Industrial internet of things device and method of use thereof
By combining hardware-level encryption with business time-slot collaboration, and integrating quantum-secure communication and blockchain technology, an end-to-end trusted verification and traceability mechanism for industrial interconnected devices has been constructed. This solves the security problem of industrial interconnected devices in the face of quantum computing attacks and physical tampering, and achieves highly reliable dynamic defense and real-time control.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- GONGHAI ENGINEERING (JIANGSU) INTELLIGENT EQUIPMENT TECHNOLOGY CO LTD
- Filing Date
- 2026-04-22
- Publication Date
- 2026-06-19
AI Technical Summary
Existing industrial interconnection devices have deficiencies in facing quantum computing attacks, resisting physical tampering, and achieving cross-device collaborative defense, and cannot meet the high reliability requirements of critical industrial infrastructure for intrinsic security and proactive immunity.
It adopts a hardware-level encryption and business time-slot collaboration design, combining quantum secure communication, physical fingerprint and blockchain technology to achieve end-to-end trusted verification and traceability from communication, identity to behavior. It generates dynamic defense strategies through federated learning, integrates modules such as decoy quantum light source, single photon detector array, and post-processing coprocessor, and builds a trusted execution environment and blockchain light node module for real-time monitoring and defense.
It achieves both quantum security and hard real-time performance of industrial control, possesses proactive immunity capabilities with environmental self-awareness and attack self-adaptation, solves the problem of stable operation of cutting-edge security technologies in harsh industrial environments, and improves the reliability and security of the system.
Smart Images

Figure CN122248026A_ABST
Abstract
Description
Technical Field
[0001] This invention belongs to the field of industrial internet technology, and in particular to an industrial internet device and its usage method. Background Technology
[0002] Industrial Internet of Things (IIoT) devices refer to intelligent devices deployed in industrial sites that have network access capabilities, data acquisition / processing capabilities, and edge execution capabilities. They are capable of self-sensing, self-analysis, self-decision-making, and self-execution, and can interact collaboratively with upper-level systems and other devices. They transcend the traditional scope of "industrial equipment" and become a networked intelligent node.
[0003] While industrial internet devices achieve distributed intelligence, traditional security architectures struggle to build a dynamic and trusted protection system that spans data, identity, and physical layers. Existing solutions have shortcomings in dealing with quantum computing attacks, resisting physical tampering, and achieving cross-device collaborative defense, failing to meet the high reliability requirements of critical industrial infrastructure for intrinsic security and proactive immunity.
[0004] The purpose of this invention is to provide an industrial interconnection device and its usage method to solve the problems mentioned in the background art. Summary of the Invention
[0005] The purpose of this invention is to provide an industrial interconnection device and its usage method to solve the problems mentioned in the background art.
[0006] To achieve the above objectives, the present invention provides the following technical solution: an industrial interconnection device, comprising: The processor, memory, and the following functional modules integrated into the device hardware platform are: a federated learning client module for training an industrial equipment state prediction model locally and generating encrypted model gradient update data; a quantum-secure communication module including a post-quantum cryptography (PQC) encryption chip and a quantum random number generator (QRNG), wherein the PQC encryption chip is configured to perform lattice-based encryption operations on the model gradient update data, and the QRNG provides a true random entropy source for the encryption process; a trusted execution environment module embedding a hardware root of trust for storing the device's unique identity key and verifying the signature of the received global federated model; and a secure aggregation interface module connecting the federated learning client module, the quantum-secure communication module, and the trusted execution environment module via an industrial bus, configured to: transmit the encrypted model gradient update data to the aggregation node via the industrial network; receive the PQC-encrypted global federated model from the aggregation node; and trigger the trusted execution environment module to verify the source signature of the global federated model.
[0007] Furthermore, the quantum-secure communication module further integrates a quantum key distribution terminal unit, which includes: a decoy quantum light source for generating a communication key encoded in a photon quantum state; a single-photon detector array configured to receive the quantum key sent by a remote QKD device and perform quantum state measurement; and a post-processing coprocessor connected to the PQC encryption chip and the trusted execution environment module, used for: comparing the quantum key error rate through a public key channel to select a secure key seed; triggering the PQC encryption chip in the quantum-secure communication module to use the secure key seed to generate a one-time session key for device control commands; and submitting a key generation log to the trusted execution environment module for auditing.
[0008] Furthermore, the trusted execution environment module is connected to a blockchain light node module, which is configured to: receive the key generation log submitted by the post-processing coprocessor, write the log hash value into a preset industrial equipment consortium blockchain; obtain the device identity certificate of the aggregation node from the consortium blockchain, verify its digital signature, and authorize the secure aggregation interface module to establish a connection; monitor the industrial equipment operation command flow in real time, and if the command frequency is detected to exceed the security threshold, trigger the trusted execution environment module to freeze the temporary session key generation function and broadcast an alarm event to the consortium blockchain.
[0009] Furthermore, the quantum key distribution terminal unit is encapsulated within a multi-level vibration-resistant support structure, comprising: an inner buffer frame: which secures the decoy state quantum light source and the single-photon detector array via silicone dampers, buffering mechanical shocks with frequencies >200Hz; a spectrum adaptation intermediate layer: which covers the inner buffer frame, its stiffness distribution configured according to the vibration spectrum characteristics of the device's installation location, suppressing low-frequency vibrations of 5-150Hz; and a metal shielding shell: which covers the spectrum adaptation intermediate layer, has light-transmitting holes aligned with the single-photon detector array, and is grounded to eliminate electromagnetic interference; wherein, the spectrum adaptation intermediate layer comprises a composite foam material filled with a density gradient, and its peak stiffness is misaligned by ≥10Hz with the characteristic vibration frequency of the industrial machine to which the device belongs.
