CN114785710B

CN114785710B - A method and system for evaluating the service capability of secondary nodes in industrial Internet identity resolution

Info

Publication number: CN114785710B
Application number: CN202210457263.XA
Authority: CN
Inventors: 陈鹏; 徐川川; 丁照
Original assignee: SOFTWARE ENGINEERING CENTER CHINESE ACADEMY OF SCIENCES
Current assignee: SOFTWARE ENGINEERING CENTER CHINESE ACADEMY OF SCIENCES
Priority date: 2022-04-27
Filing date: 2022-04-27
Publication date: 2024-12-13
Anticipated expiration: 2042-04-27
Also published as: CN114785710A

Abstract

This application provides an evaluation method and system for the service capability of the secondary node of industrial Internet identity resolution. This application generates the final evaluation score and rating through weighted calculation based on business capability, operation capability, security capability, data application capability and service provision capability, so as to realize the evaluation of the service capability of the secondary node of industrial Internet identity resolution. It can not only verify the feasibility and applicability of the identity resolution capability of the industrial Internet node, and be used to evaluate the maturity level of the service capability of the secondary node of industrial Internet identity resolution, but also improve the accuracy of the existing evaluation methods, unify the evaluation caliber, provide reference for the evaluation of relevant identity resolution service capabilities, and promote the effective popularization and implementation of node identity resolution capabilities. This application is of great significance for improving the industrial Internet industry ecosystem and integrating advantageous industry resources.

Description

Evaluation method and system for service capability of industrial Internet identification analysis secondary node

Technical Field

The application belongs to the technical field of evaluation of industrial Internet identification service capability, and particularly relates to an evaluation method and an evaluation system of industrial Internet identification analysis secondary node service capability.

Background

At present, the industrial Internet in China is under development as a good result in the aspects of infrastructure, platform construction and the like. The industrial Internet is used as an industry formed by the comprehensive deep fusion of a new generation of information technology and manufacturing industry, provides key technical support for the manufacturing industry and the industrial digital, networked and intelligent construction and upgrading, and simultaneously promotes new modes and new business states of networked collaboration, personalized customization, service type manufacturing and the like. The development of the industrial Internet can further promote the improvement and upgrading of the traditional kinetic energy and the cultivation of new kinetic energy, and assist the high-quality development of China.

The development of the industrial Internet is not separated from an industrial Internet identification analysis system, and is similar to a domain name analysis system in the Internet field, the industrial Internet identification analysis system is a nerve hub for supporting industrial Internet interconnection and intercommunication, and the industrial Internet identification analysis system in China consists of five types of nodes including an international root node, a national top node, a secondary node, an enterprise node and a public recursion analysis node. The service capability of the industrial Internet identification analysis node directly influences the construction of an industrial Internet identification analysis system, and further influences the development of the industrial Internet.

However, at present, an evaluation method for service capacity of the identification analysis node of the related industrial internet is not available, service capacity of each identification analysis node is uneven, and some of the identification analysis node is not online through special evaluation and evaluation, so that the overall development of an industrial internet identification analysis system is seriously affected. In particular, the industrial Internet identification analysis secondary node is used for providing identification code registration and identification analysis service for industries or areas, plays a role in the whole industrial Internet analysis link, and is a data and information resource entry for opening all aspects of an industrial chain and a value chain of the industry, so that the evaluation of the service capability of the secondary node is more important.

Disclosure of Invention

In view of the above, the application provides an evaluation method and an evaluation system for the service capability of the industrial Internet identification analysis secondary node, which improve the accuracy and the applicability of the evaluation method.

The specific technical scheme of the application is as follows:

The application provides an evaluation method of service capability of an industrial Internet identification analysis secondary node, which comprises the following steps:

Acquiring industrial Internet identification analysis secondary node information from a server;

Analyzing the two-level node information of the industrial Internet identification analysis, and scoring in five dimensions of service capability, operation capability, security capability, data application capability and service providing capability respectively to generate an evaluation score;

five evaluation scores are collected and analyzed according to a preset model, and the grade of the service capacity of the secondary node is analyzed by the identification of the service side.

Further, scoring in service capability is specifically:

Calling the related interface information of the industrial Internet identification analysis secondary node;

Generating docking information, supporting information and coding protocol information of the related interface according to the related interface information and the return value of the data;

judging whether the butt joint information, the supporting information and the coding protocol information are in a preset value or not, and counting the information in the preset value to generate a detection result.

