摘要
物联网是当前在国际上非常受关注、涉及多个学科高度交叉的前沿热点研究领域,受到国内外学术界和工业界的高度重视,被认为是对21世纪产生巨大影响力的技术之一。目前,随着物联网技术的不断发展和成熟,人们逐渐将物联网与控制系统进行有效结合,使它们充分发挥各自的优势,并广泛应用于工业制造、航空航天、轨道交通、医疗卫生、军事、灾害应急响应等领域。
物联网是一把双刃剑,它在给控制系统带来便利的同时,也带来了一些亟待解决的安全问题。长期以来,制造与生产企业的控制系统大部分是采用专用的、封闭的体系结构。然而,当控制系统与物联网相结合时,控制系统的体系结构就逐渐由封闭转向开放,工业以太网和实时以太网在控制回路中就会与远程互联,这就容易被黑客利用进行攻击。
物联网环境下,传统的信息系统安全策略无法直接应用到工业控制系统中。因此,如何保护社会各行业基础设施和国家重要战略资源的安全,尽可能地减小和降低物联网在控制安全方面对国家和社会安全造成的隐患和风险,是物联网未来大规模应用前必须解决的核心问题之一。
目前对物联网安全的研究大都关心两个要素:安全保护和隐私保护,其中安全保护是为了保护控制系统不被攻击,包括了传统安全问题考虑的一些属性,包括完整性、可用性、机密性等;隐私保护是为了保护用户信息不被攻击。但是当物联网在控制系统上做应用时,还需要考虑物联网的控制安全问题,即被控系统的安全问题。
本文就从被控系统的安全问题角度出发,研究物联网环境下的控制安全关键技术。由于物联网环境下的控制安全是一个涉及面广泛而又复杂的课题,总有可能出现与所有已知模式不完全符合的新型安全缺陷。因此,要保护物联网免受各种可能类型(包括未知类型)的控制攻击是不切实际的,有效的防御措施是通过运用合理的安全性原则来避免物联网系统陷入容易被攻击的状况。所以,在研究具体的关键技术之前,本文首先提出了物联网环境下的控制安全应该遵循的基本原则,具体包括:综合防范原则、适度防范原则、异构冗余原则、适度分权原则、回路截断原则和最坏假定原则。
要研究物联网环境下的控制安全关键技术,首先需要系统地、全面地分析物联网控制系统存在的安全问题,在有一个整体的认识之后,再对系统存在的每一种安全隐患研究相应的防御方法。从这个思想出发,本文首先研究了物联网环境下的通用控制系统安全模型,以该模型为基础,论文分别从来源安全、传输安全、算法安全及系统安全四个方面分别研究了一项物联网环境中的控制安全关键技术。论文的主要工作及创新点如下:
(1)建立了物联网环境下的通用控制系统安全模型S-IoTC,为工业控制系统的安全研究提供了有力的理论基础支撑。论文通过分析面向工业控制的物联网的特点,提出了面向工业控制的物联网的标准体系结构。在标准体系结构的基础上,从被控系统的安全问题角度出发,通过分析物联网环境下控制系统面临的干扰因素,并经过形式化处理,提出了物联网环境下的通用控制系统模型IoTC及通用控制系统安全模型S-IoTC。论文详细论述了安全模型S-IoTC的组成部分以及典型的实现流程和算法。
(2)提出了基于双向认证机制的数据来源安全防范方法,可以有效保障物联网控制环境下的数据来源安全。论文针对来源安全问题研究了物联网控制系统的双向认证机制,通过分析已有的基于询问-响应的RFID(Radio Frequency IDentification)认证协议应用于物联网控制系统这一特殊环境中的不足之处,提出了改进措施,并提出了一种适合物联网控制环境下,设备与设备或者设备与被控设备之间的双向认证机制。论文对该机制的认证过程进行了描述,给出了该机制的形式化定义和认证模型,对认证过程中的主要场景进行了数学描述。另外,论文还提出了在确保身份认证的基础上,进一步通过对位置信息认证和控制命令内容识别来保证系统安全的思想。并以震网病毒作为案例,利用本文的认证机制,给出了预防震网病毒的三种解决方案,验证了本文提出的认证机制的可用性。
(3)提出了一种基于节点响应时间的带宽消耗攻击多等级检测预警模型,能够快速发现被攻击的节点,并能对物联网的数据传输态势进行有效预测。论文针对传输安全问题研究了应用于无线传感器网络带宽消耗攻击的多等级检测预警模型。首先依据节点响应时间在攻击发生前后的变化情况,提出了一种基于节点响应时间的带宽消耗攻击检测算法,用于检测受到带宽消耗攻击的节点。在检测算法的指导下,构建了针对带宽消耗攻击的监测分析预警模型,并在现有的实验环境下,对该模型进行了仿真实验。实验结果表明检测预警模型可以高效地侦测到带宽消耗攻击并及时发出告警信息。另外,论文还给出了针对不同等级的告警应该采取的应对措施,从而降低攻击造成的损失。
(4)提出了一种面向物联网控制的高阶表决算法。论文针对算法安全研究了面向工业控制物联网的算法冗余设计方法,论述了算法级异构冗余的重要性。对常用的多数表决算法进行了改进,提出了一种改进的多数表决算法,并通过实验与标准多数表决算法、中值表决算法进行对比,证明了改进算法有更高的正确率与输出效率。文中还进一步提出了二次异构表决的高阶表决算法,可以进一步提高表决结果的正确率,为以后的容错仲裁模块设计提供了理论依据。论文将冗余设计应用在动车事故和法航飞机失事的解决方案中。
(5)提出了基于仿真的复杂系统安全保障机制。论文针对系统安全研究了复杂系统的仿真与实时评估方法,提出了基于仿真的复杂系统安全保障机制。评估的流程主要包括实际系统和仿真系统的状态采集、对采集的状态信息进行实时评估、对评估结果的判定、同步仿真系统等。对于实时评估的过程,在原有成熟的度量方法的基础上进行改进,提出了相异系数的度量方法。对评估结果的判定过程设计了两种方法,一种是设定一个安全阈值,另一种是对评估的结果进行安全等级的判定。在仿真的过程中,为防止误差积累带来的安全问题,指出了同步仿真系统的重要性。
