Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Embedded terminal software code vulnerability detection method and device based on model inspection

An embedded terminal and vulnerability detection technology, which is applied to computer security devices, instruments, electrical digital data processing, etc., can solve problems such as inability to apply embedded terminal software codes

Active Publication Date: 2020-08-18
CHINA ELECTRIC POWER RES INST +3
View PDF2 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the present invention is to provide a method and device for detecting loopholes in embedded terminal software codes based on model checking, so as to alleviate the existing loophole detection methods in the prior art that are only applicable to ordinary software and cannot be applied to embedded terminal software. code technical issues

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Embedded terminal software code vulnerability detection method and device based on model inspection
  • Embedded terminal software code vulnerability detection method and device based on model inspection
  • Embedded terminal software code vulnerability detection method and device based on model inspection

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0040] When the embodiment of the present invention carries out code analysis to the embedded terminal software, research and summarize two characteristics that the embedded terminal software is different from ordinary software: (1) there may be inline assembly code; (2) there may be Direct interaction of I / O. The embodiments of the present invention deal with the above-mentioned characteristics of embedded terminal software in a targeted manner, and the purpose is to provide a vulnerability detection method suitable for embedded terminals. It should be noted that the steps shown in the flowcharts of the accompanying drawings may be performed in a computer system, such as a set of computer-executable instructions, and that although a logical order is shown in the flowcharts, in some cases, The steps shown or described may be performed in an order different than here.

[0041] figure 1 It is a flow chart of a method for detecting vulnerabilities in embedded terminal software ...

Embodiment 2

[0082] The above embodiments can realize the vulnerability detection of embedded terminal software codes. However, the embodiment of the present invention is a detailed description of the above-mentioned embodiments. In this embodiment, the flowchart of the embedded terminal software code vulnerability detection method based on model checking can also be as follows Figure 4 As shown, it mainly includes the static analysis module and the model checking module, and according to the two characteristics of the embedded terminal of the power grid, the traditional static analysis method and the model checking method are improved, and the inline assembly processing module and the underlying I / O processing module, the above two modules designed can make it process the code to be detected including inline assembly code and underlying I / O interaction in the grid embedded terminal software code.

[0083] Specifically, such as Figure 5 As shown, the embodiment of the present inventio...

Embodiment 3

[0102] The above two embodiments can realize the vulnerability detection of the embedded terminal software code. However, the embodiment of the present invention is a detailed description of a method for detecting vulnerabilities in embedded terminal software codes. Figure 11 It is a flow chart of another model-checking-based embedded terminal software code vulnerability detection method provided by the embodiment of the present invention. The specific steps of the model-based embedded terminal software code vulnerability detection method are as follows:

[0103] Step 1, input the code to be detected, and set the user configuration file;

[0104] Step 2, preprocessing the code to be detected is mainly to remove redundant line breaks, tabs and comments in the code, and process header files, macro definitions and conditional compilation;

[0105] Step 3, use the static analysis module to statically analyze the preprocessed code to be detected and establish an AST model, the sp...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an embedded terminal software code vulnerability detection method and device based on model check, and relates to the technical field of intelligent power grid security. The method comprises the steps: firstly obtaining a to-be-detected code and a user configuration file of target embedded terminal software; if the assembly code exists in the to-be-detected code, performingassembly processing on the assembly code to obtain a processed assembly code; carrying out grammatical analysis on the processed assembly code to obtain an abstract syntax tree; based on the user configuration file, identifying and processing a bottom layer input / output port code in the abstract syntax tree to obtain a processed abstract syntax tree; wherein the processing comprises data flow analysis; and finally, checking the processed abstract syntax tree to obtain a checking result. The check result is used for generating a vulnerability detection analysis report of the to-be-detected code. The technical problem that an existing vulnerability detection method is only suitable for common software and cannot be suitable for embedded terminal software codes is solved.

Description

technical field [0001] The invention relates to the technical field of smart grid security, in particular to a model checking-based embedded terminal software code vulnerability detection method and device. Background technique [0002] Embedded devices (embedded terminals) currently used in smart grids have various types and functions, and come from multiple manufacturers. PC software. Specifically, there may be some specific instructions in the embedded device, these instructions cannot find the corresponding syntax in the high-level language, and can only be expressed in assembly language, for example: in / out instructions in the x86 architecture. It can be seen that there may be inline assembly codes in these embedded device software. In addition, there may be situations in embedded devices that directly interact with low-level I / O ports, such as operations on registers and direct pin access. Since some embedded terminal devices take on the role of on-site monitoring a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56G06F21/57
CPCG06F21/563G06F21/577Y02D10/00
Inventor 周亮张燕秒朱朝阳张天晨李霁远应欢王海翔冀晓宇缪思薇徐文渊孙歆韩丽芳朱亚运余文豪
Owner CHINA ELECTRIC POWER RES INST
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products