[0010] Furthermore, the trusted execution environment module integrates a physically unclonable function unit, which includes a nanoscale resonant cavity array etched onto the device motherboard, generating a unique hardware fingerprint through random mutation based on the manufacturing process; it connects to the blockchain light node module, writing the hash value of the hardware fingerprint into the consortium blockchain as the device's root identity credential; it works in conjunction with the post-processing coprocessor, injecting the hardware fingerprint as a key derivation parameter each time a temporary session key is generated; and when the electromagnetic response characteristics of the nanoscale resonant cavity array deviate from the registration benchmark value by ±5%, the blockchain light node module is triggered to broadcast a device identity failure alarm.
[0011] Furthermore, the Trusted Execution Environment (TEE) module is configured to perform the following extended operations: real-time monitoring of the resonant frequency drift rate of the physical non-cloning function unit nanoscale resonant cavity array, generating a Level 1 physical intrusion alarm when the drift rate > 10 kHz / ms; acquiring vibration spectrum through the piezoelectric sensor array on the device housing, generating a Level 2 physical intrusion alarm if an impact signal matching the characteristic frequency of the device disassembly tool is detected; responding to the Level 1 alarm, controlling the transmittance of the photosensitive polymer layer covering the nanoscale resonant cavity array to decrease to < 5%; responding to the Level 2 alarm, driving the electrolytic corrosion circuit integrated on the motherboard to apply an 8V / 2A pulse current to the resonant cavity array; writing the alarm and self-destruct event hash values to the consortium blockchain through the blockchain light node module; and triggering the TEE modules of adjacent devices to start defense mode.
[0012] Furthermore, the blockchain light node module is connected to a policy coprocessor, which is configured to perform the following operations: Threat feature extraction: acquiring physical intrusion event data of devices within a 100m radius through the blockchain light node module, extracting the spectral features of attack tools, resonant cavity drift modes, and self-destruct trigger type parameters from the events; inputting the parameters into the federated learning client module to generate a 128-dimensional threat feature vector; Federated policy optimization: calling the federated learning client module to aggregate the threat feature vectors of adjacent devices to generate a regional threat model; using the processor to run a near-end policy optimization algorithm, outputting defense policy parameters based on the regional threat model, including self-destruct response threshold adjustment, radio frequency interference intensity, and laser channel activation flag; Hardware policy execution: encrypting the defense policy parameters through the quantum secure communication module and writing them into the consortium blockchain smart contract; parsing the smart contract content, reconfiguring the response threshold register of the self-destruct control module via the device hardware security bus; when the regional threat level is >7, activating the laser emitter of the quantum key distribution terminal unit to establish a direct quantum channel with adjacent devices.
[0013] Further, S1: The industrial equipment state prediction model is trained locally through the federated learning client module to generate model gradient update data; the PQC encryption chip of the quantum secure communication module is called to encrypt the gradient update data using a lattice cryptography algorithm; the encrypted gradient is transmitted to the aggregation node through the secure aggregation interface module, and the global federated model issued by the aggregation is received; the trusted execution environment module is triggered to verify the global model signature and then load it locally. S2: Monitor the operation command flow through the blockchain light node module. Freeze the session key generation function when the command frequency exceeds the security threshold. When the physical unclonable function unit detects that the electromagnetic response of the resonant cavity array deviates from ±5%, broadcast an identity failure alarm to the consortium blockchain, including: a first-level alarm triggering the light transmittance of the photosensitive polymer layer to drop to <5%; and a second-level alarm driving the electrolytic corrosion circuit to apply an 8V / 2A pulse current. S3: Aggregates intrusion events of devices within a 100m radius through the policy coprocessor, generating a 128-dimensional threat feature vector; runs the near-end policy optimization algorithm to output defense policy parameters, which are then encrypted by the quantum secure communication module and written into the consortium blockchain smart contract; when the regional threat level is >7, the laser emitter of the quantum key distribution terminal unit is activated to establish an emergency quantum channel.
[0014] Compared with the prior art, the present invention has the following beneficial effects: 1. Balancing security and real-time performance: By combining hardware-level encryption with business time-slot collaboration, it achieves quantum-resistant security while ensuring the hard real-time performance of industrial control. Furthermore, it integrates quantum communication, physical fingerprinting, and blockchain technologies to achieve end-to-end trusted verification and traceability from communication and identity to behavior. 2. Achieve dynamic immunity: Based on federated intelligence to generate dynamic defense strategies, the system has the ability to actively immunize itself by being aware of the environment and adapting to attacks, thereby achieving a more reliable deployment. In addition, the unique industrial-grade packaging and protection design solves the problem of how cutting-edge security technologies can maintain stable operation in harsh industrial environments. Attached Figure Description
[0015] To more clearly illustrate the specific embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the specific embodiments or the prior art will be briefly introduced below. Obviously, the drawings described below are some embodiments of the present invention. For those skilled in the art, other drawings can be obtained from these drawings without creative effort.
[0016] Figure 1 This is a system flowchart of the present invention; Figure 2 This is a block diagram of the device hardware platform in this invention. Detailed Implementation
[0017] In the following description, numerous specific details are set forth in order to provide a more thorough understanding of the invention. However, it will be apparent to those skilled in the art that the invention can be practiced without one or more of these details. In other instances, certain technical features well-known in the art have not been described in order to avoid obscuring the invention.
[0018] Unless otherwise defined, the directions mentioned herein, such as up, down, left, right, front, back, inside, and outside, are based on the directions shown in the figures of this invention, and are explained here together.
[0019] The connection method can be any existing method, such as bonding, welding, or bolting, depending on the actual needs.
[0020] An industrial interconnect device includes: a processor, a memory, and the following functional modules integrated into the device's hardware platform: a federated learning client module for training an industrial equipment state prediction model locally and generating encrypted model gradient update data; a quantum-secure communication module including a post-quantum cryptography encryption chip and a quantum random number generator (PQC), wherein the PQC encryption chip is configured to perform lattice-based encryption operations on the model gradient update data, and the QRNG provides a true random entropy source for the encryption process; a trusted execution environment module embedding a hardware root of trust for storing the device's unique identity key and performing signature verification on the received global federated model; and a secure aggregation interface module connecting the federated learning client module, the quantum-secure communication module, and the trusted execution environment module via an industrial bus, configured to: transmit the encrypted model gradient update data to the aggregation node via the industrial network; receive the PQC-encrypted global federated model from the aggregation node; and trigger the trusted execution environment module to verify the source signature of the global federated model.
