-
公开(公告)号:US20200042747A1
公开(公告)日:2020-02-06
申请号:US16316205
申请日:2018-06-07
Inventor: Haibin YU , Peng ZENG , Wenli SHANG , Xianda LIU , Jianming ZHAO , Long YIN , Chunyu CHEN
Abstract: The present invention relates to a security processing unit of PLC and a bus arbitration method thereof, to provide PLC with an active defense means to build a PLC hardware and software security layer. On a hardware security layer, a part of hardware processing mechanism is added to support trusted measurement, encryption algorithms and signature algorithms, and a virtual isolation technology is used; and on a software security layer, transparent encryption and decryption, integrity verification, backup recovery and virtual isolation security mechanism are provided. The security processing aspect is improved to achieve the purpose of security and reliability. The present invention can correctly establish a trusted environment of PLC to ensure that PLC is guided by a strictly verified path. A new star type trusted structure is designed to reduce loss during information transmission and increase information transmission efficiency.
-
2.发明申请公开(公告)号:US20180288084A1
公开(公告)日:2018-10-04
申请号:US15572643
申请日:2017-04-17
Inventor: Wenli SHANG , Jianming ZHAO , Ming WAN , Xianda LIU , Long YIN , Peng ZENG , Haibin YU
Abstract: The present application discloses a method for automatically establishing an intrusion detection model based on an industrial control network, including: judging whether a first intrusion detection model meets preset detection requirements, and extracting communication behavior traffic data in real time if not; setting a training data set and a test date set according to the communication behavior traffic data; establishing an initial intrusion detection model according to the training data set; and testing the initial intrusion detection model using the test date set, and establishing a second intrusion detection model meeting the preset detection requirements according to the test result. The second intrusion detection model has high detection accuracy, thereby increasing intrusion detection rate of abnormal behavior and reducing false positive rate and false negative rate.
-
Patent Agency Ranking
公开(公告)号:US20210367753A1
公开(公告)日:2021-11-25
申请号:US16636727
申请日:2019-02-21
Inventor: Wenli SHANG , Peng ZENG , Long YIN , Chunyu CHEN , Jianming ZHAO , Xianda LIU , Guoyu TONG
Abstract: The present invention relates to a trusted measurement and control network authentication method based on double cryptographic values and chaotic encryption. The specific method comprises realizing identity authentication and key negotiation processes through double cryptographic values and chaotic public key ciphers and realizing secure transmission and verification of user identity credentials on the basis of building a trust chain through trusted computation for realizing a secure and trusted operating environment, thereby building a secure and trusted data transmission channel. The identity authentication method in the present invention comprises multiple links such as secure generation of user identity identifiers, read protection encapsulation, secure transmission and key negotiation. Each link adopts a unique and confidential cryptographic function for secure data generation, thereby ensuring the security of the authentication device access in an industrial measurement and control network.
-
公开(公告)号:US20200045023A1
公开(公告)日:2020-02-06
申请号:US16316290
申请日:2018-06-07
Inventor: Haibin YU , Peng ZENG , Wenli SHANG , Long YIN , Xianda LIU , Jianming ZHAO , Chunyu CHEN
Abstract: The present invention relates to a network guard unit for an industrial embedded system and a guard method. The specific method is to form the network guard unit (NGU) through security technologies, such as integrated access control, identity authentication and communication data encryption, to provide active guard for a site control device. The NGU comprises an access control module, an identity authentication module, a data encryption module, a key negotiation module and a PCIE communication module, and supports the communication modes of dual network cards and PCIE bus. The present invention builds a secure and trusted operating environment for industrial control systems in combination with an active guard technical means in the field of information security on the basis of ensuring the correctness and the feasibility of security of various terminal devices in the industrial control systems.
-
公开(公告)号:US20210065021A1
公开(公告)日:2021-03-04
申请号:US16636736
申请日:2019-02-21
Inventor: Wenli SHANG , Peng ZENG , Xianda LIU , Jianming ZHAO , Long YIN , Chunyu CHEN , Jiansong AO , Guoyu TONG
Abstract: The present invention relates to a working condition state modeling and model correcting method, comprising collecting data, and arranging the data in a chronological order to form a time sequence data set; preprocessing the time sequence data set; clustering the preprocessed time sequence data set, computing a central point data set of the duster, and generating a working condition data set and a working condition process data set; counting a working condition transition probability for the working condition process data set to form a working condition transition probability model data set; collecting the data, and detecting and processing the data; computing a working condition state transition mode phase by phase and processing. The present invention is based on a counting modeling method, introduces expert prior knowledge to correct the established model gradually, enables the model range to cover the overall system working condition state and solves the problem of low coverage rage in the mechanism analysis modeling methods and the counting modeling method, The present invention can be used as the input of an abnormal working condition diagnosis method, and can effectively improve the accuracy rate of abnormality diagnosis.
-
公开(公告)号:US20200042711A1
公开(公告)日:2020-02-06
申请号:US16316269
申请日:2018-05-07
Inventor: Haibin YU , Peng ZENG , Wenli SHANG , Jianming ZHAO , Xianda LIU , Long YIN , Chunyu CHEN
IPC: G06F21/57 , G06F9/4401
Abstract: A method for starting a trusted embedded platform based on TPM industrial control includes taking a Core Root of Trust Measurement (CRTM) as a source of a trust chain and executing CRTM after electrifying an embedded platform; conducting trust measurement of BIOS and starting BIOS after passing measurement; BIOS measuring Bootloader and extending a measured value into PCR corresponding to TPM; after passing the measurement, transferring a control execution right to Bootloader; and Bootloader measuring OS kernel start process, recording a measured value into PCR of TPM, and executing a start flow of OS after passing the measurement. The method performs measurement before start of each part of a start process, and measured values are also stored in the PCR corresponding to TPM. When the start process is tampered by an attacker, an integrity measurement mechanism terminates the execution of a program, thereby ensuring the security of the embedded platform.
-
公开(公告)号:US20190253444A1
公开(公告)日:2019-08-15
申请号:US16317493
申请日:2018-05-07
Inventor: Haibin YU , Peng ZENG , Wenli SHANG , Jianming ZHAO , Xianda LIU , Long YIN , Chunyu CHEN
CPC classification number: H04L63/1425 , G05B19/05 , G06F21/44 , H04L29/06 , H04L63/0435 , H04L63/0823 , H04L63/102
Abstract: The present invention relates to a dynamic security method and system based on multi-fusion linkage response. In the method, a site control device conducts active response and passive response through identity authentication and key management to give an alarm for abnormal behaviors. The system comprises an access authentication active response module, an access control active response module, an access control passive response module, an abnormal pretending passive response module, a key vulnerability passive response module and an abnormal state passive response mechanism module. On the basis of ensuring validity and feasibility for the security of a terminal device, the present invention can build a secure and trusted industrial control system operating environment.
-
-
-
-
-
-
Search Results
7
records
(took 0.014 seconds)