综上所述,本文从物联网环境下控制安全问题出发,研究了物联网环境下控制安全的五个关键技术。论文创新点包括:建立了物联网环境下的通用控制系统安全模型S-IoTC;提出了基于双向认证机制的数据来源安全防范方法;提出了一种基于节点响应时间的带宽消耗攻击多等级检测预警模型;提出了一种面向物联网控制的高阶表决算法;提出了基于仿真的复杂系统安全保障机制。这些研究成果可以作为震网病毒、动车事故及法航飞机失事等几个重大事件的解决方案,说明本文提出的研究成果具有较好的实用性。本文的研究成果在科学研究和工程领域中具有重要的理论价值和实用价值。
Nowadays, the Internet of Things (IoT) has become one of most hot issues in the world. IoT actually stands on the intersection of a variety of sciences and technologies, which non-doubtfully drawn a great attention from experts of both academic R&D and industrial application. IoT was also regarded as one of the most advanced technology in the21century to change the world. With the developments of technology, people tend to combine IoT with control systems efficiently so that it can be used in a variety of industries such as manufacturing, aerospace, rail transportation, health care, military, disaster emergency response and etc.
Each coin has its two sides, so does IoT. While enjoying the benefits from IoT, people are becoming more and more concerned about its security. In the past, it was a closed and dedicated framework that was applied in control systems. When combining with IoT, however, the control system was challenged with an exposure to open environments rather than previous closed circumstance. For instance, Industrial Ethernet and real-time Ethernet may be linked with a remote internet in the control loop. The exposure risks become very high thanks to the hacker's attack becomes easier in an open environment.
Now that the traditional IT security technology can not be directly applied in IoT environment, here come the critical questions:How to protect the vast infrastructures and secure the strategic resources, How to reduce the exposure risks and the relevant impacts from IoT. Such issues must be highly addressed before IoT was widely used.
The prevailing studies on IoT security issue mainly focused on two elements: system protection and privacy protection. The former protects the control system from being attacked. The latter protects user's information from being attacked. For system protection, some traditional security technologies remain valuable with its attributes such as integrity, availability, confidentiality and etc. However, when control system was combined with IoT, not only the control system itself but also the target we want to control in IoT should be protected. That means a broad demand of control security became necessary.
