 is entered in bit [22] of the "Control Field" subsection formed by the CP, with encryption parameters providing the maximum level of protection:

- Y _i :=Y ₃ , which is entered into the bits [25:24] of the subsection "Table Line minteg";

-q _i :=l, and its value is stored in bits [9:8] of the "Shift step"subsection;

- Rk:=l and its value is entered into bit [21] of the “Control Field” subsection,

- if the transmitted information was encrypted and the encryption parameters were set based on the condition for ensuring the maximum level of protection, then the previously accepted parameters: Pk=1, Y _i =Y ₃ , q _i =1 and Rk=1 are saved;

Pov* ⁾ : - then the possibility of repeating the request to this Slave in the current cycle of communication with him is evaluated (see clause 1.2.2.5., p. 50, label ** ⁾⁾⁾ ); - and further:

- if it is possible to repeat it, a repeated “request for reading” is formed to the same Slave with parameters that provide the maximum level of information protection from malicious information impact on the system (in Fig. 10. “Assessment by the Master of the reliability of the received message”) - Output 1);

- if it is not possible to re-interrogate the Slave in this cycle (t _j ), the information received from him in the previous cycle (t _j - dt) is analyzed:

- in the presence of data (PD) of the Slave received by the previous cycle:

- first, the data array formed in the RAM with the time stamp t _j is retransmitted the data received by the Master from this Slave in the last cycle of communication with him with the cycle timestamp t=t _j - dt, where dt is the time of the polling cycle of all Slaves of the system;

- then a command is formed to carry out the service maintenance of the Follower;

- and then a "request for reading" is formed to the next Slave (see clause 1.2.3.1.) (in Fig. 10 - Output 2);

- in the absence of Slave data and in the last cycle:

- The master makes a decision: “the device is faulty, it needs to be replaced”, a “code” is generated, confirming the absence of information from the Slave in two consecutive cycles and allowing the system algorithm to decide to suspend the system and test all its devices and their software “for performance” , replace the failed device with a backup one (in Fig. 10 - Output 3);

- after the devices are restored, the system operation in the “reading” mode (see clause 1.2.3.) is resumed;

- if the calculated CRC CP coincides with the CP recorded in the CRC32 subsection, which means the integrity of the received from the Slave CP, the subsequent actions of the Master depend on the format that came to him, the message (a sign characterizing the message format - R _f ):

- if the sign R _f =1, (message format KP + PD), proceed to check the PD of the Slave for integrity in the following sequence:

- first, the information entered in the bits [18:16] of the “Control Field” subsection of the incoming CP is analyzed in order to determine the need for service maintenance of the Follower:

- if the code “001” is written in them, informing that the request of the Master “for reading” has been fully completed, but the period of work of the Slave without service has expired:

- first, a command is generated for the service maintenance of the Follower;

- and then the formula for calculating the CRC PD is determined (see page 85, label O _fpd * ⁾ );

- if the code “000” is written in them, informing about the error-free operation of the Follower, the formula for calculating the CRC PD is immediately determined (see page 85, label About _fpd * ⁾ );;

- if the sign Р _f =0, (the format of the message KP - the request "to read" by the Follower was not fulfilled, but a reliable message about the problems that arose during the execution of the request was delivered in the form of a KP from the Slave), then:

- first, the information entered in the bits [18:16] of the “Control Field” subsection of the incoming CP is analyzed in order to determine possible errors made by the Master when forming a request to the Slave, and in case of writing pre-fixed codes (“010”, “011 ”, “100”, “101”), meaning the Slave’s assumption about the corresponding error of the Master when forming a “read request” (for example: “010” - packet error, “011” - impossible to read / write data, “100” - incorrect address space address, "101" - incorrect data size for writing), the Master checks the indicated error and, upon its confirmation, corrects the algorithm for generating the CP for this Slave;

- then, since the second possible reason for the Slave's failure to fulfill the Master's request (there is no PD in the message) is an aggressive malicious informational impact on the system, then to eliminate it, similarly to the above (see p. 78, label U _cipher * ⁾ ),

the system operation is ensured in the mode of maximum protection against such malicious information impact (see Fig. 10.) and for this:

- if encryption has not been used before (Рk=0), the mode “With encryption” of information (Рk=1) is set with encryption parameters (Y _i, q _i and Rk) that provide maximum protection against malicious information impact Y _i = Y ₃ , q _i =1 and Rk=1; - if encryption was used (Рk=1), but the encryption parameters (Y _i , q _i and Rk) were set on the basis of providing a minimum or medium level of protection, they are adjusted to a level that provides maximum protection against malicious information impact Y _i =Y ₃ , q _i =1 and Rk=l;

- if encryption was applied (Рk=1), and the encryption parameters (Y _i , q _i and Rk) were set based on providing the maximum level of protection, the reason for the violation of the integrity of the expected from the Slave message may be an accidental failure and therefore the encryption parameters are not are corrected;

- then, as well as in case of mismatch between the calculated CRC CP and the CP recorded in the CRC32 subsection, the possibility of repeating the request to this Slave in the current cycle of communication with him is evaluated (see clause 1.2.2.5., p. 50, label ** ⁾⁾ ) and:

- if repetition is possible, a new "request for reading" is formed to this Slave with new parameters that provide the maximum level of information protection from malicious information impact on the system - in Fig. 10 - Output 1;

- in the absence of the possibility of a repeated request to the Slave in the current cycle:

- if there is data (PD) received from it in the previous cycle, first these data are retransmitted to the RAM, then a command is generated to carry out the service maintenance of the Slave, and then a “read request” is formed to the next Slave (see clause 1.2. 3.1.) (in Fig. 10-Exit 2); - in the absence of Slave data and in the last cycle, the Master makes a decision - “the device is faulty, it needs to be replaced”, a “code” is generated confirming the absence of information from the Slave in two consecutive cycles, allowing the system algorithm to decide to suspend the system to test the device and its software, as well as replacing it, in case of failure, with a backup one (in Fig. 10 - Exit 3); after the restoration of the device's operability or its replacement, the operation of the system in the "reading" mode (see clause 1.2.3.) is restored;

About _fpd * ⁾ : - the formula for calculating the CRC PD is determined by the already known method:

- if Pk=0, according to the amount of information transmitted by the Slave to the PD (the number of bits used by the Slave when writing information to the PD), and, if Рk=1, according to the number specified in the subsection of the CP "Shift Direction") bits [17:16 ], the number of the group of formulas for calculating the CRC PD is determined;

- then, according to the level of information protection Ys from malicious information impact, recorded at Рk=1 in bits [25:24] of the subsection "Table Line number", and at Рk=0 in the initial data, the number of the formula in the group is determined;

- further, according to the group number and the number of the formula within the group in the block of formulas formed at the initialization stage, the Master determines the formula for calculating the CRC PD;

- then CRC PD is calculated using this formula;

- further actions depend on whether the transmitted information is encrypted or not:

- if Рk=1 (information is encrypted):

- by the line number for encryption of the PD, specified in the CP in the "Shift Direction" subsection)) in bits [23:18], by the Master according to his "Cipher Table", identical to the "Cipher Table" of the Slave, in the section of the table "CRC (z=1 )” “CRC (z=1)” defines the cipher (m _j and rd _j ) used by the Slave to encrypt the CRC of the PD;

- then the CRC calculated by this cipher (m _j and rd _j ) is encrypted and the already encrypted CRC is compared bit by bit with the CRC recorded in the CRC32 subsection of the TD (bits [31:0]) that came from the Slave PD (see page 86, label Srpd * ⁾ );

- if Рк=0 (information is not encrypted):

- the calculated CRC is compared bit by bit with the CRC recorded in the CRC32 subsection of the TD (bits [31:0]) that came from the Slave PD (see page 86, label Srpd* ⁾ ).

