37results about How to "Implement security testing" patented technology

The invention relates to a risk assessment method suitable for an industrial control system. According to the method, modeling is performed on a target network by using a hierarchical modeling method based on the security attribute, and modeling is performed on the capacity of an attacker in the attack process by using an attack mode knowledge base; then a hierarchical attack graph is constructed according to the security model of the target network and the attacker, and the attack graph is converted into an attack tree; and then a hierarchical risk evaluation index system is constructed by using a hierarchical index analysis method, and comprehensive judgment is performed by using a layer-by-layer weighing method so that the risk assessment result of the industrial control system can be obtained. The system or equipment does not need to be offline in the analysis method, and the method is a risk assessment and management tool based on combination of qualitative and quantitative analysis of the model so that the security hidden trouble in the industrial control system can be discovered, and the security assessment level of the industrial control system can be enhanced.

The invention discloses a penetration testing method for a GAP isolation and exchange device. The method comprises the concrete steps that (a) policy configuration is tested, wherein according to the working principle, the function and the implementation mode of the tested device, applicable test cases are selected from a preset penetration testing rule base, and test environment parameters are configured; (b) a network attack session is generated, wherein an independent client program and an independent server program are established, hosts in networks at the two ends of the tested device are respectively simulated, afterwards, test plugins corresponding to the test cases are respectively called, and the test environment parameters configured in the step (a) are passed to the test plugins; the test plugins produce corresponding data packets in real time, the data packets are sent through a client or a server, and therefore the network attack session is generated; (c) test results are evaluated, wherein the test results of the test cases are evaluated according to the completion condition of the network attack session and the warning information of the tested device. By the application of the penetration testing method for the GAP isolation and exchange device, automated security testing for the GAP isolation and exchange device can be achieved.

The invention provides an electric-control pneumatic battery changing system and method for an electric truck and a load-carrying electric vehicle. A power battery pack and a battery manager are arranged in a battery changing frame, a vehicle-mounted battery changing seat is used for bearing the battery changing frame, and the high-voltage and low-voltage electrical socket is used for connecting the battery changing frame with high-low voltage electric of a vehicle and a CAN communication network; and a vehicle control unit is used for receiving a driver control signal, a parking signal, a switching signal, a battery manager signal, a power battery main contactor status signal and the like, identifying the intention of a driver, and realizing control and monitoring of a vehicle battery changing system through a control strategy and logic judgment. The quick battery changing control of the electric truck is realized, the vehicle parking power supplementation time is favorably reduced, the vehicle battery changing efficiency is improved, the vehicle safety detection, and the reliability and the safety detection of the battery changing type electric truck in the using process before and after the battery changing operation are realized, so that the vehicle running safety is guaranteed.

The invention discloses an acquisition and audit analysis method and device for safety test data, relates to the technical field of the internet, and improves safety of a process of carrying out a safety test on an information system of an enterprise. The method disclosed by the invention comprises the steps of: receiving a safety test request sent by terminal equipment, wherein the safety test request comprises identity information corresponding to the terminal equipment; according to the identity information, determining a virtual network card corresponding to the terminal equipment; by monitoring the virtual network card, acquiring safety test traffic corresponding to the terminal equipment; and carrying out audit analysis processing on the safety test traffic to acquire safety test data corresponding to the terminal equipment, wherein the safety test data is used for quantizing the safety test process corresponding to the terminal equipment and auditing a high-risk behavior operation corresponding to the terminal equipment. The acquisition and audit analysis method and device are applicable to the process that a third-party tester carries out the safety test on the informationsystem of the enterprise.