Based on above concepts, this article concentrates on the key technologies of control system under IoT's environment. Considering the control security under IoT environment is a broad complex, any well-done existing technology might not be in perfect compliance with the IoT complexity. In another words, it is impractical to protect IoT from all possible types of attacks (includes unknown types of attacks). The effective defense measure is to set up reasonable security principles to avoid the system to be vulnerable. Prior to the specific study, let's highlight the basic security principles as follows:1) comprehensive precaution principle,2) appropriate precaution principle,3) heterogeneous redundancy principle,4) moderate decentralization principle,5) loop truncation principle and6) the worst-scenario assumption principle.
To study the key technologies of control security in IoT environment, a systematic troubleshooting is necessary. With a big picture well understood in mind as a whole, we can enter into the specific studies one by one. Starting from this logic, the paper firstly studies the universal control system security model of IoT's environment. Based on this model, this paper studies the key technologies of control security in four aspects:source security, transmission security, algorithm security and system security. The innovative outcomes are as follows:
(1) Sets up a universal control system security model "S-IoTC" in IoT's environment to provide a strong fundamental theory support to security research of industrial control system. By analyzing the characters of IoT industrial control, we proposed the standard architecture for IoT industrial control. On the basis of the standard architecture, and from the aspect of the controlled system security, we analyzed the destructive factors in control system under IoT environment, formalized the process, and finally proposed the universal IoT control system model "IoTC" and the universal IoT control system security model "S-IoTC". Elaborations were made for "S-IoTC" contents, its typical implement process and algorithm.
(2) Proposes the data source rejection method based on enhanced mutual authentication mechanism to effectively ensure data source security in the environment of IoT. Regarding to mutual authentication mechanism of the IoT control system, this article analyzed the shortages when the existing challenge-response Based RFID(Radio Frequency IDentification) authentication protocol under the special environment of IoT's control system. With the improvement measures, we also gave a suitable mutual authentication mechanism for the control system of the IoT. The mechanism can be used either between device-to-device or between device-to-the device which was passively controlled. The article demonstrated the identification process, made the formal definition for authentication model, and made a mathematic description for the scenario of authentication process. In addition, the paper stretched its authentication scope to ensure system security by penetrating location information identification and control command contents recognition. As a case study based on the mutual authentication mechanism in this article, we worked out three solutions for Stuxnet virus prevention, verifying the validity of the proposed authentication mechanism.
(3) Proposes a multi-level detection and early warning model based on the node response time for bandwidth consumption attack. The model can find the attacked node quickly and further effectively forecast data transmission situation of IoT. We studied the multi-level detection warning model for bandwidth consumption attack against transmission security issues in WSN. First of all, according to the node response time changes before and after the attack, the article raised a bandwidth consumption attack detection algorithm based on node response time to detect the node which was attacked by the bandwidth consumption. Secondly, guiding by the detection algorithm, we set up the analysis model for early warning and monitoring bandwidth consumption attacks. The relevant simulation was examined under the existing experimental environment, showing that the early warning detection model can efficiently detect bandwidth consumption attack and give the alarm information in time. Finally, the paper recommended one-on-one measures against the different alarm levels to reduce the impact caused by the attack.
(4) Proposes a high-valence voting algorithm for IoT's control system. Regarding to the algorithm security, we studied the algorithm redundancy design method for industrial control under IoT's environment, highlighted the importance of the heterogeneous redundancy in algorithm level, and finally improved the majority-voting algorithm. An experiment was conducted to test the improved algorithm security. By comparing the improved voting algorithm to the standard majority-voting algorithm and the median-voting algorithm, the experiment showed that the improved voting algorithm has a better performance in both correction rate and output efficiency. Besides, the paper extended the improved voting algorithm to the high-valence voting algorithm of secondary heterogeneous voting. Such high-valence voting algorithm can further improve the correction rate of the voting results. Theoretically, it will provide the basis for the design of fault-tolerant arbitration module in the future. As case study, this paper applied the redundant design idea to work out the solution for Wenzhou Express Railway Collision Accident and Air France Flight Crash.
