75 results about "Protocol verification" patented technology

The invention discloses an automatic protocol identification method and system used in inbreak defense detect (IDS/IPS) product. Wherein, it can automatically identify the protocol type according to the initial report character in the initial period of network protocol communication, and use protocol check rule to check the protocol identified result. Said method comprises two steps as initial protocol sample character extraction and on-line protocol identification, while the first step comprises: the protocol fingerprint extraction of protocol type sample and building relative protocol check rule; the second step comprises: protocol fingerprint quick matching and protocol identification result quick check. The inventive protocol identification system comprises protocol sample character base, protocol fingerprint match engine and protocol check engine, while the protocol fingerprint match engine is based on quick Haxi list method, and the protocol check engine is based on high-efficiency virtual mode.

An implementation of a routing protocol in a device is tested by testing how the device reacts to messages and message sequences having potentially adverse conditions. Examples include messages either having a specified message size which is intentionally out-of-conformance with the routing protocol, having a repeated protocol field, absent a mandatory protocol field, or having an incorrect order of protocol fields. Examples also include message sequences having either a specific playback delay between at least one pair of adjacent protocol messages in the first sequence of protocol messages, a specific playback rate for the second sequence of protocol messages, or a modified message order.

The invention provides a safety protocol formal verification method based on model detection. In the method, an intruder model based on algorithmic knowledge logic is taken as a theoretical basis, SPIN/Promela is used to model and analyze a large number of network safety protocols, and a model detection technology is used to design and realize a network safety protocol verification model generation system. In the system, for the different types of protocols, a corresponding modeling method is provided, such as a combined identity logic modeling method, a two-channel attacker interception modeling method, an attacker knowledge base function modeling method and a four-channel parallel modeling method; the method is used for the Promela modeling of the safety protocol; and the analysis requirements of several different types of safety protocols are effectively satisfied, and for the size of an attacker knowledge base in the safety protocol, a program enumeration method is used to construct. The three optimization strategies of static analysis, syntax reordering and partial order reduction are arranged in the system so that a state explosion problem in a safety protocol model detectionprocess can be effectively alleviated.

The invention relates to a verification method of an FPGA universal configurable UART protocol based on UVM. The verification method comprises the steps of finishing an overall framework of UART protocol verification by utilizing a UVM verification platform structure and a verification idea; and setting a UART configuration type in which all the parameter information of the UART protocol is packaged, and sending the UART protocol parameter information to related parts of platforms such as a driver, a monitor and a grade recording board through a config-db mechanism provided by the UVM. During instantiation of a top layer, a universal parameter-configurable UART protocol FPGA verification platform can be realized only by setting corresponding parameter information such as a Baud rate, a data bit, a stop bit and a verification mode based on protocol requirements of a to-be-tested UART by the user. The verification method of the FPGA universal configurable UART protocol based on the UVM has the advantages of being efficient and universal. A test case meeting requirements can be generated automatically only by setting corresponding UART parameters at the top layer by an FPGA design engineer or verification engineer, and a verification environment is unnecessary to develop again, so that the verification efficiency is improved greatly.

The invention discloses an extension UML-based Web application formalization modeling and verification method, which comprises the following steps: step (1), extracting functional demands of a software system to be designed, and performing demand analysis, step (2), performing UML modeling; step (3), using XML to represent the aforementioned UML2.3 model; step (4), generating formalization description; step (5), performing security attribute verification. The invention provides a feasible method for automatic conversion from the UML2.3 model to the formalization language to expand class diagram, sequence diagram and state diagram in the UML2.3 to implement protocol verification in Web application and implement automatic conversion from the UML model to pi calculation formalization language, and greatly reduces the difficulty of carrying out formalization modelling on the protocol directly; the formalization modeling verification tool is used, and the formalization verification model isrefined; the loophole of the formalization model is detected through display of the verification result and analysis of the attack path, which facilitates quick refining of the model and efficient defect detection.

The present invention is an apparatus and a method for a safety verification system, or a safety verification management system. At railroads or construction sites, equipment, such as a piece of heavy machinery, or a locomotive engine, must be subjected to a safety protocol before authorized personnel are allowed to approach the equipment. It is essential to have independent, automatic confirmation that the safety protocol has been successfully completed. In railroad systems, a Three Step Protection Mode is often used to place a locomotive engine in safe mode. One embodiment of the present invention provides an independent, automatic verification that this safety protocol has been successfully completed and sends an audible, visual, audiovisual, or vibratory signal to remote personnel. Another embodiment tracks the relative positions of personnel and locomotives, and generates a warning when personnel are proximate to an equipment that is not in safe mode.