The present invention provides a vehicle information safety automated testing system. The system comprises: an automated detection system connected with a tested device and configured to perform information safety testing of the tested device and upload test result data; a local test terminal configured to display a human-computer interaction interface; and a test cloud server configured to searchthe information safety test data flow corresponding to a test scene to analyze the received test result data, determine the information safety condition of the tested device and generate a test report. The testing method comprises the steps of: selecting a test scene; sending the information safety test data flow; performing vehicle information safety test of the tested device, and performing feedback of the test result data; and determining the vehicle information safety condition to generate a test analysis report. Compared to the prior art, a plurality of vehicle information safety test isemployed to achieve vehicle information safety test and reduce the threats caused by the safety risks.

The present invention discloses a proximity switch testing arrangement in a high temperature environment. The proximity switch testing arrangement comprises a high temperature test mechanism and a normal temperature operation mechanism, the high temperature test mechanism includes a proximity switch, a proximity switch installing support, an induction sheet mobile device support and the like, and the normal temperature operation mechanism main includes a displacement regulation support, a micrometer and the like. The proximity switch installing support is provided with a proximity switch and the induction sheet capable of moving and rebounding under the action of tension; the displacement regulation support is provided with the micrometer with adjustable displacement; and one end of a steel wire is connected with the induction sheet in a high temperature oven, and the other end of the steel wire is connected with the micrometer. According to the invention, the safety test of a proximity switch may be performed in a high temperature environment; in the high temperature environment, the induction distance and the induction diameter of the proximity switch is adjustable; the proximity switch testing arrangement in the high temperature environment is applicable to the tests of proximity switches with different types in the high temperature environment, and is convenient for testing induction sheets with different materials; and the separation of the high temperature area and the normal temperature area is beneficial for safe operation.

The invention discloses a fixed washboard type agricultural machinery braking performance detector and belongs to the field of agricultural machinery performance detection devices. The fixed washboard type agricultural machinery braking performance detector comprises a fixed washboard table body (1) and a washboard detection table (2) arranged above the fixed washboard table body (1) in an embedded mode. The fixed washboard type agricultural machinery braking performance detector is characterized in that the lower portion of the washboard detection table (2) is installed above the fixed washboard table body (1) in a supporting mode through a slide (3), a driving device is installed in the gap between the fixed washboard table body (1) and the washboard detection table (2), an infrared sensor (7) capable of detecting a tire and transmitting signals is arranged on the upper portion of the washboard detection table (2), and the driving device receives the signals of the infrared sensor (7) to drive the washboard detection table (2) to slide left and right along the slide (3). The fixed washboard type agricultural machinery braking performance detector is wide in application range, easy to operate, and capable of automatically adjusting the distance between detection tables.

The embodiment of the invention discloses an application program security test method and a related device, and the method comprises the steps: obtaining an external request of an application program, and generating a scanning request carrying a scanning mark through a preset scanning strategy; in the process of scanning the application program by using the scanning request, detecting whether the parameter information used by the sensitive function called by the application program comprises the scanning mark, and if so, reporting the parameter information used by the sensitive function; and analyzing the reported parameter information used by the sensitive function by using a preset vulnerability analysis strategy corresponding to the sensitive function. According to the method, the request response of the application program to the scanning request does not need to be waited, in the scanning process, it is detected that the parameter information used by the sensitive function called by the application program comprises the scanning mark which indicates that the sensitive function is the sensitive function possibly having the vulnerability, and vulnerability analysis is further performed on the parameter information used by the sensitive function; therefore, whether the application program has vulnerabilities or not is judged, and application program security testing is achieved.

The invention provides a memory security detection method and a system on chip, the system on chip comprises a security policy controller and a memory to be detected, and the security policy controller comprises a detection module. The security policy controller receives a detection signal which carries a to-be-detected fault and/or an attack identifier of the to-be-detected memory, and obtains a detection algorithm corresponding to the to-be-detected fault and/or the attack identifier from the off-chip memory according to the to-be-detected fault and/or the attack identifier; and the off-chip memory stores detection algorithms corresponding to various fault and/or attack identifiers, the detection module is configured according to the obtained detection algorithms to obtain a detection circuit, and the detection circuit is utilized to judge whether the to-be-detected memory has a to-be-detected fault and/or attack. Security detection of corresponding faults and/or attacks of the to-be-detected memory is achieved, multiple complex detection circuits do not need to be deployed in the system at the same time, corresponding detection algorithms are called according to different detection signals to configure the corresponding detection circuits, power consumption is reduced, and efficiency is improved.