(5) Proposes the security guarantee mechanism for complex system based on simulation. Regarding to system security, the paper studied the complex system simulation and the real-time assessment methods, and finally proposed the security guarantee mechanism under complex system based on simulation. The assessment process includes the status acquisition for both the actual system and the simulation system, the real-time evaluation for target status information, the assessment output determination, synchronization the simulation system and so on. For the real-time evaluation process, a dissimilarity coefficient measurement method was proposed to upgrade the original mature metric method. For the assessment output determination, two methods were discussed. One is to set a safety threshold, the other is to determine the security level of the assessment result. The synchronization importance was highlighted with the hope of preventing bias or error accumulation during the simulation process.
In summary, from the perspective of control security in IoT's environment, the paper studied five key technologies for control security in IoT's environment. The innovative outcomes include:sets up a universal control system security model S-IOTC in IoT's environment; proposes the data source rejection method based on mutual authentication mechanism; proposes a multi-level detection and early warning model based on the node response time in bandwidth consumption attack; proposes the high-valence voting algorithm for IoT's control system; and proposes the security guarantee mechanism for complex system based on simulation. Those study outcomes can be used in the solutions of Stuxnet virus, Wenzhou Express Railway Collision Accident and Air France Flight Crash, proving the research has good performance in feasibility. In all, the research outcomes of this paper are highly valued theoretically and practically in both the field of scientific research and industrial engineering.
引文
[1]Fallieren, Murchu O.L., Chien E. W32.Stuxnet Dossier, Symantec Security Response,2011.
[2]Matrosov A., Rodionov E., Harley D., Stuxnet Under the Microscope, ESET.
[3]Larimer J., An inside look at Stuxnet, IBM.
[4]吴功宜,吴应,物联网工程导论,机械工业出版社,2012.
[5]胡向东,魏琴芳,向敏,物联网安全,科学出版社,2012.
[6]吴大鹏,舒毅,王汝言等,物联网技术与应用,电子工业出版社,2012.
[7]徐小涛,杨志红,物联网信息安全,人民邮电出版社,2012.
[8]张飞舟,杨东凯,物联网应用与解决方案,电子工业出版社,2012.
[9]黄涛,物联网技术与应用发展的探讨,信息通信技术,2010.2,pp:9-13.
[10]付嵘,物联网共享平台中安全隐私保护的研究与实现[学位论文],北京,北京交通大学,2011.
[11]控制系统,百度百科.http://baike.baidu.com/view/57978.htm,2013.1
[12]郝成,岳树盛,计算机控制技术,电子工业出版社,2011.
[13]刘国荣,梁景凯,计算机控制技术与应用,第二版.机械工业出版社,2008.
[14]曲丽萍,白晶,集散控制系统及其应用实例,化学工业出版社,2007.
[15]国务院"7·23”甬温线特别重大铁路交通事故调查组,“7·23"甬温线特别重大铁路交通事故调查报告,2011.
[16]隐私权(美国).维基百科.http://zh.wikipedia.org/wiki/%E9%9A%B1%E7%A7%81%E6%AC%8A_(%E7 %BE%8E%E5%9C%8B),2013.3.
[17]Records Computers and the Rights of Citizens:Report of the Secretary's Advisory Committee on Automated Personal Data Systems, U.S. Department of Health, Education and Welfare, DHEW publication.
[18]PRIVACY-LAW OF CIVIL LIBERTIES,2007, pp.91.
[19]RFID与隐私权,http://www.docin.com/p-72966091.html.2013.3
[20]加利福尼亚立案规范RFID维护个人隐私权,http://tech.sina.com.cn/other/2004-02-25/1212297352.shtml,2013.3
[21]RFID安全议题,]http://www.doc88.com/p-915952262098.html,2013.3
[22]Washington State Governor Signs Anti-Skimming Law, http://blog.csdn.net/lybra/article/details/2224643,2013.3
[23]徐开,物联网的发展态势,http://cn.industrysourcing.com/page/verticalsites/news.aspx?id=252052,2012.8
[24]百度文库,关于印发《物联网“十二五”发展规划》的通知,http://wenku.baidu.com/view/ed351b5b804d2b160b4ec027.html,2013.3
[25]Roberts C, Radio frequency identication (RFID), Computers & Security,25(1), 2006, pp.18-26.
[26]Sarma S., Weis S., Engels D., RFID systems and security and privacy implications, Cryptographic Hardware and Embedded Systems-CHES 2002, pp.454-469.