[0021] In this embodiment, the federated learning client module is implemented by running the TensorFlowLite 2.7 microkernel through the Cortex-A72 processor core. It is configured to collect the three-phase current of the circuit breaker every 5 minutes. The requirements for the three-phase current are: range 0-2000A and contact temperature, which are required to be data with a range of 0-150℃. In this way, a 128-dimensional time-series input vector is constructed. Based on the above conditions, the LSTM fault prediction model is trained and gradient update data is generated. The quantum-safe communication module includes a PQC encryption chip implemented using a Xilinx Artix-7 XC7A50T FPGA. And the model is: IDQ Quantis CLS200 quantum random number generator; The PQC chip executes the CRYSTALS-Kyber-768 algorithm to encrypt gradient data, and the QRNG chip generates an entropy source based on the quantum tunneling effect and eliminates the bias through the Von Neumann corrector, outputting 256-bit true random numbers to the encryption process. This encryption process has been tested by NIST SP 800-90B, with an entropy value ≥7.999 / bit. The Trusted Execution Environment module is implemented in collaboration with a Microchip ATECC608B security chip, which is a TrustZone security isolation zone based on a Cortex-M4 processor core. The aforementioned secure chip storage device has a unique ECDSA key pair, which is based on the NIST P-256 curve and is used to verify the global federated model digital signature issued by the aggregation node. If the verification fails, the system lockout is triggered. The security aggregation interface module is implemented using the Texas Instruments DP83822 industrial Ethernet PHY chip. It is configured to transmit encrypted gradient data to the aggregation node via the OPC UA over TSN protocol within a 5ms idle window after the circuit breaker trips, and receive the global model encrypted by PQC. The transmission packet loss rate must be <0.001%, which complies with the IEEE 802.3 standard.
[0022] The creative characteristic of a workflow lies in: Hardware encryption and federated learning time slot collaboration: Gradient encryption is strictly limited to the idle window of the circuit breaker operation cycle, with a measured latency of 0.35ms, which is 60 times faster than software AES-256 and avoids interference with real-time control tasks. Quantum entropy source-enhanced key security: QRNG performs a health self-check every 24 hours, and its output random numbers are eliminated by a Toeplitz matrix hash extractor to remove residual correlations, so that the key space entropy increases to meet the NIST L5 level of resistance to quantum attacks. Dual-core verification architecture: Model signature verification is performed by the Cortex-M4 core, which is the hardware acceleration engine of the ATECC608B chip called by the secure world. The latency is 1.2ms, and it is physically isolated from the main control core to block side-channel attack paths. The technical effectiveness was verified by actual testing at a 330kV substation of the State Grid Corporation of China. It ran continuously for 2,000 hours without communication failures, representing a 92% reduction in failure rate compared to traditional Modbus solutions. Successfully intercepted 3 simulated quantum computing attacks; key cracking success rate under Grover algorithm attack <10%. -9 The circuit breaker fault warning F1-score reached 0.93, while the traditional method only reached 0.78, reducing the number of false trips to 0.1 times per thousand operations; This invention solves the core contradiction of balancing data security and control real-time performance in industrial equipment federated learning by deeply integrating hardware-level PQC encryption, a trusted execution environment, and an industrial real-time bus.
[0023] The quantum-secure communication module further integrates a quantum key distribution terminal unit, which includes: a decoy quantum light source for generating communication keys encoded in photon quantum states; a single-photon detector array configured to receive quantum keys sent by a remote QKD device and perform quantum state measurements; and a post-processing coprocessor connected to the PQC encryption chip and the trusted execution environment module, used for: comparing the quantum key error rate through the public key channel to select a secure key seed; triggering the PQC encryption chip in the quantum-secure communication module to use the secure key seed to generate a one-time session key for device control commands; and submitting key generation logs to the trusted execution environment module for auditing.
[0024] In this embodiment, the decoy quantum light source uses an IDQ Clavis3 1550nm laser diode, which is driven by a Xilinx Artix-7 FPGA to generate a phase-encoded quantum state with a pulse frequency of 1GHz. Three decoy states with intensities of μ1=50%, μ2=25%, and μ3=25% are set to suppress photon number separation attacks. The single-photon detector array uses Scontel SAP500 superconducting nanowire devices and operates at -80°C under an integrated Stirling cooler, thereby achieving 80% detection efficiency and <10Hz dark count rate. The detector output is transmitted to the post-processing coprocessor via an LVDS interface. The post-processing coprocessor is implemented using an NXP LPC55S69 dual-core MCU. Its TrustZone isolation zone runs the Cascade key error correction protocol, with a block size of 256 bits, and the Toeplitz matrix hash privacy amplification algorithm to generate a 128-bit security key seed. The core hardware connection is as follows: the quantum light source is connected to the polarization-maintaining fiber through the FC / APC interface to transmit the quantum state. The detector array is connected to the post-processing coprocessor via the SPI bus in the mode of CPOL=1, CPHA=1. After the SPI bus is connected to the post-processing coprocessor, the coprocessor directly drives the PQC encryption chip to generate a one-time session key for device control commands. The creative breakthrough in the workflow lies in: Stable quantum state transmission under industrial vibration environment: Under the characteristic vibration frequency of 93Hz of the pump unit, adaptive optical phase compensation technology is adopted with a compensation accuracy of λ / 20 to suppress the bit error rate of the quantum bit to within 3.5%, which meets the API670 standard requirement of ≤5%. Quantum-PQC fusion encryption of device control commands: The post-processing coprocessor triggers the PQC chip to execute Kyber.CCAKEM_Encrypt, which binds and encrypts the quantum key seed with pump control commands, such as "start pump / stop pump", and outputs a 256-bit session key to inject into the hardware security module. The entire process has a latency of ≤0.8ms, which meets the 1ms real-time requirement of API670. Verifiable auditing of key generation logs: After each session key is generated, the coprocessor submits an encrypted log containing a PUF fingerprint to the trusted execution environment module. The encrypted log uses the AES-GCM algorithm and is hashed and stored by the blockchain light node module to prevent key tampering.