Srpd* ⁾ : Depending on the result of comparing the DP calculated by the Master with the CRC recorded in the DP CRC32 subsection (bits [31:0]) of the Slave, various actions are performed (see Fig. 10):

- if the result of the comparison was a discrepancy between the calculated PD CRC and the PD recorded in the CRC32 subsection, which means a violation of the integrity of the PD, then:

- first, the Master evaluates the encryption parameters used in terms of ensuring the protection of the system from information countermeasures, which, if necessary, are adjusted:

- and if the information was not encrypted (Рk=0) or encrypted (Рk=1), but the accepted encryption parameters Y _i , q _i and Rk did not provide the maximum level of system protection against information countermeasures, then:

- first, to ensure maximum protection of the system, they are adjusted (see page 78, label U _code * ⁾ ):

- at Рk=0: the operating mode of the system is set to “With encryption”;

- (Рk:=1) and encryption parameters are assigned values that provide the maximum level of system protection against malicious information counteraction Y _i :=Y ₃ , q _i :=1 and Rk:=1;

- when Pk=l, the encryption parameters are assigned values that provide the maximum level of system protection against malicious information counteraction Y _i :=Y ₃ , q _i :=1 and Rk:=1;

- if the transmitted information was encrypted and the encryption parameters were set based on the condition for ensuring the maximum level of protection, then the previously accepted parameters: Pk=1, Y _i =Y ₃ , q _i =1 and Rk=l are saved;

- then the possibility of repeating the request to this Slave in the current cycle is evaluated (see page 80, label Pov* ⁾ ):

- and if possible, the “read request” to it is repeated, but with adjusted encryption parameters that provide the maximum level of protection against malicious information impact (in Fig. 10 - Output 1);

- and if it is impossible to repeat the request in this cycle:

- in the presence of data (PD) obtained in the previous cycle:

- first, the data received by the Master in the last cycle of communication with this Slave is transferred to the RAM;

- then a command is formed to carry out the service maintenance of the Follower;

- then generates a "request for reading" to the next Slave (in Fig. 10 - Output 2);

- in the absence of Slave data in the last cycle:

- The master makes a decision: “The device is faulty, it needs to be replaced”, a “code” is generated that confirms the absence of information from the Slave in two consecutive cycles and allows the system operator to suspend the system, replace the problem device with a backup one and update its software (in Fig. 10 - Exit 3);

- after a positive result of testing the system with a backup device, its operation in the "reading mode" is restored (see clause 1.2.3);

- if the result of the comparison is the match between the calculated CRC PD and the PD recorded in the CRC32 subsection, then the Slave message (KP + PD) is considered reliable, its PD data is decrypted by the Master and transferred to the RAM in decrypted form to form a control action on the control object. After that, the Master proceeds to the formation of a “request for reading” to the next Slave (see further paragraph 1.2.3.5.). 1.2.3.5. Decryption of a valid Slave message, start of a new "read" cycle.

In the event that the calculated checksums of the CP CRC and PD CRC completely coincide with those entered in the CP CRC32 and PD CRC32 subsections, respectively, the information in the message from the Slave is considered reliable, and the received PD data is subject to either direct transmission to the ACS if the Slave did not use their encryption, or preliminary decryption, if the Slave used their encryption, and subsequent transfer to the ACS to develop a control action on the control object..

PD data decoding, in the case of Pk=1, is carried out in the following sequence:

- Leading by the line number indicated in the CP in the "Shift Direction" subsection)) bits [23:18], according to their "Cipher Table", identical to the "Cipher Table" of the Slave, in the "Data (z = 2)" subsection of the "Package data” (i=l) the cipher (k _j , p _j , dr _j ) is determined by which the Slave encrypted the PD data;

- further, using the cipher (k _j , p _j , dr _j ), the Master decrypts the PD data: first, by the number of the data encryption option (k _j ), he determines the list of encrypted parameters, and then, using the ciphers p _j and dr _j , decrypts them ;

- then the decrypted actual PD data is entered into the RAM; This completes the "request-response" cycle of the Master with a specific Slave in the "read" mode. Then the Master starts a new cycle of communication with another Slave (small cycle). The number of small cycles (Master (request) - Slave (response)) depends on the number of Slaves served by this Master.

Upon completion of the survey of all the Slaves (large cycle), the data array accumulated in the RAM by the Masters is assigned a time stamp t _j , together with which it is sent to the block for generating the control action on the control object. At this, the i-th big cycle ("Master's request for reading" - "response of all Slaves for reading") ends and the system proceeds to the next (i + 1) big cycle, which also results in a new data array with a timestamp t _{j+ 1} =t _j+dt , then to the next one, which results in an array labeled t _j+2 =t _j+1 +dt, and so on.

1.3. Distinctive features of the method.

Distinctive features of the proposed encryption method are:

1. The “initialization” stage is introduced, at which, at each system start, new settings, independent of the prehistory, unknown to the programmer and the operational staff, are automatically determined, which determine the operation of the encryption system at the “normal operation” stage:

- "table of ciphers";

- a randomized block of various PD data encryption algorithms;

- a randomized block of various combinations of subsections of the CP and the logic of their encryption;

- digital fingerprints of system terminals.

2. All operations to determine new data for the operation of the encryption system at the “initialization” stage are performed in the Master and transmitted once over a secure private channel to all Slaves. The received data is stored in the protected RAM memory of each terminal, which is not accessible to the operational staff.

3. Dynamic encryption is applied when each transmitted packet of each message of each information source is encrypted with a different, previously unknown, independent of history, random cipher, including a list of parameters to be encrypted, the ciphers themselves, the encryption logic of the CP subsections and PD data.

4. The randomness of the cipher used in each case is ensured by the inclusion in the logic of determining the cipher of the GNNSCH, which obey the uniform distribution law, which allows you to choose a random encryption option:

- a specific, but random string of the "Cipher Table" containing a list of parameters to be encrypted, the cipher itself and the encryption logic,

- specific random cipher and PD data encryption logic;

- a specific random combination of encrypted subsections of the CP and the logic of their encryption.

5. PD data is directly encrypted, and the composition of the encrypted data in each message randomly changes, subsections of the CP, the composition of which also randomly changes in each message, the CP checksum (CRC CP) and the PD checksum (CRC PD);

6. The non-stationarity of natural random numbers of generators that are part of each device of the system (Master and Slaves) is ensured by supplying to its input variables of a non-stationary nature: the temperature inside the integrated circuit of the processor and the signal from the output of the trigger, which is in a metastable state during the transition of the signal to the new sync domain.

7. The natural numbers generated by the GNNSC follow a uniform distribution law, which practically excludes the possibility of their prediction. The numbers generated by the GNNSCH are used when choosing the encryption option (the "Cipher Table" line), the combination of encrypted CP subsections and the PD data encryption logic.

8. The formulas for calculating the checksum (CRC) used to check the integrity of the received information take into account the amount of transmitted information and the level of its protection from malicious information impact, and therefore change when they change.

9. In forwarded messages, the list of encrypted parameters, the ciphers themselves, the logic of their application, the list of encrypted subsections and formulas for calculating checksums are not directly transmitted.

10. The use by the Slave of the memory adaptation algorithm (sign ADP) allows, when writing a parameter to the PD, to occupy the amount of memory necessary to record the current value of the parameter instead of the excess amount provided by the Master, which allows recording its maximum value, which reduces the time for transmitting a message to the Master and the processing time information received by them.

11. In order to hinder the possibility of spoofing the transmitted information, each message of the Master is encoded with a non-repeating random code generated by the Master's GNSS and returned to him by the Follower in the response message. The inclusion of a "code word" in each CP sent by the Master makes it possible to additionally practically eliminate errors with the identification of the Slave's response to the Master's request.

12. During normal operation, a bidirectional automatic method of encrypting forwarded messages is implemented, that is, all sent messages are subject to encryption, regardless of the form of the package (“request” is this or “response”) and the status of the terminal (Master or Slave).

The features listed above (1-12) make it possible to recognize any substitution and any distortion of transmitted information, including a hacker attack, that is, to practically eliminate the situation when the receiver accepts false information as reliable and, as a result, significantly increase the level of information security of the control object . 2.

Implementation of the invention.

To confirm the feasibility and effectiveness of the proposed dynamic encryption method, a data encryption subsystem that implements the proposed encryption method was additionally included in the existing power facility management system. The hardware-software implementation of the proposed encryption method in the form of the TSI interface made it possible to experimentally confirm the high probability of eliminating the possibility of accepting false data as reliable, regardless of the place and reasons for their distortion, and hence a significant increase in the level of information and functional security of the system (ACS with a control object) in conditions of information counteraction due to the practical impossibility of intentional substitution or omission of information that was accidentally distorted due to an operator error or a malfunction of the automated control system. 2.1 Structure of the interface.

Structurally, the interface of each terminal (TSI) is divided into two circuits:

- internal loop of the interface - a loop that is hidden from the user (the user does not have direct access to it) and contains settings (operating parameters) that determine the operation of the encryption system at the "normal operation" stage. The operating parameters of the internal circuit: ("Table of ciphers", a randomized block of PD data encryption algorithms, a randomized block of combinations of CP subsections and their encryption logic, as well as a digital fingerprint) are formed automatically at the "initialization" stage without the possibility of the operational staff influencing the process of their formation and result. Formed at the configuration stage, they are placed in the protected memory of the processor;

- external loop of the interface - a loop with which the operator-user controls the information protection mode (encryption mode) without the ability to read and change the settings of the inner loop, without the possibility of access to the inner loop.

