VPX-based security monitoring method and device, electronic equipment and storage medium

By introducing multi-source heterogeneous sensor data processing, TCM trusted chain, and machine learning models into the VPX architecture, the problems of monitoring and business coupling, poor real-time performance, and insufficient security of the VPX platform are solved, achieving high reliability and real-time fault handling, supporting full lifecycle status recording and prediction, and adapting to various environmental requirements.

CN122268636APending Publication Date: 2026-06-23SHENZHEN EWARE INFORMATION TECH CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
SHENZHEN EWARE INFORMATION TECH CO LTD
Filing Date
2026-03-31
Publication Date
2026-06-23

AI Technical Summary

Technical Problem

In existing technologies, embedded computers based on the VPX architecture suffer from high coupling between monitoring and business operations, poor real-time response to anomalies, insufficient status tracing capabilities, imperfect secure and reliable startup mechanisms, and inadequate interface expansion and signal integrity monitoring. This leads to system instability under high-intensity environments, and the mixing of management and data channels makes it difficult to achieve reliable fault handling and management.

Method used

By employing multi-source heterogeneous sensor data preprocessing, establishing a trusted chain using the TCM trusted cryptographic module, a hierarchical decision-making model, an independent management channel, and a machine learning model, hardware-level monitoring is decoupled from the main processor. This enables the construction of a holographic recording and fault tracing mechanism, multi-level decision-making and fault handling, and supports dynamic reconfiguration.

Benefits of technology

It enables status monitoring and fault handling even when the main processor crashes or the operating system crashes, improving system fault tolerance, ensuring real-time performance and security, providing full lifecycle status recording and fault analysis support, reducing the risk of unplanned downtime, and adapting to various harsh environment requirements.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122268636A_ABST
    Figure CN122268636A_ABST
Patent Text Reader

Abstract

The application belongs to the technical field of information security, and relates to a VPX-based security monitoring method and device, electronic equipment and a storage medium, the method comprising: collecting multi-source heterogeneous sensor data, and preprocessing the multi-source heterogeneous sensor data to obtain system health data; establishing a trusted chain with a TCM trusted cryptographic module as a trust root to obtain a trusted measurement result; performing multi-level decision and real-time fault disposal through a hierarchical decision model according to the system health data and the trusted measurement result; constructing an independent management channel physically or logically isolated from business data; holographically recording and tracing the system running state; and predicting the remaining life and failure probability of components through a machine learning model based on historical operation data and the current state of the system, and triggering preventive maintenance or dynamic reconstruction. The application has high reliability, strong real-time performance, security and trustworthiness, holographic traceability, intelligent prediction and flexible adaptation.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of information security technology, and in particular to a security monitoring method, device, electronic device, and storage medium based on VPX. Background Technology

[0002] With the continuous improvement of the intelligence level of modern military equipment, aerospace, rail transportation, and critical infrastructure, the data processing tasks undertaken by embedded computer systems are becoming increasingly complex, placing extremely high demands on the system's real-time performance, reliability, and security. In many application scenarios, safety monitoring devices not only need to complete high-speed data processing, but also need to monitor voltage, temperature, and information on replaceable units in real time to ensure stable operation of the system under high-intensity, high-load, and harsh environmental conditions.

[0003] Currently, embedded computers based on the VPX architecture have become the preferred platform in military and high-end industrial fields due to their high bandwidth, high reliability, robustness, and excellent thermal management capabilities. The VPX standard evolved from the VME bus, supporting high-speed serial interconnection and meeting the data interaction needs between multi-core processors and high-speed peripherals. In recent years, the domestically produced Phytium processor series has developed rapidly in the field of independent and controllable embedded systems. The Phytium D2000, as an eight-core high-performance CPU, combined with the Phytium X100 bridge chip, provides powerful general-purpose computing capabilities and rich peripheral interfaces, initially possessing the ability to replace imported processors.

[0004] However, in the existing technology, the security monitoring of such high-performance domestically produced VPX platforms still has the following technical shortcomings: High coupling between monitoring and business: Traditional monitoring methods rely on periodic polling of the main processor, which not only consumes the main processor's computing resources, but also fails to monitor when the processor is abnormal or crashes, making out-of-band management impossible.

[0005] Poor real-time response to anomalies: There is a lack of fast and independent hardware-level processing mechanisms for hardware anomalies such as voltage fluctuations and temperature over-limits. The response often needs to go through the operating system, which leads to delayed protection actions and poses a risk of damaging the equipment.

[0006] Insufficient status traceability capability: Records of historical operating status of equipment (such as temperature change curves, abnormal voltage transients, and reset causes) are missing, and fault location relies on manual experience, which is inefficient.

[0007] The secure and trusted boot mechanism is imperfect: it lacks a complete trusted chain measurement and monitoring from the hardware layer to the system boot, making it difficult to effectively prevent security threats such as firmware tampering and malicious code injection.

[0008] Insufficient interface expansion and signal integrity monitoring: In complex systems employing multi-level conversion and multi-module interconnection, the lack of proactive monitoring methods for signal integrity and level conversion status in different voltage domains increases the risk of hidden faults.

[0009] Management channels and data channels are mixed: management information and business data share the same physical channel, making it difficult to reliably issue management commands when the system is abnormal, and the management interface lacks independence and high availability. Summary of the Invention

[0010] To address the aforementioned technical problems, this invention provides a VPX-based security monitoring method, employing the following technical solution, including the following steps: Collect data from multiple heterogeneous sensors and preprocess the data to obtain system health data; Establish a trusted chain with the TCM trusted cryptographic module as the root of trust, and obtain the trust measurement results; Based on the system health data and the reliability measurement results, multi-level decision-making and real-time fault handling are carried out through a hierarchical decision-making model. Build an independent management channel that is physically or logically isolated from business data; The system's operating status is recorded holistically, and faults are traced back to their source. Based on historical operating data and the current state of the system, machine learning models are used to predict the remaining lifespan and failure probability of components, and to trigger pre-maintenance or dynamic reconfiguration.

[0011] Preferably, the step of collecting data from multiple heterogeneous sensors and preprocessing the data to obtain system health data specifically includes: Collect data from multi-source heterogeneous sensors; The data from the multi-source heterogeneous sensors are filtered and calibrated. The filtered and calibrated multi-source heterogeneous sensor data are classified and preprocessed.

