[go: up one dir, main page]

CN113434915B - Chassis intrusion status detection device and method, and edge server - Google Patents

Chassis intrusion status detection device and method, and edge server Download PDF

Info

Publication number
CN113434915B
CN113434915B CN202110711408.XA CN202110711408A CN113434915B CN 113434915 B CN113434915 B CN 113434915B CN 202110711408 A CN202110711408 A CN 202110711408A CN 113434915 B CN113434915 B CN 113434915B
Authority
CN
China
Prior art keywords
chassis
state
information
unit
power
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110711408.XA
Other languages
Chinese (zh)
Other versions
CN113434915A (en
Inventor
黄炎坡
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Sensetime Technology Co Ltd
Original Assignee
Shenzhen Sensetime Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Sensetime Technology Co Ltd filed Critical Shenzhen Sensetime Technology Co Ltd
Priority to CN202110711408.XA priority Critical patent/CN113434915B/en
Publication of CN113434915A publication Critical patent/CN113434915A/en
Priority to PCT/CN2021/134365 priority patent/WO2022267345A1/en
Application granted granted Critical
Publication of CN113434915B publication Critical patent/CN113434915B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/86Secure or tamper-resistant housings
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/81Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer by operating on the power supply, e.g. enabling or disabling power-on, sleep or resume operations

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Power Sources (AREA)
  • Alarm Systems (AREA)

Abstract

本公开实施例提供一种机箱入侵状态检测装置及方法、边缘服务器,所述装置包括:开关单元,所述开关单元的开关状态与机箱盖板的开启状态相关;信息生成单元,用于生成指定信息,在所述信息生成单元从掉电状态恢复到上电状态的情况下,所述指定信息被重置,重置后的指定信息与重置前的指定信息不一致;第一供电单元,用于经过所述开关单元向所述信息生成单元供电;控制单元,用于从所述信息生成单元读取指定信息,并基于读取到的指定信息检测所述机箱的入侵状态。

The embodiments of the present disclosure provide a chassis intrusion status detection device and method, and an edge server, wherein the device includes: a switch unit, wherein the switch status of the switch unit is related to the opening status of a chassis cover; an information generation unit, configured to generate specified information, wherein when the information generation unit is restored from a power-off state to a power-on state, the specified information is reset, and the reset specified information is inconsistent with the reset specified information; a first power supply unit, configured to supply power to the information generation unit through the switch unit; and a control unit, configured to read the specified information from the information generation unit, and detect the intrusion status of the chassis based on the read specified information.