In the course of work on creating a system-on-a-chip for use in automated control systems, the following were developed: the TSI protocol, GNNSCH and a receive / transmit unit designed for hardware and software implementation of the TSI protocol (see Fig. 11. The structure of the system that implements the claimed dynamic encryption of transmitted data) .

When communicating using the TSI protocol, each device on the bus performs one of the following functions (see Fig. 12. Scheme of data exchange on the bus using the TSI protocol):

- the master device (Master, Bus Master, Master) - initiates the exchange in the "request - response" logic with the transfer of useful data (KP + PD) or without their transfer (KP) and can perform the function of a monitor;

- slave device (Slave, Slave) - responds to the Master's request with the transfer of useful data (KP + PD) or without their transfer (KP);

- monitor (Monitor) - a device that provides the operator with the ability to control the process and operational intervention in the process, in order to ensure optimal control.

Data exchange on the bus in the "With data encryption" and "Without data encryption" modes occurs through CP and PD packets. In the CP, depending on the encryption mode, 3 (in the "Without data encryption" mode) and 4 (in the "With data encryption" mode) subsections are structured (see Table 3. Structure of the CP in the "Without data encryption" mode and Table 4. CP structure in the "With data encryption" mode.):

- in the "No data encryption" mode - this is:

- "Sync" - (3 bits) burst synchronization sequence (sync signal);

- the first service 32-bit field containing four 8-bit subsections, each of which defines:

- "Terminal address" - the address of the terminal to which the source of information accesses;

- "Control Field" - information transfer mode;

- "Page Address" - the number of the address space to which the source of information refers;

- "Data Size" - the number of transmitted/requested words;

- "CRC32" - (32 bits) - CP checksum, calculated according to the selected formula, which allows, with an accuracy no worse than required, to confirm the integrity of the received information on the receiver side at a given level of protection and the actual amount of data transmitted in the packet;

- and in the "Encrypted" mode:

- "Sync" - (3 bits) burst synchronization sequence (sync signal);

- the first 32-bit service information field containing the same subsections and performing the same functions as in the unencrypted mode:

- “Terminal address”;

- «Control Field»;

- "Page Address";

- «Data Size»;

- the second 32-bit field containing four 8-bit subsections, each of which defines:

- "Table Line nminer" - a sign of encryption of the CP and a condition for protecting information;

- "Shift Direction") - signs of PD encryption and the number of the group of formulas for calculating PD CRC;

- "Shift Step" - a code word that allows the Master to make sure that the incoming message is the answer of the Slave exactly to his request and a sign of the complexity of the encryption algorithm used;

- "Terminal Stamp" - a digital imprint of the source of information;

- "CRC32" - (32 bits) - CP checksum, calculated according to the selected formula, which allows, with an accuracy no worse than required, to confirm the integrity of the received information on the receiver side at a given protection level and the actual amount of data transmitted in the packet.

The difference between the CP used in the “With data encryption” mode and the CP used in the “Without data encryption” mode is that it has a second 32-bit service information word that indirectly determines the encryption parameters of the transmitted information (see Table 3 and Table 4).

The structure of the field of the “Control Field” subsection of the CP, which is the same for the modes “With data encryption” and “Without data encryption”, is presented in Table. 5. The structure of PD is presented in Table. 6.

At the physical layer, packets are transmitted in a modified Manchester code. The start and type of the packet are identified by the type of 3-bit clock signal.

The possible formats of messages (transactions) exchanged between the Master (Master) and the Slave (Slave) by transferring CP and PD to each other are as follows:

- Format 1 - the format of messages in the "Record" mode (see Fig. 3a) - The Master sends a message to the Slave in the format CP + PD and the Slave responds to the Master with a message in the format CP;

- Format 2 - message format in the "reading" mode (see Fig. 3b). - The Master sends a message to the Slave in the CP format and the Slave responds to the Master with a message in the CP+PD format;

- Format 3 - message format in the "Unable to issue the requested data" mode - (see Fig. 3c) - the Master sends a message to the Slave in the KP format and the Slave responds to the Master with a message in the KP format.

Format 3 is a special case of format 2. This format is used by the Slave in case of problems with the execution of the Master's "request" to "read data" from the device.

The device (Master) sends a message in the KP format to the device (Slave) at the “read request” (see Fig. 3b). The device (Slave) checks the incoming message for integrity, starting with the CP integrity check (see clause 1.2.2.2.): - if the transmitted information was encrypted (Рк=1), then the encryption algorithm determined by the value q _i is first specified:

- if q _i =0, then the Master _ohm used a standard encryption algorithm, in which the CRC of the CP, the CRC of the PD were encrypted, and the data of the PD and encrypted were entered into the corresponding subsections of the CP and PD;

- if q _i is not equal to zero (q _i is equal to 1 or 2, or 3), then the Master _ohm used an algorithm of increased encryption complexity, in which, after calculating the CRC of the CP, encrypting it and entering it into the CRC32 subsection of the CP, the information of the CP subsections was additionally encrypted, corresponding to the received q _i and in encrypted form is entered in the transmitted Slave KP;

- then:

- if the Master _ohm used an algorithm of increased complexity, (q _i is not equal to zero), then first the information of the subsections corresponding to the received q _i is decrypted, then the checksum (CRC) of the received CP is calculated, which is encrypted and the already encrypted CRC is compared by bits with the CRC , written in the CRC32 subsection of the received CP; - if the Master _ohm used a standard encryption algorithm (q _i =0), then immediately after receiving the CP, the CP checksum is calculated, which is then encrypted and encrypted by bits is compared with the checksum recorded in the CRC32 subsection of the received CP;

- if Master _{encryption was} not used (Рк=0), then the CRC calculated from the data of the incoming PC is immediately compared with the CRC recorded in the CRC32 subsection of the received CP;

Further, depending on the result of comparing the calculated CP CRC with the CRC recorded in the CP CRC32 subsection (bits [31:0]), the following actions are performed:

- if the result of the comparison was a discrepancy between the calculated CRC CP and the CP recorded in the CRC32 subsection, which means a violation of the integrity of the CP (problem 1), then the slave device ignores the request and sends the response CP to the device (Master), in which bits [18:16] of the “Control Field” (see Table 5, columns 5 and 6) are filled with values corresponding to the (“state signs”) of the transaction;

- if the checksums of the CP match, but if it is impossible to issue, for some reason, the data requested in the "read" mode (problem 2), the slave device also transmits to the device (Master) only the response CP, in which in bits [18:16] fields "Control Field" (see Table 5, columns 5 and 6) indicate possible reasons for the failure to fulfill the "request".

To implement the proposed dynamic encryption of the transmitted data, each device (in the Master device and in all Slave devices) is equipped with a receiving/transmitting unit designed to implement the protocol, and GNNSCH (see Fig. 11).

2.2. Preparing the system for "regular" work. Initialization.

Preparation by the Master (Master _ohm ) of the system for work - setting up the internal circuit of the TSI interface (initialization) of each terminal of the system in terms of the formation of the same "Cipher Tables", which define the lists of encrypted parameters, their ciphers and encryption logic, which are the same for all terminals of the system of randomized options data encryption algorithms and randomized variants of combinations of various subsections of the CP to be encrypted, as well as in terms of determining a set of formulas that ensure verification, with an accuracy no worse than required, of the integrity of the information sent by the source with its different volume, depending on the given level of its protection from malicious information impact, is carried out in the "record" mode in the following sequence:

1) First, the Master (Master _y ) is given by the system programmer the initial data that determines the operating conditions of the system:

- Mo - the number of data encryption options, and Mo - not less than 6 and not more than the number of lines allocated in the "Table of ciphers" for recording encryption options (in this implementation example, Mo = 11 was taken);

- Mmin - Mmax - the range of natural random numbers generated by the GNNSC of each information source: Mmin>=0, Mmax=<maxW _o (i), where: max W _o - maximum field size (in bits), out of i allocated fields for records of each encrypted parameter, where i is the number of parameters encrypted in the PD. In this case, the law of distribution of random natural numbers generated by the GNNSC will obey the uniform distribution law with mathematical expectation:

m=[(Mmax - Mmin) /2] and standard deviation:

b=[(Mmax - Mmin) /6], where […] means taking the integer part of the division result.