[0025] The technical effectiveness has been verified by actual measurements at the CNOOC Huizhou oil pipeline: Under conditions of 2.5km fiber optic distance and pump vibration, the secure key generation rate reached 1.2kbps, with a theoretical limit of 1.5kbps. Successfully defended against time-shift attacks and blinding attacks with a success rate of <10%. -6 The traditional QKD scheme has 10 -3 ; Pump control command transmission error rate reduced to 10 -12 This represents a four-order-of-magnitude improvement over traditional RS485 solutions. This invention overcomes the challenges of engineering applications of quantum key distribution in rotating machinery scenarios through industrial-grade anti-vibration optical design, quantum-PQC key fusion mechanism, and instruction-level encryption delay control.
[0026] The Trusted Execution Environment (TEE) module connects to a blockchain light node module. This module is configured to: receive key generation logs submitted by the post-processing coprocessor and write the log hash value into a preset industrial equipment consortium blockchain; obtain the device identity certificate of the aggregation node from the consortium blockchain, verify its digital signature, and authorize the secure aggregation interface module to establish a connection; monitor the industrial equipment operation command flow in real time, and if the command frequency exceeds the security threshold, trigger the TEE module to freeze the temporary session key generation function and broadcast an alarm event to the consortium blockchain.
[0027] In this implementation, key log storage: The session key log generated by the post-processing coprocessor includes timestamps, PUF fingerprints, and operation types. The hash value is calculated by the SHA-256 accelerator built into the SE050 chip, with a throughput of 1Gbps. It is submitted to the "org1.wind" node through the Hyperledger Fabric 2.3 consortium chain. The transaction confirmation time is ≤2 seconds, and 2 seconds is the actual test result of a 20-node network. Device authentication: Obtain the X.509 certificate of the aggregation node from the consortium blockchain. The certificate format is RFC 5280. Build a three-level certificate chain in the chip: device certificate → manufacturer CA certificate → root certificate. Use the ECDSA algorithm, i.e. the NISTP-256 curve, to verify the signature. The latency is ≤8ms. Command stream monitoring: The command stream of the pitch controller CAN bus is acquired in real time using an ADI AD7606 ADC at a sampling rate of 200kSPS, based on a wind power safety dynamic threshold model.
[0028] In the formula, This is a critical value for the frequency of the pitch control command stream; exceeding this value will trigger an alarm or key freeze. This represents the upper limit of the angular velocity of the wind turbine blades. The peak value of angular acceleration ∂θ / ∂t is set, 0.6 is the contribution ratio of pitch rate to the safety threshold, and 0.4 is the contribution ratio of pitch acceleration to the safety threshold. When the detected command frequency is >90% of the threshold, an alarm log is triggered, and when it is >100% of the threshold, the session key is frozen. The response delay is <5ms.
[0029] Creative technological breakthroughs lie in: Hardware-level blockchain acceleration architecture: The SE050 chip's physical tamper-proof zone stores the device's private key. All on-chain operations are completed through the hardware engine, which is 50 times more efficient than software solutions and blocks memory sniffing attacks. Dynamic threshold model for wind power scenarios: Introducing a pitch acceleration factor, β=0.4, to solve the problem of false triggering caused by sudden loads under turbulent conditions; GL 2010 certified. Millisecond-level threat linkage response: The key freeze signal is directly written into the register of the PQC encryption chip with the IP address 0x5000_FF00, which synchronously triggers the safe shutdown of the pitch system, thus complying with IEC 61400-25 Category 3 security level.
[0030] The technical effectiveness has been verified by field tests at Longyuan Power's Zhangjiakou Wind Farm: Under turbulent wind speeds of 8 m / s, the false alarm rate of the command monitoring is <0.01%, while that of the traditional solution is only 12%. Successfully intercepted attacks involving fake aggregation nodes, 100% identified invalid certificates, and command flood attacks, effectively blocking 200 malicious commands per second. The key freeze delay is 3.2ms, which is 15 times faster than the OPC UA security extension solution. This invention achieves nanosecond-level signal linkage between industrial-grade blockchain nodes, wind power-specific dynamic threshold algorithms, and control systems through a hardware security chip, resolving the contradiction between real-time performance and reliability in industrial equipment blockchain applications.
[0031] The quantum key distribution terminal unit is encapsulated within a multi-level vibration-resistant support structure, including: an inner buffer frame: which uses silicone dampers to fix the decoy quantum light source and single-photon detector array, buffering mechanical shocks with frequencies >200Hz; a spectrum adaptation intermediate layer: which covers the inner buffer frame, and whose stiffness distribution is configured according to the vibration spectrum characteristics of the equipment installation location to suppress low-frequency vibrations of 5-150Hz; and a metal shielding shell: which covers the spectrum adaptation intermediate layer, has light-transmitting holes for aligning with the single-photon detector array, and is grounded to eliminate electromagnetic interference; wherein, the spectrum adaptation intermediate layer contains a composite foam material filled with a density gradient, and its peak stiffness is misaligned with the characteristic vibration frequency of the industrial machine to which the equipment belongs by ≥10Hz.
