An audit and physical security control method for heterogeneous interaction scenarios

By collecting audio, video, and environmental data for multi-dimensional rule matching and hardware circuit breaker switching, the problem of insufficient on-site auditing in existing technologies is solved, thereby improving the security, stability, and traceability of industrial control.

CN122160136APending Publication Date: 2026-06-05孟文俊

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
孟文俊
Filing Date
2026-03-13
Publication Date
2026-06-05

AI Technical Summary

Technical Problem

Existing technologies in industrial control lack on-site closed-loop data acquisition, pre-audit, stable timing shaping, hardware-level human-machine conflict circuit breaking, and fine-grained log traceability, resulting in insufficient security, stability, and traceability of the control link.

Method used

By collecting audio and video data and environmental sensor data from the controlled end and the environment, enhanced audit metadata is generated through parsing. Multi-dimensional rule matching is performed to achieve time-series shaping and hardware circuit breaker switching, and fine-grained logs are recorded to form a security closed-loop control mechanism.

Benefits of technology

It enables on-site status awareness, multi-dimensional compliance auditing, stable timing output, and hardware-level human-machine priority switching, thereby improving the security, stability, and traceability of the control link.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122160136A_ABST
    Figure CN122160136A_ABST
Patent Text Reader

Abstract

The application discloses a kind of audit and physical security control methods for heterogeneous interaction scene, it is related to industrial control security and artificial intelligence application security technical field.The method is applied to the heterogeneous interaction control gateway that is connected in series between control instruction source and controlled end, by accessing and collecting the audio and video data and environmental sensor data of controlled end and environment, enhanced audit metadata is formed in combination with structured control instruction analysis result;Again, multi-dimensional rule matching is carried out using compliance rule engine, and the audit results of release, degradation or blocking are output;For the instruction of release or degradation, timing shaping processing is executed and is mapped as at least one target interface signal Output to controlled end;While real-time monitoring the physical layer state of controlled end interface, trigger hardware fuse and switch to manual input channel when detecting manual input occupation;And through audit log record and feedback evaluation, closed-loop optimization is realized.The method can improve the control security, output stability and event traceability in the heterogeneous interaction control scene.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the fields of industrial control security and artificial intelligence application security technology, specifically to an auditing and physical security control method for a heterogeneous interactive control gateway connected between a control command source and a controlled terminal. The control command source and the controlled terminal may be in different network security domains or physical isolation domains. The method forms a security closed-loop control mechanism for heterogeneous interactive scenarios through audio and video and environmental data acquisition, pre-compulsion compliance auditing of commands, timing shaping output, physical layer status detection, physical circuit breaker control, feedback evaluation, and log recording. Background Technology

[0002] In industrial control, data center operation and maintenance, automated testing, and remote heterogeneous interaction scenarios, control commands typically need to be transmitted from the control command source to the controlled end through intermediate gateway devices or transparent transmission devices. Common interaction interfaces include USB, Type-C, network interfaces, and audio / video interfaces.

[0003] Most existing control gateways, KVM switching devices, or signal pass-through devices focus on signal forwarding, protocol adaptation, or link establishment. Their core processing logic is usually to receive instructions and then forward them directly to the controlled end, lacking a comprehensive perception of the semantics of control instructions, environmental status, and physical execution risks.

[0004] Furthermore, existing solutions generally lack the synchronous collection of audio and video information and environmental status information of the controlled site, making it difficult to make advance decisions on control behavior based on the site status. At the same time, for high-risk control behaviors such as high-frequency clicks, operations during sensitive periods, and dangerous combinations of actions, existing solutions mostly rely on logs for retrospective tracking after the fact, and cannot effectively intercept them before physical execution.

[0005] Furthermore, in heterogeneous output scenarios involving multiple protocols such as USB, Type-C, HDMI, and network interfaces, existing systems lack sufficient control over output timing, action intervals, and jitter characteristics, which can easily lead to abnormal identification of the controlled end, fluctuations in interface load, or decreased compatibility. When manual input and automatic control occur concurrently, existing solutions often rely mainly on software policy arbitration, lacking hardware-level mechanisms for rapid disconnection and control switching.