In this example implementations were accepted:

Mmin:=0; Mmax:=12;

W ₀ :=16; i:=20;

- Ys - the required level of information protection from the set Y ₁ , Y ₂ , Y ₃ :

- Y ₁ =1 - the minimum level of information protection;

- Y ₂ =2 - the average level of information protection;

- Y ₃ =3 - the maximum level of information protection (in this example, Y _s :=3)

- k _j ^max - maximum number of different data encryption options

PD, which will be used in this problem, and: 2<=k _j ^max <=K ₀ , where

K ₀ - the number of ordered encryption options pre-formed (before the start of the "initialization" stage) and stored in the protected memory of the processor (in this example, K ₀ :=10; k _j ^max :=5).

- signs that determine the mode of operation of the system, under the expected conditions of information impact:

- a sign of information encryption (Рk:=1);

- a sign of the encryption mode (Rк:=1);

- a sign of using an additional encryption algorithm of increased complexity (q _i :=2);

- a sign of providing (using) the full amount of memory for (when) writing information to the PD (ADP:=0).

All source data is placed in the source data block Master _a .

2) Then the system programmer generates the "write" command, according to which all standard devices of the system are put into working condition, and the process control and direct automatic formation of blocks that determine the parameters and encryption logic in the "read" mode are taken over by the Host (see p. 2a-2d):

2a) First, the Master a priori selected and numbered in ascending order K ₀ rules of data encryption logic PD - are randomized, that is, with the help of GNSCH they are renumbered:

GNNSCH sequentially generates K ₀ non-repeating different numbers from the range from 1 to K ₀ , which are assigned sequentially to previously selected encryption algorithms (see Table 7. Randomization scheme for data encryption algorithms).

The operation of randomization, that is, the assignment of a new number kj to each algorithm, is carried out automatically and is not available for intervention by the operational staff. Its algorithm looks like this:

- GNNSCH in the range of natural numbers from 1 to K ₀ generates a random number (new algorithm number) (see column 3 of Table 7), which is assigned to the first algorithm;

- then GNNSC generates a second random number that does not match the first one (new algorithm number), which is assigned to the second algorithm;

- then the third random number generated by the GNNSCH, and not coinciding with the first two, is assigned to the third algorithm, and so on up to the K ₀ -th random number, which does not coincide with the previous (K ₀ - 1) numbers (numbers);

- then all algorithms are rebuilt in ascending order of new numbers, starting from the first one (see columns 3 and 4 of Table 7).

As the initial, subject to randomization, data encryption algorithms for PD in the implementation example of the proposed method of dynamic data encryption (see Table 7), ten a priori developed algorithms are used below (K ₀ =10):

- No. 1 - encryption of odd words sent to the PD data;

- No. 2 - encryption of the first and last words of the transmitted data;

- No. 3 - encryption of even words of data sent to the PD;

- No. 4 - encryption of the first two words of the data sent to the PD;

- No. 5 - encryption of only the first word of the data sent to the PD;

- ...

- №k _j - encryption of all words sent to the PD data (k _j =8);

- ...

- №K ₀ - encryption of the first five words (K ₀ =10), stored in the RAM of the processor.

Accepted in the implementation example of the proposed method, the number of options for encrypting PD data, which of the total number of options will be used in this task k _j ^max is 5 (k _j ^max =5).

As a result of randomization (see Table 7), the first number is assigned to algorithm No. 4, the second number - to algorithm No. 10, the third number - to algorithm No. 2, the fourth number - to algorithm No. 1, the fifth number - to algorithm No. 3, ..., the eighth number - algorithm No. 5, ..., and the tenth - algorithm No. 8.

The first five numbers of the new randomized set selected as a result of the randomization are the working set of encryption algorithms that will be used later for data encryption and which, together with identifiers k _j forwarding to all Slaves.

2b) Then, according to an algorithm similar to that given in paragraph 2a of this section, the Leaders, using the GNNSS, automatically randomize a priori formed and numbered set (set) of combinations of subsections of the 99-bit CP (except for subsections "Sync", "Control Field" , "Shift step" and "CRC32") - I(q _i ) to be encrypted, where:

a q₀>=3 (в данном примере q₀:=4),q _i -number of combinations of CP subsections on the set of options I(q _i ), and (

aq ₀ >=3 (in this example q ₀ :=4),

with different numbers of bits of the “Shift step” subsection indicated in each variant, where the line number of the “Cipher Table” is entered, in which the cipher for their encryption is directly indicated in the CP section (i = 0). From I(qi) a new randomized set of options I ₀ (q _i ) of smaller dimension is formed:

a q_i<=q₀, в данном примере q₁:=3), в котором каждому варианту присваивается новый номер, неизвестный оперативному составу.(

aq _i <=q ₀ , in this example q ₁ :=3), in which each option is assigned a new number unknown to the operational staff.

In the new randomized truncated set, each variant number corresponds, in the general case, to new sets of subsections, with cell numbers of the “Shift step” subsection associated with them, indicating the number of the “Cipher Table” line in which the cipher used to encrypt these subsections is entered. That is, the original correspondence of the variant number to the list of subsections to be encrypted, the cipher and the logic of their encryption is artificially randomly changed. The new correspondence of the variant number to the list of encrypted subsections, the cipher and the logic of their encryption is unknown to either the system programmer or the operational staff.

In the variant proposed to confirm the implementation of the proposed method of dynamic encryption, a priori, the formed set of combinations of subsections is represented by four combinations of subsections of the CP (q ₀ =4) with the bit numbers of the subsection “Shift step” of the CP corresponding to each of the options, which indicate the line number of the “Cipher table ”, where the applied cipher is written, and the truncated set should be represented by three options (q ₁ =3):

Option No. 1 - the subsection of the CP "Shift Direction" is encrypted)) bits [23:16] with the cipher for encrypting the CP (see the "Table of ciphers", i=0), written in the line, the number of which is indicated in bits [14:12] of the subsection "Shift step" KP (option No. 1 corresponds to the feature q ₁ =1);

Option No. 2 - the subsection of the CP "Table Line number" is encrypted with bits [31:24] with a cipher for encrypting the CP (see "Table of ciphers", i=0), written in the line, the number of which is indicated in bits [15:13] of the subsection "Shift step" KP (option No. 2 corresponds to the feature q ₂ =2);

Option number 3 - subsections of the CP "Table Line number" bits [31:24] and "Shift Direction") are encrypted bits [23:16] with a cipher for encrypting the CP (see "Table of ciphers", i = 0), written in the line , the number of which is indicated in bits [12:10] of the subsection "Shiftstep" of the CP (option No. 3 corresponds to the feature q ₃ =3);

Option No. 4 - subsections of the CP "Data Size" bits [7:0], "Table Line number" bits [31:24] and "Shift Direction") are encrypted) bits [23:16] with a cipher for encrypting the CP (see "Table ciphers", i=0), recorded in the line, the number of which is indicated in bits [13:11] of the subsection "Shift step" (option No. 4 corresponds to the feature q ₄ =4); After the randomization operation (random change in the numbers of options for combinations of subsections of the CP), the options were assigned the following new numbers:

- No. 1 became No. 3;

- No. 2 remained No. 2;

- No. 3 became No. 4;

- No. 4 became No. 1.

Of these, the first three issues were selected for further work. And now, in the general case, each number corresponds to new sets of subsections, with the cell numbers of the “Shift step” subsection attached to them, indicating the line number of the “Cipher Table”:

Option number 1 - subsections of the CP "Data Size" bits [7:0], "Table Line number" bits [31:24] and "Shift Direction") are encrypted bits [23:16] with a cipher for encrypting the CP (see "Table ciphers", i=0), recorded in the line, the number of which is indicated in bits [13:11] of the subsection "Shift step" (corresponds to the feature q ₁ =l);

Option No. 2 - the subsection of the CP "Table Line number") is encrypted bits [31:24] with a cipher for encrypting the CP (see "Table of ciphers", i = 0), written in the line, the number of which is indicated in bits [15:13] subsection "Shift step" (corresponds to the feature q ₂ =2);

Option No. 3 - the subsection of the CP "Shift Direction" bits [23:16] is encrypted with the cipher for encrypting the CP (see the "Table of ciphers", i \u003d 0), written in the line, the number of which is indicated in bits [14:12] of the subsection " Shift step» KP (corresponds to the feature q ₃ =3);

Option No. 4 - subsections of the CP "TableLine number" bits [31:24] and "Shift Direction" bits [23:16] are encrypted with a cipher for encrypting the CP (see "Table of ciphers", i = 0), written in the line, number which is specified in bits [12:10] of the subsection "Shift step" (corresponds to the feature q ₄ =4). The procedure for changing variant numbers is similar to the procedure for randomizing data encryption algorithms described above. It also cannot be influenced by the operational composition, also the new set may be smaller than the original one, also the set of options for combinations of CP subsections with new numbers is located in an inaccessible area of the processor memory, the correspondence of the new number to a certain combination of subsections is unknown to the user, and when transferring information from the source to the receiver in bits [9:8] of the subsection "Shift step" of the CP receives only the number of the option (q _i ) from the new randomized set of options for combinations of subsections of the CP, by which it is very difficult to determine the list of encrypted subsections during the operation of the system, and when q ₀ >5 within a limited amount of time is almost impossible.

