Device for monitoring safety of automated systems. RU patent 2270478.

FIELD: electric communications, possible utilization for engineering of automated technical information protection means for monitoring safety of automated systems and operative identification of family of communication protocols TCP/IP utilized by digital communication systems and, in particular, by data transfer network of Internet type.

SUBSTANCE: device has frequency splitter, receiving memory block, subtracting counter, supporting memory blocks, decoding blocks, counters, AND elements, address receipt blocks, comparison blocks, decoders, register, indication block.

EFFECT: improved trustworthiness of detection of an attack against an automated system.

2 dwg

IPC classes for russian patent Device for monitoring safety of automated systems. RU patent 2270478. (RU 2270478):

G06F17/40 - Data acquisition and logging (for input to computer G06F0003000000)

G06F12/14 - Protection against unauthorised use of memory

Another patents in same IPC classes:

Analytical system of governmental population register / 2267809
System has three registers, three counters, block for selecting base reading address, block for signs identification, memory block, generator of reading signals for database, comparison block, control signals discriminator, block for detecting a tendency and prediction block.

System for protecting competitive offers in governmental purchases / 2265883
System has block for receiving applications for participation in competition, block for selection of support address of providers in database, block for identification of limiting values of number of competitions, block for modification of addresses of server database, block for identification of competition codes, block for identification of electronic digital signatures of providers, OR element, block for data receipt of server database, block for selecting number of competitions participants, block for controlling selection of applications, block for controlling reading and recording of database, block for launching competitions procedure, block for selecting addresses of applications of providers in database, block for identification of closed encryption keys, register and block for outputting confirmations to providers.

Aircraft electronic display complex / 2264953
Proposed complex includes two control onboard digital computers, port, central and starboard multi-functional color displays, collimator display on windshield and multi-functional control panel combined by multiplex information exchange channel, local all-round information exchange channel, first and second local radial information exchange channels, thus forming integral information system. Connected to this information system are system of mode parameter sensors, power supply system, generator subsystem and storage battery. Both onboard digital computers are connected by means of inter-computer information exchange channels. Proposed complex is also provided with TV image switching unit connected with multi-functional color displays for transmission of TV image.

Method for automatic structuring of computer codes adequate for processed information / 2257611
Method includes performing a block of operations along N1 channels, where N1 is selected from 1 to 2256, wherein received information is separated on logically finished fragments, encoded on basis of preset algorithm, to produce a block of N-dimensional sets adequate for converted source information Aj with elements like {Bm, X1, X2,...,Xn}, where j - order number of set in range from 1 to 2256, Bm - identifier, X1-Xn - coordinate of element from its coordinates center, m and n are selected from 1 to 2256; received block of sets is compared to already accumulated and/or newly produced sets from multiple channels, intersecting portions of sets are found and cut out; after that cut intersections and sets remaining after cutting are distributed among databases, placing each same set into database appropriate for it and each of sets different with some parameter to databases appropriate for them and identifiers of databases storing these sets are substituted in place of cut sets.

Hardware-software device for multichannel conversion and recording of analog signals / 2250494
For each channel device has digital signal converter, block for setting conversion digitization frequency, conversion level adjustment block, block for transferring electric signals to physical values, block for observing converted signals, block of precision of signal conversion, block of signal conversion time, block for disabling unused channels, block for synchronization of analog signals, visualization block, converted signal recording block. Device allows to convert signals of different levels, to change digitization frequency and conversion time, to disable unused channels, transfer sensors signals to physical values with consideration of sensors scales, observe signals at different scales, appropriate to levels of converted signals, to measure precision of recording of converted signals.

Device for controlling information display in remote education system / 2248605
Device has base address selector, registers, delay elements, elements of OR groups, OR elements, memory block, reverse counter, comparator.

Method for estimating trustworhiness of tolerance parameter control on basis of measurements results / 2246744
Method includes setting tolerance for controlled parameter, measuring physical value, associated with said controlled parameter, with numeric characteristic of its value, then measured value is compared to its tolerated values (tolerances for controlled parameter), and decision concerning level of match of measurement results to tolerances for parameter is taken, when determining tolerance for controlled parameter an affiliation function is set for phrase "parameter on basis of measurements in tolerance", and during taking of decision trustworthiness of phrase is evaluated, expressed in non-precise measure, as value of affiliation function, matching value of measured parameter.

Device for modeling a multimode system / 2246131
Device has control trigger, random pulse generators, block for forming program of functioning of modeled multimode system, working modes and technological mode blocks, operation time counters, random pulses generators, OR block, orders counters.

System for data transfer for governmental population recording system / 2246130
System has nine registers, four address selectors, triggers, AND elements, OR elements and delay elements.