Further, scoring in service capability is specifically:

Collecting a detection result, and introducing different weight coefficients to the butt joint information, the support information and the number value of the coding protocol in the detection result;

and sequentially adding the number values after different weight coefficients are introduced to generate a business capability assessment score.

Further, scoring in the operational capability is specifically:

Acquiring relevant interface information of the industrial Internet identification analysis secondary node, and acquiring dynamic operation data of the node through the interface information;

And comparing the dynamic operation data with the operation capability level table to generate a first comparison result, and generating an operation capability assessment score according to the first comparison result.

Further, scoring on the security capabilities is specifically:

identifying equipment information accessed into an industrial Internet identification analysis system;

Scanning process data in the secondary node server, and detecting attack behavior information, intrusion behavior information and illegal deployment behavior information of an internal network in the process data;

and marking the abnormal equipment information, the attack behavior information, the intrusion behavior information and the illegal deployment behavior information to generate safety monitoring data.

Further, scoring in the data application capability is specifically:

Creating a test library in the secondary node database, and testing the storage performance of the database according to the data quantity and the data level parameters in the analysis database;

And acquiring a data return value from the database, and generating a data storage evaluation score.

Further, scoring the data application capabilities further includes:

Testing the data management performance of the database according to the data interface parameters, the response time and the delay time in the analysis database;

And acquiring a data return value from the database, and generating a data management evaluation score.

Further, scoring the service providing capability is specifically:

Testing registration performance, inquiry performance, analysis performance and data management of the secondary node identification;

and acquiring a data return value and generating a service capability evaluation score according to the return value.

Further, the steps of collecting five evaluation scores and analyzing according to a preset model are as follows:

acquiring the evaluation score of each dimension and the weight value of the corresponding dimension;

designing a preset model according to the evaluation score and the weight value to carry out weighted summation, and calculating a total score;

Threshold division is performed on the total score to generate a final identification of the level of service capability of the analytical secondary node.

The application also provides an evaluation system of the service capability of the industrial Internet identification analysis secondary node, which comprises a service capability evaluation module, an operation capability evaluation module, a security capability evaluation module, a data application capability evaluation module, a service providing capability evaluation module and a score module;

The service capability assessment module, the operation capability assessment module, the security capability assessment module, the data application capability assessment module and the service providing capability assessment module are used for acquiring the industrial Internet identification analysis secondary node information from the service side, analyzing the industrial Internet identification analysis secondary node information, scoring in five dimensions of service capability, operation capability, security capability, data application capability and service providing capability respectively, and generating an assessment score;

the score module is used for collecting five evaluation scores and analyzing according to a preset model, and calculating the grade of the service capacity of the identification analysis secondary node of the service side.

In summary, the application provides an evaluation method and system for service capability of a secondary node for industrial Internet identification analysis. The application generates the final evaluation score and the rating by starting weighted calculation from the business capability, the operation capability, the security capability, the data application capability and the service providing capability, realizes the evaluation of the service capability of the industrial Internet node identification analysis secondary node, not only can verify the feasibility and the applicability of the industrial Internet node identification analysis capability, is used for evaluating the maturity level of the service capability of the industrial Internet node identification analysis secondary node, but also can improve the accuracy and the unified evaluation caliber of the existing evaluation method, provides reference for the evaluation of the related identification analysis service capability, and promotes the effective popularization and implementation of the node identification analysis capability. The application has important significance for perfecting the ecological system of the industrial Internet industry and integrating dominant industry resources.

Drawings

In order to more clearly illustrate the embodiments of the application or the technical solutions of the prior art, the drawings which are used in the description of the embodiments or the prior art will be briefly described, it being obvious that the drawings in the description below are only some embodiments of the application, and that other drawings can be obtained from these drawings without inventive faculty for a person skilled in the art.

FIG. 1 is a flow chart of an evaluation method of service capability of an industrial Internet identification resolution secondary node of the application;

FIG. 2 is a block diagram of an evaluation system for service capability of an industrial Internet identification resolution secondary node according to the present application.

Detailed Description

In order to make the objects, features and advantages of the present application more obvious and understandable, the technical solutions of the embodiments of the present application are clearly and completely described, and it is apparent that the embodiments described below are only some embodiments of the present application, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.

Referring to fig. 1, fig. 1 is a flowchart of an evaluation method for service capability of an industrial internet identification resolution secondary node according to the present application.