When setting q _i =0, the described encryption algorithm for various combinations of CP subsections is not applied.

When specifying any natural number from q _i =1,3, the corresponding q _i option of additional encryption of subsections of the CP is implemented, translating the standard encryption algorithm for transmitted information (for q _i =0) into an encryption algorithm of increased complexity.

To additionally hinder unauthorized interference in the process of transmitting information, it is also possible to separately randomize the numbers of bits indicating the string "Cipher Table" in which the cipher used to encrypt the subsections is recorded.

Ведущим выбирается по одной формуле из группы, обеспечивающей максимальный уровень защиты информации Y₃, если этот уровень задан в исходных данных, и по две формулы из группы, одна из которых обеспечивает с точностью не хуже требуемой проверку целостности пересылаемой информации при заданном в исходных данных уровне защиты Ys меньшем максимального (при минимальном Y₁ или среднем Y₂), а вторая при максимальном уровне защиты Y3.2c) Further, from the set of CRC calculation formulas formed at the “Initialization” stage and divided (in this case) into three groups depending on the amount of transmitted information V _i (1st group for (V _i <V ₁ ); 2nd group for (V ₁ =<V _i =<V ₂ ); 3rd group for (V _i >V ₂ )) and containing in each group three formulas that allow evaluating the integrity of the transmitted information depending on the level of protection against malicious information impact Ys _i , where

The leader is selected according to one formula from the group that provides the maximum level of information protection Y ₃ if this level is specified in the source data, and two formulas from the group, one of which provides, with an accuracy no worse than the required one, verification of the integrity of the transmitted information at the level specified in the source data protection Ys less than the maximum (at minimum Y ₁ or average Y ₂ ), and the second at the maximum level of protection Y3.

The generated block of formulas is a set of no more than six formulas, divided into three groups depending on the amount of transmitted information, which is placed in the protected memory of the Master processor for its subsequent transfer to all Slaves (in this example, since Y _s =3 (see p. 1 of this section), the generated block of formulas is a set of three formulas).

2 d) Then the Leader forms the "Table of ciphers" (see Table 1). Its formation is carried out in the following sequence:

Выработанные случайные числа записываются в «Таблицу шифров» (см. табл.1) сверху вниз, начиная с j=1 до j=Мо, причем, сначала в столбец [3] «Смещение записи CRC в поле CRC32 КП (Q=0)» подраздела «CRC (z=0)» раздела «Контрольный пакет (i=0)» - nj, затем в столбец [5] «Смещение записи CRC в поле CRC32 ПД (Q=0)» подраздела «CRC (z=1)» раздела «Пакет данных (i=1)» -m_j, а затем в столбец [8] «Смещение записи данных в поле данных ПД (Q=0)» подраздела «Данные (z=2)» раздела «Пакет данных» (i=1) - p_j. Выработанные с помощью ГННСЧ случайные числа n_j, m_j и p_j определяют номер бита, с которого начинается запись соответствующего параметра в поле записи.The Master issues a command to its GNSS to generate Mo (Mo=11) random numbers n _j , Mo random numbers m _j , and Mo random numbers p _j , where

The generated random numbers are recorded in the “Cipher Table” (see Table 1) from top to bottom, starting from j=1 to j=Mo, and, first, in column [3] “CRC record offset in the CRC32 field of the CP (Q=0) » subsection “CRC (z=0)” of the section “Control packet (i=0)” - nj, then to column [5] “CRC record offset in the field CRC32 PD (Q=0)” of the subsection “CRC (z=1 )" of the section "Data Packet (i=1)" -m _j , and then to column [8] "Offset of the data record in the PD data field (Q=0)" of the subsection "Data (z=2)" of the section "Data Packet » (i=1) - p _j . The random numbers n _j , m _j , and p _j generated using the GNSS determine the bit number from which the recording of the corresponding parameter in the recording field begins.

Column [2] of the table (1 with _j ) - “CRC filling direction in the field CRC32 CP (Q=1)” of the subsection “CRC (z=0)” of the section “Control package” (i=0)”, column [4] -(rd _j ) - “Filling direction of CRC in field CRC32 PD (Q=l)” of subsection “CRC (z=l)” of section “Data packet” (i=l) and column [7] - (drj) - “ The direction of filling in the data in the data field of the PD in the option k _j (Q=1) "of the subsection" Data "(z=2)" of the section "Data package" (i=l) are filled in sequentially, and after receiving each random number:

- lc _j , filled in after each n _j , for

- rd _j , - after each m _j , for

- dr _j , - after each p _j , for

In the described example of the implementation of the proposed encryption method, the following algorithms for determining k _j , rd _j and dr _j are used:

- for the "Controlling stake" section (i=0):

If n _j <=Mmax /2, then lc _j :=0 and write this value lc _j in line j of the column "CRC filling direction in the field CRC32 KP (Q=l)" of the subsection "CRC (z=0)" of the section " Controlling stake (i=0)""Tables of ciphers"; If n _j >Mmax/12, then lc _j :=1 and write this value lc _j in line j of the column "Filling direction of CRC in field CRC32 CP (Q=l)" of subsection "CRC (z=0)" of section "Control package (i=0)""Tables of ciphers";

- for the "Data Packet" section (i=l) of the "CRC (z=l)" subsection:

If m _j <=Mmax /2, then rd _j :=0 and write this value in line j of the column "Filling direction of CRC in the field CRC32 PD (Q=l)" of the subsection "CRC (z=l)" of the section "Data packet (i=l)""Tables of ciphers";

If m _j >Mmax /2, then rd _j :=1 and write this value in line j of the column "Filling direction of CRC in the field CRC32 PD" of the subsection "CRC (z=l)" of the section "Data packet, (i=1) » «Tables of ciphers»;

- and for the "Data package" section (i=1) of the "Data (z=2)" subsection:

If p _j <=Mmax /2, then dr _j :=0 and write this value dr _j in line j of the column "Direction of filling data in the PD data field in option k _j (Q=l)" of the subsection "Data (z=2 )” section “Data packet 0=1)” “Cipher tables”; If p _j >Mmax /2, then dr _j :=1 and write this value dr _j in line j of the column "Direction of filling data in the PD data field in option k _j (Q=l)" of the subsection "Data (z=2) » section «Data package, (i=1)» «Cipher tables». The semantic meaning of the signs lc _j , rd _j and dr _j , recorded in the j-th line of the "Cipher Table" in the subsections "CRC (z=0)", "CRC (z=l)" and "Data (z=2)" ) and defining the direction of filling in the corresponding fields of the CP and PD, is determined by the software architect and means, as, for example, in our case:

- "0" - the direction of filling in the corresponding field - "from right to left";

- "1" - the direction of filling the field - "from left to right".

Column [6] "Cipher tables" - "Option of PD data encryption (Q=2)" of the subsection "Data (z=2)" in the section "Data package (i=1)" - (k _j ) is filled sequentially for each j after determining dr _j =f(p _j ) according to the a priori accepted algorithm. In this case (with Mmax=12, ak _j ^max =5) the following algorithm for determining k _j is used:

If 0<=p _j <[Mmax / k _j ^max ], where [] - means taking the integer part from dividing Mmax / k _j ^max , then k _j :=1 and in line j of the column “PD data encryption option (Q= 2)" of the subsection "Data (z=2)" of the section "Data package (i=l)" is written "1";

If [Mmax / k _j ^max ]<=p _j <2[Mmax / k _j ^max ], then k _j :=2 and in line j of the column "Option for encrypting PD data (Q=2)" of the subsection "Data 2)" section "Data package (i=l)" is written "2";

If 2 [Mmax / k _j ^max ]<=p _j <3[Mmax / k _j ^max ], then k _j :=3 and in line j of the column "Option for encrypting PD data (Q=2)" of the subsection "Data (z =2)" section "Data Package" (i=l) is written "3";

If 3[Mmax / k _j ^max ]<=p _j <4[Mmax / k _j ^max ], to k _j :=4 =2)" section "Data package" (i=l) is written "4";

If 4 [Mmax / k _j ^max ]<=p _j <=5 [Mmax / k _j ^max ], then k _j :=5 and in line j of the column "Option for encrypting PD data (Q=2)" of the subsection "Data ( z=2)" section "Data package" (i=l) is written "5".

