CN118277142A

CN118277142A - Method, system, equipment and storage medium for injecting software faults for storage abnormality of relay protection device

Info

Publication number: CN118277142A
Application number: CN202410305013.3A
Authority: CN
Inventors: 赵倩昀; 周华良; 李友军; 邹志杨; 周亚东; 徐政
Original assignee: NARI Group Corp
Current assignee: NARI Group Corp
Priority date: 2024-03-18
Filing date: 2024-03-18
Publication date: 2024-07-02

Abstract

The invention discloses a method, a system, equipment and a storage medium for injecting software faults for storage abnormality of a relay protection device, which comprise the following steps: for a board card running a Linux operating system in the relay protection device, generating an executable program with injected faults according to the fault injection control signals, and running the executable program with injected faults by the board card running the Linux operating system in the relay protection device to obtain an execution result; for a board card running a bare core program in the relay protection device, according to a fault injection control signal, the running space of the bare core program is completely shared in a Linux operating system, and a memory is read and modified through devmem to obtain an execution result; the fault injection control signals comprise fault injection control signals before program loading and fault injection control signals in the running process; the fault injection control signal in the running process refers to fault injection in the process calling mode in the running process of the program.

Description

Method, system, equipment and storage medium for injecting software faults for storage abnormality of relay protection device

Technical Field

The invention belongs to the technical field of reliability analysis of a relay protection device, and particularly relates to a software fault injection method, a system, computer equipment and a storage medium for storage abnormality of the relay protection device.

Background

The relay protection device is core secondary equipment for guaranteeing stable operation of the power system. In recent years, with the expansion of the scale of integrated circuits, the improvement of the working frequency and the reduction of critical charges of devices, when the relay protection device is in malfunction caused by abnormal displacement of storage, if the normal function of relay protection is affected without precaution, the functions of the relay protection device are blocked, the device is refused to operate, the malfunction and the like can be caused under serious conditions, and the safety and the stability of the power system are threatened greatly. Because the faults of the protection device caused by abnormal storage displacement have the characteristics of sporadic property, diversity, difficulty in reproduction and the like, the direct simulation research through modeling or testing is difficult, and therefore, the fault injection technology is adopted to simulate and accelerate the fault phenomenon of the protection device in a real running environment.

The existing simulation experiments of the storage abnormality of the relay protection device mostly adopt hardware fault injection systems based on accelerator irradiation test, but the accelerator irradiation related test has high development cost, long period and large uncertain factors, the simulated fault position and space are difficult to fully cover, and the simulation result may be insufficient. In addition, the verification of the irradiation result of the accelerator is repeated due to the change of the test condition, and the method is not suitable for being applied to the engineering application of the power system. In contrast, the software fault injection technology has obvious advantages of economic development cost, strong controllability of the development process, comprehensive information collection, portability and reproducibility, more comprehensive fault simulation and almost no damage to the hardware structure of the relay protection device.

With the rapid development of the power system, the functions of the relay protection device are fused more and more, the software and hardware structure of the protection device is more complex, and higher requirements are also put forward on the safety and reliability of the protection device. The existing fault simulation technology of the abnormal storage software is mainly used for performing fault injection test on an independent chip, but only partial circuits of the protection device work during chip level test, and the temperature rise of the protection device is different from that of the whole machine during work, so that abnormal storage deflection faults in a real operation environment cannot be accurately simulated. . Therefore, the storage abnormal software fault injection system of the relay protection device can meet the requirement of time development, can comprehensively and accurately simulate the storage abnormal faults, quickly reproduce and verify the fault phenomenon, and lays a foundation for further improving the reliability, safety and robustness of the equipment.

Disclosure of Invention

The invention aims to: in order to solve the problem that the existing storage abnormality fault injection technology is limited to a chip-level test system oriented to a single-core processor and does not have a complete machine-level software fault injection system oriented to a relay protection device, the invention provides a software fault injection method, a system, computer equipment and a storage medium oriented to the storage abnormality of the relay protection device.