The embodiment of the application provides an evaluation method for service capability of an industrial Internet identification analysis secondary node, which comprises the following steps:

S102, acquiring industrial Internet identification analysis secondary node information from a service side;

S104, analyzing the two-level node information of the industrial Internet identification analysis, and respectively scoring in five dimensions of service capability, operation capability, security capability, data application capability and service providing capability to generate an evaluation score;

S106, acquiring five evaluation scores, analyzing according to a preset model, and calculating the grade of the service capacity of the identification analysis secondary node of the service side.

It should be noted that the secondary node information may include interface information, device information, server information, database information, and identification information. And analyzing the secondary node information, comparing the secondary node information with preset corresponding parameters, respectively sorting and summarizing the comparison data, and respectively outputting scoring results of five dimensions. And calculating and outputting total scores according to the preset model from the scoring results of the five dimensions, and judging and identifying the level of the service capability of the analytical secondary node according to the threshold dividing condition of the total scores.

According to the embodiment of the application, scoring in service capability is specifically as follows:

It should be noted that the service capability is a basic service capability provided by the secondary node system through an interface or a background. The docking information can reflect the docking condition and the number of other nodes analyzed by the identification, the supporting information can reflect the variety and the number of one or more of technical schemes such as Handle, ecode, OID, GS, VAA and the like, and the coding protocol can reflect the condition and the number which accord with the serial standard of the industrial Internet identification coding specification. The preset value can be obtained according to common knowledge in the industry. And testing and verifying the service capability indexes, such as the information of the supported quantity and the like, detecting whether the service capability reaches the expected function and normally operates, and then obtaining a service capability assessment score according to the service realization capability index score of each service.

After the service test is completed, index scoring can be performed according to different scene requirements and detection results, different weight values are introduced into each index, and a final service capability assessment score is calculated. For example, the weight coefficients of the support information and the docking information may be automatically increased when there is a special evaluation requirement for the universality of the identification of the secondary node, and the weight coefficients of the encoding protocol may be automatically increased when there is a special evaluation requirement for the standardability of the identification of the secondary node.

According to the embodiment of the application, scoring in the operation capability is specifically as follows:

It should be noted that the operation capability is the capability of the secondary node to maintain the normal operation of the system. The dynamic operation data comprises the number of secondary node identification registration analysis, the number of registered enterprise nodes, node log records, operation state and security state information reporting time, related service catalogues and the like. The operation capability level table can be integrated by conventional information of industry. And reading, summarizing and comparing the operation index data of the secondary node, such as information including coverage of registration information, to generate a first comparison result. And calculating a final operation capacity evaluation score according to the first comparison result and the weight value of each index. The weight value can be set according to different scene requirements.

According to the embodiment of the application, scoring in the safety capability is specifically as follows:

It should be noted that, the security capability mainly evaluates the functional security and physical security capability of the node. And carrying out deep security scanning on the secondary node server through the equipment information and the process data, monitoring the running condition of the network equipment and the user behavior of the network flow, detecting potential node loopholes and finding out the node error configuration. The abnormal behavior is found by identifying tampered, shielded and illegal data in the process data and marking the position and event node. And then, according to the score of each security capability index, such as attack, intrusion behavior times and other information, a security capability assessment score is obtained. And after the security assessment detection is completed, calculating a final security capability assessment score according to the security assessment detection result and the weight value of each index.

According to the embodiment of the application, scoring in the data application capability is specifically as follows:

It should be noted that, the data application capability refers to a mass data resource storage and management capability of the node. During evaluation, the database performance of the secondary node server is tested, and the data application capacity evaluation score is obtained according to the storage performance of the database. After the data detection is completed, a final data application capability assessment score is calculated according to the detection result and the weight value of each index.

According to an embodiment of the present application, scoring the data application capability further includes:

The interface performance of the secondary node server and the response performance of the data interface are tested, and the data application capacity evaluation score is obtained according to the data management performance of the database. The database storage performance and the data management performance may be combined and then weight values are introduced to generate a final data application capability assessment score. The weight value may be set according to the nature of the server, e.g., a server with a large base of user services may increase the weight value of the data store evaluation score appropriately.

According to the embodiment of the application, scoring on the service providing capability is specifically as follows:

The service providing capability refers to a service providing capability of identity resolution provided by the node. And judging the service capability of the secondary node by testing the input information, the output information, the time-consuming information, the error information, the return value of the data such as the identification type and the number of the secondary node identification, such as the integrity of the output information, the time-consuming time, the occurrence frequency of the error information and the like. And obtaining a service providing capability evaluation score according to the index score of each service providing capability, introducing a weight value of each index according to the service performance test result, and calculating a final data application capability evaluation score.