[0012] Preferably, the step of establishing a trusted chain with the TCM trusted cryptographic module as the root of trust and obtaining the trust measurement result specifically includes: During the initial power-on phase of the system, two-way authentication is performed between the BMC management unit and the TCM trusted card to establish a trusted management channel; Establish a multi-level trusted measurement chain to measure the integrity of the BIOS, bootloader, kernel image and drivers level by level during the boot process, ensuring that only certified components are loaded and executed; During system operation, system files, applications, and dynamic libraries are periodically measured.

[0013] Preferably, the step of performing multi-level decision-making and real-time fault handling based on the system health data and the trust measurement results using a hierarchical decision-making model specifically includes: Hardware-level faults are categorized into severe faults and mild to moderate faults. Based on the system health data and the reliability measurement results, the BMC performs hardware-level protection processing for severe faults. For minor to moderate faults, the BMC will make decisions in collaboration with the main processor through the management channel, and execute degraded operation or service migration strategies. Fault thresholds, handling strategies, and log reporting rules can be dynamically adjusted remotely through the management interface.

[0014] Preferably, the step of constructing an independent management channel that is physically or logically isolated from business data specifically includes: A physical isolation channel is established between the BMC and the VPX backplane management controller via IPMB to enable chassis-level management information exchange; Utilize the network interface card (NIC) to provide an independent management network channel for the BMC; Unified authentication and hierarchical access control are implemented for access through different management channels.

[0015] Preferably, the steps of holographic recording and fault tracing of the system operating status specifically include: A circular buffer method is used to continuously record sensor data, operation events, and status changes; When a fault is detected, the system state at the time of the fault is automatically captured, forming a snapshot of the fault scene; Time synchronization is performed between the BMC, the main processor system, and the chassis management controller.

[0016] Preferably, the step of predicting the remaining lifespan and failure probability of components based on historical operating data and the current state of the system using a machine learning model, and triggering pre-maintenance or dynamic reconfiguration, specifically includes: Features are extracted from recorded historical sensor data to construct quantitative indicators that reflect the health status of components; Based on historical degradation data and real-time health indicators, a lightweight prediction model is used to estimate the remaining usable life of components and issue maintenance warnings in advance. Based on the health prediction results and the importance of the system's current tasks, a decision is made on whether to perform a dynamic system refactoring.

[0017] To address the aforementioned technical problems, the present invention also provides a VPX-based security monitoring device, which employs the following technical solution, including: The preprocessing module is used to collect data from multi-source heterogeneous sensors and preprocess the data to obtain system health data. Establish a module to build a trusted chain with the TCM trusted cryptographic module as the root of trust and obtain the trust measurement results; The hierarchical module is used to make multi-level decisions and real-time fault handling based on the system health data and the trust measurement results through a hierarchical decision model. The isolation module is used to build an independent management channel that is physically or logically isolated from business data; The recording module is used for holographic recording of the system's operating status and fault tracing. The prediction module is used to predict the remaining lifespan and failure probability of components based on historical operating data and the current state of the system through machine learning models, and to trigger pre-maintenance or dynamic reconfiguration.

[0018] To address the aforementioned technical problems, the present invention also provides an electronic device that employs the technical solution described below, comprising a memory and a processor. The memory stores computer-readable instructions, and the processor executes the computer-readable instructions to implement the steps of the VPX-based security monitoring method described above.

[0019] To address the aforementioned technical problems, the present invention also provides a computer-readable storage medium, which employs the technical solution described below. The computer-readable storage medium stores computer-readable instructions, which, when executed by a processor, implement the steps of the aforementioned VPX-based security monitoring method.

[0020] Compared with the prior art, the present invention has the following main advantages: (1) Through the independent BMC out-of-band management architecture, the monitoring function is decoupled from the main processor hardware. When the main processor crashes or the operating system crashes, the status monitoring, fault handling and remote management can still be completed, which greatly improves the system's fault tolerance and reliability.

[0021] (2) The hardware-level emergency fault self-governance mechanism adopts independent comparators and interrupts, with a response time in the microsecond range, which is much faster than the traditional method that relies on the operating system, effectively avoiding fault propagation and providing strong real-time performance.

[0022] (3) Based on TCM, a full-chain trusted measurement system from hardware boot to runtime is constructed. Combined with SM2 / SM3 national cryptographic algorithms, it fundamentally prevents firmware tampering and malicious code injection, meets the requirements of independent and controllable security, and is safe and reliable.

[0023] (4) The black box-style circular log and fault snapshot mechanism fully records the system's status throughout its entire life cycle, providing detailed data for fault location, health assessment and accident analysis, greatly improving maintainability and making it fully traceable.

[0024] (5) Introduce health prediction and remaining life estimation based on machine learning models to realize the transformation from passive response to proactive early warning, support condition-based maintenance, reduce the risk of unplanned downtime, and enable intelligent prediction.

[0025] (6) Supports dynamic configuration of management strategies and multi-level decision-making models. Monitoring parameters and disposal strategies can be adjusted according to different application scenarios to adapt to various harsh environmental requirements, from ground industrial control to airborne and shipborne. Attached Figure Description

[0026] To more clearly illustrate the solutions in this invention, the accompanying drawings used in the description of the embodiments of this invention will be briefly introduced below. Obviously, the drawings described below are some embodiments of this invention. For those skilled in the art, other drawings can be obtained from these drawings without creative effort.

[0027] Figure 1 This is a flowchart of an embodiment of the VPX-based security monitoring method of the present invention; Figure 2 This is a schematic diagram of an embodiment of the VPX-based security monitoring device of the present invention; Figure 3 This is a schematic diagram of the structure of an embodiment of the electronic device of the present invention. Detailed Implementation

[0028] Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention pertains; the terminology used herein in the specification is for the purpose of describing particular embodiments only and is not intended to limit the invention; the terms "comprising" and "having," and any variations thereof, in the specification, claims, and foregoing drawings are intended to cover non-exclusive inclusion. The terms "first," "second," etc., in the specification, claims, or foregoing drawings are used to distinguish different objects and not to describe a particular order.

[0029] In this document, the term "embodiment" means that a particular feature, structure, or characteristic described in connection with an embodiment may be included in at least one embodiment of the invention. The appearance of this phrase in various places throughout the specification does not necessarily refer to the same embodiment, nor is it a separate or alternative embodiment mutually exclusive with other embodiments. It will be explicitly and implicitly understood by those skilled in the art that the embodiments described herein can be combined with other embodiments.