[27]Weis S., Sarma S., Rivest R., et al, Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems, First International Conference on Security in Pervasive Computing,2003, pp.50-59.
[28]Henrici D., Muller P., Hash-based enhancement of location privacy for radio-frequency identification devices using varying identifiers, In Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops, IEEE Computer Society,2004, pp.149-153.
[29]Ohkubo M., Suzuki K., Kinoshita S., Hash-chain based forward-secure privacy protection scheme for low-cost RFID, In Proceedings of the SCIS,2004, pp.719-724.
[30]Machanavajjhala A., Kifer D., Gehrke J., I-diversity privacy beyond k-anonymity, ACM Transactions on Knowledge Discovery from Data (TKDD),1(1):3,2007.
[31]Molnar D., Wagner D., Privacy and security in library RFID:Issues, practices, and architectures, In Proceedings of the 11th ACM conference on Computer and Communications Security, ACM,2004, pp.210-219.
[32]Rhee K., Kwak J., Kim S., et al, Challenge-response based RFID authentication protocol for distributed database environment, Proceedings of the 2nd International Conference on Security in Pervasive Computing,2005, pp.70-84.
[33]Lee S., Hwang Y., Lee D., et al, Efficient authentication for low-cost RFID systems, Computational Science and Its Applications, International Conference on Computational Science and Its Applications (ICCSA2005). Berlin: Springer-Verlage,2005, pp.619-627.
[34]Juels A., Pappu R., Squealing Euros:Privacy protection in RFID-enabled banknotes, In Financial Cryptography, Springer,2003, pp.103-121.
[35]Saito J., Ryou J., Sakurai K., Enhancing privacy of universal re-encryption scheme for RFID tags, Embedded and Ubiquitous Computing, pp.879-890.
[36]袁珽,马建庆,钟亦平等,基于时间部署的无线传感器网络密钥管理方案,软件学报,21(3),2010,pp.516-527.
[37]马春光,尚治国,王慧强,基于区域的异构无线传感器网络密钥管理,通信学报,30(5),2009,pp.74-81.
[38]Medaglia C.M., Serbanati A., An overview of privacy and security issues in the internet of things, in:Proceedings of TIWDC 2009, Pula, Italy,2010, pp.389-395.
[39]Divyan M., Konidala, Security assessment of epcglobal architecture framework, Technical report, Auto-ID Labs,2007.
[40]王治平,刘波,王汝传等,一种基于文件共享的P2P节点认证方案,信息化研究,35(12),2009,pp.58-60.
[41]周星,卢美莲,陶徐,基于AKA的IMS接入认证机制,中兴通讯技术,13(6),2007,pp.42-47.
[42]张秋余,张启坤,袁占亭等,基于格的跨域认证联盟协议,计算机应用,27(4),pp.835-837.
[43]张娇,张玉军,张瀚文等,结合信任机制的移动Ipv6网络快速跨域认证方法,计算机研究与发展,45(6),2008,pp.951-959.
[44]何永忠,韩臻,李晓勇,不可靠信道上抗主动攻击的组播认证,电子学报,36(7),2008,pp.1249-1255.
[45]Lou W.J., Zeng K., Moran P.J., On Broadcast Authentication in Wireless Sensor Networks, Accepted, IEEE Transactions on Wireless Communications,6(11), 2007, pp.4136-4144.
[46]Medaglia C.M., Serbanati A., An overview of privacy and security issues in the internet of things, in:Proceedings of TIWDC 2009, Pula, Italy,2009.
[47]Lee Y.K., Batina L., Verbauwhede I., Privacy Challenges in RFID Systems, The Internet of Things:20th Tyrrhenian Workshop on Digital Communications,2010, pp.397-407.
[48]Eberhard G., Markus M., Fine-grained Access Control for EPC Information Services, In Christian Floerkemeier and Marc Langheinrich, editors, The Internet of Things 2008, volume 4952 of LNCS, Springer-Verlag Berlin Heidelberg,2008, pp.35-49.
[49]蒋建春,马恒太,任党恩等,网络安全入侵检测:研究综述,软件学报,11(11),2000,pp.1460-1466.
