Intelligent lighting system and safety design method thereof
阅读说明:本技术 一种智能照明系统及其安全设计方法 (Intelligent lighting system and safety design method thereof ) 是由 王忠泉 于 2019-12-13 设计创作,主要内容包括:本发明公开了一种智能照明系统及其安全设计方法,包括系统智能组件和网络链路,所述系统智能组件包括中心管理服务器、照明控制器、移动控制端、路由器和若干智能灯具,若干所述智能灯具组成照明网络,所述移动控制端分别与中心管理服务器、路由器连接进行数据交换,所述照明控制器分别与中心管理服务器、路由器连接进行数据交换,照明控制器根据接收到的数据控制与其连接的各个智能灯具,所述照明控制器内设有UDP服务器,所述智能照明系统采用web登录方式进行访问和操作。本发明相较于传统照明系统,更具节能化、信息化、个性化的特点,使得高质量的可靠照明不仅可以丰富人们的生活,也可以作为智能网络中获取信息和提供服务的途径。(The invention discloses an intelligent lighting system and a safety design method thereof, wherein the intelligent lighting system comprises a system intelligent assembly and a network link, the system intelligent assembly comprises a central management server, a lighting controller, a mobile control end, a router and a plurality of intelligent lamps, the intelligent lamps form a lighting network, the mobile control end is respectively connected with the central management server and the router for data exchange, the lighting controller controls each intelligent lamp connected with the lighting controller according to received data, a UDP server is arranged in the lighting controller, and the intelligent lighting system is accessed and operated in a web login mode. Compared with the traditional lighting system, the invention has the characteristics of energy conservation, informatization and individuation, so that the high-quality reliable lighting not only can enrich the life of people, but also can be used as a way for acquiring information and providing services in an intelligent network.)
1. An intelligent lighting system comprising a system intelligence component and a network link, characterized in that: the intelligent system component comprises a central management server (1), an illumination controller (2), a mobile control end (3), a router (4) and a plurality of illumination nodes (5), wherein an illumination network is formed by the illumination nodes (5), the mobile control end (3) is respectively connected with the central management server (1) and the router (4) for data exchange, the illumination controller (2) controls the illumination nodes (5) connected with the illumination controller according to received data, a UDP server is arranged in the illumination controller (2), the intelligent illumination system is accessed and operated in a web login mode, and the mobile terminal (3) is accessed and operated through APP;
the network link comprises a wired link and a wireless link, the wired link comprises wired Ethernet connection of the lighting controller (2) and other system intelligent components, and the wireless link comprises a broadband mobile communication network, a ZigBee network, a Bluetooth communication network and a Wi-Fi communication network.
2. The intelligent lighting system according to claim 1, wherein: the lighting controller (2) controls the lighting nodes through a control mode of a wireless link or a wired link.
3. The intelligent lighting system according to claim 1, wherein: the central management server (1) comprises functional modules of user management, data management, control management, monitoring management, fault management, report management, log management and the like.
4. A security design method of the intelligent lighting system according to any one of claims 1 to 3, wherein: the overall process of the safety design method comprises central management server safety evaluation, lighting controller safety evaluation and lighting node safety evaluation, and the safety risk calculation method of the central management server, the lighting controller and the lighting node comprises the steps of calculating an implementability index, calculating an influence index, determining an influence range factor and calculating a safety risk index, respectively obtaining the safety risk rating of a single component, and finally, comprehensively obtaining the total safety risk evaluation of the intelligent lighting system by the safety risk rating of the single component.
5. The security design method of the intelligent lighting system according to claim 4, wherein: the central management server safety evaluation comprises the following procedures:
a1, calculating the implementability index,
a2, calculating the influence degree index,
a3, determining the influence range factor,
a4, calculating the safety risk index,
a5, central management server security risk rating;
the lighting controller safety evaluation comprises the following procedures:
b1, calculating the implementability index,
b2, calculating the influence degree index,
b3, determining the influence range factor,
b4, calculating the safety risk index,
b5, lighting controller security risk rating;
the lighting node safety evaluation comprises the following processes:
c1, calculating the implementability index,
c2, calculating the influence degree index,
c3, determining the influence range factor,
c4, calculating the safety risk index,
c5, lighting node security risk rating;
and integrating the results of a5, b5 and c5 to obtain the overall safety risk assessment of the intelligent lighting system.
