Research On Safety Mechanism And Key Technology Of CPS

With the in-depth integration of informatization and industrialization,the future manufacturing model is heading towards integration,networking,and intelligence.The emerging advanced manufacturing concepts such as smart manufacturing and green manufacturing are triggering far-reaching impact on the evolution of industrial manufacturing field.Among them,establishing cyber physical system(CPS)based on complex distributed systems,Internet of Things,big data,cloud computing,mobile internet,and other technologies to improve the flexibility,transparency,and resource utilization of the advanced equipment manufacturing process,satisfying the individualized rapid customization and safe production.CPS is becoming and important direction of the new generation of manufacturing technology.With the continuous development of CPS,the following safety issues have becoming increasingly concerning.The traditional safety assessment-analysisprotection methods are no longer suitable to the increasingly complex CPS safety issues.To this end,in this dissertation,the safety issues of CPS was firstly introduced and analyzed from the prospects of functional safety and informational security;then the conceptual evaluation standards related to functional safety and informational security were elaborated;the similarities and differences between functional safety and informational security as well as an integrated safety analysis method combining functional safety and information safety were discussed.Based on the above analysis,a model based on the combination of extended fault tree and attack tree is proposed and used to evaluate the hardware functional safety of a certain model of cyber-physical numerical control device.Aiming at the functional safety of CPS,this dissertation adopts different instantaneous fault-tolerant control technologies to ensure the functional safety of CPS at different levels.Blockchain data and transaction content are encrypted during transmission and storage,which can protect the security of CPS data.The features such as non-tamperability and traceability can provide reliable historical data sets for the fault diagnosis mechanism of CPS while protecting the data security of CPS.The blockchain can increase the usability of the CPS system due to multiple backup ledgers.These characteristics are in line with the development trend of CPS security protection mechanism.Therefore,in Chapter 5 and Chapter 6 of this dissertation,apply blockchain technology and smart contract technology were applied to the CPS security protection mechanism,and the feasibility of these two technologies in CPS security protection was proved through experiments.The main research contents and novelty of the thesis are as follows:(1)From the perspective of functional safety and information security,the safety issues of CPS were analyzed.The basic concepts such as functional safety and informational safety-related concepts,safety cycle,and evaluation standards were introduced,respectively.After that,the similarities and differences between functional safety and informational security and the feasibility of combining the two were discussed,and two integrated analysis and evaluation methods for safety are proposed.(2)Aiming at the safety issues of CPS,a comprehensive evaluation process combining functional safety and information security was formulated,an evaluation model based on the combination of extended fault tree and attack tree was proposed,and the construction process and mathematical model of the extended fault tree were introduced,the attack tree model of information security risk analysis and the fault tree model of functional safety assessment were combined as a top event affecting functional safety to increase the accuracy of the hardware functional safety assessment of CPS equipment.The complete process of the CPS hardware functional safety assessment of the above model was verified on a certain type of numerical control equipment,providing new research ideas and research methods for the analysis method of combining functional safety and information security.Functional safety-related systems need to meet the requirements of CPS for safety integrity level while performing safety functions.This dissertation took the safety alarm system of CPS CNC system as an example and examined the two cases of independent and non-independent safety functions.After analysis and discussion,the safety integrity level of the safety alarm system was obtained.(3)From the standpoint of the overall structure of CPS,the method to use faulttolerant control technology to ensure the functional safety of the system when instantaneous faults of different levels occur was studied.For the basic level,a fault detection algorithm based on Petri network was proposed.For the integration level,a transient fault-tolerant control method based on performance and function was proposed.The signed directed graph model of a small-scale intelligent production line was established and combined with the research content of the following chapters,the fault source analysis of the fault node was carried out.(4)Combined with the distributed hierarchical structure of CPS,the specific structure of the basic level and integrated level of the two-layered blocks of CPS was introduced.For the communication between devices at the basic level,a communication block and its detailed communication process were designed.A security threshold transmission mechanism with a clock was proposed to ensure both functional safety and information security.Finally,in the small smart production line introduced in Chapter 4,the rationality of the CPS safety protection mechanism based on blockchain technology was verified.While ensuring data and communication security,the application of blockchain technology can also satisfy the timeliness and scalability requirements of CPS.(5)A software design method based on functional safety of CPS was proposed.Starting from the software development stage,a functional safety-based component software development method that complies with international standards was constructed.Aiming at configurable resources,a program priority allocation method based on analytic hierarchy process and cultural algorithm was proposed.Experiments showed that this method can effectively ensure that configurable component resources can meet the safety requirements of CPS.After that,the CPS security component knowledge base was constructed,and the security component itself was described through Protégé software.(6)A safety component sharing strategy based on smart contracts was designed.While realizing dynamic and flexible identity management,it can avoid some common problems caused by traditional access control strategies and reduce economic and social costs.