[50]何慧,张宏莉,张伟哲等,一种基于相似度的DDoS攻击检测方法,通信学 报,25(7),2004,pp.176-184.
[51]Ye N., A markov chain model of temporal behavior for anomaly detection, Proceedings of 2000 IEEE Workshop on Information Assurance and Security United States Military Academy, New York,2000, pp.171-174.
[52]Schnackenberg D., Balupari R., Kindred D., Statistical approaches to DDoS attack detection and response, Proc of DARPA Information Survivability Conference and Exposition,2003, pp.303-314.
[53]郝志宇,云晓春,张宏莉等,基于相似度的DDoS异常检测系统,计算机工程与应用,40(35),2004,pp.122-124.
[54]孙钦东,张德运,高鹏,基于时间序列分析的分布式拒绝服务攻击检测,计算机学报,28(5),2005,pp.767-773.
[55]荆小庆,王光卫,系统安全性设计原则分析,中国测试技术软件,31(1),2005,pp.78-80.
[56]ISO13335:Information technology-Guidelines for the management of IT Security-Part 1.Concepts and models for IT Security, ISO,1996.
[57]李战宝,潘卓,透视“震网”病毒,第26次全国计算机安全学术交流会,2011.9
[58]信息安全等级保护管理办法,http://baike.baidu.com/view/2821921.htm, 2012.3
[59]Yang J.C., Fang B.X., Security model and key technologies for the Internet of Things, The Journal of China Universities of Posts and Telecommunications,18, 2011.
[60]Zhou M., DiCesare F., Petri Net Synthesis for Discrete Event Control of Manufacturing Systems, Springer,1993.
[61]Proth J., Xie X., Petri Nets:A Tool for Design and Management of Manufacturing Systems. West Sussex, U.K.:Wiley,1996.
[62]Aybar, Iftar A., Deadlock Avoidance Controller Design for Timed Petri Nets Using Stretching, Systems Journal, IEEE,2(2),2008, pp.178-188,
[63]江代有,物联网体系结构、关键技术及面临问题,电子设计工程,20(4),2012,pp.143-145.
[64]孙利民,沈杰,朱红松,从云计算到海计算:论物联网的体系结构,中兴通讯技术,17(1),2011,pp.3-7.
[65]丁超,杨立君,吴蒙,IoT/CPS的安全体系结构及关键技术,中兴通讯技术,17(1),2011,pp.11-16.
[66]Tommila T., Ventao, Koskinenk, Next GenerationIndustrial Automation-Needs and Opportunities, AutomationTechnology Review,2001, pp.34-41.
[67]Logeaisg, Internet of things in the context of manufacturing, SAP Research Report.
[68]Kim H.B., Yoo M., Cho K., Application of M2M Technology to Manufacturing Systems, Information and Communication Technology Convergence,2010, pp.519-520.
[69]彭瑜,物联网技术的发展及其工业应用的方向,自动化仪表,32(1),2011,pp.1-7.
[70]王建强,物联网在感知矿山建设中的应用研究,中国安全生产科学技术,8(5),2012,pp.178-183.
[71]李楠,刘敏,严隽薇,面向钢铁连铸设备维护维修的工业物联网框架,计算机集成制造系统,17(2),2011,pp.413-418.
[72]曾韬,物联网在数字油田的应用,电信科学,(4),2010,pp.25-32.
[73]龚铁军,孙毅,蔡明明,面向智能电网的物联网架构与应用方案研究,电力系统保护与控制,39(20),2011,pp.52-58.
[74]关志涛,颜立,何杰涛等,面向智能电网的信息安全技术展望,陕西电力,38(6),2010,pp.5-8.
[75]李会平,物联网:实现中国飞跃的一次机会,创新科技,(5),2010,pp.10-12.
[76]周丽君,物联网环境中的身份认证技术研究[学位论文],北京,北京交通大学,2011.
[77]焦文娟,物联网安全—认证技术研究[学位论文],北京,北京邮电大学,2011.
[78]Sarma S.E., Weis S.A., Engels D.W., Radio frequency identification:Secure risks and challenges, RSA Laboratories Cryptobytes,6(1),2003, pp.2-9.
[79]Hjorth T., Supporting privacy in RFID system, Lyngby Denmark.IMM DTU. December 14,2004.