6. The security design method of the intelligent lighting system according to claim 4, wherein: the calculation formula of the implementability index is as follows: rB=8.22×AV×AC×PR×UI;
Wherein R isERepresenting an implementability index;
AV represents an attack vector, and index values of the attack vector comprise Network (Network), Adjacent (Adjacent), Local (Local) and Physical attack (Physical);
the AC represents the attack complexity, and index values of the attack complexity comprise Low (Low) and High (High);
PR denotes the required privilege, the merit values of which include None, Low, High;
the UI represents user interaction, and index values of the user interaction include None and Required.
7. The security assessment method of an intelligent lighting system according to claim 4, wherein: the calculation formula of the influence degree index is as follows: rF=6.22×(1-(1-C)(1-I)(1-A));
Wherein R isIRepresenting an influence index;
c represents confidentiality, and index values of confidentiality comprise High (High), Low (Low) and None (None);
i represents integrity, and index values of the integrity comprise High (High), Low (Low) and None (None);
a represents availability, and the availability index values include High (High), Low (Low), None (None).
8. The security assessment method of an intelligent lighting system according to claim 4, wherein: the influence range factor is expressed by S, and index values thereof include a non-changeable range (Unchanged) and a changeable range (Changed).
9. The security assessment method of an intelligent lighting system according to claim 4, wherein: the calculation formula of the safety risk index is as follows: r ═ S × (R)I+RD);
Wherein R represents a safety risk indicator,
the calculation results of the safety risk indexes are marked as 5 safety risk grades with no (R is 0), low (R is more than or equal to 0.1 and less than 4), medium (R is more than or equal to 4 and less than 7), high (R is more than or equal to 7 and less than 9) and serious (R is more than or equal to 9 and less than or equal to 10), and if the calculation results are more than or equal to 10, the R is 10;
s is an influence range factor; rEIs an implementability index; rIIs an index of influence.
Technical Field
The invention relates to the technical field of intelligent lighting systems, in particular to an intelligent lighting system and a safety design method thereof.
Background
With the development of urban construction, urban illumination construction focuses on urban images more and more, and the requirements and the quantity of road illumination and landscape illumination are increasing continuously. Therefore, governments and citizens at all levels have higher requirements on city construction, road lighting and landscape lighting, and the modernization of city lighting management is hopefully realized, so that the city management level reaches the international leading level. In the unprecedented development of informatization, along with the emergence of new technologies such as intelligent terminals, internet of things, cloud computing and big data, smart life explained by smart cities, smart communities and smart homes becomes a fashion standard of science and technology of a new era.
The intelligent lighting system is produced in the background of the era. Compared with the traditional lighting system, the intelligent control technology adopted by the intelligent system advocates energy conservation, informatization, individuation and artistic effect of lighting, so that high-quality reliable lighting can enrich the life of people and can be used as a way for acquiring information and providing services in an intelligent network. The intelligent lighting system combines the modern communication and information technology, the intelligent terminal technology, the internet of things technology and other technologies, has powerful functions and faces new safety challenges. The server of the lighting system stores privacy information, basic lighting configuration information and the like of a user, and information leakage directly damages the privacy right of the user and does not damage the reputation of a company. Therefore, the safety and reliability of the intelligent lighting system must be guaranteed.
Disclosure of Invention
In order to solve the above problems, the present invention provides an intelligent lighting system and a safety design method thereof.
The invention adopts the following technical scheme:
an intelligent lighting system comprises a system intelligent assembly and a network link, wherein the system intelligent assembly comprises a central management server, a lighting controller, a mobile control end, a router and a plurality of lighting nodes, the lighting nodes form a lighting network, the mobile control end is respectively connected with the central management server and the router for data exchange, the lighting controller controls each lighting node connected with the lighting controller according to received data, a UDP (user datagram protocol) server is arranged in the lighting controller, the intelligent lighting system is accessed and operated in a web login mode, and the mobile terminal is accessed and operated through an APP (application);
the network link comprises a wired link and a wireless link, the wired link comprises wired Ethernet connection of the lighting controller and other system intelligent components, and the wireless link comprises a broadband mobile communication network, a ZigBee network, a Bluetooth communication network and a Wi-Fi communication network.