Description

Cabinet intrusion state detection device and method and edge server
Technical Field
The disclosure relates to the technical field of chassis intrusion detection, and in particular relates to a chassis intrusion state detection device and method and an edge server.
Background
With the rise of edge computing, edge servers are becoming more and more widely used. Because of the diversified deployment scenarios of the edge server, the risk of the chassis invasion is higher than that of the traditional server, so that the chassis invasion detection is necessary. The conventional chassis intrusion detection manner is generally implemented based on a control unit such as a baseboard management controller (Baseboard Manager Controller, BMC) chip or a micro control unit (Microcontroller Unit, MCU), and a power supply module is required to supply power to the control unit. When the input power line of the power supply module is pulled out, the control unit does not work, and the intrusion detection mechanism fails.
Disclosure of Invention
The disclosure provides a chassis intrusion state detection device and method and an edge server.
In a first aspect, the disclosure provides a chassis intrusion state detection apparatus, the apparatus including a switching unit, an information generation unit configured to generate designation information, the designation information being reset when the information generation unit is restored to a powered-on state from a powered-down state, the designation information after the reset being inconsistent with the designation information before the reset, a first power supply unit configured to supply power to the information generation unit via the switching unit, and a control unit configured to read the designation information from the information generation unit and detect an intrusion state of the chassis based on the read designation information.
In some embodiments, the control unit is configured to detect an intrusion state of the chassis based on a current switch state of the switch unit in a normal operating state, and detect the intrusion state of the chassis based on the read specified information when the current switch state of the switch unit indicates that the chassis is not currently in an intruded state.
In some embodiments, the control unit is configured to detect an intrusion state of the chassis based on the read specified information during power-up.
In some embodiments, the control unit is configured to determine that the enclosure was in an intruded state if the read specification information does not coincide with the specification information before the reset.
In some embodiments, the information generating unit is a real-time clock chip, the specified information is a real-time, the real-time clock chip is used for generating a real-time based on an initial time acquired during power-up, the initial time is preset based on a current time, and in the case that the information generating unit is restored to a power-up state from a power-down state, the initial time is set to a time inconsistent with the current time.
In some embodiments, the control unit is configured to determine that the enclosure was in an intruded state if the read real-time does not coincide with the current time.
In some embodiments, the initial time is set to 0 when the information generating unit is restored from the power-down state to the power-up state, and the control unit is used for determining that the chassis is in the invaded state when the value corresponding to the year in the read real-time is smaller than the current year.
In some embodiments, the control unit is further configured to determine that the chassis is currently in an intruded state if the switch unit is currently in an open state.
In some embodiments, the control unit is further configured to jump to a secure login interface after power-on to obtain specified information input by a user through the secure login interface if it is determined that the chassis is in an intruded state, and control the chassis to start if the input specified information is legal.
In some embodiments, the control unit is further configured to jump to a secure login interface after power-on to obtain authentication information input by a user through the secure login interface when it is determined that the chassis is in an intruded state, and control the chassis to start when the authentication information is legal.
In some embodiments, the control unit is further configured to send initial information to the information generating unit after controlling the chassis to start, so that the information generating unit generates specified information based on the initial information.
In some embodiments, the control unit is a central processing unit, the first power supply unit is a real-time clock battery, the information generating unit is a real-time clock chip, and the specified information is the last two bits of year information of the current real-time.
In some embodiments, the negative electrode of the real-time clock battery is grounded, the positive electrode is connected to a power pin of the real-time clock chip through the switch unit, and is connected to an interrupt pin of the central processing unit through the switch unit, the power pin of the real-time clock chip is also connected to a system power supply of the chassis, and an I2C interface of the central processing unit is connected to a storage unit of the real-time clock chip, and is used for reading the specified information from the storage unit.
In some embodiments, during normal operation of the chassis, or during power-up of the chassis and if it has been determined that the chassis was not in an intruded state prior to power-up, a determination is made as to whether the chassis is currently in an intruded state based on the level detected by the interrupt pin.
In some embodiments, the switch unit is turned off when the chassis cover is opened, the interrupt pin detects a low level, and the central processing unit determines that the chassis is currently in an intruded state.
In some embodiments, the switch unit is closed, the interrupt pin detects a high level, and the central processing unit determines that the chassis is not currently in an intruded state when the chassis cover is closed.
In some embodiments, during the power-up process of the chassis, the central processor determines that the chassis was in an intruded state before the power-up process if the last two bits of the year information are detected to be less than a preset value.
In some embodiments, during the power-up process of the chassis, the central processor determines that the chassis is not in an intruded state before the power-up process if the last two bits of the year information detected are greater than or equal to a preset value.
In some embodiments, the device further comprises a first diode for unidirectional conduction of the electric energy provided by the first power supply unit to the information generation unit.
In some embodiments, the apparatus further comprises a second power supply unit for supplying power to the information generating unit, the switching unit being located on a different power supply branch than the second power supply unit.
In some embodiments, the device further comprises a second diode for unidirectional conduction of the electrical energy provided by the second power supply unit to the information generation unit.
In a second aspect, the present disclosure provides an edge server, including a chassis, a chassis cover plate matched with the chassis, and a chassis intrusion state detection device according to any one of the embodiments of the present disclosure.
In a third aspect, the present disclosure provides a chassis intrusion state detection method, which is applied to a control unit in an apparatus according to any one of the embodiments of the present disclosure, where the method includes reading specified information from the information generating unit, and detecting an intrusion state of the chassis based on the read specified information.
In some embodiments, the detecting the intrusion state of the chassis based on the read specified information includes detecting the intrusion state of the chassis based on the current switch state of the switch unit in a normal operation state, detecting the intrusion state of the chassis based on the read specified information in a case where the current switch state of the switch unit indicates that the chassis is not currently in an intruded state, and/or detecting the intrusion state of the chassis based on the read specified information in a power-on process.
In some embodiments, the detecting the intrusion state of the enclosure based on the read specification information includes determining that the enclosure was in an intruded state if the read specification information is inconsistent with the specification information prior to the resetting.
In some embodiments, the information generating unit is a real-time clock chip, the specified information is a real-time, the real-time is generated based on an initial time acquired when the real-time clock chip is powered on, the initial time is preset based on a current time, and in a case that the information generating unit is restored from a power-down state to a power-up state, the initial time is set to a time inconsistent with the current time.
In some embodiments, the detecting the intrusion state of the chassis based on the read specified information includes determining that the chassis was in an intruded state if the read real-time does not coincide with the current time.
In some embodiments, the initial time is set to 0 when the information generating unit is restored from the power-down state to the power-up state, and the detecting the intrusion state of the chassis based on the read specified information includes determining that the chassis was in the intruded state when the value corresponding to the year in the read real-time is smaller than the current year.
In some embodiments, the method further comprises determining that the chassis is currently in an intruded state if the switch unit is currently in an open state.
In some embodiments, the method further comprises the steps of jumping to a secure login interface after power-on under the condition that the case is in an invaded state, so as to obtain the designated information input by a user through the secure login interface, and controlling the case to start under the condition that the input designated information is legal.