Filling in the column [6] "Cipher table" is the last operation in the procedure of its formation - "Cipher table" is formed.

Of course, the algorithms for generating the signs “Filling direction ...” (lc _j , rd _j and dr _j ), the sign “PD data encryption option” - (k _j ) and the signs of the encryption algorithm of the CP subsections may be different, but it is necessary that the terminals (Slave) perceived the new rules as "conceived" by the Master. To do this, it is necessary and sufficient to develop appropriate working algorithms for implementing the new rule and ensure their transmission to all terminals of the system, which is not a problem.

3) Then the microcontroller Master _a transmits over a secure (closed) channel to all Slaves (Slave) participating in the system:

- generated block (set) of initial data (parameters Mo, Mmin, Mmax, Yi, k _j ^max , and features Pk, Rk, q _i and ADP);

- generated block with a set of k _j ^max "randomized options for encryption of PD data" and their corresponding features (k _j );

- formed block q ₀ of randomized variants of various combinations of subsections of the CP with the cell numbers of the subsection "Shift step" indicated in them, in which the line number of the "Cipher Table" is entered, which determines the encryption logic of the corresponding subsections of the CP, with signs q _i (q _i =1, _q0 );

- a generated block with a set of formulas for calculating checksums that allow, with an accuracy no worse than required, to confirm the integrity of the information received by the receiver, depending on the amount of transmitted data and the level of information protection from malicious information impact specified in the initial data;

- "Table of ciphers";

- its digital fingerprint and instructs the Slaves to "initialize" their internal interface circuits;

которое определяет номер строки в «Таблице шифров», а конкретные параметры шифрования («Смещение» и «Направление заполнения») всегда берутся из соответствующих столбцов подраздела «CRC (z=1)» раздела «Пакет данных (i=1)» и строки «S*»;4) Next, the internal contours of the Slaves (Slave) are initialized, which consists in the fact that each Slave forms its own unique digital fingerprint of the terminal using its GNNSCH and encrypts it before transmitting them to Master _y . The encryption parameters of fingerprints in each node are determined by a single algorithm for all Slaves, but since each node uses the results of its unique GNSS, the ciphers used in each node are different. In this case, the algorithm for determining fingerprint encryption parameters is adopted as follows: the internal local generator of non-stationary natural random numbers of each node (Slave) generates a random number "S*" from the range

which defines the line number in the “Cipher Table”, and the specific encryption parameters (“Offset” and “Fill Direction”) are always taken from the corresponding columns of the “CRC (z=1)” subsection of the “Data Packet (i=1)” section and the line "S*";

All sources of information (Slave and Master) in their structure contain GNSS, the non-stationarity of which is ensured by supplying to their input their own special values inherent only to this source, which are of a non-stationary nature: the temperature inside the integrated circuit and the signal from the output of the trigger, which is in a metastable state during the transition signal to the new synchronization domain.

5) Further, each Slave of the system places his digital fingerprint in a protected memory area inaccessible to the operational staff and received from the Master: “Cipher table”, a set of formulas for calculating checksums to check the integrity of the information received, a randomized set of PD data encryption options with their corresponding features k _j , a randomized set of options for combinations of ciphered subsections of the CP with the corresponding features q _i and the Master's digital fingerprint.

6) Then, each Slave sends a copy of his digital fingerprint to the Master as part of the CP in the “Terminal Stamp” subsection (see Table 2. The structure of the CP subsections in the “With data encryption” and “Without data encryption” modes) via a closed (secure) channel. in encrypted form and a signal of their readiness for "regular work";

7) Further, the Master, having received through a closed (secure) channel from all Slaves, unique digital fingerprints of devices, the use of which in the process of information exchange helps him exclude the possibility of replacing the standard device, to which he addressed with a request, with a malicious device and significantly increase the level of system security, forms a correspondence table “Terminal Address - Fingerprint”, which includes the digital fingerprint of the Master himself, which, together with the “Cipher Table”, a set of formulas for calculating checksums, allows, with an accuracy no worse than required, to confirm the integrity of the information received by the receiver, depending on the volume transmitted data with the degree of protection of information from malicious information impact specified in the initial data, a set k _j ^max of "randomized options for encrypting PD data" with the corresponding features k _j , and a set of randomized options for combinations of encrypted subsections of the CP with the corresponding features q _i places a protected memory area of its processor in a protected area inaccessible to the operational staff.

8) Having received a signal of readiness for “normal operation” from all Slave devices, the Master generates for the system operator a signal of readiness for the operation of the system as a whole.

As a result, after the completion of the “initialization” stage, in the protected memory area of the processor of each Slave device of the system, which is inaccessible to the operational staff, the following remains unknown to the operational staff:

- your digital fingerprint of the device;

- your address and address space number; as well as received from the Host:

- address and address space number of the Master;

- "Table of ciphers";

- a set (block) of formulas for checking the integrity of sent information of various volumes in the general case for a given and maximum level of information protection Y _s ;

- a randomized set (block) of "PD data encryption options" with their corresponding features k _j ;

- a randomized set (block) of options for combinations of encrypted subsections of the CP with the corresponding features q _i ;

- digital fingerprint of the presenter,

and in the protected area of the memory of the processor of the Master unit of the system, inaccessible to the operational staff, unknown to the operational staff are stored:

- correspondence table "Terminal address - Fingerprint" of all devices of the system, including digital fingerprints, addresses and numbers of address spaces of all Slaves and the Master itself, as well as transmitted to all Slaves:

- "Table of ciphers";

- a set (block) of formulas for checking the integrity of the received information;

- a set (block) of randomized variants of PD data encryption with their corresponding features k _j ;

- a randomized set of options for combinations of encrypted subsections of the CP with the corresponding features q _i .

2.3. "Regular" operation in the "With data encryption" mode.

Data exchange on the bus in the "normal operation" mode with data encryption occurs in accordance with the system working algorithm in the encryption logic described in clause 1.2. of the proposed method, through messages, the formats of which are presented in Fig. 3, and the structures of the packets included in the messages - in FIG. 4 and 6 for the CP and in Fig. 5 for PD.

The claimed interface is implemented in each terminal (Master or Slave) in the form of two circuits and has the following features:

a) Internal contour:

- the inner contour of each is hidden from the user, the user does not have direct access to it;

- operating parameters of the internal circuits of the Slaves and the Master (a set of formulas for calculating checksums to check the integrity of the received information, a block of randomized options for encrypting PD data with the corresponding features k _j , a block of randomized options for combinations of encrypted subsections of the CP with the corresponding features q _i and a set of ciphers and encryption logics subsections of the CP and data of the PD, presented in the form of a "Table of ciphers") are formed automatically at the stage of "initialization" without the possibility of influencing their choice of the operational staff both in the process of formation and in the process of placing them in the protected memory of their processors;

- the operating parameters of the internal circuits of all Slaves and the Master are identical, with the exception of:

- Slaves in a protected memory area inaccessible to the operational staff of their processors additionally store their digital fingerprints, the digital fingerprint of the Master, their addresses and address space numbers;

- The Master in his protected memory area additionally stores a correspondence table ("Terminal Address - Fingerprint"), which stores digital fingerprints of all Slaves and the Master's digital fingerprint, linked to their addresses and address space;

- transmission of messages from the Master to the Slave and back at the "initialization" stage (the stage of forming the parameters of the internal loop) is carried out via a closed secure channel;

b) External contour:

- external loop of the interface - a loop with which the operator-user controls the information protection mode:

- chooses at first and fixes in the initial data the operating mode of the system: with encryption or without encryption;

- changes the mode of operation of the system when changing the conditions of external information counteraction: with or without encryption;

- defines (changes) encryption parameters:

- standard encryption or advanced encryption;

- with CP and PD encryption according to a single option or with CP and PD encryption according to various options,

but does not have the ability to read the list of encrypted data, the ciphers used and the logic of their application;

The claimed TSI interface can operate in two modes: without encryption and with information encryption. Work without encryption of information is used in conditions where the possibility of distortion and substitution of any transmitted information is excluded. Working with information encryption - when it is necessary to ensure the regular operation of the control object in the conditions of information counteraction.