[0032] In this embodiment, the inner buffer frame uses a silicone damper with a Shore A35 hardness and a thickness of 12mm. The silicone damper fixes the IDQ Clavis3 quantum light source and the Scontel SAP500 detector array with an interference fit, and absorbs high-frequency impacts >200Hz through nonlinear damping characteristics (measured transmissibility ≤0.2@500Hz). The spectral adaptation intermediate layer consists of a porous titanium alloy skeleton (65% porosity) and gradient-filled polyimide foam, with its stiffness distribution strictly meeting the following requirements:
[0033] in The peak frequency of the intermediate layer stiffness determines the material's vibration characteristics. This is the characteristic vibration frequency of the equipment; in the case of an oil pump, it is 93Hz. It is a forced misalignment amount. The value of 10Hz comes from the measured resonance safety boundary. It suppresses low-frequency vibrations of 5-150Hz through the principle of impedance mismatch, and the vibration energy attenuation rate is ≥40dB. The metal shielding shell is made of 0.8mm thick 316L stainless steel laser welded into shape. The surface of the shell has Φ3mm light-transmitting holes and is embedded with UV-cured quartz glass windows. The light transmittance of the UV-cured quartz glass windows is >98%@1550nm. The whole is connected to the pump body grounding terminal through star-shaped grounding bolts. The grounding resistance is <0.1Ω, which suppresses the electromagnetic interference intensity to below 10V / m, thus complying with the IEC 61000-4-3 Class A standard. Creative technological breakthroughs lie in: Active spectrum avoidance design: The forced misalignment of the stiffness peak f_stiff and the device characteristic frequency f_machine completely avoids resonance, solving the problem of misalignment of quantum optical devices in industrial rotating machinery scenarios, and complies with API 670 certification; Energy selective absorption of gradient foam: Polyimide foam density increases from 1.2 g / cm³ in the inner layer. 3 Gradient decrease to 0.3 g / cm in the outer layer 3 This forms a broadband vibration trap, with a measured vibration transmissibility of 0.08 at 93Hz, which is 5 times higher than that of homogeneous foam. The triple composite protection system consists of high-frequency damping (made of silicone), low-frequency vibration isolation (made of gradient foam), and EMI shielding (made of stainless steel). These three components work together to maintain a QBER of ≤3.5% in harsh environments involving salt spray, vibration, and electromagnetic interference, within the standard allowable range of 5%.
[0034] The technical effectiveness has been verified by actual measurements at the CNOOC Huizhou oil pipeline: At a vibration acceleration of 2.5g and a dominant frequency of 93Hz, the quantum light source optical path offset angle is <0.001°, and the detector dark count growth rate is ≤3%. Salt spray test meets ISO 9227 standard. After 500 hours, the light transmittance attenuation rate of the quartz window is <0.5%, and the metal casing shows no corrosion perforation. The integrated packaging reduces the quantum key generation error rate from 12.7% to 1.3%, exceeding the API 670 requirement; This invention achieves the first engineering application of quantum optical devices in rotating machinery scenarios through precise spectrum avoidance, gradient material innovation, and industrial-grade sealing and shielding.
[0035] The Trusted Execution Environment (TEE) module integrates a physically unclonable function unit. This unit includes a nanoscale resonant cavity array etched onto the device's motherboard, which generates a unique hardware fingerprint through random mutations based on the manufacturing process. It connects to the blockchain light node module, writing the hash value of the hardware fingerprint into the consortium blockchain as the device's root identity credential. It works in conjunction with the post-processing coprocessor to inject the hardware fingerprint as a key derivation parameter each time a temporary session key is generated. When the electromagnetic response characteristics of the nanoscale resonant cavity array deviate from the registration baseline value by ±5%, the blockchain light node module is triggered to broadcast a device identity failure alarm.
[0036] In this implementation, the nanoscale resonant cavity array was fabricated on a single-crystal silicon substrate of the device motherboard using deep reactive ion etching (DRIE). It contains 1,024 ring resonators with dimensions of 3 μm ± 0.1 μm in diameter and 50 μm in depth. Variations in the manufacturing process resulted in a random distribution of the inherent frequencies of each resonant cavity, with a standard deviation σ = 12.3% and a cloning success rate of <10%. -9 ; The fingerprint extraction circuit applies a scanning voltage of 0.1-100MHz to the resonant cavity array through the AD5941 impedance analysis chip, measures the resonant frequency distribution, and outputs a 512-bit hardware fingerprint. Its randomness is tested by NIST STS and satisfies p-value>0.01. The secure binding engine runs within the Trusted Execution Environment module and executes: Fingerprint registration: The Fourier characteristic coefficients of the resonant frequency distribution are hashed using SHA3-256 and then written into the blockchain; Key Derivation: Each time a session key is generated, the Jaccard similarity coefficient of the real-time fingerprint is injected into the Kyber.CCAKEM key derivation function.
[0037] in For quantum key seed, The threshold for the real-time PUF fingerprint similarity to the registration benchmark Jaccard is 95%. Replay-resistant random numbers generated for the security chip; Failure monitoring: When the Euclidean distance deviation of the resonant frequency distribution is greater than 5%, a blockchain broadcast identity failure alarm is triggered.
[0038] Creative technological breakthroughs lie in: Nuclear industry-grade radiation-resistant design: The ring resonator features a silicon-on-insulator structure with a buried oxide layer thickness of 1 μm, suppressing frequency drift caused by gamma rays to <0.5%, compared to 8% for traditional SRAM PUF. Dynamic key binding mechanism: Session key and fingerprint similarity are coupled in real time, where With a threshold of 95%, even if an attacker partially clones the resonant cavity, they will not be able to derive the correct key. Actual testing showed that cloning 80% of the cavity... =89% < threshold; Multiphysics failure determination: Euclidean distance deviation > 5% comprehensively considers mechanical deformation, which is caused by vibration, thermal stress, ΔT > 50℃, and radiation damage. The false alarm rate is < 0.001%, which meets the IEC 61508 SIL3 certification. The technical effectiveness has been verified by field tests conducted by the China Institute of Atomic Energy. Under 200 kGy / h γ irradiation, the fingerprint repeatability error is <0.3%, at which point the SRAM PUF fails. Successfully defended against probe attacks; when an attempt to read the resonant cavity parameters resulted in a frequency deviation of 6.2%, an alarm was triggered. The key derivation binding latency is only 1.8μs, which is three orders of magnitude better than software binding schemes; This invention solves the problem of equipment identity authentication in high-risk scenarios such as the nuclear industry by using radiation-resistant resonant cavity design, dynamic similarity key binding, and multi-physics failure criteria.