The technical scheme is as follows: a software fault injection method for relay protection device storage abnormality comprises the following steps:

For a board card running a Linux operating system in the relay protection device, generating an executable program with injected faults according to the fault injection control signals, and running the executable program with injected faults by the board card running the Linux operating system in the relay protection device to obtain an execution result;

For a board card running a bare core program in the relay protection device, according to a fault injection control signal, the running space of the bare core program is completely shared in a Linux operating system, and a memory is read and modified through devmem to obtain an execution result;

the fault injection control signals comprise a fault injection control signal before program loading and a fault injection control signal in the running process; the fault injection control signal in the running process refers to the fault injection in the process interrupt mode in the running process of the program.

Furthermore, the fault injection control signal before program loading and the fault injection control signal in the running process comprise a load program, a fault injection position, a fault injection mode and a fault injection time which need to be tested.

Further, the fault injection location and the fault injection time may be randomly or specifically generated.

Further, the fault injection method includes: memory fault injection, register random fault injection and program counter random fault injection;

The memory fault injection refers to the single bit/multi-bit injection of the directional position or the random position of the executable program injected with the fault in random time by combining the virtual address information of the load program to be tested;

The memory fault injection refers to that after an executable program with injected faults is loaded into a memory to start running by combining virtual address information of a load program to be tested, memory data of a directional position or a random position is modified at random time;

The random fault injection of the register refers to modifying the value stored in a specific register at random time in the running process of a load program to be tested;

the random fault injection of the program counter means that the execution sequence of the program is changed in the running process of the load program to be tested.

Furthermore, the fault injection control signal before program loading and the fault injection control signal in the running process also comprise fault injection turnover bit number duty ratio distribution and offset;

the fault injection turnover bit number duty ratio distribution is used for turnover setting of units and multiple bits;

and the offset is used for determining the position of fault injection.

Further, the fault injection time is randomly generated by taking the running period of the load program to be tested as a reference.

Further, the fault injection control signal in the running process means that fault injection is performed in a process calling mode in the running process of the program, and specifically includes:

after receiving a fault injection control signal in the running process, creating a new process and acquiring a pid of the process;

When a new process runs to the fault injection time, stopping running the process;

injecting a fault into the process;

the process continues to run.

The invention discloses a software fault injection system for storage abnormality of a relay protection device, which comprises the following components:

The upper computer subsystem is used for sending a fault injection control signal to the lower computer subsystem and receiving an execution result from the lower computer subsystem;

the lower computer subsystem is used for injecting faults into the board card in the relay protection device according to the fault injection control signals, and the board card in the relay protection device is executed to obtain an execution result, and specifically comprises the following steps:

Further, the upper computer subsystem operates on a PC end, and the lower computer subsystem operates on a management CPU board card of the relay protection device.

The invention discloses a computer device, which comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the processor realizes the step of a software fault injection method for the storage abnormality of a relay protection device when executing the computer program.

The invention discloses a storage medium which stores a software fault injection program, wherein the software fault injection program is executed by at least one processor to realize the step of a software fault injection method for the storage abnormality of a relay protection device.

The beneficial effects are that: compared with the existing fault injection method for the storage abnormality of the relay protection device, the invention has the following advantages:

(1) The invention adopts the software fault injection technology, has the advantages of more economic development cost, strong controllability of the development process, comprehensive information collection, portability, strong reproducibility and more comprehensive fault simulation, and hardly generates any damage to the hardware structure of the relay protection device;

(2) The invention is oriented to the whole level of the relay protection device, and respectively carries out injection fault design on the board card running the Linux operating system and the board card running the bare-core program, so that the function of simultaneously carrying out injection fault simulation on multiple board cards of the protection device is realized, and the simulation test of the storage abnormal faults is more accurate and real;

(3) The invention is not limited to a single fault injection mode, and two modes of injection faults before program loading and injection faults in the running process are respectively designed, so that the simulation test of the abnormal storage faults is more comprehensive;

(4) The method is beneficial to grasping the influence and the sweep range of the relay protection storage abnormality, can be used for guiding the redundant fault-tolerant design of the relay protection equipment storage abnormality and verifying the validity of the redundant fault-tolerant measure, and can be applied to the targeted simulation of faults to verify the positioning analysis of the field failure problem.