A method comprises operations for receiving a binary data structure including a portion representing a protocol validation specification expressed in a respective protocol validation specification language and for receiving a security policy rule having an action part specifying that the binary data structure is to be used for verifying that application protocol payload of network packets complies with the protocol validation specification. After receiving the binary data structure and the security policy rule, an operation is performed for verifying that application protocol payload of received network packets complies with the protocol validation specification. Such verifying is initiated in response to determining that the security policy rule applies to the received network packets and such verifying includes validating the application protocol payload of the received network packets against the binary data structure.

The invention discloses a Cache consistency protocol verification method and system for an on-chip multi-core processor, and a medium. The method comprises the steps of loading and executing a test program for the on-chip multi-core processor executing a Cache protocol to be verified, tracking a Cache related message of an on-chip network, and recording the life cycle of a Cache transaction through a recording board file; checking whether the running result of the test program has an error or not, if so, judging that the Cache protocol verification does not pass the test, and exiting; otherwise, checking an error scene in the execution process of the record board file positioning test program, and if the error scene is found or the record board file still has an unfinished Cache transaction, judging that the Cache protocol verification does not pass the test; otherwise, judging that the Cache protocol verification passes the test. According to the invention, an error scene can be accurately positioned in a verification process, and design vulnerabilities and errors are easy to discover.

The invention discloses a law enforcement recording system, a law enforcement recording device and a law enforcement recording method, wherein the system comprises an upper computer and a plurality of law enforcement recorders managed by the upper computer; by means of an installed management platform, the upper computer verifies the encryption protocol when a law enforcement recorder accesses the system, and provides a device selection interface for the law enforcement recorder; the law enforcement recorder verifies the encryption protocol by means of a protocol verification module when being connected with the upper computer; after the device selection interface of the management platform is selected, a command receiving module is utilized to receive the starting command of the upper computer, and a law enforcement operation command is outputted to a law enforcement recording module. The invention can use only one upper computer to manage a plurality of law enforcement recorders and then utilize the operating platform to automatically carry out various operations in batches, consequently, the management efficiency can be greatly increased, and meanwhile, the error rate also can be greatly decreased or prevented.

In order to emulate the inputs from a DHS, RTD type sensors are typically employed, externally heated, and the input provided into an interface unit. At best such an approach provides a stop-gap solution that is cumbersome and not reliably repeatable. Such temporary inputs seldom provide the equivalent communications protocol verification between the surface controller of the DHS and the external communications device. Each DHS commercially available also uses different MODBUS register addresses for the requested data, as well as a variation in the number of parameters expected from the DHS itself, ranging from 3 to 7, depending on the vendor of choice. In this new design, a number of potentiometers are used to provide a variable signal level to the microprocessor, acting as variable parameters from the downhole sensor, the settings of which can be repeated for reliable test results.

The invention discloses a controller local area network protocol verification method based on state space search. The method comprises the steps of system modeling, model pre-processing and model verification. In the modeling process, an abstract time state automat model is constructed, a state transition diagram prevents, through the utilization of the idea of dynamic planning, a state spatial graph from being generated in a redundant state. In the verification of a controller load area network software model, the state search algorithm based on decomposition is used for further optimizing the state search space of the model, the verification process of the whole system is made to be further optimized in time and space complexity, and data processed through the algorithm are output and converted into a language form which can be understood by inspection personnel easily. The controller local area network protocol verification method can be used for effectively verifying whether relevant network protocols meet requirements, and relieves the problem of state space explosion in the verification process. The space-time complexity of the system in the verification process is low.

The present invention provides a method for implementing Ethernet loaded point-to-point (PPPoE) protocol verification on the very-high speed digital user loop. The equipment distribution of terminal PPPoE can be simultaneously downward-moved, and the control message of PPPoE is processed by CPU, the service message can be processed by ASIC or FPGA. The adoption of said invented technical scheme can effectively reduce equipment cost for supporting PPPoE, at the same time the PPPoE equipment distribution can reduce the group-transmitting message copy work capacity of every PPPoE terminal equipment, so that the practical group transmission under the PPPoE mode also can be implemented.