[80]Auto-ID Center, "860MHz-960MHz Class I Radio Frequency Identification Tag Radio Frequency & Logical communication Interface Specification Proposed Recommendation Version 1.0.0", Technical Report MIT-AUTOID-TR-007,2002.
[81]Juels A., Rivest R. L., Szydlo M, The blocker tag:Selective blocking of RFID tags for consumer Privacy. In:Proceedings of the 10th ACM Conference on Computer and Communication Security(CCS 2003), Washington,2003, pp.103-111.
[82]Ohkub M., Suzuki K., Kinoshita K., Cryptographic Approach to "Privacy-Friendly" Tags. Presented at the RFID Privacy Workshop (MIT, Cambridge, MA, Nov.15 2003).2003.
[83]Golle P., Jakobsson M., Juels A., Universal re-encryption for mixnets, In: Okamoto T., Proceedings of the Cryptographers, Track at RSA Conference 2004(CT-RSA 2004), Berlin,2004, pp.163-17.
[84]高原,基于公钥的RFID认证技术研究[学位论文],西安,西安电子科技大学,2011.
[85]EPC编码体系,http://www.epcglobal.org.cn/col_About/summarize_Build_Coding.aspx,2012.3.
[86]韩志杰,张玮玮,陈志国,基于Markov的无线传感器网络入侵检测机制,计算机工程与科学,32(9),2010,pp.27-29.
[87]田斌,无线传感器网络中攻击检测和防御技术研究[学位论文],北京,北京邮电大学,2012.
[88]陈晨,高新波,一种无线传感器网络中抵御拒绝睡眠攻击策略,江苏大学学报(自然科学版),31(5),2010,pp.570-575.
[89]周琦,无线传感器网络在工业控制领域的发展和应用,石油化工自动化,2010(3),pp.51-54.
[90]王兆红,肖孟强,李燕,刘昕,类正态分布数据云模型的预测算法,计算机应用与软件,26(9),2009,pp.78-79.
[91]陈博,大规模网络资源消耗型攻击的检测和防范方法研究[学位论文],哈尔滨,哈尔滨工业大学,2007.
[92]卢娜,WTO/TBT信息通报预警系统的设计与实现[学位论文],成都,西南交通大学,2012.
[93]郝新蓉,加快建立我国技术性贸易壁垒(TBT)预警机制,科技情报开发与经济,15(8),2005,pp.114-115.
[94]Paul R., Lovczak, Alper K., et al, A Theoretical Investigation of Generalized Voters for Redundant Systems, Proceedings of IEEE 19th International Symposium on Fault Tolerant Computing Systems,1989, pp.444-451.
[95]Latif-Shabgahi G., Bennett S., Bass J.M., Smoot-hing voter:a novel voting algorithm for handling multi-ple errors in fault-tolerant control systems, Micro-processors and Microsystems,2003, pp.303-313.
[96]张浥楠,郭平,三模冗余系统中多数表决器的改进,第十三届全国容错计算学术会议,中国计算机学会,2010,pp.27-30.
[97]张浥楠,郭平,用决策树方法优化表决器,电脑开发与应用,23(2),2010,pp.89-91.
[98]刘小雄,章卫国,李广文,电传飞行控制系统的余度设计技术,飞机设计,(1),2006,pp.35-38.
[99]陈宗基,秦旭东,高金源,非相似余度飞控计算机,航空学报,26(3),2005,pp.320-327.
[100]刘小雄,高空长航时无人机飞行控制计算机系统冗余设计技术研究[学位论文],西安,西北工业大学,2004.
[101]王道彬,陈怀民,康芳等,三余度飞控系统余度管理算法设计与实现,计算机测量与控制,15(11),2007,pp.1621-1623.
[102]胡云中,运载火箭制导系统冗余设计技术研究,航天控制,16(2),1998,pp.10-15.
[103]法航空难事故调查报告(节选),http://tech.sina.com.cn/d/2009-07-03/05513231789_2.shtml,2013.3
[104]司马贺,人工科学:复杂性面面观,上海科技教育出版社,2004.
[105]宣慧玉,张发,复杂系统仿真与应用,清华大学出版社,2008.
[106]百度百科,http://baike.baidu.com/view/7010519.htm,2013.1
[107]Boero R., Some methodological issues of agent based models in social sciences,2003.