Drawings

FIG. 1 is a typical hardware architecture of a relay protection device;

FIG. 2 is a schematic diagram of a software fault injection system for protecting against storage anomalies of a relay protection device;

FIG. 3 is a fault injection flow chart before loading a software fault injection system program;

FIG. 4 is a flow chart of fault injection when the software fault injection system program is running.

Detailed Description

In order to make the purposes, technical schemes and advantages of the present invention clearer, the method, system, computer equipment and storage medium for injecting software faults for protecting the relay protection device storage abnormality of the present invention will be further described with reference to the accompanying drawings.

Typical relay protection devices generally adopt a multi-board distributed computing architecture, and data interaction is carried out among boards through Ethernet, so that the functions of the protection devices are completed together. A typical hardware architecture of the relay protection device is shown in fig. 1, and typical boards in the relay protection device are a management CPU board, a protection board, a starting board, an intelligent acquisition board (SV, goose), an opening board and an analog acquisition board, wherein the opening board, the opening board and the analog acquisition board are mainly firmware, and fault injection is generally not performed. The CPU board is managed to run the Linux operating system, and the protection board, the starting board and the intelligent acquisition board run bare-core programs.

Example 1:

The embodiment discloses a software fault injection method for storage abnormality of a relay protection device, comprising the following steps:

The fault injection control signal before program loading and the fault injection control signal in the running process comprise a load program to be tested, a fault injection position, a fault injection mode and a fault injection time. Wherein, the fault injection position and the fault injection time can be randomly or appointed to be generated.

The fault injection mode comprises the following steps: memory fault injection, register random fault injection and program counter random fault injection;

The invention is oriented to the whole level of the relay protection device, and the board card running the Linux operating system and the board card running the bare-core program are respectively subjected to injection fault design, so that the function of simultaneously carrying out injection fault simulation on multiple board cards of the protection device is realized, and the simulation test of the storage abnormal faults is more accurate and real.

Example 2:

The embodiment discloses a software fault injection system structure for storage abnormality of a relay protection device, as shown in fig. 2, the software fault injection system structure mainly comprises an upper computer subsystem and a lower computer subsystem. The upper computer subsystem is fault injection management software running on the PC end, and mainly realizes control operation of software fault injection. The lower computer subsystem operates on a management CPU board of the relay protection device and comprises the functions of test program operation, fault injection execution, fault monitoring tracking and information acquisition. The upper computer subsystem and the lower computer subsystem are communicated in real time through the network port, the upper computer subsystem transmits the fault injection key information to the lower computer subsystem through the network port, the lower computer subsystem performs fault injection execution, and meanwhile, the fault injection test result is fed back to the upper computer subsystem.

The key parts and implementation method in the software fault injection system structure according to the present embodiment will now be further described.

The upper computer subsystem of the embodiment develops a software fault injection control interface through a Python language aiming at the abnormal storage deflection in the relay protection device. The upper computer subsystem mainly realizes the control operation of software fault injection, and needs to be capable of realizing real-time communication with the lower computer subsystem through a network port, and comprises a fault parameter configuration module, a workload configuration module, a fault injection manager, a network communication module, a flow control module, an information output module, a log module and a fault data analysis module. Meanwhile, the upper computer subsystem can realize various error processing in the running process, input detection is carried out, error prompt is given, and the robustness of software is ensured. The function and design implementation of each portion of the host computer subsystem will now be described in detail with reference to fig. 2.

The fault parameter configuration module is a dynamic fault parameter library for fault injection test, realizes injection fault attribute setting, and comprises various fault types aiming at a target system. The setting content of the fault parameter configuration module comprises a fault injection type, a fault injection position, a fault injection mode, a fault injection time, a fault injection flip bit number duty ratio distribution and an offset, wherein the fault injection position, the fault injection type and the fault injection time can be specified or randomly generated by control software. The fault parameter configuration module sends the corresponding parameters to the lower computer subsystem in a command mode. The upper computer subsystem can realize the following six fault injection modes:

Memory directional injection: and carrying out unit/multi-bit injection on random positions of the binary executable file by combining virtual address information of the test program.