Method for controlling information streams in digital communication networks / 2267154
Method includes recording supporting identifiers of sanctioned information streams, setting maximally allowed number of appearances of each of unsanctioned information streams, receiving serially of message packets, recording, separating identifiers from headers of these packets, comparing these to supporting identifiers, in case of match, receiving another message packet, comparison cycle is repeated, if match is not found, identifiers of stream are recorded, next identification number is assigned thereto, number of its appearances is increased by one, and assigned identifiers of another received packet after their comparison and in case of mismatch are compared to identifiers of previously recorded unsanctioned information stream, in case of match number of appearances is increased by one, in case of mismatch identifiers of this stream are recorded, it is assigned another identification number and number of its appearances is incremented by one.

Microprocessor circuit for data carrier and method for providing access to data, loaded in memory / 2266559
Circuit has at least one microprocessor, memory for operation system and at least one memory for free programming with individual side software, wherein multiple memory areas are provided with appropriate address spaces, to each of which additional mark corresponds, means, which load the mark, matched by appropriate memory area, into first auxiliary register, and mark of addressed memory area is loaded into second auxiliary register and comparison of first and second auxiliary registers is performed. To each address space of memory area at least one bit series corresponds, containing access privileges, due to which code commands and data can be protected from access for recording from other unauthorized programs.

Software masking of memorizing devices / 2265882
System has system of parallel used memorizing devices and node, programmed for identification of each memorizing device and masking access from node to at least one memorizing device. System for controlling access to multiple memorizing devices in system of memorizing devices has node, programmed for determining, whether for each of multiple memorizing devices masking should be performed relatively to node and interface for selective modification of programmed data structure. Method describes operation of system for controlling access to multiple parallel use memorizing devices by multiple computers.

Method for monitoring safety of automated systems / 2265242
Method includes considering rules of setting up and maintaining of communication session by increasing number of cached message packets and maximal allowed number of coincidences, to provide higher stability and reliability to authorized clients.

Method for calling a procedure on basis of binary stack / 2265241
After procedure call, control saving of return address in address space of calling program is performed, and prior to return from procedure, control check of return address is performed, and if values match, than transfer of control to calling software is permitted, in other cases, program, to which procedure belongs, is forcibly removed from memory of computer system.

Method for detecting remote attacks against automatized control systems / 2264649
Method includes setting a number of standards for possible attacks, minimally allowed value of likeness coefficient of compared sign fields of message packets, maximally allowed number of matches of fields of support i-numbered packet (standard) to compared fields of packet from communication channel and setting a number of matches, recording a set of support packets, containing standards of given attacks, and after receiving from communication channel of k-numbered message packet, selecting it from fields header, comparing their value to values of fields of support packets, calculating comparison coefficients, comparing them to preset value Km.min, and with ≥ Km.min recoding Km.i, appropriate for it message packet, increasing Kmi for one unit, with < Km.min, receipt of k+1 message packet, after that actions, starting from selecting fields from header of k+1 packet, are repeated until satisfying condition Kmi≥Km.iadd, after that possibility of attack going on is evaluated.

Device for preventing unsanctioned access to information, stored on personal computer / 2263950
Device has external information carrier 1, made in form of energy-independent memory, external block 2 for reading information from external information carrier, containing external contact assembly 3 for reading information from external information carrier and controller 4 for information exchange with external carrier, and, positioned on same board 5, permanent memory device 6, processor 7 of identification and authentication, controller 8 for information exchange with personal computer, local bus 9, interface block 10, energy-independent memory block 11, power control device 12, and device 13 for blocking common bus 14 for control and data exchange of personal computer.

Device for protecting information from unsanctioned access / 2263345
Device has buffer memory block, conjunction device, device for forming control commands by conjunction device, indication block, block for controlling and transforming information to encoded and decoded states, hard memory device and device for information input from keyboard.

Method for monitoring safety of automated systems / 2261472
Method includes counting rules of setting up and maintaining of communication session by increasing number of recorded message packets and using maximal allowed number of coincidences, which is necessary for stable functioning of automatic systems, including offering services to authorized clients. For monitoring sensitivity threshold is predetermined for safety monitoring system of automated system, which threshold is determined by maximal allowed number of matches and number of standards, while values of coefficients can be selected dependently on required trustworthiness of attack detection.

Processor / 2248608
Processor has bus interface device, device for selection/decoding of commands, device for dispatching/execution, program string decoding device, which string is selected from program and loaded in first levels command cash, which contains a set of N two-input elements XOR, keys memory, storing different N-bit decoding keys.

Information authentication method (variants), discs player (variants) and gaming device (variants) / 2248624
Method includes performing absolute identification for confirming legality of data carrier according to first rule in preset time. Authentication information is recorded on this data carrier in previously set position. Process of arbitrary authentication is performed for confirming legality of said data carrier in accordance to second rule in arbitrary time. First rule includes announcing confirmation of standard match, if information for authentication is detected as registered in selected preset position. Second rule in given arbitrary authentication process includes announcing standard match, if information for authentication is detected as not registered in arbitrary positions, different from given preset position.