[0030] To enable those skilled in the art to better understand the present invention, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings.

[0031] It should be noted that the VPX-based security monitoring method provided in this embodiment of the invention is generally executed by a server / terminal device, and correspondingly, the VPX-based security monitoring device is generally installed in the server / terminal device.

[0032] It should be understood that the number of terminal devices, networks, and servers is merely illustrative. Depending on implementation needs, any number of terminal devices, networks, and servers can be used.

[0033] Example 1 Please refer to Figure 1 The flowchart illustrates an embodiment of the VPX-based security monitoring method of the present invention. The VPX-based security monitoring method includes the following steps: Step S1: Collect data from multiple heterogeneous sensors and preprocess the data to obtain system health data.

[0034] In this embodiment, the electronic device (e.g., a server / terminal device) on which the VPX-based security monitoring method runs can receive VPX-based security monitoring requests via wired or wireless connections. It should be noted that the aforementioned wireless connection methods may include, but are not limited to, 3G / 4G / 5G connections, WiFi connections, Bluetooth connections, WiMAX connections, Zigbee connections, UWB (ultra-wideband) connections, and other currently known or future-developed wireless connection methods.

[0035] In this embodiment, step S1 may specifically include the following steps: S11 collects data from multiple heterogeneous sensors.

[0036] The domestically produced GD32F103RBT6 microcontroller, based on the ARM Cortex-M3 core, is used as the BMC management core. Utilizing the MCU's built-in 12-bit successive approximation analog-to-digital converter, configured in a multi-channel, sequential scan mode, it synchronously samples the voltages of key nodes in the VPX power layer (+5V, +3.3V, +12V, core voltage, etc.) at a sampling rate of 20kHz. Temperature acquisition employs multiple digital temperature sensors connected to the MCU via the I²C bus, distributed near the CPU core, bridge chip, memory chips, and VPX connector. Sensor addresses are distinguished by hardware jumpers, and the MCU periodically reads the temperature register using a polling method. FRU information is stored in the EEPROM using a data format defined by the IPMI specification, including board model, serial number, hardware version, and maximum power consumption. The MCU periodically reads the FRU data from the EEPROM via the I²C bus and combines it with voltage and temperature data to form data frames. To ensure synchronization, the MCU's internal timer generates a synchronization trigger signal at the start of each frame acquisition, simultaneously initiating ADC conversion and temperature sensor reading commands, and encapsulating the data into raw data packets with timestamps.

[0037] The purpose of step S11 is to synchronously collect multi-source data such as voltage, temperature, and FRU information to ensure that the physical quantities are aligned in time, thus providing a data foundation for subsequent correlation analysis.

[0038] S12 filters and calibrates data from multi-source heterogeneous sensors.

[0039] The voltage sample value is calculated using a first-order low-pass digital filtering algorithm, and the formula is: Y n =α×X n +(1-α)×Y n-1 Among them, Y n X is the current filter output value. n Y is the current sampled value. n-1 The output value is the previous filter value, and α is the filter coefficient, which ranges from 0.1 to 0.3 and is dynamically configured according to the power supply ripple characteristics. This formula is a first-order recursive filter that smooths high-frequency noise and suppresses transient fluctuations by weighting historical values ​​with the current value.

[0040] For temperature sensor data, a two-point calibration method is used for error compensation. First, the sensor readings T are recorded at two standard temperature points: 0℃ and 70℃. raw,0 and T raw,70 Establish the linear calibration formula: T true = k×T raw +b. Where, k = (70 - 0) / (T) raw,70 - T raw,0 b = 0 – k×T raw,0 Ttrue T is the true temperature after calibration. raw This is the original reading. The formula establishes a linear mapping relationship through two points, eliminating systematic errors caused by individual sensor differences and circuit bias. Calibration parameters are stored in the MCU's internal Flash memory and loaded upon power-up.

[0041] The purpose of step S12 is to suppress noise and compensate for sensor errors in the original sampled data, improve data accuracy and stability, and avoid misjudgment caused by single-point noise.

[0042] S13 performs data classification and preprocessing on filtered and calibrated multi-source heterogeneous sensor data.

[0043] The MCU internally sets up three data queues: a high-priority queue (core voltage, CPU temperature), a medium-priority queue (VPX power supply voltage, bridge temperature), and a low-priority queue (FRU static information, ambient temperature). After each sampling cycle, the MCU compares the filtered data with its preset threshold. The threshold uses a tiered mechanism; for example, for CPU temperature, a warning threshold T is set. warn With protection threshold T prot T prot >T warn When data exceeds the warning threshold, the MCU generates a warning flag; when it exceeds the protection threshold, it directly generates an emergency event flag and immediately triggers the fault handling process in subsequent steps, without waiting for the main processor to respond. Data hierarchical preprocessing is implemented using a state machine, with states including normal, warning, and alarm, each corresponding to a different processing strategy.

[0044] The purpose of step S13 is to classify the data into different priorities based on the importance and change characteristics of the collected data, and to make a preliminary threshold judgment to achieve low-latency anomaly identification.

[0045] Step S2: Establish a trusted chain with the TCM trusted cryptographic module as the root of trust and obtain the trust measurement results.

[0046] In this embodiment, step S2 may specifically include the following steps: S21, during the initial power-on phase of the system, performs two-way authentication between the BMC management unit and the TCM trusted card to establish a trusted management channel.

[0047] After the system powers on, the BMC (such as GD32F103) first establishes communication with the TCM trusted card via the SPI bus. The BMC generates a random number R. BMC The random number is then sent to the TCM, which uses its internally stored private key to sign the random number and returns the signature value S. TCM =Sign TCM (R BMCBMC verifies the signature using a public key pre-installed in its internal flash memory. Conversely, TCM generates a random number R. TCM It is then sent to the BMC, which signs it using its internal key and returns an S. BMC =Sign BMC (R TCM This data is then used for TCM verification. After successful two-way authentication, a trusted session is established between TCM and BMC, and all subsequent measurement data is transmitted encrypted through this session. This process uses the SM2 elliptic curve public-key cryptography algorithm to ensure the non-repudiation and man-in-the-middle attack prevention capabilities of the authentication process.

[0048] The purpose of step S21 is to perform mutual authentication between the BMC management unit and the TCM trusted card during the initial power-on phase of the system.