As a preferred technical solution of the present invention, the lighting controller controls the lighting nodes in a control manner of a wireless link or a wired link.
As a preferred technical scheme of the invention, the central management server comprises functional modules of user management, data management, control management, monitoring management, fault management, report management, log management and the like.
A safety design method of an intelligent lighting system comprises the steps of central management server safety evaluation, lighting controller safety evaluation and lighting node safety evaluation, wherein the safety risk calculation method of the central management server, the lighting controller and the lighting nodes comprises the steps of calculating an implementability index, calculating an influence index, determining an influence range factor and calculating a safety risk index, respectively obtaining safety risk ratings of single components, and finally, comprehensively obtaining the total safety risk evaluation of the intelligent lighting system through the safety risk ratings of the single components.
As a preferred technical solution of the present invention, the central management server security evaluation includes the following procedures:
a1, calculating the implementability index,
a2, calculating the influence degree index,
a3, determining the influence range factor,
a4, calculating the safety risk index,
a5, central management server security risk rating;
the lighting controller safety evaluation comprises the following procedures:
b1, calculating the implementability index,
b2, calculating the influence degree index,
b3, determining the influence range factor,
b4, calculating the safety risk index,
b5, lighting controller security risk rating;
the lighting node safety evaluation comprises the following processes:
c1, calculating the implementability index,
c2, calculating the influence degree index,
c3, determining the influence range factor,
c4, calculating the safety risk index,
c5, lighting node security risk rating;
and integrating the results of a5, b5 and c5 to obtain the overall safety risk assessment of the intelligent lighting system.
As a preferred embodiment of the present invention, the calculation formula of the implementable degree index is: rE=8.22×AV×AC×PR×UI;
Wherein R isERepresenting an implementability index;
AV represents an attack vector, the index reflects the environment in which the vulnerability exploitation becomes possible, and index values of the attack vector comprise Network (Network), Adjacent (Adjacent), Local (Local) and Physical attack (Physical);
the AC represents the attack complexity, the index describes the condition which is controlled by an attacker and must exist for implementing the vulnerability, and index values of the attack complexity comprise Low (Low) and High (High);
PR is the required privilege, which describes the level of privilege that an attacker must possess before successfully exploiting the vulnerability, with the index values of the required privilege including None, Low, High;
the UI represents user interactions that describe the requirements of a human user to successfully attack the vulnerable component in addition to an attacker's surprise, and is used to determine whether the vulnerability can be exploited at the attacker's discretion only, or must somehow participate in a separate user (or user-initiated process), with index values for user interactions including None, Required.
As a preferred technical solution of the present invention, the calculation formula of the influence degree index is: rI=6.22×(1-(L-C)(1-I)(1-A));
Wherein R isIRepresenting an influence index;
c represents confidentiality, wherein confidentiality refers to limiting information access and disclosure to authorized users and preventing unauthorized users from accessing or disclosing information, the measurement standard is used for influence of the beam on confidentiality of information resources managed by the software components due to successful utilization of the vulnerabilities, and index values of the confidentiality comprise High (High), Low (Low) and None (None);
i represents integrity, the integrity refers to credibility and accuracy of information, the measurement standard is used for measuring the influence of the successfully utilized vulnerability on the integrity, and index values of the integrity comprise High (High), Low (Low) and None (None);
a represents availability, wherein the availability refers to accessibility of information resources, the metric is used for measuring the influence on the availability of the affected components due to the successful utilization of the vulnerability, and index values of the availability comprise High (High), Low (Low) and None (None).
In a preferred embodiment of the present invention, the influence range factor is represented by S, and the index value includes a non-changeable range (unanchanned) and a changeable range (Changed).
As a preferred technical solution of the present invention, the calculation formula of the safety risk indicator is: r ═ S × (R)I+RE);
Wherein R represents a safety risk indicator,
the calculation results of the safety risk indexes are marked as 5 safety risk grades with no (R is 0), low (R is more than or equal to 0.1 and less than 4), medium (R is more than or equal to 4 and less than 7), high (R is more than or equal to 7 and less than 9) and serious (R is more than or equal to 9 and less than or equal to 10), and if the calculation results are more than or equal to 10, the R is 10;
s is an influence range factor; rEIs an implementability index; rIIs an index of influence.
