CN-121996216-A - Supervision and reporting integrated machine system based on software and hardware integration

Abstract

The invention relates to the technical field of financial banks and discloses a supervision and reporting all-in-one machine system based on software and hardware integration, which comprises a compiling module, an access module, a scheduling module, a data flow accelerator and a sending module, wherein the compiling module analyzes supervision specifications into a fixed-width compliance state bit string and binds the fixed-width compliance state bit string to a physical core of a multi-core processor to establish a hardware verification topology path, the access module writes business flow data into a physical memory pool, distributes data physical pointers and compliance state bitmaps, the scheduling module executes compliance verification logic by the data physical pointers according to the hardware verification topology path and updates the compliance state bitmaps when the data physical pointers pass, the aggregation module schedules a data flow accelerator to reorganize the business flow data into a huge physical memory page when the updated compliance state bitmaps meet mask conditions, and the sending module triggers an encryption acceleration card to generate ciphertext data based on a starting address of the huge physical memory page and sends the ciphertext data through a network interface card. The invention avoids the cross-core copy of the full data, reduces the communication delay of the hardware bus and improves the execution efficiency of concurrent verification.

Inventors

• LIU LIBO
• YANG YANFENG
• HUANG YANLING

Assignees

• 北京宇信科技集团股份有限公司

Dates

Publication Date

20260508

Application Date

20260410

Claims (10)

1. 1. The utility model provides a supervision report all-in-one system based on software and hardware integration, is operated in the hardware environment that is configured with multicore processor, data flow accelerator, network interface card and encryption acceleration card, and characterized in that includes: the compiling module is used for analyzing the supervision specification into a fixed-width compliance state bit string and binding the fixed-width compliance state bit string to the multi-core processor to establish a hardware verification topology path; the access module is used for writing service flow data into a physical memory pool, and distributing a data physical pointer and a compliance state bitmap according to the fixed-width compliance state bit string; The scheduling module is used for circulating the data physical pointer along the hardware checking topological path to execute compliance checking logic, and updating the compliance state bitmap when the compliance checking logic passes execution; The aggregation module is used for scheduling the data stream accelerator to reorganize the business flow data to a huge physical memory page when the updated compliance state bitmap meets a mask condition; And the sending module is used for triggering the encryption acceleration card to generate ciphertext data based on the starting address of the huge physical memory page and sending the ciphertext data through the network interface card.
2. 2. The software and hardware integration-based supervision and reporting all-in-one system according to claim 1, wherein the compiling module comprises: The standard analysis unit is used for receiving and analyzing the externally loaded supervision standard file and disassembling the macroscopic check logic into a plurality of basic check operators; the diagram construction unit is used for mapping a plurality of basic check operators into execution nodes in a diagram structure and generating a fixed-width compliance state bit string according to the dependency relationship among the execution nodes; the weight evaluation unit is used for identifying mutually independent connected subgraphs in the fixed-width compliance state bit string and calculating the calculation complexity weight of the connected subgraphs; And the topology binding unit is used for carrying out resource allocation according to the computation complexity weight, and binding the execution logic of each connected subgraph to the physical core appointed in the multi-core processor and the corresponding local memory node so as to establish a hardware verification topology path.
3. 3. The software and hardware integration-based supervisory reporting all-in-one system as claimed in claim 2, wherein the access module comprises: the bypass receiving unit is used for bypassing the kernel network stack of the operating system through the direct memory access engine of the network interface card and receiving externally input business flow data; The memory pool dividing unit is used for pre-distributing continuous physical space in the local memory node corresponding to the multi-core processor so as to construct a physical memory pool; The pipeline construction unit is used for constructing a non-uniform memory access aware memory pipeline in the local memory node and dividing the non-uniform memory access aware memory pipeline into a service data effective load area and a metadata control area; And the metadata distribution unit is used for storing the business flow data in the business data effective load area and continuously distributing the corresponding data physical pointer and the compliance state bitmap in the metadata control area.
4. 4. The software and hardware integration-based supervisory and reporting all-in-one system according to claim 3, wherein the metadata distribution unit is further configured to dynamically determine a bit width length of the compliance status bitmap according to the number of execution nodes of the compliance status bit string.
5. 5. The software and hardware integration-based supervisory and reporting all-in-one system as claimed in claim 4, wherein the scheduling module comprises: The pointer circulation unit is used for establishing an unclamped ring-shaped queue between adjacent physical cores, and circulating the data physical pointer through the unclamped ring-shaped queue; and the rule addressing unit is used for reading the business flow data according to the data physical pointer and controlling the current physical core to execute the compliance check logic by utilizing the business flow data.
6. 6. The software and hardware integration-based supervision and reporting all-in-one system according to claim 5, wherein the scheduling module further comprises a state reconstruction unit configured to: when the compliance verification logic is executed and passed, a hardware bus locking atomic instruction of the multi-core processor is called to update the compliance state bitmap in situ; Before logic shift operation is executed, performing boundary validity check on the topology index value of the execution node mapped in the fixed-width compliance state bit string by the compliance check logic which is currently executed; And after the boundary validity check is passed, performing logic shift and bitwise or operation on the compliance state bitmap based on the topology index value to obtain and keep the updated compliance state bitmap.
7. 7. The software and hardware integration-based supervisory and reporting all-in-one system as claimed in claim 6, wherein the aggregation module comprises: The state monitoring unit is hard-bound to the idle physical core and used for reading the updated compliance state bitmap; And the mask matching unit is used for executing bitwise and logic operation on the updated compliance state bitmap and a preset signature mask, and judging whether the mask condition is met.
8. 8. The software and hardware integration-based supervisory reporting all-in-one system as recited in claim 7, wherein the aggregation module further comprises: the descriptor construction unit is used for generating a memory block copy descriptor after judging that the mask condition is met; and the hardware coordination unit is used for submitting the memory block copy descriptor to the data stream accelerator so as to trigger the data stream accelerator to complete reorganization to the huge physical memory page.
9. 9. The software and hardware integration-based supervisory and reporting all-in-one system according to claim 8, wherein the sending module comprises: The encryption packaging unit is used for triggering the encryption acceleration card to read the business flow data and execute flow line encryption, generating ciphertext data and writing the ciphertext data into an isolated safe memory page; The flow shaping unit is used for maintaining a flow limiting queue state machine based on a token bucket mechanism, dynamically calculating the currently available data transmission limit, and issuing an admission signal when the data transmission limit meets a transmission condition; and the bypass sending unit is used for directly sending the ciphertext data through the network interface card based on the admission signal.
10. 10. The software and hardware integration-based supervisory reporting all-in-one system of claim 9, wherein the transmission conditions include a currently available data transmission credit being greater than an actual byte length of the ciphertext data, and a physical link being in a hardware connected state and a hardware transmission descriptor margin being greater than a preset safe water level threshold.

