diff --git a/io.sc.engine.rule.frontend/src/views/blood/Blood.vue b/io.sc.engine.rule.frontend/src/views/blood/Blood.vue
index 91059b9e..67f7549f 100644
--- a/io.sc.engine.rule.frontend/src/views/blood/Blood.vue
+++ b/io.sc.engine.rule.frontend/src/views/blood/Blood.vue
@@ -6,7 +6,7 @@
     :config-button="true"
     selection="multiple"
     :checkbox-selection="true"
-    :fetch-data-url="Environment.apiContextPath('/api/re/blood/findByCodeOrNameContains')"
+    :fetch-data-url="Environment.apiContextPath('/api/re/blood/findResourcesByParameterCodeAndNameAndType')"
     :sort-by="['name']"
     :query-form-cols-num="4"
     :query-form-fields="[
diff --git a/io.sc.engine.rule.frontend/src/views/lib/IndicatorGrid.vue b/io.sc.engine.rule.frontend/src/views/lib/IndicatorGrid.vue
index 08a88836..36d19070 100644
--- a/io.sc.engine.rule.frontend/src/views/lib/IndicatorGrid.vue
+++ b/io.sc.engine.rule.frontend/src/views/lib/IndicatorGrid.vue
@@ -94,8 +94,8 @@
             enableIf: (args) => {
               return args.selected;
             },
-            click: (args) => {
-              bloodRelationshipDialogRef.open();
+            click: (args: any) => {
+              bloodRelationshipDialogRef.open(lib, args.selected);
             },
           },
         ],
diff --git a/io.sc.engine.rule.frontend/src/views/lib/LibGrid.vue b/io.sc.engine.rule.frontend/src/views/lib/LibGrid.vue
index b9d713d1..25c90ed7 100644
--- a/io.sc.engine.rule.frontend/src/views/lib/LibGrid.vue
+++ b/io.sc.engine.rule.frontend/src/views/lib/LibGrid.vue
@@ -166,7 +166,7 @@
             return args.selected && args.selected.type !== 'FOLDER';
           },
           click: (args: any) => {
-            bloodRelationshipDialogRef.open();
+            bloodRelationshipDialogRef.open(args.selected);
           },
         },
         'separator',
diff --git a/io.sc.engine.rule.frontend/src/views/shared/BloodRelationshipDialog.vue b/io.sc.engine.rule.frontend/src/views/shared/BloodRelationshipDialog.vue
index 2fe4b53e..528c598a 100644
--- a/io.sc.engine.rule.frontend/src/views/shared/BloodRelationshipDialog.vue
+++ b/io.sc.engine.rule.frontend/src/views/shared/BloodRelationshipDialog.vue
@@ -1,14 +1,122 @@
 <template>
-  <w-dialog ref="dialogRef" width="600px" height="500px" :can-maximize="false">
-    <div class="pt-2" style="height: 100%"></div>
+  <w-dialog ref="dialogRef" width="900px" height="500px" :can-maximize="false" :title="$t('re.resources.grid.toolbar.viewBloodRelationship')">
+    <div class="pt-2" style="height: 100%">
+      <w-grid
+        ref="gridRef"
+        dense-body
+        :title="$t('re.resources.grid.title')"
+        :config-button="true"
+        selection="multiple"
+        :checkbox-selection="true"
+        :fetch-data-url="
+          Environment.apiContextPath(
+            '/api/re/blood/findResourcesByIndicator?libCode=' +
+              (libCodeRef || '') +
+              '&libVersion=' +
+              (libVersionRef || '') +
+              '&indicatorCode=' +
+              (indicatorCodeRef || ''),
+          )
+        "
+        :toolbar-configure="{ noIcon: false }"
+        :toolbar-actions="['refresh', 'separator', 'view', 'separator', 'export']"
+        :columns="[
+          {
+            width: 400,
+            name: 'namec',
+            label: $t('name'),
+            format: (value: any, row: any) => {
+              return row.name;
+            },
+          },
+          {
+            width: 80,
+            name: 'type',
+            label: $t('type'),
+            showIf: false,
+            format: EngineEnums.ResourceType.formater,
+          },
+          { width: 150, name: 'code', label: $t('code'), showIf: false },
+          { width: 60, name: 'version', label: $t('version'), align: 'right' },
+          {
+            width: 60,
+            name: 'status',
+            label: $t('status'),
+            align: 'center',
+            format: EngineEnums.DeployStatus.formater,
+          },
+          {
+            width: 60,
+            name: 'preDeploy',
+            label: $t('re.resources.grid.entity.preDeploy'),
+            align: 'center',
+            sortable: false,
+            format: (value) => {
+              if (value) {
+                return Formater.yesNo()(value);
+              }
+            },
+          },
+          { width: 120, name: 'taskName', label: $t('re.resources.grid.entity.taskName'), sortable: false },
+          { width: 80, name: 'taskAssignee', label: $t('re.resources.grid.entity.taskAssignee'), sortable: false },
+          { width: 100, name: 'lastModifier', label: $t('lastModifier') },
+          { width: 140, name: 'lastModifyDate', label: $t('lastModifyDate') },
+          {
+            width: 80,
+            name: 'attachmentCount',
+            label: $t('attachment'),
+            sortable: false,
+            align: 'right',
+            format: (value: any, row: any) => {
+              if (value > 0) {
+                return value;
+              } else {
+                return '';
+              }
+            },
+          },
+        ]"
+        :viewer="{
+          panel: {
+            columnNum: 1,
+            fields: [
+              { name: 'type', label: $t('type') },
+              { name: 'parent', label: $t('parent') },
+              { name: 'id', label: $t('id') },
+              { name: 'code', label: $t('code') },
+              { name: 'name', label: $t('name') },
+              { name: 'description', label: $t('description') },
+              { name: 'version', label: $t('version') },
+              { name: 'status', label: $t('status'), format: Formater.none() },
+              { name: 'effectiveDate', label: $t('effectiveDate') },
+              { name: 'taskName', label: $t('re.resources.grid.entity.taskName') },
+              { name: 'taskAssignee', label: $t('re.resources.grid.entity.taskAssignee') },
+              { name: 'attachmentCount', label: $t('attachment') },
+              { name: 'imports', label: $t('imports') },
+              { name: 'order', label: $t('order') },
+              ...CorporationAuditorEntityManager.getViewerFields(),
+            ],
+          },
+        }"
+      >
+      </w-grid>
+    </div>
   </w-dialog>
 </template>
 <script setup lang="ts">
 import { ref } from 'vue';
+import { Environment, Formater, CorporationAuditorEntityManager } from 'platform-core';
+import { EngineEnums } from '@/views/shared/enums/EngineEnums';
 