The invention has the beneficial effects that:
compared with the traditional lighting system, the intelligent lighting system has the characteristics of energy conservation, informatization and individuation, so that the high-quality reliable lighting not only can enrich the life of people, but also can be used as a way for acquiring information and providing services in an intelligent network. In addition, the safety evaluation method obtains the results of safety test and safety evaluation, and a user can correspondingly improve and repair the intelligent lighting system according to the needs so as to meet the required safety requirements.
Drawings
FIG. 1 is a connection block diagram of an intelligent lighting system;
FIG. 2 is a block diagram of a lighting control flow;
FIG. 3 is a block diagram of a lighting monitoring process;
FIG. 4 is an upload fault flow diagram;
FIG. 5 is a block diagram of a request maintenance/diagnostic flow;
FIG. 6 is a block diagram of uploading service diagnostic information;
FIG. 7 is a block diagram of a service record flow;
FIG. 8 is a block diagram of a security design method flow.
The symbols in the drawings illustrate that:
1: central management server, 2: lighting controller, 3: mobile control terminal, 4: router, 5: and (4) lighting the nodes.
Detailed Description
The invention will now be described in further detail with reference to the figures and specific embodiments.
As shown in fig. 1, an intelligent lighting system includes a system intelligent component and a network link, where the system intelligent component includes a central management server 1, a
the network link comprises a wired link and a wireless link, the wired link comprises wired Ethernet connection of the lighting controller and other system intelligent components, and the wireless link comprises a broadband mobile communication network, a ZigBee network, a Bluetooth communication network and a Wi-Fi communication network.
Further, in the intelligent lighting system, the broadband mobile communication network provides a network connection service for the mobile terminal and the central management server 1. The
Further, the central management server 1 includes functional modules such as user management, data management, control management, monitoring management, fault management, report management and log management. The user can carry out effective management and maintenance through the functional modules, find equipment faults in time, carry out maintenance and management in time, guarantee the availability of the equipment and prolong the service life of the equipment. The system manages the lighting network through the web and is responsible for the functional requirements of real-time monitoring, remote control, timely dimming, lamp protection, dynamic power-saving maintenance, data collection and the like. The manager is responsible for daily management, including user management, log management, control management, data management and the like. When alarm information appears, a manager immediately carries out alarm processing, inquires fault reasons and reminds maintenance personnel to maintain faults, in addition, the maintenance personnel can obtain maintenance fault information through the system and quickly make a response to avoid serious loss caused by fault problems, and remote diagnosis can be operated through instructions or remote assistance diagnosis of a product developer is requested. Besides providing maintenance help, developers can also obtain original data of their products to improve the performance of the products and improve their products.
The intelligent lighting system can modify lighting parameter configuration, remotely control the on/off of the intelligent lamp, design the time for turning on/off the lamp every day, adjust the brightness scene of the intelligent lamp and the like. Specifically, as shown in fig. 2, the
The intelligent lighting system judges that lighting fails through abnormal data received by the intelligent assembly of the system. The operator can quickly notify the maintenance personnel to go for maintenance. Specifically, as shown in fig. 3 and 4, the abnormal data is sent to the central management server 1 by the lighting network through the wireless device, the operator requests the monitoring state from the central management server 1 at regular time, when the abnormal data occurs in the
After the intelligent lighting system is subjected to security test, a security vulnerability list is generated, and the security vulnerability needs to be comprehensively evaluated through security design so as to obtain the overall security evaluation of the intelligent lighting system. This security design employs a basic set of metrics to represent the inherent characteristics of the vulnerability, which are constant over time and throughout the user environment. It consists of two sets of metrics: an enforceability metric and an impact metric.
The enforceability index reflects the ease and technical means by which the vulnerability can be exploited, and represents a characteristic of the vulnerable thing, which is referred to as the vulnerable component. The influence metric reflects the direct consequence of a successful exploit and represents the consequence of the affected thing, called the affected component.
While the vulnerable component is typically a software application, module, driver, etc. (or possibly a hardware device), the affected component may be a software application, a hardware device, or a network resource.
Specifically, the basic equation is derived from two sub-equations: the "implementability" sub-equation and the "influence" sub-equation.
