The safety of the Industrial Internet Control Systems has been a hotspot in the information security. To meet the needs of communication, a large variety of proprietary protocols have emerged in the field of industrial control. The protocol field is often trusted in the implementation of industrial control terminal code. If attackers modify the data of these fields using the protocol defect, the operation of the program can be controlled and the entire system will be affected. To cope with such security threats, academia and industry generally adopt fuzz test methods. However, the current industrial control protocol fuzz test methods generally have low code coverage, where unified description models are missing and test cases are not targeted. A method of fuzzification processing combined with dynamic multi-modal sensor communication data is proposed. To track the program execution, the dynamic pollution analysis is used to search for the input fields that affect the execution of the conditional branch and capture the dependencies between the conditional branches to guide the grammar generation of test cases, which can increase the chances of executing deep code. The experimental results show that the proposed method improves the validity and code coverage of test cases to a certain extent and greatly increases the probability of anomaly detection in the protocol implementation.

工业互联网控制系统的安全性一直是信息安全领域的热点。为了满足通信的需求，在工业控制领域中出现了各种各样的专有协议。协议字段在工业控制终端代码的实现中通常是受信任的。如果攻击者使用协议缺陷来修改这些字段的数据，则程序的操作可以得到控制，并且整个系统都将受到影响。为了应对这种安全威胁，学术界和工业界通常采用模糊测试方法。但是，当前的工业控制协议模糊测试方法通常具有较低的代码覆盖率，其中缺少统一的描述模型，并且没有针对性的测试用例。提出了一种结合动态多模态传感器通信数据的模糊化方法。为了跟踪程序的执行，动态污染分析用于搜索影响条件分支执行的输入字段，并捕获条件分支之间的依赖关系，以指导测试用例的语法生成，从而增加执行的机会深层代码。实验结果表明，该方法在一定程度上提高了测试用例的有效性和代码覆盖率，大大提高了协议实现中异常检测的概率。动态污染分析用于搜索影响条件分支执行的输入字段，并捕获条件分支之间的依存关系，以指导测试用例的语法生成，从而可以增加执行深度代码的机会。实验结果表明，该方法在一定程度上提高了测试用例的有效性和代码覆盖率，大大提高了协议实现中异常检测的概率。动态污染分析用于搜索影响条件分支执行的输入字段，并捕获条件分支之间的依存关系，以指导测试用例的语法生成，从而可以增加执行深度代码的机会。实验结果表明，该方法在一定程度上提高了测试用例的有效性和代码覆盖率，大大提高了协议实现中异常检测的概率。