[108]Leombruni R. The methodological status of agent-based simulations. LABORatorio R. Revelli, Working Paper No.19,2002.
[109]Leombruni R., Richiardi M., Saam N. J., et al, A common protocol for agent-based social simulation. Journal of Artificial Societies and Social Simulation,9(1),2006, pp.16-31.
[110]Kennedy J., Eberhart R., Particle Swarm Optimization, Proceedings of IEEE International Conference on Neural Networks, IV.2005, pp.1942-1948.
[111]Wagner G., Tulba F., Agent-oriented modeling and agent-based simulation, Proc. of 5th Int, Workshop on Agent-Oriented Information Systems (AOIS-2003), ER2003 Workshops, Springer-Verlag, LNCS,2003, pp. 205-217.
[112]Brian J. L. B., Kiel D., Elliott E., Adaptive agents, intelligence, and emergent human organization:Capturing complexity through agent-based modeling, PNAS 2002,99(Suppl.3),2002, pp.7187-7188.
[113]Bankes S. C. Agent-based modeling:A revolution?, PNAS 2002,99(Suppl.3), 2002, pp.7199-7200.
[114]Henrickson L., McKelvey B., Foundations of "new" social science: Institutional legitimacy from philosophy, complexity science, postmodemism, and agent-based modeling. PNAS 2002,99(Suppl.3),2002, pp.7288-7295.
[115]邓宏钟,谭跃进,迟妍,一种复杂系统研究方法一基于多智能体的整体建模仿真方法,系统工程,18(4),2000,pp.73-77.
[116]赵怀慈,黄莎白,基于Agent的复杂系统智能仿真建模方法的研究,系统仿真学报,15(7),2003,pp.910-913.
[117]黄欣荣,复杂性研究的模型方法,系统科学学报,15(3),2007,pp.12-17.
[118]王飞跃,关于复杂系统研究的计算理论与方法,中国基础科学,6(5),2004,pp.3-10.
[119]廖守亿,戴金海,复杂适应系统及基于Agent的建模与仿真方法,系统仿真学报,16(1),2004,pp.113-117.
[120]Pryor R. J., Basu N., Quint T., Development of Aspen:A microanalytic simulation model of the U.S. economy. SAND96-0434 Distribution Unlimited Release Category UC-905. Sandia National Laboratories,1996.
[121]张世伟,刁莉男.ASMEC-M:一个基于主体的市场经济模型.数量经济技术经济研究,(10),2001,pp.51-54.
[122]Arthur W. B., Holland J. H., LeBaron B., et al, Asset pricing under endogenous expectations in all artificial stock market. The Economy as all Evolving Complex System II. Addison-Wesley, Reading.1997, pp.15-44.
[123]Ilachinski A., Irreducible semi-autonomous adaptive combat (ISAAC):An artificial-life approach to land combat, Military Operations Research,5(3), 2000, pp.29-46.
[124]Thomas R., An approach to the synthesis of life, In:Artificial Life Ⅱ, Addison-Wesley,1991,pp.371-408.
[125]Pargellis A.N., Digital life behavior in the Amoeba world, Artificial Life, 7(1),2001, pp.63-65.
[126]张宇,刘雨东,计钊,向量相似度测度方法,声学技术,28(4),2009,pp.532-536.
[127]孙即祥,现代模式识别,第二版,高等教育出版社,2008.
[128]数据挖掘导论,http://book.csdn.net/bookfiles/327,2012.
[129]Tlan R.T., Xie P., Study on the standardization of similarity evaluation method of chromatographic fingerprints (Part Ⅰ). Traditional Chinese Drug Research & Clinical Pharmacology,17(1),2006, pp.40-42.
[130]胡晓军,数据采集与分析技术,第二版,西安电子科技大学出版社,2010.
[131]何正嘉,现代信号处理及工程应用,西安交通大学出版社,2007.
[132]李增芳,基于人工智能和虚拟采集技术的发动机故障诊断专家系统研究[学位论文],杭州,浙江大学,2004.
[133]交通部公路司审定,汽车综合性能检测,上海科学技术文献出版社,1999.
[134]王立大,基于网络化虚拟技术的拖拉机综合性能检测系统研究[学位论文],杭州,浙江大学,2004.