The safety design method of the intelligent lighting system comprises the steps of central management server safety evaluation, lighting controller safety evaluation and lighting node safety evaluation, wherein the safety risk calculation method of the central management server, the lighting controller and the lighting node comprises the steps of calculating an implementability index, calculating an influence index, determining an influence range factor and calculating a safety risk index, respectively obtaining the safety risk rating of a single component, and finally, comprehensively obtaining the total safety risk evaluation of the intelligent lighting system by the safety risk rating of the single component.
Further, the central management server security evaluation includes the following processes:
a1, calculating the implementability index,
a2, calculating the influence degree index,
a3, determining the influence range factor,
a4, calculating the safety risk index,
a5, central management server security risk rating;
the lighting controller safety evaluation comprises the following procedures:
b1, calculating the implementability index,
b2, calculating the influence degree index,
b3, determining the influence range factor,
b4, calculating the safety risk index,
b5, lighting controller security risk rating;
the lighting node safety evaluation comprises the following processes:
c1, calculating the implementability index,
c2, calculating the influence degree index,
c3, determining the influence range factor,
c4, calculating the safety risk index,
c5, lighting node security risk rating;
and integrating the results of a5, b5 and c5 to obtain the overall safety risk assessment of the intelligent lighting system. The overall flow for summarizing the security assessment is shown in fig. 8.
Further, the calculation formula of the implementable degree index is as follows: rE=8.22×AN×AA×PR×UI;
Wherein R isERepresents an implementability index;
the AV represents an attack vector, which reflects an environment in which exploit becomes possible, and index values of the attack vector include Network (Network), neighbor (Adjacent), Local (Local), and Physical attack (Physical). The more distance (both logically and physically) an attacker can exploit this vulnerable component, the larger the metric value (and hence the underlying score) will be. A higher base score is needed given that the number of potential attackers that can exploit this vulnerability through the network is greater than the number of potential attackers that can exploit a vulnerability that requires a physical access device. Possible values are listed in table 1.
TABLE 1
Note that: in deciding between "network" and "adjacent", if an attack can be initiated through the wide area network or from outside the logically adjacent administrative network domain, i.e. the "network" is used. The network should be used even if the attacker is required to be on the same Intranet to exploit the vulnerable system (e.g., the attacker can only exploit this vulnerability from within the corporate network).
The AC represents the attack complexity, which describes the conditions that must exist to implement the vulnerability, outside of the control of the attacker, and the index values of the attack complexity include Low (Low) and High (High). Wherein the evaluation of the index does not include any requirement for user interaction to exploit the vulnerability (such conditions are recorded in the "user interaction" index). If a particular configuration is required for the attack to succeed, the basic metrics can be scored assuming that the vulnerable component is in that configuration. The base score is greatest for the least complex attacks. Table 2 lists the possible values.
TABLE 2
PR is the required privilege, this metric describes the level of privilege an attacker must possess before successfully exploiting this vulnerability, with the base score being highest if no privilege is required. The index values of the required privileges include None, Low, and High. Table 3 lists the possible values.
TABLE 3
Note that: the following cases typically do not require privileges, hard-coded vulnerabilities (such as passwords and certificates), or vulnerabilities that require social engineering (e.g., reflected cross-site scripting, cross-site request forgery, or file parsing vulnerabilities in PDF readers).
The UI represents user interaction, and this metric describes the requirement that a human user, in addition to an attacker's surprise, participate in successfully attacking the vulnerable component, and is used to determine whether the vulnerability can be exploited at the attacker's discretion alone, or must somehow participate in a separate user (or user-initiated process), with the base score being highest when no user interaction is required. The index value of the user interaction comprises None and Required. Table 4 lists the possible values.
TABLE 4
The calculation formula of the influence degree index is as follows: rI=6.22×(1-(1-C)(1-I)(1-A));
Wherein R isIRepresenting an influence metric for evaluating the impact of a successfully exploited vulnerability on components that suffer from the worst outcomes most directly and predictably related to attacks;
c denotes confidentiality, which means limiting information access and disclosure to authorized users, and preventing unauthorized users from accessing or disclosing information, and this metric is used to measure the impact on confidentiality of information resources managed by a software component due to successful exploitation of vulnerabilities, the base score being highest when the loss of the affected part is highest. The index values of confidentiality include High (High), Low (Low), None (None). Table 5 lists the possible values.