In some embodiments, the method further comprises the steps of jumping to a secure login interface after power-on under the condition that the case is in an invaded state, so as to obtain verification information input by a user through the secure login interface, and controlling the case to start under the condition that the verification information is legal.
In some embodiments, the method further comprises sending initial information to the information generating unit after controlling the chassis to start, so that the information generating unit generates specified information based on the initial information.
In some embodiments, the control unit is a central processing unit, the first power supply unit is a real-time clock battery, the information generating unit is a real-time clock chip, and the specified information is the last two bits of year information of the current real-time.
In some embodiments, the detecting the intrusion state of the chassis based on the read specified information includes determining whether the chassis is currently in an intruded state based on a level detected by the interrupt pin during normal operation of the chassis or during power-up of the chassis and if it has been determined that the chassis was not in an intruded state before power-up.
In some embodiments, the switch unit is turned off when the chassis cover is opened, the interrupt pin detects a low level, and the central processing unit determines that the chassis is currently in an intruded state.
In some embodiments, the switch unit is closed, the interrupt pin detects a high level, and the central processing unit determines that the chassis is not currently in an intruded state when the chassis cover is closed.
In some embodiments, during the power-up process of the chassis, the central processor determines that the chassis was in an intruded state before the power-up process if the last two bits of the year information are detected to be less than a preset value.
In some embodiments, during the power-up process of the chassis, the central processor determines that the chassis is not in an intruded state before the power-up process if the last two bits of the year information detected are greater than or equal to a preset value.
In a fourth aspect, the present disclosure provides a chassis intrusion state detection device, which is applied to a control unit in the device according to any one of the embodiments of the present disclosure, where the device includes a reading module configured to read specified information from the information generating unit, and a detection module configured to detect an intrusion state of the chassis based on the read specified information.
In a fifth aspect, the present disclosure provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements a method as described in any of the embodiments.
In a sixth aspect, the present disclosure provides a computer apparatus comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing the method of any embodiment when executing the program.
The first power supply unit of the embodiment of the disclosure supplies power to the information generating unit through the switch unit, and the switch state of the switch unit is related to the opening state of the case cover plate. As soon as the chassis cover is opened, the switch unit is opened, so that the power supply branch between the first power supply unit and the information generating unit is disconnected, the information generating unit is powered down, and the designated information generated by the information generating unit is reset. Therefore, in the case that the power of the chassis intrusion state detection device is turned off, the specification information read by the control unit after the system is powered on is the specification information after the reset as long as the chassis is in the intruded state, and if the chassis is not in the intruded state, the specification information read by the control unit after the system is powered on is the specification information before the reset. In this way, it can be determined whether the chassis is not in an intruded state by the system in the event of a power failure.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the disclosure and together with the description, serve to explain the technical aspects of the disclosure.
Fig. 1A and 1B are schematic diagrams of a related art chassis intrusion status detection apparatus, respectively.
Fig. 2A and 2B are block diagrams of a chassis intrusion status detection apparatus according to an embodiment of the present disclosure, respectively.
Fig. 3 is a circuit diagram of a chassis intrusion status detection apparatus according to an embodiment of the present disclosure.
Fig. 4 is a circuit diagram of a chassis intrusion status detection device according to another embodiment of the present disclosure.
Fig. 5 is a flow chart of chassis intrusion status detection during normal operation of an embodiment of the present disclosure.
Fig. 6 is a flow chart of chassis intrusion status detection during power-up of an embodiment of the present disclosure.
Fig. 7 is a schematic diagram of an edge server of an embodiment of the present disclosure.
Fig. 8 is a flowchart of a chassis intrusion status detection method according to an embodiment of the present disclosure.
Fig. 9 is a block diagram of a chassis intrusion status detection apparatus of an embodiment of the present disclosure.
Fig. 10 is a schematic structural diagram of a computer device according to an embodiment of the present disclosure.
Detailed Description
Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numbers in different drawings refer to the same or similar elements, unless otherwise indicated. The implementations described in the following exemplary examples are not representative of all implementations consistent with the present disclosure. Rather, they are merely examples of apparatus and methods consistent with some aspects of the present disclosure as detailed in the accompanying claims.
The terminology used in the present disclosure is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. As used in this disclosure and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any or all possible combinations of one or more of the associated listed items. In addition, the term "at least one" herein means any one of a plurality or any combination of at least two of a plurality.
It should be understood that although the terms first, second, third, etc. may be used in this disclosure to describe various information, these information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present disclosure. The term "if" as used herein may be interpreted as "at..once" or "when..once" or "in response to a determination", depending on the context.
In order to better understand the technical solutions in the embodiments of the present disclosure and make the above objects, features and advantages of the embodiments of the present disclosure more comprehensible, the technical solutions in the embodiments of the present disclosure are described in further detail below with reference to the accompanying drawings.
The case intrusion is used to detect the case being illegally opened. Referring to fig. 1A and 1B, a conventional chassis intrusion detection apparatus generally includes a BMC chip-based detection apparatus and an MCU-based detection apparatus. In the figure, S1 and S2 represent switches, R1 and R2 represent pull-up resistors, and V1 and V2 represent voltages output by a power supply respectively, where V1 is used for supplying power to a BMC chip, and V2 is used for supplying power to a central processing unit (Central Processing Unit, CPU) of the chassis. V3 represents the voltage output by the supercapacitor.
The detection device based on the BMC chip consists of a switch S1 and a power-on circuit, wherein the power-on circuit comprises the BMC chip and a pull-up resistor R1. When the case cover plate is in a closed state, the switch S1 is closed, the level of an input signal of the BMC chip is pulled down, so that the BMC chip determines that the case is not in an invaded state currently, and when the case cover plate is in an open state, the switch S1 is opened, the level of the input signal of the BMC chip is pulled up by the pull-up resistor R1, so that the BMC chip determines that the case is in the invaded state currently. According to the scheme, the power supply is required to supply power to the BMC chip, and the BMC chip does not work and the intrusion detection mechanism fails under the condition that the power supply does not supply power to the BMC chip.
The intrusion detection mechanism of the detection device based on the MCU is similar to that of the detection device based on the BMC chip, and the difference is that the BMC chip is replaced by the MCU, and the energy consumption of the MCU is lower than that of the BMC chip, so that a super capacitor can be used as a power supply. Before the electric quantity in the super capacitor is exhausted, the MCU can obtain a stable power supply source so as to prevent the intrusion detection mechanism from being invalid. However, the super capacitor adopted in the scheme is expensive, and the intrusion detection mechanism still fails after the electric quantity of the super capacitor is consumed.
In addition, in the detection device based on the BMC chip, in order to save power, it is sometimes necessary to disconnect the power supply source from the power supply branch of the CPU. However, the intrusion detection mechanism fails when the power supply does not supply power to the BMC chip, so that a BMC chip independent of the CPU needs to be adopted, the power supply generally outputs two power supply voltages, one is used for supplying power to the BMC chip, in a normal state, the power supply can always keep outputting the power supply voltage to the BMC chip as long as the power line of the power supply is not disconnected, and the other is used for supplying power to the CPU, and the power supply voltage can stop supplying power to the CPU when the CPU is not required to operate. Similarly, in the detection device based on the MCU, the MCU independent of the CPU is needed, the super capacitor outputs the power supply voltage to supply power for the MCU, and the power supply output voltage supplies power for the CPU. The two schemes need to adopt additional control units such as a BMC chip or an MCU, and the like, so that the cost is high.