[0006] Therefore, there is an urgent need to provide a control method that can make audit decisions based on information collected on-site, conduct multi-dimensional compliance audits before execution, adapt to stable output from heterogeneous interfaces, and implement physical circuit breaker switching when manual input is detected, so as to improve the security, stability and traceability of the control link. Summary of the Invention

[0007] The purpose of this invention is to provide an auditing and physical security control method for heterogeneous interaction scenarios, in order to solve the problems in the existing technology of lacking on-site closed-loop data collection, lacking pre-audit, lacking stable timing shaping, lacking hardware-level human-machine conflict circuit breaking, and lacking fine-grained log traceability.

[0008] To achieve the above objectives, this invention provides an auditing and physical security control method for heterogeneous interaction scenarios, applied to a heterogeneous interaction control gateway connected between a control command source and a controlled terminal. The method includes the following steps: accessing and collecting audio-visual data and environmental sensor data from the controlled terminal and the environment; receiving structured control commands from the control command source and parsing them to generate audit metadata, combining the collected data to form enhanced audit metadata; inputting the enhanced audit metadata into a compliance rule engine, performing multi-dimensional rule matching based on the rule base, and outputting audit results of allowing, downgrading, or blocking; performing time-series shaping on the allowed or downgraded commands and generating target interface time-series sequences; mapping the time-series sequences to at least one target interface signal and outputting it to the controlled terminal; collecting the physical layer status of the controlled terminal interface in real time and determining manual input occupancy; triggering a hardware circuit breaker when manual input occupancy is detected, disconnecting the automatic control output channel and switching to the manual input channel within a predetermined time; recording the command digest hash, audit results, circuit breaker event, and timestamp to form an audit log; and evaluating the control effect based on audio-visual and environmental data and optimizing the rule base and audit strategy.

[0009] Compared with existing technologies, the present invention has at least the following beneficial effects: First, it achieves on-site status perception through audio, video, and environmental data collection, providing a closed-loop data foundation for audit decisions; second, it achieves pre-execution interception of high-risk control instructions through multi-dimensional compliance rule matching; third, it improves the stability and compatibility of cross-interface output through time-series shaping and heterogeneous interface mapping; fourth, it ensures the priority of manual control through physical layer status detection and hardware circuit breaker switching; and fifth, it enhances the system's traceability and continuous optimization capabilities through fine-grained log recording and feedback evaluation. Attached Figure Description

[0010] Figure 1 This is an overall flowchart of the control method of the present invention.

[0011] Figure 2 This is a sub-flowchart for compliance rule matching in this invention.

[0012] Figure 3 This is a sub-flowchart of the physical layer state monitoring and circuit breaker control of the present invention.

[0013] Figure 4 This is a flowchart of the timing shaping process in this invention.

[0014] Figure 5This is a sub-flowchart of the audit log recording and rule updating of this invention. Detailed Implementation

[0015] The present invention will be further described below with reference to the accompanying drawings and specific embodiments, but the scope of protection of the present invention is not limited to the following embodiments.

[0016] In one implementation, the system first performs audio, video and environmental data acquisition steps, acquiring screen or on-site image data of the controlled end through the camera interface circuit, acquiring on-site audio data through the microphone interface circuit, and obtaining environmental and operating status information through temperature sensors, humidity sensors, smoke sensors and equipment status sensors as supplementary basis for subsequent audit judgment.

[0017] In one implementation, structured control instructions from the control instruction source are parsed into audit fields such as action object, action type, timing parameters, permission tags, and execution time window, and together with on-site collected data, they form enhanced audit metadata. Subsequently, the compliance rule engine matches the data according to frequency threshold rules, time period permission rules, and combined action restriction rules, and outputs a three-state audit result of allowing, downgrading, or blocking.

[0018] In one implementation, when the audit result is approval or downgrade, the system performs timing shaping on the control commands, controls the minimum interval of a single action to an adjustable range of 5ms to 50ms, and selectively introduces Gaussian jitter within a controlled range to suppress the predictability risk caused by fixed-beat output. The processed timing sequence is then mapped to at least one target interface signal output, which is a USB interface, a network interface, a Type-C form factor interface, or an HDMI interface.

[0019] In one implementation, the system monitors the physical layer status of the controlled interface in real time, including bus voltage transient disturbances, interface current offsets, and peripheral interrupt edge frequency. When any monitoring condition meets the human input occupancy threshold, the system immediately triggers a hardware fuse, cuts off the automatic control output channel within a preset time, and switches to the human input channel, thereby ensuring the absolute priority of human operation.