According to the embodiment of the application, five evaluation scores are collected and analyzed according to a preset model, specifically:

The score is transmitted and summarized, and the grade of the service capacity of the final identification analysis secondary node is calculated according to a corresponding algorithm. The preset model may be expressed as:

The weight value of each sub-term can be set according to the service side property and the special service evaluation requirement, for example, when the service reliability of the secondary node is analyzed by the screening mark, the weight value of the security capability evaluation score is increased, when the service efficiency of the secondary node is analyzed by the screening mark, the weight values of the operation capability evaluation score and the data application capability evaluation score are increased, and when the service quality and the awareness of the secondary node are analyzed by the screening mark, the weight value of the service capability evaluation score and the service providing capability evaluation score are increased. The weight values of the sub-items are balanced by default under the condition of no special requirement so as to obtain more accurate evaluation data.

After the final score is obtained, a final level may be determined based on the score. For example, each score corresponds to a class, 60 to 69 for one (initial) and 70 to 79 for two (managed) and 80 to 89 for three (robust), 90 to 94 for four (quantized managed) and 95 to 100 for five (optimized).

In another embodiment of the present application, scoring the operational capability further comprises:

acquiring static data of a server, and acquiring static operation data through the static data;

and comparing the static operation data with the operation capability registry to generate a second comparison result, and summarizing the second comparison result with the first comparison result to generate an operation capability evaluation score.

It should be noted that the static data may be derived from server information circulated by each network platform, such as registration information, audit information, public information, etc., and the static operation data collected from the static data includes business data, financial data, credit data, personnel data, and research and development data. And comparing the static operation data with registered service party data of the same type to generate a second comparison result. And setting the proportionality coefficients of the first comparison result and the second comparison result, and comprehensively evaluating the operation capability. For example, the ratio of the first comparison result may be set to 60%.

In another embodiment of the present application, scoring the security capabilities further comprises:

identifying the safety monitoring data according to the data type and format, interpreting the abnormal behavior category and sending out a warning message of the corresponding abnormal category;

and filtering the safety monitoring data according to the abnormal category and feeding the safety monitoring data back to the server.

It should be noted that, the data with abnormal types and formats is identified through the preset data types and formats, and the abnormal types are defined and warned according to the positions of the data or the event nodes, so as to timely check risks. And meanwhile, the data determined to be abnormal is selectively filtered according to the abnormal category and then is fed back, so that the deployment safety equipment at the boundary of the system provides effective defense and precaution for the port scanning and attack intrusion event of the event. For example, if the abnormal type is judged to be an attack, such data is directly intercepted and rejected, and if the abnormal type is judged to be a system error, such data is subjected to format restoration and then is judged again.

In another embodiment of the present application, scoring the service providing capability further comprises:

acquiring static data of a service side, and acquiring service evaluation data through the static data;

And generating a service quality parameter and a data communication parameter according to the service evaluation data, and introducing different weight coefficients to the service quality parameter and the data communication parameter to correct the service capability evaluation score.

It should be noted that, the static data of the service side may originate from the user evaluation system of each network platform or user terminal, and the service evaluation data includes product evaluation data, personnel evaluation data, institution evaluation data, and vendor evaluation data. The service quality parameters are determined according to the evaluation scores of all the items, the data communication parameters are determined according to the sample size of all the evaluation data, and the service capability evaluation scores generated before are influenced by the set weight coefficients of all the evaluation indexes, so that the obtained results can integrate all the data of all the parties, and the evaluation results are more accurate and objective.

Referring to fig. 2, fig. 2 is a block diagram of an evaluation system for resolving service capability of a secondary node according to an embodiment of the present application.