Based on this, an embodiment of the disclosure provides a chassis intrusion status detection apparatus, referring to fig. 2A, the apparatus includes:
a switch unit 201, wherein the switch state of the switch unit 201 is related to the opening state of the case cover plate;
an information generating unit 202 configured to generate specification information, the specification information being reset when the information generating unit 202 is restored from a power-down state to a power-up state, the specification information after the reset being inconsistent with the specification information before the reset;
a first power supply unit 203 for supplying power to the information generating unit 202 via the switching unit 201;
A control unit 204, configured to read the specified information from the information generating unit 202, and detect an intrusion state of the enclosure based on the read specified information.
In some embodiments, the switch state of the switch unit 201 is an open state when the chassis cover is in an open state, and the switch state of the switch unit 201 is a closed state when the chassis cover is in a closed state.
As an implementation manner, the switch unit 201 is a trigger switch, the trigger switch is disposed on the chassis, the trigger switch is provided with a trigger portion that is matched with the chassis cover plate in a triggering manner, when the chassis cover plate is in an open state, the trigger portion is separated from the chassis cover plate, so that the switch unit 201 is in an open state, and when the chassis cover plate is in a closed state, the trigger portion is matched with the chassis cover plate in a triggering manner, so that the switch unit 201 is in a closed state. In an exemplary embodiment, the trigger switch is a push button switch and the trigger portion is a push button. When the case cover plate is in a closed state, the button is pressed down to close the button switch, and when the case cover plate is in an open state, the button is sprung to open the button switch. The switch unit 201 may be implemented using a switch other than a push button switch, which is well known to those skilled in the art, and the present disclosure is not limited thereto.
The designation information generated by the information generating unit 202 may be static information, i.e., the designation information remains unchanged as long as it is not reset. The specified information may include, but is not limited to, one or a combination of at least two of numbers, letters, chinese characters, symbols, and the like. Or the designation information generated by the information generating unit 202 may be dynamic information, that is, may change from case to case. For example, the designation information may change over time. In some embodiments, the specified information is time information, which may include some or all of year, month, day, time, minute, second.
In some embodiments, the information generating unit 202 may accumulate time on the basis of a certain initial time, thereby obtaining real-time. The initial time may be set by the user on the information generating unit or received from the control unit 204. Alternatively, the control unit 204 may read the current time, and send the current time as the initial time to the information generation unit 202. After receiving the initial time, the information generating unit 202 starts timing, and superimposes the timing time on the initial time to obtain the dynamic specified information at different moments. For example, the current time is 21-05-28-11-33-25, where "21", "05", "28", "11", "33" and "25" respectively represent year, month, day, time, minute, second, and the information generating unit 202 counts 1 minute later, and the specified information is 21-05-28-11-34-25.
In the case where the information generating unit is restored from the power-down state to the power-up state, the specification information is reset. For example, assuming that the specification information is the letter "HELLO", it may be reset to any number, letter, kanji, symbol, or a combination thereof such as "AAAAA", "ABCD", "1234", as long as it is different from the specification information "HELLO" before reset. For another example, assuming that the specified information is a real-time, the time information may be reset to 00-00-00-00-00-00, or 99-99-99-99-99-99, or the like.
In some embodiments, the information generating unit 202 may be implemented using a Real Time Clock (RTC) chip, for example, a RTC chip model DS 3231. Since the RTC chip has low power consumption, the RTC chip may be supplied with power by the first power supply unit 203 with low power, for example, the first power supply unit 203 is an RTC battery.
The first power supply unit of the embodiment of the disclosure supplies power to the information generating unit through the switch unit, and the switch state of the switch unit is related to the opening state of the case cover plate. As soon as the chassis cover is opened, the switch unit is opened, so that the power supply branch between the first power supply unit and the information generating unit is disconnected, the information generating unit is powered down, and the designated information generated by the information generating unit is reset. Therefore, in the case that the power of the chassis intrusion state detection device is turned off, the specification information read by the control unit after the system is powered on is the specification information after the reset as long as the chassis is in the intruded state, and if the chassis is not in the intruded state, the specification information read by the control unit after the system is powered on is the specification information before the reset. In this way, it can be determined whether the chassis is not in an intruded state by the system in the event of a power failure.
Since an intrusion event in the event of power failure can be detected, a CPU may be used as the control unit 204, so that an additional BMC chip or MCU need not be used as the control unit 204. The control unit 204 may determine that the enclosure is in an intruded state if the read specification information is inconsistent with the specification information before the reset, and determine that the enclosure is not in an intruded state if the read specification information is consistent with the specification information before the reset.
Under the condition that time is adopted as the appointed information, the CPU can acquire real-time through an internal clock, the current time can be further transmitted to the RTC chip, and the RTC chip can count time based on the current time transmitted by the CPU so as to acquire the real-time. Under the condition that the RTC chip is powered down, the real-time recorded in the RTC chip is cleared. The CPU can inquire the real-time recorded in the RTC chip, and if the inquired real-time is inconsistent with the real-time acquired by the CPU through the internal clock, the case is determined to be in an invaded state. In some embodiments, only the information representing the year in the real-time may be queried, or only the last two bits of information representing the year in the real-time may be queried, and the queried information may be compared with corresponding information in the real-time acquired by the CPU through the internal clock. By comparing the year information or the last two bits of the year information, the influence caused by the timing error of the RTC chip can be reduced, and the accuracy of the comparison result can be improved.
For example, the real time is 21-05-28-11-33-25, it is possible to query only "21" and compare "21" with the information representing the last two bits of year in the real time acquired by the CPU through the internal clock. In the event of a power loss of the RTC chip, the real time will be reset to 0. Therefore, when the queried information is smaller than the corresponding information in the real-time acquired by the CPU through the internal clock, the case is determined to be in an invaded state.
Those skilled in the art will appreciate that the above embodiments are merely exemplary illustrations. The anti-intrusion detection may also be performed by querying and comparing other information (for example, information indicating month, information indicating date, etc.) in the real-time, and the principle of performing the anti-intrusion detection based on the other information is similar to that of performing the anti-intrusion detection based on the year information, and will not be described herein.
Referring to fig. 2B, in addition to detecting an intrusion state of a chassis according to the designation information, the control unit 204 may also detect an intrusion state of a chassis based on the switching state of the switching unit 201. For example, when the switch unit 201 is detected to be in an opened state, it is determined that the chassis is in an intruded state, and when the switch unit 201 is detected to be in a closed state, it is determined that the chassis is not in an intruded state. Because the detection efficiency of detecting the intrusion state based on the switching state of the switching unit 201 is higher, under the condition that the system works normally, the intrusion state can be detected based on the switching state of the switching unit 201 first, and under the condition that the switching unit 201 is in the closed state, the intrusion state is detected based on the appointed information, so that the problem that the real-time performance of detecting the intrusion state based on the appointed information is insufficient under the normal power-on state is solved. In the system power-on process, the intrusion state before the system power-on cannot be determined based on the switch state of the switch unit, so that the intrusion state before the system power-on can be directly detected based on the appointed information in the system power-on process. After the system is powered on, intrusion state detection is performed based on a detection mode under the normal working condition.
In some embodiments, the system further comprises a second power supply unit 205 for supplying power to the information generating unit 202, the switching unit 201 being located on a different power supply branch than the second power supply unit 205. The supply voltage of the second power supply unit 205 may be lower than the supply voltage of the first power supply unit 203. In some cases, the power supply branch where the first power supply unit 203 is located may be disconnected, and power is supplied only through the power supply branch where the second power supply unit 205 is located, thereby playing a role in reducing power consumption. In a normal state, the second power supply unit 205 may maintain the power supply state as long as the power line of the second power supply unit 205 is not disconnected.