[0049] S22 establishes a multi-level trusted measurement chain, measuring the integrity of the BIOS, bootloader, kernel image, and drivers level by level during the boot process to ensure that only certified components are loaded and executed.

[0050] After the Phytium D2000 processor powers on, the BMC controls the reset logic to keep the processor in a reset state. The BMC then uses the TCM to measure the BIOS firmware stored in the SPI Flash. The measurement employs the SM3 cryptographic hash algorithm to calculate the hash value H of the firmware image. BIOS =SM3(BIOS img ), and compared with the reference value H stored internally by the TCM. BIOS,ref The comparison is performed. If they match, the BMC releases the processor reset, allowing the BIOS to execute. During the BIOS boot process, the UEFI bootloader, kernel image, and initrd filesystem are measured sequentially through the TCM's extended measurement mechanism. The measurement results are extended to the TCM's platform configuration registers. The measurement formula is: PCR new =SM3(PCR old || H component ), among which, PCR new Configure register values ​​for the updated platform, PCR old H is the original value. component Here, || represents the hash value of the current component. This formula uses chained hashing to ensure the accumulative and irreversible nature of the platform state; any change to any component will result in a different final PCR value.

[0051] The purpose of step S22 is to establish a multi-level trusted measurement chain during the boot process.

[0052] S23 periodically measures system files, applications, and dynamic libraries during system operation.

[0053] The BMC's internal timer operates on a 10-second cycle. Through an agent driver deployed on the operating system side, it retrieves a list of critical system files (such as core files in the / bin, / sbin, and / lib directories), reads the file content via DMA, and calculates a real-time hash value using the TCM, comparing it to a baseline value. Since the BMC communicates with the main processor system via a PCIe bridge chip (Phytium X100), the BMC directly reads memory space by configuring the PCIe BAR space, avoiding CPU resource consumption. If a hash value inconsistency is detected, the BMC immediately records the abnormal event and executes the appropriate action according to preset policies (such as alarm only, blocking subsequent access, or triggering a system restart). Simultaneously, the BMC reports the abnormal information to the remote management platform through the management channel. Periodic measurements employ a sliding window mechanism to ensure visualization of the system's trusted state throughout its entire lifecycle.

[0054] The purpose of step S23 is to detect runtime tampering or malicious code injection in a timely manner by performing periodic measurements of critical runtime files.

[0055] The purpose of step S2 is to establish a trusted chain with the TCM trusted cryptographic module as the root of trust, and to measure the system firmware, boot program and key components step by step from the hardware bottom layer to ensure the security and trustworthiness of the system startup and running environment.

[0056] Step S3: Based on system health data and reliability measurement results, multi-level decision-making and real-time fault handling are carried out through a hierarchical decision-making model.

[0057] In this embodiment, step S3 may specifically include the following steps: S31 classifies hardware-level faults into severe faults and mild to moderate faults. Based on system health data and reliability measurement results, the BMC performs hardware-level protection processing for severe faults.

[0058] The BMC integrates hardware comparators and programmable logic units. For core voltage monitoring, a window comparator is used to set the upper voltage limit V. max With lower limit V min When the ADC sampled value exceeds the window range, the comparator directly outputs a high level, triggering an external interrupt from the BMC. The BMC interrupt service routine executes with the highest priority, immediately controlling the power management module to shut down the corresponding power rail via GPIO, while simultaneously latching the fault status into a non-volatile register and indicating it via a flashing alarm LED on the front panel. For CPU temperature, when it exceeds the protection threshold T... prot At this time, the BMC does not wait for the operating system to respond, but directly sends the PROCHOT# signal to the processor through the GPIO of the Phytium X100 bridge chip, forcing the processor to reduce its frequency; if the temperature continues to rise to T maxIf this occurs, a hardware reset is triggered. The entire process is completed within the BMC firmware interrupt context, with a response time of less than 10 microseconds.

[0059] The purpose of step S31 is to enable the BMC to directly perform hardware-level protection actions for serious faults (such as CPU overheating or core voltage drop), without relying on the main processor state, and to achieve microsecond-level response.

[0060] For S32, in the case of mild to moderate faults, the BMC makes decisions in collaboration with the main processor through the management channel, and executes degraded operation or service migration strategies.

[0061] The BMC (Browser Control Center) and the main processor's operating system interact via a shared memory region. This shared memory resides in the Phytium D2000 memory space and is accessed by the BMC through PCIe address mapping. The BMC writes fault classification information to a specific area of ​​the shared memory and simultaneously sends an SCI (System Control Interrupt) to the processor. Upon receiving the interrupt, the BMC driver in the operating system reads the fault information and calls the PM (Processing Manager) interface defined by ACPI (Advanced Processing Interface) to perform coordinated handling. For example, when a temperature warning is issued, the operating system dynamically adjusts the CPU scheduling strategy, limiting the maximum frequency and disabling non-core peripherals; when a single-bit ECC error in memory exceeds the threshold, the operating system marks the corresponding memory page and migrates the data. Coordinated decision-making uses a finite state machine model, with states including normal, restricted operation, maintenance mode, and shutdown protection. Each state has clearly defined entry and exit conditions. The BMC and operating system maintain synchronization through a heartbeat mechanism, ensuring that the BMC can take over handling when the operating system is unresponsive.

[0062] The purpose of step S32 is to perform system-level coordinated fault handling for minor and moderate faults (such as warning temperature or memory ECC errors).

[0063] S33 allows for remote and dynamic adjustment of fault thresholds, handling strategies, and log reporting rules via a management interface.

[0064] The BMC internally runs a lightweight IPMI protocol stack, supporting both IPMI over I²C (via the IPMB bus) and IPMI over LAN (via the WX1860 network card virtual management interface). Administrators can modify the threshold configuration table via IPMI commands. The threshold table is stored in EEPROM, and the BMC dynamically loads the latest configuration in each data collection cycle. Disposal strategies are implemented using a rule engine with the rule format: IF (sensor_type, condition, value) THEN (action), where condition includes greater than, less than, and rate of change, and action includes logging, alarms, reset, shutdown, and frequency limiting. The rule engine uses chained matching and supports up to 64 rules. After each data update, the BMC traverses the rule table and executes matching rules. Dynamic configuration updates are achieved through a real-time operating system task within the BMC; configuration changes take effect immediately without requiring a BMC restart.