The invention belongs to the technical field of information security, and discloses a cryptographic protocol verification method. The method comprises: in a set network environment, giving a cryptographic protocol; describing a cryptographic protocol according to the grammar and semantics of the dynamic cognitive logic; establishing a behavior model according to behavior characteristics involved in the cryptographic protocol to accurately describe protocol behaviors and a behavior execution process, wherein the protocol behavior execution process is a protocol operation process, and the process is also a process of completely formalizing the protocol; modeling a target of the cryptographic protocol, and describing a sub-target; determining whether the protocol meets the safety target or not according to analysis of the behavior model, if so, ending the protocol, and indicating that the protocol is safe. According to the invention, knowledge owned by participants in the protocol is clearly described, and the logic expression method can accurately describe each step of protocol execution; and meanwhile, the behavior model is described simply and clearly, so that the proving process is rigorous and perfect.

The invention provides a checker based on SERDES protocol verification and a functional verification system and method. The checker comprises a design module to be checked, an instruction receiving and sending module for sending instructions, a decoding module for decoding a coded data stream to be checked, a storage module for storing non-coded data, and a check module for reading the non-coded data and conducting functional verification. The method includes the steps that a data stream to be checked is received, if the data stream is coded data, decoding is conducted to obtain non-coded data and control word information contained in the code stream is output, and if the data stream is non-coded data, the data stream is directly received; the non-coded data is stored; the non-coded data is read, and functional verification is conducted on the non-coded data according to an external instruction. The checker can be reused in the data output port of any design module to be checked, supports verification of various code stream sequences or data packages in different frame formats and supports verification of coded/non-coded functional modules, the verification flexibility and different-design reusability are improved, the cost is reduced, and the function coverage of verification is increased.

The invention discloses a universal receiving method of communication data packets of an online monitoring device. The method comprises the following steps: blocking TCP service, and waiting for the connection of a remote device; opening a goroutine mechanism, blocking the reading of data packet information, parsing a data packet, performing data transmission protocol verification, parsing data, performing database table check, and storing the data; and executing a timed task, and destroying an offline client.

The invention provides an Ad-Hoc routing protocol verification method based on BeagleBone-Black. The method comprises the following steps that step 1 the system core of a useless module component is removed to be transplanted to the BeagleBone-Black system of each equipment node; step 2 a routing protocol requiring verification is transplanted to the system, and external network card parameters are configured so that the node is enabled to normally receive and transmit data; step 3 multiple equipment nodes are started to operate the routing protocol in the outdoor onsite scene, the working mode is configured as Ad-Hoc, the external sensor of the system also searches signals, the customized software is started on one node to search and forward a target host in the network, and the end-to-end transmission delay and the packet loss rate of the data are observed at the target host side through the customized software; and step 4 all the equipment nodes are started to perform testing so as to obtain the verification result. With application of the technical scheme, the equipment nodes can be brought to the onsite scene so that the authenticity and the reliability of the experimental data can be further enhanced, and the system is enabled to have great application prospect by the simple and rapid networking mode.

The embodiment of the invention discloses an automatic tool test method, device and system, and the method comprises the following steps: executing a protocol test, and generating protocol test data corresponding to a to-be-tested protocol; analyzing the protocol test data, detecting the to-be-tested tool according to the protocol test data, and generating protocol test feedback data; obtaining protocol test feedback data, comparing the protocol test feedback data with the protocol test data, and analyzing the protocol test feedback data to generate a corresponding protocol test result; verifying the protocol test result to generate a corresponding protocol verification result; when the protocol test data corresponding to the to-be-tested protocol is generated, starting to execute a function test corresponding to the current protocol test of the to-be-tested tool, and obtaining a function test result; and judging the protocol test result, the protocol verification result and the function test result, and judging that the to-be-tested tool is normal if the protocol test result, the protocol verification result and the function test result are all within corresponding threshold ranges.

The invention belongs to the field of computer security protocol verification methods, and specifically relates to a security protocol verification method taking an attacker as the center. The security protocol verification method comprises the steps of 1, setting an initial state according to a protocol verification target; 2, extracting an event to be handled in the state, sequentially judging whether the current state and the event conform to TRules or not; and performing judgment on states in a Resultstate, wherein if a certain state that attacker knowledge contains parameters required to be kept secret of a protocol exists, the state is secrecy abnormal state, and if a certain state that a protocol session scene is abnormal exists, the state is an authentication abnormal state, otherwise, the protocol design is secure. The security protocol verification method aims to consider time sequence contradiction in the state extension process, a back tracking mechanism is introduced into state extension, extended branches of invalid states do not appear in the state searching process, and the number of intermediate states is reduced; and state extension is driven by requirements of the attacker, the mode is not fixed, the number of branches is less, and the number of state spaces is reduced.