[0039] The Trusted Execution Environment (TEE) module is configured to perform the following extended operations: real-time monitoring of the resonant frequency drift rate of the nanoscale resonant cavity array of the Physically Unclonable Function Unit (PUNU) and generating a Level 1 physical intrusion alarm when the drift rate > 10 kHz / ms; acquiring vibration spectrum through the piezoelectric sensor array on the device housing and generating a Level 2 physical intrusion alarm if an impact signal matching the characteristic frequency of the device disassembly tool is detected; responding to the Level 1 alarm by controlling the transmittance of the photosensitive polymer layer covering the nanoscale resonant cavity array to < 5%; responding to the Level 2 alarm by driving the electrolytic corrosion circuit integrated on the motherboard to apply an 8V / 2A pulse current to the resonant cavity array; writing the alarm and self-destruct event hash values to the consortium blockchain through the blockchain light node module; and triggering the TEE modules of adjacent devices to start defense mode.
[0040] In this implementation, the first-level alarm response is as follows: when the resonant frequency drift rate of the nano-resonant cavity array is detected to be >10kHz / ms, when the corresponding nano-probe attacks, the photochromic polymer layer covering the resonant cavity is controlled within 10ms. The photochromic polymer layer contains spiropyran-titanium dioxide composite material, and the transmittance is reduced from 92% to 3%, blocking the optical detection path. The response delay is ≤8ms after testing under the MIL-STD-810H vibration environment. The above-mentioned secondary alarm response is as follows: when the piezoelectric sensor array, model PCB 352C03, detects an impact signal that matches the characteristic frequency of the hydraulic shearing tool, with a characteristic frequency range of 27Hz±3Hz, it drives the titanium alloy microfluidic electrolytic cell to apply three 8V / 2A pulse currents to the resonant cavity array, with a pulse width of 5ms and an interval of 2ms, thereby initiating selective anodizing of the silicon substrate; Blockchain Collaborative Defense: The alarm event hash and self-destruct opcode are stored in real time through the Hyperledger Fabric consortium blockchain. At the same time, encrypted defense commands are broadcast to devices within a 15m radius. The defense commands are AES-256-GCM, which triggers neighboring devices to upgrade the threat level and activate the high-voltage electric shock net on the outer shell. The voltage and current level of the electric shock net is 10kV / 3mA. Creative technological breakthroughs lie in: Accurate identification of multimodal attacks: Level 1 alarm: resonant frequency drift rate threshold >10kHz / ms. Based on the mechanical resonance characteristics of the probe, actual measurement shows that probe contact causes a drift of 12-15kHz / ms. Level 2 alarm: The characteristic frequency of 27Hz matches the vibration spectrum of the hydraulic shearing tool. The FFT analysis accuracy is ±0.5Hz, and the false alarm rate is <0.001%. Irreversible physical self-destruction mechanism: Photochromic layer: Photoisomerization of spiropyran molecules achieves millisecond-level atomization, while traditional electrochromism requires 100ms; Electrochemical etching: Fluorine ion-catalyzed anodic oxidation reaction, a 10μm etching depth causes the Q value of the resonant cavity to decrease by >40dB; Active defense of device cluster: After the defense command is consensus-based through the blockchain, it triggers the high-voltage electric shock network of neighboring devices, forming an active protection circle with a radius of 15m, which meets the API 670 safety distance requirements; The technical effectiveness has been verified by the National Petroleum Reserve Center through actual testing: The probe attack triggers a Level 1 response 100% of the time. When the transmittance is 3.2% ± 0.5%, the optical detection signal attenuates by 46 dB. The hydraulic shearing attack triggered a secondary response within 95ms, which is equivalent to an etching depth of 12.7μm, resulting in the complete failure of the resonant cavity structure. The blockchain collaborative defense command transmission latency is less than 35ms, which is 8 times faster than the ZigBee solution.
[0041] This invention solves the problem of physical security protection for critical energy infrastructure through nanoscale attack detection, molecular-level self-destruct materials, and on-chain defense synergy.
[0042] The blockchain light node module connects to a policy coprocessor, which is configured to perform the following operations: Threat Feature Extraction: The blockchain light node module acquires physical intrusion event data from devices within a 100m radius, extracting the spectral characteristics of attack tools, resonant cavity drift modes, and self-destruct trigger type parameters from the events; these parameters are input into the federated learning client module to generate a 128-dimensional threat feature vector; Federated Policy Optimization: The federated learning client module aggregates the threat feature vectors of adjacent devices to generate a regional threat model; the processor runs a near-end policy optimization algorithm, outputting defense policy parameters based on the regional threat model, including self-destruct response threshold adjustment, radio frequency interference intensity, and laser channel activation flag; Hardware Policy Execution: The defense policy parameters are encrypted via a quantum-secure communication module and written into the consortium blockchain smart contract; the smart contract content is parsed, and the response threshold register of the self-destruct control module is reconfigured via the device hardware security bus; when the regional threat level is >7, the laser emitter of the quantum key distribution terminal unit is activated to establish a direct quantum channel with adjacent devices.