Memory random injection: similar to memory directed injection, binary files are modified for random locations within a range of offsets.

And (3) directional memory injection: in combination with the virtual address information of the test program, after the program is loaded into the memory to start running, memory data of corresponding address offset (which can be set in advance) is modified at random time.

Random memory injection: similar to memory directed injection, memory data at random locations within a range of offsets (which may be set in advance) is modified at random times.

Register random injection: during program execution, the values held in particular registers are modified at random times.

Program Counter (EPC) random injection: during program running, the program interrupt address recorded in the cp0 epc register in the coprocessor is changed, so that the execution sequence of the program is changed.

The method can be used for carrying out unit and multi-bit overturn setting on the upper computer subsystem, setting the proportion of different overturn bits, realizing more practical simulation, and combining random time given by the upper computer subsystem in the fault injection process for reflecting the occurrence randomness of the event.

The work load configuration module is a work load library, and comprises a load program to be tested of a lower computer subsystem, a register test program and a memory test program. Different test procedures can lead to different results of fault injection. For a management CPU board based on the Linux operating system, a fault load library is formed after different test programs are compiled into executable files. For the Bare-metal bare core driven protection board, the starting board and the intelligent acquisition board, the running space of the bare core program is required to be completely shared in the Linux operating system, and then a fault load library corresponding to the bare core program is formed.

The fault injection manager is a control management unit of the whole software fault injection system and is responsible for fault injection parameter setting, injection flow control, result record statistics and the like.

The network communication module is mainly responsible for interaction between the upper computer subsystem and the management CPU board, command sending, data transmission, result feedback and the like, and adopts a network interface, so that an IP address and a port number are required to be set, and the starting server is connected with the lower computer subsystem.

The flow control module is responsible for controlling the start, pause, stop and exit of the fault injection flow.

The fault parameter list randomly generates a fault parameter list according to the fault parameters set by the test requirements, and three criteria for deleting faults are designed in order to prevent the faults to be injected from being predicted in advance: if the fault is determined to trigger error checking measures, deleting the fault from a fault list; after multiple detection, if the fault which does not affect the behavior of the appointed system at all is not caused, deleting the fault from the fault list; if the fault type is already in the fault list, it is deleted from the fault list.

The lower computer subsystem feeds back the fault injection result to the upper computer subsystem, and the information output module is responsible for observing the fault injection result in real time, monitoring the operation condition of the workload and then collecting data in proper time. And (3) performing comparison verification before and after the fault injection program is generated by adopting a file processing window to verify whether the fault injection position accords with the set expectation, whether the fault injection position is accurate, whether the file after the fault injection is complete and the like.

The log module stores the collected data as a log file and uploads the log file to the fault database.

After the fault injection experiment is completed, the fault data analysis module performs data statistics and analysis of fault injection results. Comparing the fault injection result with the normal operation result, observing whether the injection fault is effective or not, whether the system is abnormal or not, counting the total times, the successful times, the failure times and the system failure types of the fault injection, separating and sorting the correct and wrong operation results recorded in the test result record file through a statistical processing means, and calculating the component proportion of different wrong results for use in the subsequent specific engineering analysis.

The lower computer subsystem of the embodiment runs on a management CPU board, a protection board, a starting board and an intelligent acquisition board of the relay protection device, and mainly develops a test program based on C++ language, and comprises test program running, fault injection, fault monitoring tracking and information acquisition functions.

The lower computer subsystem operates on the management CPU board, comprises an upper communication program, a lower management program and a fault injection script program, and is responsible for receiving a fault injection command issued by the upper computer subsystem operating on the PC side, belonging to a local fault simulation command, and directly executing the fault injection command; and forwarding the command to the corresponding board card if the command belongs to the commands of other board cards. Under the Linux system, according to the running time of the program to be tested, the running period is taken as a reference to randomly generate fault injection time points, and at each fault injection time point, fault injection is carried out in a process interruption mode according to the control information of the fault injection system.