In the course of work on the implementation of the invention were developed:

- GNNSCH, the non-stationarity of which is ensured by supplying to its input variables of a non-stationary nature: the temperature inside the integrated circuit and the signal from the output of the trigger, which is in a metastable state when the signal passes into a new synchronization domain, and the distribution law of the values \u200b\u200bgiven by it obeys a uniform distribution law;

- a receiving/transmitting unit designed for hardware and software implementation of the TSI protocol;

- TSI protocol, which allowed:

-test the technical feasibility of the proposed method of dynamic encryption of information;

- to confirm the achievement of the goal of the invention - providing the ACS with information exactly corresponding to the information transmitted by the source in the face of external hostile information countermeasures, failure of the ACS or unintentional errors of the operational staff. Experiments conducted on an experimental control system of an energy facility with a data encryption subsystem according to the claimed method confirmed that:

- the claimed dynamic encryption of information is technically feasible;

- the claimed dynamic encryption of information makes it possible to practically protect the receiver from receiving intentionally or unintentionally distorted data by providing:

- uncertainty and unpredictability of the ciphers used (the list of data to be encrypted, the ciphers used and the encryption logic);

- constant and random variability of ciphers (the cipher changes in each transmission of each source, regardless of other sources of information);

- transmission of indirect data about the cipher used in the transmitted message;

- the receiver, with a high probability, determines false information (does not accept false information as reliable) and does not transmit it to the control system to generate a control action, which is especially necessary when managing dangerous and critical industrial facilities today and in the future.

Guaranteed delivery to the receiver of information exactly corresponding to the information transmitted by the source provides a significant increase in the level of functional security of the system (ACS with a control object), allows the ACS developer to focus on creating an optimal control system and creates prerequisites for its adaptation to the level of severity of malicious information impact (automatic selection of the degree complexity of information encryption).

The hardware-software implementation of the encryption method in the form of the TSI interface confirmed the following:

1. The claimed group of inventions is technically feasible, functions correctly, and makes it possible with a high probability to solve the task of delivering information to the receiver exactly corresponding to the information transmitted by the source.

2. The use of the claimed group of inventions provides a significant increase in the level of functional safety of the system (ACS with a control object), due to the practical impossibility of deliberate substitution or acceptance of information accidentally distorted due to operator error or failure of the ACS, information as reliable.

3. The claimed interface can be used in automated control systems (ACS) of complex, dangerous, responsible and expensive objects.

Terminology used: 1. Coding - converting data into another format in order to organize more rational storage, processing and transmission of data. The coding uses a public, well-known, easily applied scheme. As a rule, encoded information is presented more compactly and is well suited for storage, processing and transmission by software and hardware.

2. Encryption - data transformation, which significantly complicates the use of malicious software (VPO) to read and organize the impact on the information environment of the system, in order to reduce the level of system security. Depending on the degree of protection, encryption is divided into:

a) Standard encryption (standard information protection) - encryption of the checksum (CRC) of the control packet (CP), data packet data (PD) and CRC PD without encryption of CP subsections;

b) Encryption of increased complexity (high level of information protection) - encryption of the CRC of the CP, various subsections of the CP unknown to the operational staff, data of PD and CRC of PD.

3. Static encryption - encryption of information according to a priori selected and unchangeable rule during the operation of the system, for example, attaching to useful data recorded in N bits of a data field of the same size (N bits) of a random variable received from a white noise generator.

4. Dynamic encryption - encryption by each source of information of each packet in each message with a previously unknown, unpredictable, different random cipher according to a rule randomly determined in the course of work.

5. VPO (malicious software) - a specially created program that allows unintended users to perform actions in the information environment of the system that harm the user of this network or system, reducing the level of system security.

6. Hardware encryption - an encryption process performed using specialized computing devices.

7. Software-hardware encryption - a process in which encryption is carried out using software and specialized computing devices.

8. Sign of encryption (Pk), characterizes the operating conditions of the system:

a) Work in harsh conditions of information counteraction - work with information encryption (Рk=1).

b) Work in favorable conditions, when the possibility of external information influence on the system is excluded in order to distort or replace the transmitted information - work without information encryption (Рk=0).

9. Encryption mode (can be of two types):

a) Encryption of packages using a single set of ciphers - encryption of the control packet (CP) and data packet (PD) is carried out using a single set of ciphers contained in one line of the "Cipher Table", that is, when the list of parameters to be encrypted, the ciphers and the logic of their application for encryption KP and PD is determined by one line of the table.

b) Encryption of packages according to different cipher sets - CP and PD packages are encrypted using different cipher sets, that is, the CP cipher set is determined by one line, and the PD cipher set - by another line of the "Cipher Table".

10. Information transfer modes:

a) "Read" mode ("request for reading") - an operation carried out between two devices, in which useful information (the result of "reading") is transmitted from the response device to the requested requester (initiating the reading);

b) “Record” mode (request for “record”) - an operation carried out between two devices, in which useful information (the result of “record”) is transmitted from the requesting (initiating the recording) device to the receiving one.

11. Format - a set of packets in one message.

12. Package structure - a strict division of the package (package of information) into subsections, bytes and bits of a specific functional purpose.

13. ADP - a sign of providing (using) the maximum or necessary and sufficient amount of memory for / when recording the characteristics of parameters:

a) ADP=0 - means: for/when recording the characteristics of the terminal subscribers' parameters, the maximum amount of memory was provided/used;

b) ADP=1 - means: when writing the characteristics of the terminal subscribers' parameters in the PD, the amount of memory used is less than that provided, but sufficient for their accurate recording.

14. GNNSCH - a generator of non-stationary natural random numbers - a device that generates non-stationary natural random numbers, the non-stationarity of which is ensured by supplying to its input variables of a non-stationary nature, the temperature inside the integrated circuit and the signal from the trigger output, which is in a metastable state when the signal changes to a new synchronization domain, and the law of distribution of random numbers obeys the uniform distribution law.

15. Randomization - the process of randomly changing the numbers of some a priori numbered set (carried out at the "Initialization" stage).

16. Integrity of information - a term meaning that the data during the transmission operation from the transmitter (Master or Slave) to the receiver (Slave or Master) has not been changed.

17. Reliability of information - a term characterizing the absence of false or in any way distorted information in the information received from the source. The information received by the receiver is considered reliable if it exactly matches the information transmitted by the information source. The criterion for the reliability of information is the integrity of the information packets included in the message format.

18. Information security - a property of the system that ensures the receipt of reliable information in the face of external malicious information counteraction, operator error or software and hardware failure and excludes the possibility of accepting false information as reliable.

19. Functional safety - a property of the system that ensures correct (safe) control (performance of specified functions) in real operating conditions (external information counteraction, software or hardware failure, etc.). Easily provided when obtaining reliable information.

Used sources

1. Messi D.L. Introduction to modern cryptology. - TIIER, 1988, v. 176, No. 5. - S. 24-42.

2. GOST 28147-89. Information processing systems. Cryptographic protection. Cryptographic transformation algorithm.

3. Shannon K.E. Communication theory in secret systems - Works on information theory and cybernetics. M. IL, 1963 - S. 333-402.

4. Karpov A.V., Sidorov V.V. A method for protecting information in a meteor radio channel by encryption by a random natural process. Patent for invention RU No. 2265957 C1, priority dated 25.02.2004, 10.12.2005, Bull. No. 34. (analogue).

5. Sidorov V.V., Sherstyukov O.N., Sulimov A.I. Way to protect information. Patent for invention RU No. 2423800 C2, priority dated May 13, 2010, publ. 07/10/2011. Bull. No. 19. - 9 s. (analogue).

6. GOST R 50016-92. Compatibility of technical means is electromagnetic. RF bandwidth requirements and out-of-band emissions from radio transmitters. Methods of measurement and control. - M.: Publishing house of standards, 1993.

7. GOST R 50842-95. Compatibility of radio electronic means is electromagnetic. Radio transmitting devices for national economic use. Requirements for spurious radio emissions. Methods of measurement and control. - M.: Publishing house of standards, 1996.

8. Sulimov A.I., Sherstyukov O.N., Karpov A.V., Kayumov I.R., Smolyakov A.D.

Way to protect information. Patent for invention RU No. 2527734 C2, priority dated 04/04/2012, publ. 09/10/2014. Bull. No. 25 (prototype).