In some embodiments, the control unit 204 is further configured to jump to a secure login interface after power-on to obtain the specified information input by the user through the secure login interface if it is determined that the chassis is in an intruded state, and control the chassis to start if the input specified information is legal. In the case where the designation information generated by the information generating unit is static information, the designation information may be stored in the control unit 204 in advance. If the designated information input by the user through the secure login interface is identical to the designated information, the control unit 204 determines that the input information is legal. In the case where the designation information generated by the information generating unit is dynamic information, if the designation information input by the user through the secure login interface is consistent with the current time, the control unit 204 determines that the input designation information is legal. The control unit 204 may control the chassis start if the input designation information is legal, otherwise the control unit 204 refuses the chassis start.
In some embodiments, the control unit 204 is further configured to jump to a secure login interface after power-on to obtain authentication information input by a user through the secure login interface if it is determined that the chassis is in an intruded state, and control the chassis to start if the authentication information is legal. The verification information can comprise at least one of fingerprint information, face information, account password information, voice information and verification code information, but is not limited to the following. Taking account password information as an example, if the account information input by the user through the secure login interface is matched with the password information, determining that the input verification information is legal, otherwise, determining that the input verification information is illegal.
After controlling the chassis start, the control unit 204 may send reference information to the information generating unit 202, so that the information generating unit 202 generates specified information based on the reference information. In this way, it is possible to cause the information generating unit 202 to regenerate correct specification information after the start-up, thereby continuing intrusion state detection.
The circuit diagrams of the device are shown in fig. 3 and 4, respectively. Wherein S3 denotes a switching unit 201, an RTC chip is used as an information generating unit 202, bat denotes a first power supply unit 203, which may be an RTC battery, a CPU is used as a control unit 204, the CPU communicates with the RTC chip through an I 2 C interface, the CPU detects the switching state of the switch S3 through an interrupt pin, and STANDBY denotes a second power supply unit 205, and vbat is a power pin of the RTC chip. D1 and D2 respectively represent diodes, D1 is used for unidirectional conduction of the electric energy supplied from the first power supply unit 203 to the information generation unit 202, and D2 is used for unidirectional conduction of the electric energy supplied from the second power supply unit 205 to the information generation unit 202. At least one of D1 and D2 may also be eliminated for cost savings. The embodiment shown in fig. 3 is more targeted for edge servers and miniaturized devices because only a single power supply is used to power the edge servers and miniaturized devices.
The intrusion detection principle of the present disclosure will be described below by taking the circuit diagram shown in fig. 4 as an example. In the figure, the control unit is a CPU, the first power supply unit is an RTC battery, the information generating unit is an RTC chip, and the specified information is the last two bits of year information of the current real-time (which may have a smaller error with the actual time). The negative pole of RTC battery is grounded, and the anodal is through the switch unit connect the power pin of RTC chip, and through the switch unit connect the interrupt pin of CPU, the power pin of RTC chip still with the system power (STANDBY power) of quick-witted case is connected, the I 2 C interface of CPU with the memory cell of RTC chip is connected, is used for reading from the memory cell the last two bits of year information.
After the RTC battery and the STANDBY power supply are combined, the VBAT power supply pin of the RTC chip is supplied with power. The voltage of the RTC battery after passing through the switch S3 is transmitted to an interrupt pin of the CPU, when the switch S3 is disconnected, the voltage is low level, the CPU is triggered to interrupt, the CPU records and reports an intrusion event, and a safety protection mechanism is executed. When switch S3 is closed, the RTC battery power is active and the CPU interrupt pin is not triggered. The VBAT power supply of the RTC chip is normal in the case of STANDBY power supply, and whether the VBAT power supply is normal in the case of STANDBY power supply not depends on whether the switch S3 is closed or open. If the switch S3 is closed, the VBAT power supply of the RTC chip is normal, and if the switch S3 is opened, the VBAT power supply of the RTC chip is powered down. When the VBAT pin of the RTC chip is not powered, the RTC chip cannot work normally. After the power is supplied again, the two last two bits of the real-time of the RTC chip are restored to 00, and then the calculation of the real-time is restarted. The I 2 C interface of the CPU is connected with the I 2 C interface of the RTC chip and is used for acquiring the RTC time. When the CPU inquires that the last two bits of the year in the time information recorded in the RTC chip are smaller than the last two bits (for example '21') of the current year, an intrusion event is recorded and reported, and a safety protection mechanism is executed.
Referring to fig. 5, a flow chart for detecting a case intrusion state in a normal operation process is shown.
In step 501, the CPU detects that the chassis is in a normal operating state.
In step 502, the CPU detects an intrusion state of the enclosure based on a current switching state of the switching unit. After the interrupt is triggered, the CPU executes step 503, otherwise returns to step 501. Meanwhile, the CPU periodically inquires about the real time of the RTC chip, and when the last two years of the real time of the RTC chip are less than 21, it indicates that an abnormality is detected, and step 503 is executed, otherwise, step 501 is returned.
In step 503, the CPU records and reports the intrusion event and performs the security protection mechanism.
Referring to fig. 6, a flow chart for detecting a case intrusion state during a system power-up process is shown. During power-up (from a power-down state of the system to normal operation of the system), the CPU detects an intrusion state of the enclosure based on the read specified information.
In step 601, the system is powered on, and the CPU loads the FLASH file first.
In step 602, the CPU initializes a DDR (Double Data Rate Synchronous Dynamic Random Access Memory, double Rate synchronous dynamic random Access memory) interface and a GPIO (General Purpose Input/Output) interface.
In step 603, the CPU determines the level of the interrupt pin, and when the level is high, executes step 604, otherwise executes step 606.
In step 604, the CPU initializes the I 2 C interface and acquires the real time of the RTC chip, and then executes step 605.
In step 605, the CPU determines whether the last two bits of the RTC real-time are less than 21, if yes, step 606 is executed, and if not, step 610 is executed.
In step 606, the CPU initializes other interfaces, records and reports intrusion events, executes a security protection mechanism, and proceeds to step 607.
In step 607, a secure login interface is entered, an anti-intrusion account and password are obtained through the secure login interface, and step 608 is entered.
In step 608, the CPU verifies whether the anti-intrusion account and password are correct, if so, proceeds to step 609, otherwise returns to step 607.
In step 609, the correct RTC real time is set and step 611 is entered.
In step 610, the system initializes other functional interfaces and proceeds to step 611.
In step 611, the system is started up normally.
The system is effective in an anti-intrusion alert mechanism under normal power supply scenarios. When an intruder pulls out the power supply, the shell is removed, the switch S3 is manually pressed to be closed, the traditional intrusion detection mechanism is invalid, the system can be normally started after being electrified again, and the working principle of the system is easy to be illegally analyzed by the intruder. The intrusion detection mechanism of the present disclosure changes the last two bits of the RTC real time year to a default value, i.e., from 00, after the power cord is unplugged, as long as a casing is removed to allow the switch to be turned off at any one time. At this time, even if the power is on again, and the invader presses the switch to close the switch, two bits after the year of the real-time of the RTC are smaller than 21, the system can still record and report the invasion event, and a safety protection mechanism is executed.
The present disclosure can achieve the following effects:
(1) No additional BMC chip or MCU is used to implement the intrusion detection mechanism.
(2) In the situation of unplugging the power line, the intrusion detection mechanism is still effective and no super capacitor needs to be added for this.
As shown in fig. 7, an embodiment of the present disclosure further provides an edge server, including:
a chassis 701;
a housing cover 702 mated with the housing 701, and
The chassis intrusion status detection device according to any one of the above embodiments (not shown in the drawings).
The information generating unit 202, the first power supply unit 203, and the control unit 204 in the chassis intrusion state detecting device may be disposed in the chassis 701, and the switch unit 201 may be disposed on the chassis.