The protection board, the starting board and the intelligent acquisition board run fault injection script programs, are responsible for receiving fault injection commands from the management CPU board and executing the fault injection commands on site, and report execution results to the management CPU board under the condition that conditions exist (such as normal running after execution). Under the bare core drive, according to the fault injection command sent by the management CPU board, the running space of the bare core program is completely shared in the Linux operating system, and the memory is read and modified through devmem to simulate and store the abnormal deflection phenomenon.

In order to simulate the abnormal deflection phenomenon of the relay protection device more truly, fault injection before program loading (memory injection) and during operation (memory injection) is carried out according to the selected fault injection type in the fault injection process. These two fault injection types will now be described separately.

Fault injection before program loading: as shown in fig. 3, in the fault injection process before program loading, for each original executable file (generated by gcc direct compiling) of the program to be tested, according to the fault injection control information set in the upper computer subsystem, the executable file injected with the fault is directly generated in the lower computer subsystem so as to simulate the situation that the program memory stores abnormal displacement. The test is started, the server is started through the IP address and the port of the upper computer subsystem, the lower computer subsystem is opened, and corresponding information (the position of the test program, the IP address and the port) is input to be connected with the upper computer subsystem. After connection is completed, testing can be started, a test mode is selected as 'memory test', parameters matched with the parameters (including overturn information and offset range or self-defining fault injection types and specifying offset to realize other test methods) are input into corresponding columns of the upper computer, and software fault injection can be started.

The parent process checks the state of the child process after its state changes by a series of macros:

a. Exit status code (acquired through WEXITSTATUS): a state code at the exit of a sub-process, typically a 0 value, indicates success, and a value other than 0 indicates that some error has occurred;

b. termination signal code (obtained via WTERMSIG): this is the number of the signal that caused the sub-process to terminate, e.g., SIGKILL (9), SIGTERM (15), etc.;

c. Stop signal code (obtained by WSTOPSIG): the number of the signal that caused the sub-process to stop, e.g., SIGSTOP, SIGTSTP, etc. The stop signal causes the process to stop executing, but not terminate the process. In actual use, these macros are mutually exclusive (program states differ).

Fault injection during operation: as shown in fig. 4, in order to simulate the abnormal displacement phenomenon of the relay protection device during operation, for each program to be tested, fault injection time points are randomly generated based on the operation period of the program to be tested according to the operation time, and at each fault injection time point, fault injection is performed in a process interruption mode according to control information of a fault injection system.

The fault injection in the operation process is mainly in a process calling mode, after a fault injection command is received, a new process is created by a fork system call at first, a process pid is acquired, PTRACE requests to track the new process, in the new process, when the new process is operated to a fault injection time point, the operation of the new process is stopped by SIGSTOP signals in a father process, operation (fault injection) is carried out on a related memory area of the child process through PTRACE related instructions, operation of the child process is continued, simulation of single event upset is realized, and partial instructions are as follows:

ptrace(PTRACE_PEEKTEXT,pid,offset,NULL)；

ptrace(PTRACE_POKETEXT,pid,offset,NULL)；

ptrace(PTRACE_GETREGS,pid,NULL,&regs)；

ptrace(PTRACE_SETREGS,pid,NULL,&regs)；

PTRACE (ptrace_cont, pid, NULL), and the like.

The fault injection flow is approximately the same as the fault injection before the operation in the operation process, the test mode is selected as 'memory test', and the minimum time and the maximum time of the fault injection (which should be controlled in the program operation period) are required to be input, so that the test can be started. Clicking the "execute normal test program" before testing, the lower computer can output certain memory mapping information through the "maps" file corresponding to the process pid. In the actual test process, the fault injection in the running process can not additionally generate an executable file, so that the original file is ensured not to be modified, and the situation of simulating abnormal displacement of storage is achieved only through the operation of a memory.

System call and exception handling

The system call is a mode of communication between the user mode and the kernel mode, and the user program can directly call the interface of the system call to be sunk into the kernel to execute related tasks, and the user mode is returned to continue to run after the completion. When an exception occurs, the main work to be done by the MIPS CPU is:

a) Setting the EPC, pointing to the location of the exception return (MIPS treats the interrupt as an exception as well, providing the possibility to modify the execution flow).

B) The EXL bit of the Status register is set forcing the CPU into kernel mode (high privilege level) and disabling interrupts.