[0065] The purpose of step S33 is to dynamically configure management strategies to adapt to the reliability requirements of different application scenarios.

[0066] The purpose of step S3 is to maximize system availability by using a hierarchical decision-making model to achieve multi-level fault handling, from rapid response at the local hardware level to collaborative handling at the system level, based on the collected health data and reliability measurement results.

[0067] Step S4: Build an independent management channel that is physically or logically isolated from business data.

[0068] In this embodiment, step S4 may specifically include the following steps: S41 establishes a physical isolation channel between the BMC and the VPX backplane management controller via IPMB, enabling chassis-level management information exchange.

[0069] Utilizing the IPMB_A and IPMB_B buses on the VPX connector P0, and employing the I²C physical layer protocol, it operates at a rate of 100kHz. The BMC's I... 2The C interface connects to the IPMB bus via a second level conversion module. This module uses a PCA9515A bidirectional level converter to achieve isolation and enhanced drive between the 3.3V (BMC side) and the 3.3V auxiliary power supply (VPX management side). The IPMB bus conforms to the IPMI v2.0 specification. The BMC, acting as a slave device, responds to requests from the chassis management controller, reporting sensor data, FRU information, and event logs from its own card. Simultaneously, the BMC can also act as a master device, proactively sending event messages, such as overheat alarms, to the chassis management controller. The physical isolation characteristics of the IPMB bus ensure that even if the main processor power supply fails, as long as the VPX auxiliary power supply (+3.3V_AUX) is normal, the BMC can still report the fault status via IPMB.

[0070] The purpose of step S41 is to enable chassis-level management information exchange by constructing a physically isolated IPMB management bus.

[0071] S42 uses a network interface card to provide an independent management network channel for the BMC.

[0072] The WX1860AL4-B is a four-port Gigabit Ethernet controller that supports SR-IOV (Single Root Input / Output Virtualization) technology. The BMC connects to the WX1860 via a PCIe interface, configuring the network interface card's physical functions to be allocated to the main processor, while creating a virtual function specifically for BMC management communication. The BMC integrates a lightweight TCP / IP protocol stack, supporting IPv4 / IPv6 networks. The management network interface is configured with an independent IP address, located in a different network segment or isolated via VLAN from the service network IP address. Even when the main processor's operating system crashes or the network driver malfunctions, the virtual function managed by the BMC remains operational, allowing remote access, log retrieval, and remote reset operations via a dedicated network channel. This is achieved by configuring the WX1860's VF (Virtual Function) via the PCIe configuration space during BMC initialization, assigning a MAC address and transmit / receive queues, and then configuring the physical layer chip via the MDIO interface to ensure the management network physical link remains active.

[0073] The purpose of step S42 is to construct a virtualized management network and, by utilizing the virtualization function of the WX1860 network card, provide an independent management network channel for the BMC without affecting business data communication.

[0074] S43 provides unified authentication and hierarchical access control for access through different management channels.

[0075] The BMC implements a role-based access control model. User roles are divided into administrator, operator, and auditor, corresponding to full permissions, view-only permissions, and log-only permissions, respectively. Authentication uses SM3 hashing with salt; the password is stored in EEPROM after being hashed by SM3. The authentication process is as follows: after a user initiates a connection through any management interface, the BMC generates a random challenge value, the user calculates Hash(password, salt, challenge) and returns it, and the BMC verifies its consistency. Multiple accesses are uniformly scheduled through the BMC's internal session management module. Each session is assigned a unique ID, and its source interface, timestamp, and operation log are recorded. Critical operations (such as reset and configuration modification) require a double confirmation mechanism, i.e., confirmation through at least two management interfaces (such as IPMB and debug serial port) before execution, preventing direct control of the device if a single interface is compromised.

[0076] The purpose of step S43 is to perform unified authentication and permission classification for access through different management channels (IPMB, management network port, debug serial port), prevent unauthorized access and misoperation, and perform multi-access isolation and permission control.

[0077] The purpose of step S4 is to build an independent management channel that is physically or logically isolated from business data, so as to ensure that management instructions can still be reliably issued and status information can be stably reported when the business system is abnormal.

[0078] Step S5: Perform holographic recording of the system's operating status and fault tracing.

[0079] In this embodiment, step S5 may specifically include the following steps: S51 uses a circular buffer to continuously record sensor data, operation events, and status changes.

[0080] The BMC is externally expanded with a 64MB SPI NOR Flash as a black box storage area. This storage area is divided into three regions: an event log area, a sensor trend area, and a fault snapshot area. The event log area uses a FIFO structure to record all BMC operations (reset, threshold changes, authentication success / failure) and system events (temperature exceeding limits, voltage anomalies). Each log entry includes a timestamp (32 bits, the number of milliseconds since BMC power-on), event type, and event data. The sensor trend area records all voltage and temperature values ​​every minute, using a circular queue to store the data for the most recent 24 hours. Storage management employs a wear-leveling algorithm to evenly distribute write operations across the Flash storage blocks, extending their lifespan. The BMC's internal RTOS timer task periodically flushes data from the memory cache to the Flash, and during power failure, a backup capacitor powers the final batch of data forcibly written.

[0081] The purpose of step S51 is to ensure that complete data before and after the failure is saved by recording in a black box-style cyclic log.

[0082] S52 automatically captures the system state at the time of the fault when a fault is detected, forming a snapshot of the fault scene.

[0083] Fault triggering sources include voltage / temperature protection triggers detected by the BMC, main processor watchdog timeouts, and manual reset requests. Upon triggering, the BMC immediately executes the highest-priority interrupt, stops normal logging tasks, and performs snapshot capture. Snapshot content includes: real-time values ​​of all current sensors, the status of key main processor registers (obtained by reading the system management bus of the Phytium X100 bridge chip), the BMC's internal state machine status, the last 50 event log entries, and the last operating system heartbeat information obtained from shared memory. After the snapshot data undergoes integrity verification via SM3 hash calculation, it is stored in the Flash fault snapshot area, with a maximum of 10 snapshots retained using an overwrite strategy. After snapshot completion, the BMC determines whether to perform a reset or shutdown operation based on the fault type. Snapshot data can be exported through the management interface for offline analysis tools to parse.

[0084] The purpose of step S52 is to save a snapshot of the fault scene.

[0085] S53 performs time synchronization between the BMC, the main processor system, and the chassis management controller.