The embodiment of the chassis intrusion state detection device in the edge server is described in detail in the foregoing embodiment of the chassis intrusion state detection device, and will not be described herein again.
As shown in fig. 8, an embodiment of the present disclosure further provides a method for detecting a chassis intrusion state, which is applied to the control unit in the chassis intrusion state detection device described in any one of the foregoing embodiments, where the method includes:
step 801, reading specified information from the information generating unit;
And step 802, detecting the intrusion state of the chassis based on the read specified information.
In some embodiments, the detecting the intrusion state of the chassis based on the read specified information includes detecting the intrusion state of the chassis based on the current switch state of the switch unit in a normal operation state, and detecting the intrusion state of the chassis based on the read specified information when the current switch state of the switch unit indicates that the chassis is not currently in an intruded state.
In some embodiments, detecting the intrusion state of the chassis based on the read specification information includes detecting the intrusion state of the chassis based on the read specification information during power-up.
In some embodiments, the detecting the intrusion state of the enclosure based on the read specification information includes determining that the enclosure was in an intruded state if the read specification information is inconsistent with the specification information prior to the resetting.
In some embodiments, the information generating unit is an RTC chip, the specified information is a real-time, the RTC chip is configured to generate the real-time based on an initial time acquired at power-up, the initial time is preset based on a current time, and in a case where the information generating unit is restored from a power-down state to a power-up state, the initial time is set to a time inconsistent with the current time. The detection of the intrusion state of the chassis based on the read specified information comprises determining that the chassis is in the intrusion state when the read real-time is inconsistent with the current time.
In some embodiments, the initial time is set to 0 when the information generating unit is restored from the power-down state to the power-up state, and the detecting the intrusion state of the chassis based on the read specified information includes determining that the chassis was in the intruded state when the value corresponding to the year in the read real-time is smaller than the current year.
In some embodiments, the method further comprises determining that the chassis is currently in an intruded state if the switch unit is currently in an open state.
In some embodiments, the method further comprises the steps of jumping to a secure login interface after power-on under the condition that the case is in an invaded state, so as to obtain the designated information input by a user through the secure login interface, and controlling the case to start under the condition that the input designated information is legal.
In some embodiments, the method further comprises the steps of jumping to a secure login interface after power-on under the condition that the case is in an invaded state, so as to obtain verification information input by a user through the secure login interface, and controlling the case to start under the condition that the verification information is legal.
In some embodiments, the method further comprises sending initial information to the information generating unit after controlling the chassis to start, so that the information generating unit generates specified information based on the initial information.
It will be appreciated by those skilled in the art that in the above-described method of the specific embodiments, the written order of steps is not meant to imply a strict order of execution but rather should be construed according to the function and possibly inherent logic of the steps.
As shown in fig. 9, an embodiment of the present disclosure further provides a chassis intrusion state detection device, which is applied to the control unit in the chassis intrusion state detection device described in any one of the foregoing embodiments, where the device includes:
a reading module 901 for reading the specified information from the information generating unit;
and the detection module 902 is configured to detect an intrusion state of the chassis based on the read specified information.
In some embodiments, functions or modules included in an apparatus provided by the embodiments of the present disclosure may be used to perform a method described in the foregoing method embodiments, and specific implementations thereof may refer to descriptions of the foregoing method embodiments, which are not repeated herein for brevity.
The embodiments of the present disclosure also provide a computer device at least including a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any of the preceding embodiments when executing the program.
Fig. 10 shows a more specific schematic diagram of the hardware architecture of a computing device provided by embodiments of the present description, which may include a processor 1001, memory 1002, input/output interfaces 1003, communication interfaces 1004, and a bus 1005. Wherein the processor 1001, the memory 1002, the input/output interface 1003, and the communication interface 1004 realize communication connection between each other inside the device through the bus 1005.
The processor 1001 may be implemented by using a general-purpose CPU (Central Processing Unit ), a microprocessor, an Application SPECIFIC INTEGRATED Circuit (ASIC), or one or more integrated circuits, etc. to execute related programs to implement the technical solutions provided in the embodiments of the present disclosure. The processor 1001 may also include a graphics card, which may be NVIDIA TITAN X graphics card or 1080Ti graphics card, or the like.
The Memory 1002 may be implemented in the form of ROM (Read Only Memory), RAM (Random Access Memory ), static storage, dynamic storage, or the like. Memory 1002 may store an operating system and other application programs, and when the embodiments of the present specification are implemented in software or firmware, the associated program code is stored in memory 1002 and executed by processor 1001.
The input/output interface 1003 is used to connect with an input/output module to realize information input and output. The input/output module may be configured as a component in a device (not shown) or may be external to the device to provide corresponding functionality. Wherein the input devices may include a keyboard, mouse, touch screen, microphone, various types of sensors, etc., and the output devices may include a display, speaker, vibrator, indicator lights, etc.
The communication interface 1004 is used to connect to a communication module (not shown in the figure) to enable the present device to interact with other devices through communication. The communication module may implement communication through a wired manner (such as USB, network cable, etc.), or may implement communication through a wireless manner (such as mobile network, WIFI, bluetooth, etc.).
Bus 1005 includes a path for transferring information between components of the device (e.g., processor 1001, memory 1002, input/output interface 1003, and communication interface 1004).
It should be noted that, although the above-described device only shows the processor 1001, the memory 1002, the input/output interface 1003, the communication interface 1004, and the bus 1005, in the implementation, the device may further include other components necessary to achieve normal operation. Furthermore, it will be understood by those skilled in the art that the above-described apparatus may include only the components necessary to implement the embodiments of the present description, and not all the components shown in the drawings.
The disclosed embodiments also provide a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the method of any of the previous embodiments.
Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.
From the foregoing description of embodiments, it will be apparent to those skilled in the art that the present embodiments may be implemented in software plus a necessary general purpose hardware platform. Based on such understanding, the technical solutions of the embodiments of the present specification may be embodied in essence or what contributes to the prior art in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method described in the embodiments or some parts of the embodiments of the present specification.
The system, apparatus, module or unit set forth in the above embodiments may be implemented in particular by a computer chip or entity, or by a product having a certain function. A typical implementation device is a computer, which may be in the form of a personal computer, laptop computer, cellular telephone, camera phone, smart phone, personal digital assistant, media player, navigation device, email device, game console, tablet computer, wearable device, or a combination of any of these devices.
In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for the device embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and reference is made to the description of the method embodiments for relevant points. The apparatus embodiments described above are merely illustrative, in which the modules illustrated as separate components may or may not be physically separate, and the functions of the modules may be implemented in the same piece or pieces of software and/or hardware when implementing the embodiments of the present disclosure. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. Those of ordinary skill in the art will understand and implement the present invention without undue burden.
The foregoing is merely a specific implementation of the embodiments of this disclosure, and it should be noted that, for a person skilled in the art, several improvements and modifications may be made without departing from the principles of the embodiments of this disclosure, and these improvements and modifications should also be considered as protective scope of the embodiments of this disclosure.