[0043] In this embodiment, the distributed threat knowledge base is constructed as follows: physical intrusion events of devices such as transformers, circuit breakers, and disconnect switches within a radius of 100m are obtained through the blockchain light node module, and the spectral characteristics of attack tools are extracted, such as hydraulic clamps at 27Hz, laser cutters at 40kHz, resonant cavity drift mode, drift mode slope >10kHz / ms, self-destruct trigger type, and other parameters. A 128-dimensional threat feature vector is constructed, and the gradient is encrypted and uploaded every 5 minutes through the federated learning client module. Dynamic strategy generation and deployment: The aggregation node trains a near-end strategy optimization model based on device feature vectors and outputs defense strategy parameters, including self-destruct response threshold adjustment of ±20%, radio frequency interference intensity of 0-30dBm, and laser channel activation flag. After being encrypted by the quantum-safe communication module, the parameters are written into the Hyperledger Fabric smart contract. The transaction confirmation time is ≤1.5 seconds. The strategy coprocessor parses the contract and reconfigures the FPGA register of the self-destruct control module through the SPI bus. The IP address is 0x5000_FF00. Emergency quantum channel activation: When the regional threat level is >7, corresponding to Attack Level 4 of IEC 62351-5, the 1550nm laser transmitter of the quantum key distribution terminal unit is activated. The output power of the laser transmitter is 10mW, and a direct quantum channel is established with the nearest neighbor device. The key rate is 2.8kbps@500m, replacing the damaged fiber optic link. The innovative technological breakthrough lies in: multi-device threat perception fusion. The feature vectors cover heterogeneous data from electrical equipment clusters, such as transformer vibration, circuit breaker operation, and disconnector status. Federated learning aggregates data to protect privacy while increasing threat identification accuracy to 99.2%, compared to only 87.5% for a single device. Reinforcement learning-driven dynamic defense: The PPO model is based on a return function.
[0044] Optimization strategy ( =0.7, =0.3); The self-destruct threshold is dynamically adjusted according to the attack intensity. For example, when a probe attack occurs, it is increased to 12kHz / ms, which will reduce false alarms. Quantum communication emergency disaster recovery: The laser channel is established within 50ms after the fiber optic cable is interrupted, meeting the IEC 61850-5 requirement of ≤100ms, ensuring uninterrupted transmission of power grid control commands; The technical effectiveness has been verified by field tests at the State Grid Smart Substation Demonstration Project: In simulated coordinated attacks, i.e., simultaneous intrusion into transformers and circuit breakers, the strategy evolution improved the threat identification rate from 75.6% to 98.7%. Dynamic self-destruct threshold adjustment reduces the false alarm rate to 0.8%, compared to 5.2% for the fixed threshold scheme; The emergency quantum channel has a transmission delay of only 38ms, which can meet the requirements of power grid differential protection, and the standard protection requirement is ≤50ms. This invention constructs a clustered active defense system for critical power grid facilities through heterogeneous device federated learning, dynamic policy optimization, and quantum communication disaster recovery.
[0045] S1: Train the industrial equipment status prediction model locally through the federated learning client module and generate model gradient update data; The PQC encryption chip of the quantum-safe communication module is invoked to encrypt gradient update data using a lattice cryptography algorithm. The encrypted gradient is transmitted to the aggregation node via the secure aggregation interface module, and the global federated model issued by the aggregation is received. After the trusted execution environment module verifies the global model signature, it is loaded locally. S2: Monitor the operation command flow through the blockchain light node module, and freeze the session key generation function when the command frequency exceeds the security threshold; When a physically unclonable function unit detects a deviation of ±5% in the electromagnetic response of the resonant cavity array, it broadcasts an identity failure alarm to the consortium blockchain, including: A Level 1 alarm triggers a drop in the light transmittance of the photosensitive polymer layer to <5%; The secondary alarm triggers the electrolytic corrosion circuit to apply an 8V / 2A pulse current. S3: Aggregates intrusion events of devices within a 100m radius through a policy coprocessor, generating a 128-dimensional threat feature vector; The near-end strategy optimization algorithm is run to output defense strategy parameters, which are then encrypted by the quantum-safe communication module and written into the consortium blockchain smart contract. When the regional threat level is greater than 7, the laser transmitter of the quantum key distribution terminal unit is activated to establish an emergency quantum channel.
[0046] It should be noted that, in this document, relational terms such as "one" and "two" are used merely to distinguish one entity or operation from another, and do not necessarily require or imply any such actual relationship or order between these entities or operations. Furthermore, the terms "comprising," "including," or any other variations thereof are intended to cover non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements includes not only those elements but also other elements not expressly listed, or elements inherent to such a process, method, article, or apparatus. Without further limitations, the phrase "comprising an element defined as..." does not exclude the presence of other identical elements in the process, method, article, or apparatus that includes said element.
[0047] Although embodiments of the invention have been shown and described, it will be understood by those skilled in the art that various changes, modifications, substitutions and alterations can be made to these embodiments without departing from the principles and spirit of the invention, the scope of which is defined by the appended claims and their equivalents.
Claims
1. An industrial interconnection device, characterized in that, include: The processor, memory, and the following functional modules integrated into the device hardware platform: Federated learning client module: used to train industrial equipment condition prediction models locally and generate encrypted model gradient update data; Quantum-safe communication module: includes a post-quantum cryptography encryption chip and a quantum random number generator. The PQC encryption chip is configured to perform lattice-based encryption operations on the model gradient update data, and the QRNG provides a true random entropy source for the encryption process. Trusted Execution Environment Module: Embedded hardware root of trust, used to store the device's unique identity key and to perform signature verification on the received global federation model; The secure aggregation interface module connects the federated learning client module, the quantum-secure communication module, and the trusted execution environment module via an industrial bus, and is configured as follows: The encrypted model gradient update data is transmitted to the aggregation node via the industrial network; Receive the global federation model encrypted by PQC from the aggregation node; The trusted execution environment module is triggered to verify the source signature of the global federated model.
2. An industrial interconnection device according to claim 1, characterized in that, The quantum-secure communication module further integrates a quantum key distribution terminal unit, which includes: Deceived quantum light source, used to generate communication keys encoded in photon quantum states; A single-photon detector array configured to receive quantum keys sent by a remote QKD device and perform quantum state measurements; The post-processor, connected to the PQC encryption chip and the trusted execution environment module, is used for: Secure key seeds are selected by comparing the error rates of quantum keys through a public key channel. The PQC encryption chip in the quantum-safe communication module is triggered to use the security key seed to generate a one-time session key for device control commands; Submit key generation logs to the Trusted Execution Environment module for auditing purposes.