[0086] As the time master node, the BMC synchronizes time with the chassis management controller via the IPMB bus and with the main processor operating system via the management network. The synchronization protocol uses a simplified version of SNTP (Simple Network Time Protocol). Internally, the BMC maintains a 64-bit nanosecond-level time counter, driven by an internal 32.768kHz crystal oscillator calibrated via a digital phase-locked loop. The synchronization process is as follows: Every hour, the BMC sends an SNTP request to the main processor. The BMC driver in the main processor's operating system replies with the current system time. The BMC calculates the round-trip delay and offset, and adjusts its local time. The time offset formula is: θ = ((t1-t0)-(t3-t2)) / 2. Where t0 is the time the BMC sends the request, t1 is the time the main processor receives the request, t2 is the time the main processor sends the reply, and t3 is the time the BMC receives the reply. θ is the estimated time offset, which the BMC uses to calibrate its local clock. All timestamps written to the logs use the calibrated unified time, ensuring consistency of the timeline from the chassis level to the board level and from hardware events to the operating system logs.

[0087] The purpose of step S53 is to achieve time synchronization between the BMC, the main processor system, and the chassis management controller, ensuring that various logs can be correlated and analyzed under a unified time base.

[0088] Step S6: Based on historical operating data and the current state of the system, predict the remaining lifespan and failure probability of components through a machine learning model, and trigger pre-maintenance or dynamic reconfiguration.

[0089] In this embodiment, step S6 may specifically include the following steps: S61 extracts features from recorded historical sensor data to construct quantitative indicators that reflect the health status of components.

[0090] The BMC periodically (hourly) reads sensor trend data from the Flash memory for the most recent week and performs feature extraction internally. For voltage data, it extracts the mean μ, standard deviation σ, and maximum deviation Δ. max Features such as ripple amplitude are extracted; for temperature data, the highest temperature, temperature change rate dT / dt, and number of temperature cycles (based on rainflow counting) are extracted. A health index HI is constructed based on these features, calculated using the formula: HI = w1⋅(T ref -T avg ) / (T ref -T min )+w2⋅(1-V ripple / V ripple,max ))+w3⋅(1-N cycle / N life ), where T ref For reference to the rated temperature, T avg T represents the actual average temperature. min V is the minimum permissible temperature. ripple This is the measured value of the power supply ripple, V. ripple,max N represents the maximum permissible value for ripple. cycle N represents the number of temperature cycles that have been counted. life The design life cycle count is determined by weighting coefficients w1, w2, and w3, which are determined based on failure mode influence analysis. The HI value ranges from 0 to 1, with values ​​closer to 1 indicating higher health. This formula weighted and integrated features from multiple physical domains to intuitively reflect the overall health status.

[0091] The purpose of step S61 is to perform feature extraction and health indicator construction.

[0092] The BMC integrates a lightweight gradient boosting decision tree model, which is trained offline and then embedded in the firmware. The model input consists of the health indicator sequence HI(t), HI(t-1), ..., HI(t-29) for the past 30 days, along with features such as cumulative runtime and cumulative temperature stress. The output is the predicted remaining lifetime (RUL) in hours. The model uses the XGBoost algorithm, with a tree depth limit of 3 and a tree count of 50. The quantized model size is approximately 50KB. Prediction is performed daily during periods of low BMC load. When the predicted RUL falls below a preset threshold (e.g., 720 hours), the BMC reports an alert event through the management interface and records the prediction curve. Simultaneously, the BMC can dynamically adjust the monitoring frequency based on the prediction results, increasing the sampling density for components nearing failure. The prediction model supports online fine-tuning; administrators can upload new model files for updates via the management interface.

[0093] S62 uses a lightweight predictive model to estimate the remaining usable life of components based on historical degradation data and real-time health indicators, and issues maintenance warnings in advance.

[0094] The purpose of step S62 is to predict and provide early warning of remaining useful life.

[0095] S63, based on the health prediction results and the importance of the current system tasks, decide whether to perform dynamic system reconfiguration.

[0096] This embodiment employs a 6U VPX architecture, supporting dual redundancy. The BMC interacts with the chassis manager via the IPMB bus to obtain the status of redundant nodes in adjacent slots. When the health HI of critical components on this board (such as CPU and memory) falls below 0.3 or the RUL is less than 240 hours, the BMC triggers a dynamic reconfiguration process. First, the BMC sends a reconfiguration request to the main processor. The high availability management component in the main processor's operating system migrates running critical services to redundant boards via the VPX data channel. After the migration is complete, the main processor confirms with the BMC, and the BMC controls the power management module to perform a soft shutdown of this board. For scenarios that do not support service migration, the BMC can perform degraded operation according to preset strategies (such as task priority), shutting down non-core peripherals and maintaining only the minimum functional set. Dynamic reconfiguration decisions adopt a combination of rule-based and predictive model approaches. Rules define the corresponding actions for different health levels, while model prediction results serve as correction factors for rule triggering. The entire reconfiguration process is logged by the BMC for post-reconfiguration evaluation of the reconfiguration effect.

[0097] The purpose of step S63 is to make dynamic reconstruction decisions and execute them.

[0098] The purpose of step S6 is to predict the remaining lifespan and failure probability of components based on historical operating data and current status through machine learning models, and trigger pre-maintenance or dynamic reconfiguration, thereby realizing the transformation from passive fault response to proactive health management.

[0099] The beneficial effects of implementing this embodiment are: (1) Through the independent BMC out-of-band management architecture, the monitoring function is decoupled from the main processor hardware. When the main processor crashes or the operating system crashes, the status monitoring, fault handling and remote management can still be completed, which greatly improves the system's fault tolerance and reliability.

[0100] (2) The hardware-level emergency fault self-governance mechanism adopts independent comparators and interrupts, with a response time in the microsecond range, which is much faster than the traditional method that relies on the operating system, effectively avoiding fault propagation and providing strong real-time performance.

[0101] (3) Based on TCM, a full-chain trusted measurement system from hardware boot to runtime is constructed. Combined with SM2 / SM3 national cryptographic algorithms, it fundamentally prevents firmware tampering and malicious code injection, meets the requirements of independent and controllable security, and is safe and reliable.

[0102] (4) The black box-style circular log and fault snapshot mechanism fully records the system's status throughout its entire life cycle, providing detailed data for fault location, health assessment and accident analysis, greatly improving maintainability and making it fully traceable.

