Solutions

Industry background

Solution

  • Industrial control information security function development

    Standardize the product security development process according to the information security development process; Industrial communication protocols, such as IEC 61580, IEC 60870, Modbus, etc. are provided to provide security development solutions for communication protocols.

     

     

     

    Industrial control information security test verification

    Organize and define the information security functions and requirements of the product, and develop the corresponding verification and testing scheme. Provide industrial communication protocols such as IEC 61580, IEC 60870, Modbus, etc., provide test guidance and conformance test verification solutions.

     

     

     

  • For the purpose of building a network of vehicles safety detection and training system, a set of mature, landing, operable intelligent vehicle information security detection platform is built. Taking the vehicle-mounted information security system as the basic framework, considering the practical needs of college teaching and student information security literacy construction, etc., the company integrates the existing experience in the field of vehicle-mounted information security testing and combines vehicle safety testing and training and teaching under the simulated production environment.

    The test scheme covers vehicle and machine software, vehicle-mounted communication, intelligent terminal equipment, bus and other aspects, improves students' vehicle-mounted information security knowledge literacy in an all-round way, and helps students construct vehicle-mounted information security knowledge system framework and cultivate students' vehicle-mounted information security detection ability based on ability.

     

  • The main functions of the vehicle end are event detection and log recording, and the cloud is responsible for analyzing and analyzing the log uploaded by the vehicle. Finally, OEM or Security Operations Center (SOC) makes security decisions based on IDPS warnings reported to the cloud.

     

     

    IDS sensors, as components of IDPS, are responsible for collecting event information from ECU and the Internet of Vehicles.

    The Tbox contains a component that ACTS as a network proxy for the gateway ECU and can interact with cloud services by passing collected events or getting tokens to sign log files.

    The GATEWAY ECU deploys the IDS engine, filters all inbound traffic, and receives intrusion alerts from various IDS sensors.

     


     

  • The open reference design of the network security terminal unit is provided in conjunction with the Gelu team of Shanghai Control Security. The control part mainly USES SPC58xB series of high-performance microcontroller for car body and network connection applications from STMICROelectronics. It has the highest 2M Flash, 128K+64K RAM and the highest 120MHz PowerPC E200Z420 core. Its network connection part adopts the car-based LTE module SIM7800 based on the Qualcomm car-based high-performance processor platform launched by SIMCom. It includes high-performance ARM Cortex-A7 1.3ghz processor and version 3.18 Linux kernel, with Flash storage space of up to 100M for user programs to run. Onboard Kioxia's gauge eMMC for mass storage; On-board vehicle level SE security unit that supports national encryption algorithm.

     


    Design the system block diagram


Value advantage

  • Security development and testing capabilities

    Comply with the standard requirements and specifications of safety development and testing capabilities, enhance product safety functions, reduce the cost of development and rectification, enhance the market competitiveness.

  • Comprehensive communication protocol security development and verification capabilities

    Provide comprehensive communication protocol security development and verification capabilities, reduce the cost of security development; To quickly reduce the threshold and cost of communication security verification.

  • One-stop audit and solution

    One-stop audit and solution for multiple types of industrial control information security compliance, such as IEC 62433, ISASecure, IEC 21434, Achilles, safety inspection specifications for industrial control systems, etc.

  • Reduce the likelihood of a system being broken

    Diagnose information security risks and threats of industrial systems, reduce the possibility of system damage, and reduce possible losses.

  • combination of theory and practice

    It integrates theoretical courses and practical training experiments, reasonably plans the types of testing tools used in teaching, designs testing training courses, overcomes teaching difficulties, teaches students to understand the automobile safety testing system, accumulates practical training experience in simulated production environment, and greatly improves the training efficiency and quality in colleges and universities.

  • A practical software platform

    The development of software system adopts the open system architecture and modular design, using the concept of the middle layer, reducing the system's dependence on hardware, mainly composed of course management, online answering questions and system management, so as to make it convenient for users to use.

     

  • Value description

    Vehicle intrusion detection and defense system IDPS is an important part of vehicle information security framework, providing OTA upgrade security, system security, log storage security, off-vehicle network security, bus security and GNSS deception and other security monitoring and protection means, improving vehicle safety protection capability.

  • Support enhanced SeLinux system security reinforcement, establish a security access control mechanism at the kernel layer, and protect the system process, system files and system role permissions

      1. Process protection function: effectively deal with process counterfeiting and malicious programs such as application, Trojan horse and virus

      2. File reinforcement function: effectively deal with file tampering, program script implantation, configuration tampering, data leakage and other threats

      3. Claim limitation function: effectively deal with local overflow claim, rootkit claim and other remote software assisted claim methods

     

  • Support the deployment of IDPS intrusion detection system independently developed by Control and Security. This system supports terminal security intrusion detection and protection

      1. Security report: Provide support for TLS security protocol escalation

      2. OTA security: Provide calibration interface with OTA security upgrade scheme

      3. Log security: Provide client T-Box and cloud server security log storage protection scheme

      4. IP traffic monitoring: Linux network traffic monitoring, IP traffic for the implementation of abnormal detection function

      5. GNSS spoofing protection: GNSS spoofing signals are recognized and abnormal log records are reported

      6. Internal network traffic monitoring: packet filtering and abnormal behavior detection in bus network

      7. BLE/WLAN connection: Supports bluetooth BLE/WLAN connection exception detection

      8. Cloud anomaly detection and analysis function: Analyze the collection log and detect abnormal behaviors from the perspective of fleet management

  • Professional security consulting service team

    The security functional Safety consulting team is the only one in China with avionics system development service and airworthiness audit consulting ability. Its team members have been serving leading European aviation enterprises such as Airbus and Thales For a long time.

  • accurate

    Present the mental state and emotional state in real time;

  • Convenient

    "Platform + video surveillance system" or "portable computing device + Video capture device" can be deployed quickly. No duplication of construction, support for mobile deployment;

  • Undifferentiated intelligent analysis

    There is no need for public security feature database and cloud-assisted computing to collect, calculate and warn individuals with weak features and abnormal behaviors without appearance features in real time.

  • Quick

    Present the psychological state in real time, and issue the psychological and physiological evaluation report in 60 seconds;

  • Convenient

    "Portable computing device + video acquisition device + sufficient light" can be quickly deployed; The evaluation process does not require any interaction.

  • Effective

    Immediate assessment of the subject's current psychological state; Comprehensive analysis of the physiological conditions of the subjects can help predict symptoms such as depression and Alzheimer's disease.

  • An Effective Way to improve the production line efficiency of medium and high-end PCBA production enterprises

    At present, There are about 50,000 SMT production lines in China, and each SMT production line requires 2 AOI detection devices, while each AOI device has a demand for a PCBA iBox at the back end. Calculated at 500,000 yuan per device, it is predicted that the market will reach a total scale of 50 billion yuan, and with the continuous industrial transfer, the market is still growing.

    The PCB board optical quality inspection system can ensure that the manufacturing workshop does not stop production under the condition of no one, which is an effective way for medium and high-end PCBA manufacturers to improve the production line efficiency by improving the production yield rate, greatly reducing the number of inspection personnel and gathering training costs.