Claims (2)

1. A method for protecting transmitted information based on encryption and decryption of messages using the operation of mutual identification of exchange participants, characterized in that: a stage is introduced - “initialization”, at which the Master (Master-Master), preparing the system for regular operation, automatically , without the possibility of the operational staff to influence the procedure and the result, generates in itself, using a generator of non-stationary sequences of natural random numbers (GNNSN), the non-stationarity of sequences of which is ensured by supplying to the input of the generator of variable temperature values inside the integrated circuit and the signal from the output of the trigger, which is in a metastable state when the signal transitions to a new synchronization domain, “Cipher Table”, dimensions Lo x Mo, where Lo is the total number of encrypted parameters and data in the control packet (CP) and data packet (PD), and Mo is the number of different combinations of lists of encrypted parameters and data, their ciphers and logics enciphering the CP and PD of each message, randomizes a priori given sets of options for encrypting PD data with their corresponding features kj and options for combinations of encrypted CP subsections with the corresponding features qi, creates its own digital fingerprint, and also generates a set of formulas for calculating the checksum (CRC) that provide, with an accuracy no worse than required, checking the integrity of the information sent in each packet, depending on its volume and the level of protection against malicious information impact, divided into at least three groups according to the amount of information sent and containing within each group no more than two formulas corresponding to different levels protection, which together with its address and address space number through a request transmits over a closed channel to all Slaves (Slave devices - Slaves) participating in the system, receives from each Slave over a private channel a unique digital fingerprint of the device, generated by the Slave itself with the help of after which it forms a correspondence table “Terminal Address - Fingerprint”, which includes its digital fingerprint, its address and its address space number, digital fingerprints of the Slave devices, their addresses and address space numbers, which, together with the “Cipher Table”, a set of formulas for calculating CRC, randomized sets of data encryption options for the PD with the corresponding features kj and options for combinations of encrypted subsections of the CP with the corresponding features qi places it in a protected memory area inaccessible to the operational staff, and each Slave device of the system places it in a protected memory area inaccessible to the operational staff its processor, its digital fingerprint, the address of its terminal and the number of its address space and transmitted by the Master: "Cipher table", a set of formulas for calculating CRC, to check the integrity of information, randomized sets of data encryption options for PD with their corresponding features kj and options in combinations of encrypted subsections of the CP with the corresponding signs qi, the digital fingerprint of the Master, his address and the number of his address space and transmits to the Master a signal of its readiness for operation, which, after receiving a signal of readiness for operation from all Slave devices, generates the signal "System is ready for operation" and after the command of the operator "Start" proceeds directly to the working stage in the conditions of information counteraction - "normal work", during which the Master in a cycle receives encrypted information from all the Slaves of the system, decrypts it, integrates it and transfers it to the automated control system (ACS) in logic, a certain system algorithm, and to encrypt the transmitted information, the Slave and the Master use the dynamic encryption method, which consists in the fact that each packet (CP and PD) is encrypted in each message of each information source (Master and Slave) changeable, random, independent of history, unpredictable , unknown to the operational staff and the developer with a cipher determined immediately before sending a message using their own GNNSC, subject to a uniform distribution law, which, before each message is sent, randomly generates specific variant numbers from a randomized set of PD data encryption options, a variant from a randomized set of options for combinations of encrypted CP subsections and lines from the "Cipher Table", with the list of encrypted parameters and data indicated in them, ciphers and the logic of their application, while the receiver in the message receives only the numbers of options in the sets and the line number or line numbers, depending on the encryption mode, in “Cipher table”, which are random, independent of history, numbers that are changed in each transmission, generated by its GNNSC, understandable to the receiver and allowing it, using its randomized sets of PD data encryption options and options for combinations of encrypted subsections K P, as well as the "Table of ciphers", identical with the sets of options and the "Table of ciphers" of the source, determine the encryption parameters of the message used by the source and decrypt the transmitted message, while the subsection is additionally introduced into the KP format, in which the Master immediately before sending the message to the Slave writes " code word”, which is a random number that is changed in each transmission, generated by the GNNSCH, which the Slave returns to the CP of the response message, confirming his authority to respond to a specific request of the Master. 2. Automated Object Management System, which implements an interface with information encryption, based on the encryption and decryption of messages using the operation of mutual identification of exchange participants, characterized in that the system contains a Master device and Slave devices connected by a bus, with each of the Master and Slave devices include a receiving-transmitting unit, as well as a Generator of non-stationary sequences of natural random numbers and a secure memory connected to the receiving-transmitting unit, and in the receiving-transmitting unit of each of the devices, an internal loop is allocated, the setting of which for the implementation of the proposed encryption method is carried out before starting operation of the system at the “initialization” stage, for this, in the internal circuit of the Master device, secretly, without the possibility of the operational staff influencing the result, the composition and parameter values \u200b\u200bare automatically formed unknown to the operational staff and the system developer, x to encrypt the transmitted information using the proposed dynamic encryption method: "Cipher table", randomized sets of PD data encryption options and options for combinations of encrypted CP subsections that determine possible lists of encrypted parameters, the ciphers themselves and the encryption logic of the transmitted data, checksum calculation formulas that provide, with an accuracy no worse than required, checking the integrity of the information sent in each packet, depending on its volume and level of protection against malicious information impact, and its own unique digital fingerprint, which, together with its address and address space number, is replicated by the Master device over a closed channel to each Slave device of the system , the internal contours of which are secretly, without the possibility of the operational staff influencing the result, automatically form their unique digital fingerprints unknown to the operational staff and the system developer, which, together with their address and address number space is sent over a closed channel to the Master, and the encryption data received from the Master, together with its unique digital fingerprint, address and address space number, and its unique digital fingerprint, together with its address and address space number, are placed in its secure memory, which provides covert storage in inaccessible to the operating staff of the protected RAM of the processor of each device, completing the configuration of the internal contours of the Slaves, while the Master, having received through a closed channel from each Slave device, along with its address and address space number, unique digital fingerprints formed by them unknown to the operational staff and the system developer, forms a table correspondence "Terminal Address - Fingerprint", which includes its digital fingerprint, its address and the number of its address space, digital fingerprints of the Slaves, their addresses and numbers of address spaces, which, together with those previously generated by him encryption parameters: "Cipher table" and randomized sets of encryption options for PD data and options for combinations of encrypted subsections of the CP, which determine the list of encrypted parameters, the ciphers themselves and the encryption logic transmitted in each packet of each message of each data source of information, and checksum calculation formulas that provide, with an accuracy no worse than required, checks the integrity of the information sent in each packet, depending on its volume and the level of protection against malicious information impact, places it in its protected memory, which provides covert storage in the protected RAM of the processor inaccessible to the operational staff, and this completes the configuration of its of the internal circuit and the system as a whole, by setting the same initial data in the internal circuits of the Master device and the Slave devices of the system: the same “Cipher tables” that determine the possible lists of encrypted parameters, their ciphers and encryption logic, however randomized sets of variants of data encryption algorithms and variants of combinations of various subsections of the CP to be encrypted, the same set of formulas that provide verification with an accuracy not worse than the required integrity of the information sent by the source, depending on its volume and the specified level of protection against malicious information impact, allowing to at the stage of "regular work" to implement a method of dynamic encryption of information, which consists in the fact that each packet in each message of each information source is encrypted with a variable, random, history-independent, unpredictable, unknown to the operational staff and the developer with a cipher determined immediately before sending the message using its own GNNSCH, which generates a non-stationary sequence of natural random numbers, obeying a uniform distribution law, due to the input of each generator with two variables of its device, which have a non-stationary nature , temperature inside the integrated circuit and the signal from the output of the trigger, which is in a metastable state when the signal passes to a new synchronization domain, and each packet of each message is decrypted by each receiver of information, according to the numbers of options in randomized sets of options for data encryption algorithms and options for combinations of various subsections of the CP, by line number or line numbers, depending on the encryption mode, in the “Cipher Table”, transmitted in the message by the source of information, understandable to the receiver and allowing him, using his randomized blocks of encryption options for PD data and options for combinations of encrypted CP subsections, as well as “Tables ciphers” that are identical to the variant blocks and the “Cipher Table” of the source, determine the message encryption parameters used by the source and decrypt the transmitted message, while for the exchange of encrypted information in each of the devices the TSI protocol is implemented, and the Slave devices implement the protocol for exchange of TSI encrypted information with the BCP of the Master device, and in the receiving-transmitting unit of the Master device, the system protocol for the exchange of encrypted information TSI with all modules of the Slave devices is implemented.

Images