[0103] (5) Introduce health prediction and remaining life estimation based on machine learning models to realize the transformation from passive response to proactive early warning, support condition-based maintenance, reduce the risk of unplanned downtime, and enable intelligent prediction.

[0104] (6) Supports dynamic configuration of management strategies and multi-level decision-making models. Monitoring parameters and disposal strategies can be adjusted according to different application scenarios to adapt to various harsh environmental requirements, from ground industrial control to airborne and shipborne.

[0105] This invention can be used in a wide variety of general-purpose or special-purpose computer system environments or configurations. Examples include: personal computers, server computers, handheld or portable devices, tablet devices, multiprocessor systems, microprocessor-based systems, set-top boxes, programmable consumer electronics, network PCs, minicomputers, mainframe computers, and distributed computing environments including any of the above systems or devices. This invention can be described in the general context of computer-executable instructions, such as program modules, that are executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc., that perform specific tasks or implement specific abstract data types. This invention can also be practiced in distributed computing environments where tasks are performed by remote processing devices connected via a communication network. In distributed computing environments, program modules can reside in local and remote computer storage media, including storage devices.

[0106] Those skilled in the art will understand that all or part of the processes in the methods of the above embodiments can be implemented by instructing related hardware through computer-readable instructions. These computer-readable instructions can be stored in a computer-readable storage medium. When the program is executed, it can include the processes of the embodiments of the above methods. The aforementioned storage medium can be a non-volatile storage medium such as a magnetic disk, optical disk, or read-only memory (ROM), or random access memory (RAM).

[0107] It should be understood that although the steps in the flowcharts of the accompanying figures are shown sequentially as indicated by the arrows, these steps are not necessarily executed in the order indicated by the arrows. Unless explicitly stated herein, there is no strict order restriction on the execution of these steps, and they can be executed in other orders. Moreover, at least some steps in the flowcharts of the accompanying figures may include multiple sub-steps or multiple stages. These sub-steps or stages are not necessarily completed at the same time, but can be executed at different times, and their execution order is not necessarily sequential, but can be performed alternately or in turn with other steps or at least some of the sub-steps or stages of other steps.

[0108] Example 2 Further reference Figure 2 As a response to the above Figure 1 The present invention provides an embodiment of a VPX-based security monitoring device, which implements the method shown. Figure 1 Corresponding to the method embodiments shown, this device can be specifically applied to various electronic devices.

[0109] like Figure 2As shown, the VPX-based security monitoring device 70 described in this embodiment includes: a preprocessing module 71, an establishment module 72, a hierarchical module 73, an isolation module 74, a recording module 75, and a prediction module 76. Wherein: The preprocessing module 71 is used to collect data from multi-source heterogeneous sensors and preprocess the data to obtain system health data. Establish module 72 to establish a trusted chain with the TCM trusted cryptographic module as the root of trust and obtain the trust measurement results; The hierarchical module 73 is used to perform multi-level decision-making and real-time fault handling based on the system health data and the trust measurement results through a hierarchical decision-making model. Isolation module 74 is used to build an independent management channel that is physically or logically isolated from business data; Recording module 75 is used for holographic recording of system operating status and fault tracing. The prediction module 76 is used to predict the remaining lifespan and failure probability of components based on historical operating data and the current state of the system through a machine learning model, and to trigger pre-maintenance or dynamic reconfiguration.

[0110] The beneficial effects of implementing this embodiment are: high reliability, strong real-time performance, security and trustworthiness, holographic traceability, intelligent prediction capability, and flexible adaptability. Example

[0111] To address the aforementioned technical problems, embodiments of the present invention also provide an electronic device. Please refer to [link / reference needed]. Figure 3 , Figure 3 This is a basic structural block diagram of the electronic device in this embodiment.

[0112] The aforementioned electronic device 8 includes a memory 81, a processor 82, and a network interface 83 that are interconnected via a system bus. It should be noted that only the electronic device 8 with components 81, 82, and 83 is shown in the figure; however, it should be understood that it is not required to implement all the shown components, and more or fewer components can be implemented alternatively. Those skilled in the art will understand that the electronic device described here is a device capable of automatically performing numerical calculations and / or information processing according to pre-set or stored instructions, and its hardware includes, but is not limited to, microprocessors, application-specific integrated circuits (ASICs), field-programmable gate arrays (FPGAs), digital signal processors (DSPs), embedded devices, etc.

[0113] The aforementioned electronic devices can be computing devices such as desktop computers, laptops, handheld computers, and cloud servers. These electronic devices can interact with users via keyboards, mice, remote controls, touchpads, or voice-activated devices.

[0114] The aforementioned memory 81 includes at least one type of readable storage medium, including flash memory, hard disk, multimedia card, card-type memory (e.g., SD or DX memory), random access memory (RAM), static random access memory (SRAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), programmable read-only memory (PROM), magnetic memory, magnetic disk, optical disk, etc. In some embodiments, the aforementioned memory 81 may be an internal storage unit of the aforementioned electronic device 8, such as the hard disk or memory of the electronic device 8. In other embodiments, the aforementioned memory 81 may also be an external storage device of the aforementioned electronic device 8, such as a plug-in hard disk, smart media card (SMC), secure digital (SD) card, flash card, etc., equipped on the electronic device 8. Of course, the aforementioned memory 81 may also include both internal storage units and external storage devices of the aforementioned electronic device 8. In this embodiment, the aforementioned memory 81 is typically used to store the operating system and various application software installed on the aforementioned electronic device 8, such as computer-readable instructions based on the VPX security monitoring method. In addition, the aforementioned memory 81 can also be used to temporarily store various types of data that have been output or will be output.

[0115] In some embodiments, the processor 82 may be a central processing unit (CPU), controller, microcontroller, microprocessor, or other data processing chip. The processor 82 is typically used to control the overall operation of the electronic device 8. In this embodiment, the processor 82 is used to execute computer-readable instructions stored in the memory 81 or to process data, for example, to execute the computer-readable instructions of the VPX-based security monitoring method.

[0116] The aforementioned network interface 83 may include a wireless network interface or a wired network interface, which is typically used to establish communication connections between the aforementioned electronic device 8 and other electronic devices.

[0117] The beneficial effects of implementing this embodiment are: high reliability, strong real-time performance, security and trustworthiness, holographic traceability, intelligent prediction capability, and flexible adaptability. Example

[0118] The present invention also provides another embodiment, namely, providing a computer-readable storage medium storing computer-readable instructions that can be executed by at least one processor to cause the at least one processor to perform the steps of the VPX-based security monitoring method described above.