Claims (19)

1.一种机箱入侵状态检测装置,其特征在于,所述装置包括:1. A chassis intrusion status detection device, characterized in that the device comprises: 开关单元,所述开关单元的开关状态与机箱盖板的开启状态相关;A switch unit, wherein the switch state of the switch unit is related to the opening state of the chassis cover; 信息生成单元,用于生成指定信息,在所述信息生成单元从掉电状态恢复到上电状态的情况下,所述指定信息被重置,重置后的指定信息与重置前的指定信息不一致;An information generating unit, configured to generate designated information, wherein when the information generating unit is restored from a power-off state to a power-on state, the designated information is reset, and the designated information after the reset is inconsistent with the designated information before the reset; 第一供电单元,用于经过所述开关单元向所述信息生成单元供电;a first power supply unit, configured to supply power to the information generating unit via the switch unit; 控制单元,用于从所述信息生成单元读取指定信息,并基于读取到的指定信息检测所述机箱的入侵状态;其中,在所述机箱曾处于被入侵状态的情况下,所述控制单元读取到的指定信息为重置后的指定信息,在所述机箱未曾处于被入侵状态的情况下,所述控制单元读取到的指定信息为重置前的指定信息;在读取到的指定信息与重置前的指定信息不一致的情况下,确定所述机箱曾处于被入侵状态。A control unit is used to read designated information from the information generating unit, and detect the intrusion state of the chassis based on the read designated information; wherein, when the chassis has been in an invaded state, the designated information read by the control unit is the designated information after reset, and when the chassis has not been in an invaded state, the designated information read by the control unit is the designated information before reset; when the read designated information is inconsistent with the designated information before reset, it is determined that the chassis has been in an invaded state. 2.根据权利要求1所述的装置,其特征在于,所述控制单元用于:2. The device according to claim 1, characterized in that the control unit is used for: 在正常工作状态下,基于所述开关单元当前的开关状态,检测所述机箱的入侵状态;Under normal working conditions, based on the current switch state of the switch unit, detecting the intrusion state of the chassis; 在所述开关单元当前的开关状态指示所述机箱当前未处于被入侵状态的情况下,基于读取到的指定信息检测所述机箱的入侵状态。In a case where the current switch state of the switch unit indicates that the chassis is not currently in an invaded state, the intrusion state of the chassis is detected based on the read designated information. 3.根据权利要求1所述的装置,其特征在于,所述控制单元用于:3. The device according to claim 1, characterized in that the control unit is used for: 在上电过程中,基于读取到的指定信息检测所述机箱的入侵状态。During the power-on process, the intrusion status of the chassis is detected based on the read designated information. 4.根据权利要求1所述的装置,其特征在于,所述信息生成单元为实时时钟芯片,所述指定信息为实时时间,所述实时时钟芯片用于:4. The device according to claim 1, characterized in that the information generating unit is a real-time clock chip, the designated information is real-time time, and the real-time clock chip is used to: 基于上电时获取的初始时间生成实时时间,所述初始时间基于当前时间预先设置,且在所述信息生成单元从掉电状态恢复到上电状态的情况下,所述初始时间被设置成与所述当前时间不一致的时间。The real time is generated based on the initial time obtained at power-on, the initial time is pre-set based on the current time, and when the information generating unit is restored from the power-off state to the power-on state, the initial time is set to a time inconsistent with the current time. 5.根据权利要求4所述的装置,其特征在于,所述控制单元用于:5. The device according to claim 4, characterized in that the control unit is used for: 在读取到的实时时间与当前时间不一致的情况下,确定所述机箱曾处于被入侵状态。When the read real time is inconsistent with the current time, it is determined that the chassis has been in an invaded state. 6.根据权利要求4所述的装置,其特征在于,在所述信息生成单元从掉电状态恢复到上电状态的情况下,所述初始时间被设置为0;所述控制单元用于:6. The device according to claim 4, characterized in that when the information generating unit is restored from a power-off state to a power-on state, the initial time is set to 0; and the control unit is used to: 在读取到的实时时间中年份对应的数值小于当前年份的情况下,确定所述机箱曾处于被入侵状态。When the value corresponding to the year in the read real-time time is smaller than the current year, it is determined that the chassis has been in an invaded state. 7.根据权利要求1所述的装置,其特征在于,所述控制单元还用于:7. The device according to claim 1, characterized in that the control unit is further used for: 在所述开关单元当前处于断开状态的情况下,确定所述机箱当前处于被入侵状态。When the switch unit is currently in an off state, it is determined that the chassis is currently in an invaded state. 8.根据权利要求1所述的装置,其特征在于,所述控制单元还用于:8. The device according to claim 1, characterized in that the control unit is further used for: 在确定所述机箱曾处于被入侵状态的情况下,在上电后跳转到安全登陆界面,以获取用户通过所述安全登陆界面输入的指定信息;If it is determined that the chassis has been in an invaded state, jump to a secure login interface after powering on to obtain specified information input by a user through the secure login interface; 在输入的指定信息合法的情况下,控制所述机箱启动。When the input designated information is legal, the chassis is controlled to start. 9.根据权利要求1所述的装置,其特征在于,所述控制单元还用于:9. The device according to claim 1, characterized in that the control unit is further used for: 在确定所述机箱曾处于被入侵状态的情况下,在上电后跳转到安全登陆界面,以获取用户通过所述安全登陆界面输入的验证信息;If it is determined that the chassis has been in an invaded state, jump to a secure login interface after powering on to obtain verification information input by a user through the secure login interface; 在所述验证信息合法的情况下,控制所述机箱启动。When the verification information is legal, the chassis is controlled to start. 10.根据权利要求9所述的装置,其特征在于,所述控制单元还用于:10. The device according to claim 9, characterized in that the control unit is further used for: 在控制所述机箱启动之后,将初始信息发送至所述信息生成单元,以使所述信息生成单元基于所述初始信息生成指定信息。After the chassis is controlled to start up, initial information is sent to the information generating unit, so that the information generating unit generates designated information based on the initial information. 11.根据权利要求1所述的装置,其特征在于,所述控制单元为中央处理器,所述第一供电单元为实时时钟电池,所述信息生成单元为实时时钟芯片,所述指定信息为当前实时时间的年份信息的后两位;11. The device according to claim 1, characterized in that the control unit is a central processing unit, the first power supply unit is a real-time clock battery, the information generation unit is a real-time clock chip, and the specified information is the last two digits of the year information of the current real-time time; 所述实时时钟电池的负极接地,正极经所述开关单元连接所述实时时钟芯片的电源引脚,并经所述开关单元连接所述中央处理器的中断管脚;The negative electrode of the real-time clock battery is grounded, and the positive electrode is connected to the power pin of the real-time clock chip through the switch unit, and is connected to the interrupt pin of the central processing unit through the switch unit; 所述实时时钟芯片的电源引脚还与所述机箱的系统电源相连接;The power pin of the real-time clock chip is also connected to the system power supply of the chassis; 所述中央处理器的I2C接口与所述实时时钟芯片的存储单元相连接,用于从所述存储单元读取所述指定信息。The I 2 C interface of the central processing unit is connected to the storage unit of the real-time clock chip, and is used to read the specified information from the storage unit. 12.根据权利要求11所述的装置,其特征在于,在所述机箱正常工作的过程中,或者在所述机箱上电的过程中且已确定所述机箱在上电之前未曾处于被入侵状态的情况下,基于所述中断管脚检测到的电平确定所述机箱当前是否处于被入侵状态;12. The device according to claim 11, characterized in that, during the normal operation of the chassis, or during the power-on of the chassis and when it has been determined that the chassis has not been in an invaded state before power-on, determining whether the chassis is currently in an invaded state based on the level detected by the interrupt pin; 其中,在机箱盖板打开的情况下,所述开关单元断开,所述中断管脚检测到低电平,所述中央处理器确定机箱当前处于被入侵状态;在机箱盖板闭合的情况下,所述开关单元闭合,所述中断管脚检测到高电平,所述中央处理器确定机箱当前未处于被入侵状态。Among them, when the chassis cover is open, the switch unit is disconnected, the interrupt pin detects a low level, and the central processing unit determines that the chassis is currently in an invaded state; when the chassis cover is closed, the switch unit is closed, the interrupt pin detects a high level, and the central processing unit determines that the chassis is not currently in an invaded state. 13.根据权利要求11所述的装置,其特征在于,在所述机箱上电的过程中,所述中央处理器在检测到所述年份信息的后两位小于预设值的情况下,确定所述机箱在上电之前曾处于被入侵状态,在检测到的所述年份信息的后两位大于或等于预设值的情况下,确定所述机箱在上电之前未曾处于被入侵状态。13. The device according to claim 11 is characterized in that, during the process of powering on the chassis, when the central processor detects that the last two digits of the year information are less than a preset value, it determines that the chassis was in an invaded state before power-on; when the last two digits of the year information detected are greater than or equal to the preset value, it determines that the chassis was not in an invaded state before power-on. 14.根据权利要求1-13任一所述的装置,其特征在于,所述装置还包括:14. The device according to any one of claims 1 to 13, characterized in that the device further comprises: 第一二极管,用于将所述第一供电单元提供的电能单向导通至所述信息生成单元;和/或a first diode, used for unidirectionally conducting the electric energy provided by the first power supply unit to the information generating unit; and/or 第二二极管,用于将所述第二供电单元提供的电能单向导通至所述信息生成单元;和/或a second diode, used for unidirectionally conducting the electric energy provided by the second power supply unit to the information generating unit; and/or 第二供电单元,用于向所述信息生成单元供电,所述开关单元与所述第二供电单元位于不同的供电支路上。The second power supply unit is used to supply power to the information generating unit, and the switch unit and the second power supply unit are located on different power supply branches. 15.一种边缘服务器,其特征在于,包括:15. An edge server, comprising: 机箱;Chassis; 与所述机箱相配合的机箱盖板;以及a chassis cover matched with the chassis; and 权利要求1至14任一所述的机箱入侵状态检测装置。A chassis intrusion status detection device as described in any one of claims 1 to 14. 16.一种机箱入侵状态检测方法,其特征在于,应用于权利要求1-14任一所述的装置中的控制单元,所述方法包括:16. A method for detecting chassis intrusion status, characterized in that it is applied to a control unit in the device according to any one of claims 1 to 14, and the method comprises: 从所述信息生成单元读取指定信息;Reading specified information from the information generating unit; 基于读取到的指定信息检测所述机箱的入侵状态。The intrusion status of the chassis is detected based on the read designated information. 17.根据权利要求16所述的方法,其特征在于,所述基于读取到的指定信息检测所述机箱的入侵状态,包括:17. The method according to claim 16, wherein detecting the intrusion status of the chassis based on the read designated information comprises: 在正常工作状态下,基于所述开关单元当前的开关状态,检测所述机箱的入侵状态,在所述开关单元当前的开关状态指示所述机箱当前未处于被入侵状态的情况下,基于读取到的指定信息检测所述机箱的入侵状态;和/或In a normal working state, based on the current switch state of the switch unit, detecting the intrusion state of the chassis, and when the current switch state of the switch unit indicates that the chassis is not currently in an intrusion state, detecting the intrusion state of the chassis based on the read designated information; and/or 在上电过程中,基于读取到的指定信息检测所述机箱的入侵状态。During the power-on process, the intrusion status of the chassis is detected based on the read designated information. 18.一种计算机可读存储介质,其上存储有计算机程序,其特征在于,该程序被处理器执行时实现权利要求16-17任一所述的方法。18. A computer-readable storage medium having a computer program stored thereon, wherein when the program is executed by a processor, the method according to any one of claims 16 to 17 is implemented. 19.一种计算机设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,其特征在于,所述处理器执行所述程序时实现权利要求16-17任一所述的方法。19. A computer device comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor implements the method of any one of claims 16 to 17 when executing the program.
CN202110711408.XA 2021-06-25 2021-06-25 Chassis intrusion status detection device and method, and edge server Active CN113434915B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202110711408.XA CN113434915B (en) 2021-06-25 2021-06-25 Chassis intrusion status detection device and method, and edge server
PCT/CN2021/134365 WO2022267345A1 (en) 2021-06-25 2021-11-30 Chassis intrusion state detection device and method, and edge server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110711408.XA CN113434915B (en) 2021-06-25 2021-06-25 Chassis intrusion status detection device and method, and edge server