C) The Cause register is set so that the software can see the Cause of the exception.

D) The CPU fetches the instruction from the exception handling entry point to execute, i.e. execute the exception handler.

The process of exception handling mainly comprises the following steps: the protection site pushes the values of the registers to return to the original instruction stream after processing. And judging what is abnormal according to the register mark set by the hardware and executing a specific abnormal processing function. And restoring the field, and re-writing the value of the register stored in the stack back. Jump to normal instruction stream break point and return to CPU normal instruction stream.

Example 3:

the embodiment discloses a computer device, which comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the processor executes the computer program to realize the steps disclosed in any one of the embodiments.

Example 4:

The present embodiment discloses a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps disclosed in any of the embodiments described above.

Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, or the like. Volatile memory can include random access memory (Random Access Memory, RAM) or external cache memory. By way of illustration, and not limitation, RAM can be in various forms such as static random access memory (Static Random Access Memory, SRAM) or dynamic random access memory (Dynamic Random Access Memory, DRAM), etc.

The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.

The above examples illustrate only a few embodiments of the application, which are described in detail and are not to be construed as limiting the scope of the application. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the application, which are all within the scope of the application. Accordingly, the scope of protection of the present application is to be determined by the appended claims.

Claims

1. A software fault injection method for relay protection device storage abnormality is characterized in that: comprising the following steps:

The fault injection control signals comprise a fault injection control signal before program loading and a fault injection control signal in the running process; the fault injection control signal in the running process refers to fault injection in the process calling mode in the running process of the program.

2. The method for injecting software faults into a storage abnormality of a relay protection device according to claim 1, wherein the method comprises the following steps: the fault injection control signals before program loading and during running include a load program to be tested, a fault injection position, a fault injection mode and a fault injection time.

3. The method for injecting software faults into a storage abnormality of a relay protection device according to claim 2, wherein the method comprises the following steps: the fault injection location and the fault injection time may both be randomly or specifically generated.

4. The method for injecting software faults into a storage abnormality of a relay protection device according to claim 2, wherein the method comprises the following steps: the fault injection mode comprises the following steps: memory fault injection, register random fault injection and program counter random fault injection;

5. The method for injecting software faults into a storage abnormality of a relay protection device according to claim 2, wherein the method comprises the following steps: the fault injection control signal before program loading and the fault injection control signal in the running process also comprise fault injection turnover bit number duty ratio distribution and offset;

and the offset is used for determining the position of fault injection.

6. The method for injecting software faults into a storage abnormality of a relay protection device according to claim 2, wherein the method comprises the following steps: the fault injection time is randomly generated by taking the running period of the load program to be tested as a reference.

7. The method for injecting software faults into a storage abnormality of a relay protection device according to claim 1, wherein the method comprises the following steps: the fault injection control signal in the running process refers to fault injection in the process of program running in a process calling mode, and specifically comprises the following steps:

injecting a fault into the process;

the process continues to run.

8. A software fault injection system for relay protection device storage abnormality is characterized in that: comprising the following steps:

9. The software fault injection system for relay protection device storage anomalies of claim 8, wherein: the upper computer subsystem operates on a PC end, and the lower computer subsystem operates on a management CPU board card of the relay protection device.

10. The software fault injection system for relay protection device storage anomalies of claim 8, wherein: the fault injection control signals before program loading and during running include a load program to be tested, a fault injection position, a fault injection mode and a fault injection time.

11. The software fault injection system for relay protection device storage anomalies of claim 10, wherein: the fault injection location and the fault injection time may both be randomly or specifically generated.

12. The software fault injection system for relay protection device storage anomalies of claim 10, wherein: the fault injection mode comprises the following steps: memory fault injection, register random fault injection and program counter random fault injection;

13. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the steps of a method for software fault injection for storage anomalies for a relay protection arrangement according to any one of claims 1 to 7 when the computer program is executed by the processor.

14. A storage medium, wherein the storage medium stores a software fault injection program, and the software fault injection program when executed by at least one processor implements the steps of a method for injecting a software fault for a storage exception of a relay protection device according to any one of claims 1 to 7.