The invention relates to a coal mine safety monitoring and inspection management device applied to coal mine safety management. The coal mine safety monitoring and inspection management device applied to coal mine safety management comprises a base, an air exhaust box and a reagent box which are mounted on the base, a rotating shaft rotationally mounted on the air exhaust box, and a camera rotationally mounted on the rotating shaft, wherein a driving assembly drives a spraying assembly to work when working, so that a stopping agent solution in the reagent box is sprayed to air, and meanwhile, the driving assembly drives the rotating shaft to rotate, the rotating shaft drives a reciprocating assembly to move, the reciprocating assembly is matched with a detection assembly, the detection assembly detects air components, a meshing assembly triggers work, a retracting and releasing assembly intermittently moves, the retracting and releasing assembly moves, the camera rotates clockwise, a torsional spring is compressed, the retracting and releasing assembly stops moving, and the torsional spring enables the camera to rotate anticlockwise, so that safety detection of the air, camera monitoring of the field environment and spraying prevention of the stopping agent solution are achieved.

The invention relates to a security test method and device, computer equipment and a storage medium. The method relates to the technical field of information security, and comprises the following steps: generating a simulation network message according to an input parameter of a to-be-tested application program, and transmitting the simulation network message to a virtual server program in a user terminal; intercepting the analog network message in the process of transmitting the analog network message to the virtual server program; processing the analog network message, and performing a security test based on the processed analog network message. That is, in the embodiment of the invention, the simulation network environment can be established locally at the user terminal, the problem that the security test cannot be carried out due to the fact that the man-in-the-middle test module cannot acquire the input parameters due to direct interaction between the application program and the server can be avoided, and the simulation network message is generated through the simulation network environment; and the security test on the to-be-tested application program is realized by processing the simulation network message, so that the security test efficiency is improved.

The invention discloses a test method based on network data monitoring, and the method comprises the steps: obtaining a network data packet, based on network access, of one or more tested terminals based on a currently created test connection relation; determining whether the network access of the tested terminal is safe or not according to the network data packet; and when it is confirmed that the network access of the tested terminal is unsafe, generating a warning report based on the tested terminal, and sending the warning report to a corresponding processing area. The invention further discloses a testing device based on network data monitoring and a readable storage medium. According to the invention, the network connection is established through the ARP spoofing technology, so thatthe data accessed by the television network connected in the network flows through the test terminal, the unsafe access data is determined by analyzing the data packet of the network access data through the test terminal, and the beneficial effect of safety detection of the television system in the network data access process is realized.

The invention provides a data management method and device for frozen accounts, equipment and a storage medium, and the method comprises the steps: obtaining unfreezing information when a frozen account is unfrozen, and carrying out special monitoring of the unfrozen frozen account; acquiring account operation information of the frozen account after unfreezing, and comparing the unfrozen information and the account operation information to accurately determine whether unfreezing of the frozen account and the operation after unfreezing are performed by the same person, so that crowdsourcing unfreezing risk identification failure in the frozen account tunfreezing link through batch behaviors is avoided, and the risk of crowdsourcing unfreezing in the frozen account unfreezing link is reduced. so that the frozen account is not unfrozen. The account operation information and the unfreezing information of the unfrozen frozen account are recorded and compared, so that whether the unfreezingof the frozen account belongs to crowdsourcing unfreezing or not is determined more accurately, whether the unfrozen frozen account is used for doing illegal services or not is judged, the safety detection of the unfrozen frozen account is realized, and the safety of the unfrozen account is improved. Accuracy of account security management is improved.