The embodiment of the application also provides an evaluation system for the service capability of the industrial Internet identification analysis secondary node, which comprises a service capability evaluation module, an operation capability evaluation module, a security capability evaluation module, a data application capability evaluation module, a service providing capability evaluation module and a score module;

According to the embodiment of the application, the business capability assessment module is specifically used for:

According to the embodiment of the application, the operation capability evaluation module is specifically used for:

According to the embodiment of the application, the security capability assessment module is specifically used for:

According to the embodiment of the application, the data application capability assessment module is specifically used for:

According to an embodiment of the present application, the data application capability assessment module is further configured to:

According to the embodiment of the application, the service providing capability assessment module is specifically used for:

According to the embodiment of the application, the score module is specifically used for:

In another embodiment of the present application, the operation capability evaluation module is further configured to:

In another embodiment of the present application, the security capability assessment module is further configured to:

In another embodiment of the present application, the service providing capability assessment module further comprises:

In the several embodiments provided by the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units is merely a logical function division, and there may be additional divisions of actual implementation, such as multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. In addition, the various components shown or discussed may be coupled or directly coupled or communicatively coupled to each other via some interface, whether indirectly coupled or communicatively coupled to devices or units, whether electrically, mechanically, or otherwise.

The units described as separate components may or may not be physically separate, and components displayed as units may or may not be physical units, may be located in one place or distributed on a plurality of network units, and may select some or all of the units according to actual needs to achieve the purpose of the embodiment.

In addition, each functional unit in each embodiment of the present invention may be integrated in one processing unit, or each unit may be separately used as a unit, or two or more units may be integrated in one unit, where the integrated units may be implemented in a form of hardware or a form of hardware plus a form of software functional unit.

It will be appreciated by those of ordinary skill in the art that implementing all or part of the steps of the above method embodiments may be implemented by hardware associated with program instructions, where the above program may be stored in a computer readable storage medium, where the program when executed performs the steps comprising the above method embodiments, where the above storage medium includes a mobile storage device, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic or optical disk, or other various media that may store program code.

Or the above-described integrated units of the invention may be stored in a computer-readable storage medium if implemented in the form of software functional modules and sold or used as separate products. Based on such understanding, the technical solutions of the embodiments of the present invention may be embodied in essence or a part contributing to the prior art in the form of a software product stored in a storage medium, including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute all or part of the methods described in the embodiments of the present invention. The storage medium includes various media capable of storing program codes such as a removable storage device, a ROM, a RAM, a magnetic disk or an optical disk.

While the application has been described in detail with reference to the foregoing embodiments, it will be understood by those skilled in the art that the foregoing embodiments may be modified or equivalents may be substituted for some of the features thereof, and that the modifications or substitutions do not depart from the spirit and scope of the embodiments of the application.

Claims

1. The evaluation method of the service capability of the industrial Internet identification analysis secondary node is characterized by comprising the following steps of:

Collecting five evaluation scores and analyzing according to a preset model, and calculating the grade of the service capacity of the secondary node analyzed by the industrial Internet identification of the server;

Scoring in business capability is specifically:

sequentially adding the number values after different weight coefficients are introduced to generate a business capability assessment score;

scoring in operational capacity is specifically:

Comparing the dynamic operation data with an operation capability level table to generate a first comparison result, and generating an operation capability assessment score according to the first comparison result;

scoring in the security capability is specifically:

Marking abnormal equipment information, attack behavior information, intrusion behavior information and illegal deployment behavior information to generate safety monitoring data;

According to each safety capability index score, a safety capability assessment score is obtained;

Calculating a final security capability assessment score according to the security assessment detection result and the weight value of each index after the security assessment detection is completed;

scoring the data application capabilities further includes:

Acquiring a data return value from a database, and generating a data management evaluation score;

scoring the service providing capability is specifically as follows:

acquiring a data return value and generating a service capability evaluation score according to the return value;

the method comprises the steps of collecting five evaluation scores and analyzing according to a preset model, wherein the specific steps are as follows:

according to the evaluation score and the weight value, carrying out weighted summation according to a preset model, and calculating a total score;

Threshold division is carried out on the total score to generate a final identification analysis secondary node service capability level;

Wherein, the preset model can be expressed as: ;

scoring the security capabilities further includes:

2. The method for evaluating service capability of industrial internet identification analysis secondary node according to claim 1, wherein scoring on service capability is specifically as follows:

3. The method for evaluating the service capability of the industrial internet identification resolution secondary node according to claim 2, wherein the scoring of the data application capability is specifically as follows:

4. The evaluation system for the service capability of the industrial Internet identification analysis secondary node is characterized by comprising a service capability evaluation module, an operation capability evaluation module, a security capability evaluation module, a data application capability evaluation module, a service providing capability evaluation module and a score module;

The service capability evaluation module, the operation capability evaluation module, the security capability evaluation module, the data application capability evaluation module and the service providing capability evaluation module are used for acquiring the industrial Internet identification analysis secondary node information from a service party;