Publications (2)

Publication Number Publication Date
CN113434915A CN113434915A (en) 2021-09-24
CN113434915B true CN113434915B (en) 2025-02-18

Family

ID=77754411

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110711408.XA Active CN113434915B (en) 2021-06-25 2021-06-25 Chassis intrusion status detection device and method, and edge server

Country Status (2)

Country Link
CN (1) CN113434915B (en)
WO (1) WO2022267345A1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113434915B (en) * 2021-06-25 2025-02-18 深圳市商汤科技有限公司 Chassis intrusion status detection device and method, and edge server
US12124571B2 (en) 2022-02-01 2024-10-22 Microsoft Technology Licensing, Llc Intrusion detection mechanism for security sensitive PCB components
CN116467705B (en) * 2023-01-16 2024-03-19 中科可控信息产业有限公司 Full-time monitoring system and server for preventing server from invading

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112099613A (en) * 2020-08-03 2020-12-18 中国长城科技集团股份有限公司 Server case cover opening detection method and device
CN112231781A (en) * 2020-10-16 2021-01-15 苏州浪潮智能科技有限公司 An edge computing server anti-theft method and server

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6289456B1 (en) * 1998-08-19 2001-09-11 Compaq Information Technologies, Inc. Hood intrusion and loss of AC power detection with automatic time stamp
US6519698B1 (en) * 1999-10-06 2003-02-11 Micron Technology, Inc. Method for saving system configuration information to shorten computer system initialization time by checking the state of a chassis intrusion detection circuit
CN101471933A (en) * 2007-12-28 2009-07-01 英业达股份有限公司 Method for dynamically updating intrusion detection rules through network link data
JP5725798B2 (en) * 2010-11-01 2015-05-27 キヤノン株式会社 Control device, control device state detection method, and program
CN104049983B (en) * 2013-03-11 2018-07-06 联想(北京)有限公司 A kind of prompt message update method, device and electronic equipment
CN104268466B (en) * 2014-09-15 2019-01-01 福建联迪商用设备有限公司 The method of the electronic equipment and electronic equipment anti-intrusion of anti-intrusion
CN104268467B (en) * 2014-09-15 2018-05-25 福建联迪商用设备有限公司 The method of electronic equipment anti-intrusion and the electronic equipment of anti-intrusion
CN110569679B (en) * 2019-10-08 2024-11-15 福建实达电脑设备有限公司 A cover removal self-destruction circuit for terminal and control method thereof
CN111722960A (en) * 2020-05-29 2020-09-29 苏州浪潮智能科技有限公司 A boot method, system, device and medium under abnormal CMOS information
CN113434915B (en) * 2021-06-25 2025-02-18 深圳市商汤科技有限公司 Chassis intrusion status detection device and method, and edge server

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112099613A (en) * 2020-08-03 2020-12-18 中国长城科技集团股份有限公司 Server case cover opening detection method and device
CN112231781A (en) * 2020-10-16 2021-01-15 苏州浪潮智能科技有限公司 An edge computing server anti-theft method and server

Also Published As

Publication number Publication date
CN113434915A (en) 2021-09-24
WO2022267345A1 (en) 2022-12-29

Similar Documents

Publication Publication Date Title
CN113434915B (en) Chassis intrusion status detection device and method, and edge server
US20220006318A1 (en) Device charging system
KR101140477B1 (en) Consumer abuse detection system and method
TW200925845A (en) Power management system and method, computer-readable medium
CN112799492B (en) Information processing apparatus and control method
CN105022955A (en) Locking method and mobile terminal of application program
CN114077395B (en) Protection against undesired content changes in DRAM during standby mode
CN112074745B (en) Power consumption monitoring of peripheral devices
CN106292989A (en) A kind of information processing method and electronic equipment
CN108196894B (en) Method for detecting external equipment access and electronic equipment
CN116599198A (en) Intelligent door lock double-battery power supply switching method and device, storage medium and door lock
WO2005071531A1 (en) A method and device for start up computer
CN113608930B (en) System chip and electronic device
CN107277906B (en) Mode selection method, device, terminal and computer readable storage medium
CN106066819A (en) A method and device for backing up information
CN114205801A (en) Equipment retrieving method and device and related equipment
CN114089714A (en) Portable electronic device
US20140115378A1 (en) System and method for restoring network configuration parameters
CN104915269B (en) A kind of mobile terminal time and date information setting method, device and mobile terminal
CN107295175B (en) Display control method and device for electric quantity of mobile terminal, storage medium and mobile terminal
CN112684745B (en) Key device is ruined to low-power consumption
KR102748164B1 (en) Electronic device including power management integrated circuit and method for recovering abnormal state of the electronic device
CN201995013U (en) Mobile phone with tracking function
CN113625855B (en) Power supply control method, system, medium and equipment of server system
CN105764128A (en) Power supply control method and device of mobile terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 40051328

Country of ref document: HK

GR01 Patent grant
GR01 Patent grant