Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A non-contact industrial control system or equipment static vulnerability detection system and detection method

An industrial control system and vulnerability detection technology, which is applied in general control systems, control/regulation systems, comprehensive factory control, etc., can solve problems such as difficult industrial control systems, illegal intrusion, and occupation of industrial control network bandwidth, and achieve efficient and accurate detection The effect of the method

Active Publication Date: 2020-07-24
中国东方电气集团有限公司 +1
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The advantage of the present invention is that the proposed vulnerability detection system does not need to develop attack codes. Compared with the MBSA vulnerability detection system developed by Microsoft, the detection speed is fast and the accuracy is high, which can well meet the high stability and high real-time requirements of industrial control systems. It is suitable for administrators to evaluate the security status of the entire industrial control system without affecting the stable operation of the industrial control system. This technical solution checks the files and applications of the tested system or equipment by accessing the tested industrial control network. Software, running services, configuration information and other characteristics realize the scanning and matching of known vulnerabilities. However, this kind of contact vulnerability detection will not only occupy the bandwidth of the industrial control network and affect the real-time communication in the network, but also the detected system needs to Scanning responds, thereby occupying its own resources, resulting in delays in signal acquisition and control. Therefore, it is difficult to detect vulnerabilities in industrial control systems in operation with contact-type industrial control system vulnerability detection methods. At the same time, vulnerability detection devices and systems have vulnerability databases. The need for regular updates. Therefore, no matter whether you use a USB flash drive or access the Internet to update the vulnerability database, it will increase the probability of the vulnerability detection device or system itself being illegally invaded. Once the contact vulnerability detection device or system is implanted with malware , by connecting to the industrial control network, the industrial control system and equipment in the network will face a great threat to information security

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A non-contact industrial control system or equipment static vulnerability detection system and detection method
  • A non-contact industrial control system or equipment static vulnerability detection system and detection method
  • A non-contact industrial control system or equipment static vulnerability detection system and detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0046] Such as figure 1 and figure 2 , a non-contact industrial control system or equipment static vulnerability detection system, including an asset management unit, a vulnerability detection engine unit, a vulnerability library management unit, a report management unit and a system management unit; the asset management unit transmits the information of the assets to be detected To the vulnerability detection engine unit, the vulnerability detection engine unit compares the information of the assets to be detected with the vulnerability information in the vulnerability library management unit to detect vulnerabilities, and sends the detection results to the report management unit for recording. For setup and upgrade management.

[0047] This is the most basic embodiment of a non-contact industrial control system or equipment static loophole detection system of the present invention. The asset management unit transmits the information of the assets to be detected to the vul...

Embodiment 2

[0049] Such as figure 1 and figure 2 , a non-contact industrial control system or equipment static vulnerability detection system, including an asset management unit, a vulnerability detection engine unit, a vulnerability library management unit, a report management unit and a system management unit; the asset management unit transmits the information of the assets to be detected To the vulnerability detection engine unit, the vulnerability detection engine unit compares the information of the assets to be detected with the vulnerability information in the vulnerability library management unit to detect vulnerabilities, and sends the detection results to the report management unit for recording. Set and upgrade management; the asset management unit includes an organizational structure management module and an industrial control asset management module, the organizational structure management module is used to manage the group management functions of the industrial control sys...

Embodiment 3

[0052] Such as figure 1 and figure 2 , a detection method of a non-contact industrial control system equipment static vulnerability detection system, characterized in that it comprises the following steps

[0053] Step 1: Input industrial control assets, import the data in the factory-level or upper-level information management system into the industrial control assets to be tested;

[0054] Step 2: Retrieve the vulnerability database, search and match the entered industrial control assets in the data table corresponding to the vulnerability database according to the manufacturer information, product name, product model and product version, and calculate the matching function value;

[0055] Step 3: Static vulnerability detection, according to the matching function value calculated in step 2, calculate the result of the vulnerability judgment function, determine the vulnerability information according to the result of the vulnerability judgment function, and match the vulnerab...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a non-contact type static loophole detection system and detection method for an industrial control system or device, and relates to the technical field of information security of industrial control systems. The detection system comprises an asset management unit, a loophole detection engine unit, a loophole library management unit, a report management unit and a system management unit; the asset management unit transmits information of assets to be tested to the loophole detection engine unit; the loophole detection engine unit compares the information of the assets to be tested with loophole information in the loophole library management unit to detect loopholes and sends a detection result to the report management unit to be recorded; the system management unit conducts setting and updating management on each unit of the detection system to conduct non-contact type static detection of equipment loopholes on the industrial control system, so that the requirement is met that the information security detection of the industrial control system is conducted without assessing an industrial control network and affecting actual running of the industrial control system.

Description

technical field [0001] The invention relates to the technical field of industrial control system information security, in particular to a non-contact industrial control system or equipment static loophole detection system and detection method. Background technique [0002] my country's industrial control system has developed rapidly, and industrial production has gradually developed from traditional manual inspections to automated industrial control systems. Industrial control systems are widely used in various fields such as petroleum and petrochemical, water conservancy and electric power, food processing and sewage treatment. The development of industry has brought about the wide application of industrial equipment, and the sharp increase in the scope and quantity of use at any time. The information security of industrial control systems is also increasingly concerned by more groups. The potential security vulnerabilities of industrial control systems or equipment informa...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/57G05B19/042G05B19/418G05B19/05G05B19/048
CPCG05B19/042G05B19/048G05B19/05G05B19/058G05B19/418G05B2219/14112G05B2219/25202G05B2219/25232G05B2219/2604G06F21/577Y02P90/02
Inventor 袁晓舒桑梓蒋发群
Owner 中国东方电气集团有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com