3. An industrial interconnection device according to claim 2, characterized in that, The trusted execution environment module is connected to a blockchain light node module, which is configured as follows: Receive the key generation log submitted by the post-processing coprocessor and write the log hash value into the preset industrial equipment consortium chain; Obtain the device identity certificate of the aggregation node from the consortium blockchain, verify its digital signature, and then authorize the secure aggregation interface module to establish a connection. The system monitors the flow of operation commands from industrial equipment in real time. If the command frequency exceeds the security threshold, the trusted execution environment module is triggered to freeze the temporary session key generation function and broadcast an alarm event to the consortium blockchain.
4. An industrial interconnection device according to claim 2, characterized in that, The quantum key distribution terminal unit is encapsulated within a multi-level vibration-resistant support structure, including: Inner buffer frame: The decoy quantum light source and single-photon detector array are fixed by silicone dampers to buffer mechanical shocks with a frequency >200Hz; Spectrum adaptation intermediate layer: covering the inner buffer frame, the stiffness distribution of which is configured according to the vibration spectrum characteristics of the equipment installation location to suppress low-frequency vibration of 5-150Hz; Metal shielding housing: covering the spectrum adaptation intermediate layer, with light-transmitting holes aligned with the single-photon detector array, and the housing is grounded to eliminate electromagnetic interference; The intermediate layer for spectral adaptation comprises a composite foam material filled with a density gradient, the peak stiffness of which is misaligned by ≥10Hz with the characteristic vibration frequency of the industrial machine to which the equipment belongs.
5. An industrial interconnection device according to claim 3, characterized in that, The trusted execution environment module integrates a physically unclonable function unit, which: It includes a nanoscale resonant cavity array etched onto the device's motherboard, which generates a unique hardware fingerprint through random variations based on the manufacturing process. Connect the blockchain light node module and write the hash value of the hardware fingerprint into the consortium blockchain as the root credential of the device identity; In conjunction with the post-processing coprocessor, the hardware fingerprint is injected as a key derivation parameter each time a temporary session key is generated; When the electromagnetic response characteristics of the nanoscale resonant cavity array deviate from the registration reference value by ±5%, the blockchain light node module broadcast device identity failure alarm is triggered.
6. An industrial interconnection device according to claim 5, characterized in that... The Trusted Execution Environment module is configured to perform the following extended operations: The resonant frequency drift rate of the physical non-cloning function unit nanoscale resonant cavity array is monitored in real time, and a first-level physical intrusion alarm is generated when the drift rate is >10kHz / ms. Vibration spectrum is collected by a piezoelectric sensor array on the equipment housing. If an impact signal matching the characteristic frequency of the disassembly tool is detected, a level two physical intrusion alarm is generated. In response to a Level 1 alarm, the transmittance of the photosensitive polymer layer covering the nanoscale resonant cavity array is controlled to decrease to <5%; In response to the level 2 alarm, the electrolytic corrosion circuit integrated on the motherboard is driven to apply an 8V / 2A pulse current to the resonant cavity array; The hash values of alarms and self-destruct events are written into the consortium blockchain through the blockchain light node module; The trusted execution environment module of the adjacent device is triggered to start the defense mode.
7. An industrial interconnection device according to claim 6, characterized in that, The blockchain light node module is connected to a policy coprocessor, which is configured to perform the following operations: Threat Feature Extraction: The blockchain light node module acquires physical intrusion event data of devices within a radius of 100m, and extracts the spectral characteristics of the attack tools, resonant cavity drift mode, and self-destruct trigger type parameters from the events. The parameters are input into the federated learning client module to generate a 128-dimensional threat feature vector; Federalization strategy optimization: The federated learning client module is invoked to aggregate threat feature vectors from neighboring devices and generate a regional threat model. The processor is used to run a near-end policy optimization algorithm and output defense policy parameters based on the regional threat model, including self-destruct response threshold adjustment, radio frequency interference intensity, and laser channel activation flag. Hardware policy execution: The defense strategy parameters are encrypted using the quantum-secure communication module and written into the consortium blockchain smart contract; The smart contract content is parsed, and the response threshold register of the self-destruct control module is reconfigured via the device hardware security bus. When the regional threat level is greater than 7, the laser transmitter of the quantum key distribution terminal unit is activated to establish a direct quantum channel with the adjacent device.
8. A method of using an industrial interconnection device, wherein the industrial interconnection device according to claims 1-7 is characterized in that, include S1: Train the industrial equipment status prediction model locally through the federated learning client module and generate model gradient update data; The PQC encryption chip of the quantum-safe communication module is invoked to encrypt the gradient update data using a lattice cryptography algorithm. The encrypted gradient is transmitted to the aggregation node via the secure aggregation interface module, and the global federated model issued by the aggregation is received. After the trusted execution environment module verifies the global model signature, it is loaded locally. S2: Monitor the operation command flow through the blockchain light node module, and freeze the session key generation function when the command frequency exceeds the security threshold; When the physically unclonable function unit detects a deviation of ±5% in the electromagnetic response of the resonant cavity array, it broadcasts an identity failure alarm to the consortium blockchain, including: A Level 1 alarm triggers a drop in the light transmittance of the photosensitive polymer layer to <5%; The secondary alarm triggers the electrolytic corrosion circuit to apply an 8V / 2A pulse current. S3: Aggregates intrusion events of devices within a 100m radius through a policy coprocessor, generating a 128-dimensional threat feature vector; The near-end strategy optimization algorithm is run to output defense strategy parameters, which are then encrypted by the quantum-safe communication module and written into the consortium blockchain smart contract. When the regional threat level is greater than 7, the laser transmitter of the quantum key distribution terminal unit is activated to establish an emergency quantum channel.