[0119] The beneficial effects of implementing this embodiment are: high reliability, strong real-time performance, security and trustworthiness, holographic traceability, intelligent prediction capability, and flexible adaptability.

[0120] Through the above description of the embodiments, those skilled in the art can clearly understand that the methods of the above embodiments can be implemented by means of software plus necessary general-purpose hardware platforms. Of course, they can also be implemented by hardware, but in many cases the former is a better implementation method. Based on this understanding, the technical solution of the present invention, or the part that contributes to the prior art, can be embodied in the form of a software product. This computer software product is stored in a storage medium (such as ROM / RAM, magnetic disk, optical disk) and includes several instructions to cause a terminal device (which may be a mobile phone, computer, server, air conditioner, or network device, etc.) to execute the methods of the various embodiments of the present invention.

[0121] Obviously, the embodiments described above are merely some embodiments of the present invention, not all embodiments. The accompanying drawings show preferred embodiments of the present invention, but do not limit the patent scope of the present invention. The present invention can be implemented in many different forms; rather, these embodiments are provided to provide a more thorough and complete understanding of the disclosure of the present invention. Although the present invention has been described in detail with reference to the foregoing embodiments, those skilled in the art can still modify the technical solutions described in the foregoing specific embodiments, or make equivalent substitutions for some of the technical features. Any equivalent structures made using the content of this specification and drawings, directly or indirectly applied to other related technical fields, are similarly within the patent protection scope of this invention.

Claims

1. A security monitoring method based on VPX, characterized in that, Includes the following steps: Collect data from multiple heterogeneous sensors and preprocess the data to obtain system health data; Establish a trusted chain with the TCM trusted cryptographic module as the root of trust, and obtain the trust measurement results; Based on the system health data and the reliability measurement results, multi-level decision-making and real-time fault handling are carried out through a hierarchical decision-making model. Build an independent management channel that is physically or logically isolated from business data; The system's operating status is recorded holistically, and faults are traced back to their source. Based on historical operating data and the current state of the system, machine learning models are used to predict the remaining lifespan and failure probability of components, and to trigger pre-maintenance or dynamic reconfiguration.

2. The VPX-based security monitoring method according to claim 1, characterized in that, The steps of collecting data from multiple heterogeneous sensors and preprocessing the data to obtain system health data specifically include: Collect data from multi-source heterogeneous sensors; The data from the multi-source heterogeneous sensors are filtered and calibrated. The filtered and calibrated multi-source heterogeneous sensor data are classified and preprocessed.

3. The VPX-based security monitoring method according to claim 1, characterized in that, The steps for establishing a trusted chain with the TCM trusted cryptographic module as the root of trust and obtaining the trust measurement results specifically include: During the initial power-on phase of the system, two-way authentication is performed between the BMC management unit and the TCM trusted card to establish a trusted management channel; Establish a multi-level trusted measurement chain to measure the integrity of the BIOS, bootloader, kernel image and drivers level by level during the boot process, ensuring that only certified components are loaded and executed; During system operation, system files, applications, and dynamic libraries are periodically measured.

4. The VPX-based security monitoring method according to claim 1, characterized in that, The steps of performing multi-level decision-making and real-time fault handling based on the system health data and the reliability measurement results using a hierarchical decision-making model specifically include: Hardware-level faults are categorized into severe faults and mild to moderate faults. Based on the system health data and the reliability measurement results, the BMC performs hardware-level protection processing for severe faults. For minor to moderate faults, the BMC will make decisions in collaboration with the main processor through the management channel, and execute degraded operation or service migration strategies. Fault thresholds, handling strategies, and log reporting rules can be dynamically adjusted remotely through the management interface.

5. The VPX-based security monitoring method according to claim 1, characterized in that, The steps for constructing an independent management channel that is physically or logically isolated from business data specifically include: A physical isolation channel is established between the BMC and the VPX backplane management controller via IPMB to enable chassis-level management information exchange; Utilize the network interface card (NIC) to provide an independent management network channel for the BMC; Unified authentication and hierarchical access control are implemented for access through different management channels.

6. The VPX-based security monitoring method according to claim 1, characterized in that, The steps for holographic recording of system operating status and fault tracing specifically include: A circular buffer method is used to continuously record sensor data, operation events, and status changes; When a fault is detected, the system state at the time of the fault is automatically captured, forming a snapshot of the fault scene; Time synchronization is performed between the BMC, the main processor system, and the chassis management controller.

7. The VPX-based security monitoring method according to any one of claims 1 to 6, characterized in that, The steps of predicting the remaining lifespan and failure probability of components based on historical operating data and the current state of the system using a machine learning model, and triggering pre-maintenance or dynamic reconfiguration, specifically include: Features are extracted from recorded historical sensor data to construct quantitative indicators that reflect the health status of components; Based on historical degradation data and real-time health indicators, a lightweight prediction model is used to estimate the remaining usable life of components and issue maintenance warnings in advance. Based on the health prediction results and the importance of the system's current tasks, a decision is made on whether to perform a dynamic system refactoring.

8. A security monitoring device based on VPX, characterized in that, include: The preprocessing module is used to collect data from multi-source heterogeneous sensors and preprocess the data to obtain system health data. Establish a module to build a trusted chain with the TCM trusted cryptographic module as the root of trust and obtain the trust measurement results; The hierarchical module is used to make multi-level decisions and real-time fault handling based on the system health data and the trust measurement results through a hierarchical decision model. The isolation module is used to build an independent management channel that is physically or logically isolated from business data; The recording module is used for holographic recording of the system's operating status and fault tracing. The prediction module is used to predict the remaining lifespan and failure probability of components based on historical operating data and the current state of the system through machine learning models, and to trigger pre-maintenance or dynamic reconfiguration.

9. An electronic device, characterized in that, The system includes a memory and a processor, wherein the memory stores computer-readable instructions, and the processor executes the computer-readable instructions to implement the steps of the VPX-based security monitoring method as described in any one of claims 1 to 7.

10. A computer-readable storage medium, characterized in that, The computer-readable storage medium stores computer-readable instructions, which, when executed by a processor, implement the steps of the VPX-based security monitoring method as described in any one of claims 1 to 7.