TABLE 5
I represents integrity, which refers to the credibility and accuracy of information, and the measurement standard is used for measuring the influence of the successfully utilized vulnerability on the integrity, and when the influence on the influenced component is the highest, the basic score is the highest. Indicators of integrity include High (High), Low (Low), None (None). Table 6 lists the possible values.
TABLE 6
A represents availability, wherein the availability refers to accessibility of information resources, the metric is used for measuring the influence on the availability of the affected components due to the successful utilization of the vulnerability, and index values of the availability comprise High (High), Low (Low) and None (None). While the "confidentiality and integrity" impact metric applies to the loss of confidentiality or integrity of data (e.g., information, files) used by the impacted component, the metric refers to the loss of availability of the impacted component itself (e.g., web services) such as web, database, email). Since availability refers to the accessibility of information resources, network bandwidth is consumed, processor cycles or disk space attacks can affect the availability of affected components. The base score is highest when the impact on the affected component is highest. Table 7 lists the possible values.
TABLE 7
The influence range factor is expressed by S, and index values thereof include a non-changeable range (Unchanged) and a changeable range (Changed).
The reach factor measures whether a vulnerability in one component affects other components beyond their security scope. Formally, a security mechanism, such as that of an application, operating system, firmware, defines and enforces an access control mechanism for accessing a restricted resource, such as a file, storage, etc. All subjects and objects under the management of this security mechanism are considered to be within a secure scope. A range change occurs if the vulnerability of one insecure component can affect other components of a different security range. Intuitively, when the influence of a vulnerability exceeds the security trust boundary and affects components outside the security range, the setting range needs to be changed. The score is greatest when the range is changed. Possible values are given in table 8. The impact range factor is used to correct the risk score.
TABLE 8
The calculation formula of the safety risk index is as follows: r ═ S × (R)I+RE);
Wherein R represents a safety risk indicator,
the calculation results of the safety risk indexes are marked as 5 safety risk grades with no (R is 0), low (R is more than or equal to 0.1 and less than 4), medium (R is more than or equal to 4 and less than 7), high (R is more than or equal to 7 and less than 9) and serious (R is more than or equal to 9 and less than or equal to 10), the calculation result R is more than or equal to 10, and R is 10;
s is an influence range factor; rEIs an implementability index; rIIs an index of influence.
The values of AV, AC, PR, UI for different system intelligence components are shown in tables 9 and 10. AV, AC, PR, UI values for the central management server and lighting controllers are shown in Table 9
TABLE 9 AV, AC, PR, UI values for the central management server and lighting controllers
The values of AV, AC, PR, UI for the lighting nodes are shown in Table 10.
TABLE 10 AV, AC, PR, UI values for Lighting nodes
For different system intelligent components, the values of C, I and A are shown in tables 11 to 13.
TABLE 11C, I, A values for the Central management Server
TABLE 12 values of C, I, A for lighting controllers
Table 13C, I, a values for lighting nodes
TABLE 14 values of influence Range factors
Table 15 security risk rating table
Level of security risk
Value taking
Is free of
R=0
Is low in
0.1≤R<4
In
4≤R<7
Height of
7≤R<9
Severe severity of disease
9≤R≤10
The security risk rating indicates the security risk severity of the component, and generally the severity of the security rating has the following meaning:
severe: this vulnerability will affect the entire system and a large number of users.
-high: this vulnerability may enter the system, but may only capture a small amount of user information.
-in: fragile cases are dangerous but difficult to implement.
-low: vulnerable cases are not that dangerous and are only applicable to a single user.
-none or information: not a vulnerability, but merely an observation of possible problems.
According to the results of the safety test and the safety evaluation, the user can correspondingly improve and repair the intelligent lighting system according to the needs so as to meet the required safety requirements.
Finally, it should be noted that: these embodiments are merely illustrative of the present invention and do not limit the scope of the present invention. In addition, other variations and modifications will be apparent to persons skilled in the art based on the foregoing description. And are neither required nor exhaustive of all embodiments. And obvious variations or modifications of the invention may be made without departing from the scope of the invention.
- 上一篇:一种医用注射器针头装配设备
- 下一篇:油品电荷注入装置及其使用方法