Description

Supervision and reporting integrated machine system based on software and hardware integration Technical Field The invention relates to the technical field of financial banks, in particular to a supervision and reporting integrated machine system based on software and hardware integration. Background With the increase of financial business concurrency, the timeliness and the safety requirement of the supervision authorities on business flow data reporting are continuously improved. The massive data needs to complete multi-branch compliance verification and encrypt outgoing in a very short time. In the conventional pure software reporting system, when facing to high concurrent data streams, the computing power of the general processor is very easy to reach the bottleneck, and the low-delay processing requirement is difficult to meet, so that a software and hardware integrated architecture is urgently needed to improve the overall performance of the reporting system. The prior art mainly relies on a multithreaded software architecture of a multi-core processor to process supervision reporting tasks. After the system receives the business flow data, the system analyzes the standard rule through different thread pools, copies the whole data body in the memory for multiple times and distributes the data body to different physical cores for concurrent comparison. And in a verification result summarizing link, the system calls the execution state of the mutual exclusion lock synchronous multithreading in a software layer, and finally, the general processor runs an advanced encryption standard algorithm to encrypt the plaintext in software, and the encrypted plaintext is queued through a network protocol stack of an operating system and is sent to a supervision server. While the prior art utilizes a multithread concurrency mechanism to finish the compliance verification and transmission of service data, the defects are that under a multi-core architecture, an operation system is scheduled to cause random migration of verification threads among different physical cores, a large amount of cross-node memory access is generated, bus communication delay is aggravated, bus bandwidth is seriously wasted by cross-core copying of total data in a task distribution stage, writing conflict and cache line pseudo sharing invalidation are easily caused when software mutual exclusion lock is synchronized in multi-core concurrency, state update blocking is caused, and in a network reporting stage, the computational burden of a general processor is greatly increased by the cryptography operation of pure software, meanwhile, due to the lack of a flow shaping strategy based on a bottom clock, an instantaneously burst data packet is easily overloaded into a physical link, and congestion and packet loss of downstream network equipment are further caused. Disclosure of Invention Aiming at the defects of the prior art, the invention provides a supervision and reporting all-in-one machine system based on software and hardware integration, which solves the problems of bus communication delay and general processor computational bottleneck caused by random migration of execution threads, cross-core copying of full data and software cryptographic operation when the existing reporting system processes high concurrent data. In order to achieve the above object, the present invention provides a supervisory reporting integrated machine system based on software and hardware integration, which operates in a hardware environment configured with a multi-core processor, a data stream accelerator, a network interface card and an encryption acceleration card, and includes: the compiling module is used for analyzing the supervision specification into a fixed-width compliance state bit string and binding the fixed-width compliance state bit string to the multi-core processor to establish a hardware verification topology path; the access module is used for writing service flow data into a physical memory pool, and distributing a data physical pointer and a compliance state bitmap according to the fixed-width compliance state bit string; the scheduling module is used for circulating the data physical pointer along the hardware verification topology path to execute compliance verification logic, and updating the compliance state bitmap when the execution passes; The aggregation module is used for scheduling the data stream accelerator to reorganize the business flow data to a huge physical memory page when the updated compliance state bitmap meets a mask condition; And the sending module is used for triggering the encryption acceleration card to generate ciphertext data based on the starting address of the huge physical memory page and sending the ciphertext data through the network interface card. Preferably, the compiling module comprises a specification analyzing unit, a compiling module and a compiling module, wherein the specification analyzing unit is u