[0020] In one implementation, the system records fields such as event sequence number, instruction digest hash, audit result identifier, circuit breaker identifier, and timestamp for each control event, and evaluates the control effect based on on-site audio and video and environmental data. The evaluation results are used for rule base updates, audit strategy corrections, and control behavior optimization to form an integrated closed loop of collection, auditing, execution, circuit breaker, feedback, and logging.

Claims

1. An auditing and physical security control method for heterogeneous interaction scenarios, applied to a heterogeneous interaction control gateway connected in series between a control command source and a controlled terminal, characterized in that, Includes the following steps: S1: Receive structured control instructions from the control instruction source, parse the structured control instructions, extract the action object, action type, timing parameters and permission tags, and generate audit metadata; S2: Input the audit metadata into the compliance rule engine, perform multi-dimensional rule matching based on the rule base, and output the audit results of allowing, downgrading or blocking; S3: When the audit result is to allow or downgrade, the instruction is processed by timing shaping to generate the timing sequence of the target interface, wherein the minimum interval of a single action is constrained to an adjustable range of 5ms to 50ms. S4: Map the timing sequence to at least one target interface signal and output it to the controlled terminal. The target interface includes at least one of a USB interface, a network interface, a Type-C interface, and an HDMI interface for audio and video feedback links. S5: Real-time acquisition of the physical layer status of the controlled terminal interface, including at least one of the following: bus voltage transient disturbance, interface current offset, and peripheral device reported interrupt edge frequency; based on the acquired physical layer status, detect the trigger condition for manual input occupation. S6: When manual input is detected as occupying the trigger condition, the hardware fuse is triggered, the automatic control output channel is disconnected within 5ms, and the control of the controlled end is switched to the manual input channel.

2. The control method according to claim 1, characterized in that, It also includes step S0: accessing and collecting audio and video data and environmental sensor data from the controlled terminal and the environment, and using the collected data as a supplementary basis for audit decisions; Step S1 further includes: supplementing the audit metadata by combining the audio, video and environmental data collected in step S0 to form enhanced audit metadata.

3. The control method according to claim 1 or 2, characterized in that, It also includes step S7: recording instruction digest hash, audit results, circuit breaker events and timestamps to form an audit log.

4. The control method according to claim 3, characterized in that, It also includes step S8: based on the collected audio and video data and environmental data, to conduct feedback evaluation on the control effect, and to use the feedback evaluation results to optimize the rule base and audit strategy.

5. The control method according to any one of claims 2 to 4, characterized in that, The rule base in step S2 includes at least instruction frequency threshold rules, time period permission rules, and combined action restriction rules. Rule matching also takes into account audio, video, and environmental data.

6. The control method according to any one of claims 1 to 4, characterized in that, The timing shaping process in step S3 also includes upper limit constraints on the output beat to suppress sudden actions, and jitter processing of the time interval based on a Gaussian distribution algorithm.

7. The control method according to any one of claims 1 to 4, characterized in that, The manual input occupancy determination condition in step S5 adopts at least one of the following: The bus voltage transient disturbance amplitude is in the range of 80mV to 300mV and the duration exceeds 2ms; The interface current offset is in the range of 10mA to 40mA and repeats within the continuous sampling window; The frequency of interrupts reported by peripheral devices exceeds the automatic control baseline frequency threshold within a preset window.

8. The control method according to claim 3 or 4, characterized in that, The audit log in step S7 includes at least the event sequence number, instruction digest hash, audit result identifier, circuit breaker identifier, and timestamp field.

9. The control method according to claim 3 or 4, characterized in that, It also includes a step of using a signature verification mechanism for rule base updates. The update package can only take effect after it has been verified, in order to avoid unauthorized policy injection.

10. The control method according to claim 9, characterized in that, The signature verification mechanism uses an RSA-2048 public key to verify the update packet.

11. The control method according to claim 4, characterized in that, The feedback evaluation in step S8 includes verification of the execution effect of the controlled end, monitoring of environmental state changes, and evaluation of the effect of manual operation.

12. The control method according to claim 3 or 4, characterized in that, The timestamp in step S7 is based on a real-time clock circuit and is generated by the processor in combination with a local high-precision timing unit to produce a millisecond-level timestamp.

13. A computer-readable storage medium having a computer program stored thereon, characterized in that, When the computer program is executed by the processor, it implements the control method according to any one of claims 1 to 12.