关键词: 工业互联网, 嵌入式软件, 安全编码标准, 静态分析, 漏洞模式

Abstract: With the deep integration of industrialization and informatization, the industrial Internet security incidents occur frequently. More and more attackers focus on the critical national infrastructure. In recent years, the scale and complexity of embedded software have increased sharply, especially in the fields of national defense, rail transit, automobile, civil aviation, and industrial control. Users have more strict requirements on the quality of embedded software and require embedded software to be more secure. Based on the collection and analysis of embedded software security coding standards, this article arranges the first allaround list of security vulnerability patterns for embedded software development in China. This list includes the unique security vulnerability patterns of embedded systems, the vulnerability patterns that will cause serious consequences, such as the crash of embedded systems or denial of service, and other vulnerability patterns. Finally, this article briefly introduces the static analysis technology of how to ensure the security of embedded software by using these security vulnerability patterns. Thus, security problems are found at the beginning of the software development process and will be solved in time, so as to better ensure the security of industrial software.

Key words: industrial Internet, embedded software, safety coding standard, static analysis, vulnerability pattern