 const dialogRef = ref();
+const libCodeRef = ref();
+const libVersionRef = ref();
+const indicatorCodeRef = ref();
 
-const open = () => {
+const open = (lib: any, indicator: any) => {
+  libCodeRef.value = lib?.code;
+  libVersionRef.value = lib?.version;
+  indicatorCodeRef.value = indicator?.code;
   dialogRef.value.show();
 };
 
@@ -20,4 +128,6 @@ defineExpose({
   open,
   close,
 });
+
+await EngineEnums.init();
 </script>
diff --git a/io.sc.engine.rule.server/src/main/java/io/sc/engine/rule/server/blood/controller/BloodWebController.java b/io.sc.engine.rule.server/src/main/java/io/sc/engine/rule/server/blood/controller/BloodWebController.java
index 94355545..3bc667ae 100644
--- a/io.sc.engine.rule.server/src/main/java/io/sc/engine/rule/server/blood/controller/BloodWebController.java
+++ b/io.sc.engine.rule.server/src/main/java/io/sc/engine/rule/server/blood/controller/BloodWebController.java
@@ -5,6 +5,7 @@ import io.sc.engine.rule.server.model.vo.ModelVo;
 import io.sc.engine.rule.server.resource.vo.ResourceVo;
 import io.sc.platform.orm.service.support.QueryParameter;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.repository.query.Param;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
@@ -17,8 +18,13 @@ import java.util.Locale;
 public class BloodWebController {
     @Autowired BloodService bloodService;
 
-    @GetMapping("findByCodeOrNameContains")
-    public List<ResourceVo> findByCodeOrNameContains(QueryParameter queryParameter) throws Exception {
-        return bloodService.findByCodeOrNameContains(queryParameter);
+    @GetMapping("findResourcesByParameterCodeAndNameAndType")
+    public List<ResourceVo> findResourcesByParameterCodeAndNameAndType(QueryParameter queryParameter) throws Exception {
+        return bloodService.findResourcesByParameterCodeAndNameAndType(queryParameter);
+    }
+
+    @GetMapping("findResourcesByIndicator")
+    public List<ResourceVo> findResourcesByIndicator(@Param("libCode")String libCode,@Param("libVersion")Integer libVersion,@Param("indicatorCode")String indicatorCode) throws Exception {
+        return bloodService.findResourcesByIndicator(libCode,libVersion,indicatorCode);
     }
 }
diff --git a/io.sc.engine.rule.server/src/main/java/io/sc/engine/rule/server/blood/service/BloodService.java b/io.sc.engine.rule.server/src/main/java/io/sc/engine/rule/server/blood/service/BloodService.java
index 273b60e4..d1d876e3 100644
--- a/io.sc.engine.rule.server/src/main/java/io/sc/engine/rule/server/blood/service/BloodService.java
+++ b/io.sc.engine.rule.server/src/main/java/io/sc/engine/rule/server/blood/service/BloodService.java
@@ -1,11 +1,11 @@
 package io.sc.engine.rule.server.blood.service;
 
-import io.sc.engine.rule.server.model.vo.ModelVo;
 import io.sc.engine.rule.server.resource.vo.ResourceVo;
 import io.sc.platform.orm.service.support.QueryParameter;
 
 import java.util.List;
 
 public interface BloodService {
-    public List<ResourceVo> findByCodeOrNameContains(QueryParameter queryParameter) throws Exception;
+    public List<ResourceVo> findResourcesByParameterCodeAndNameAndType(QueryParameter queryParameter) throws Exception;
+    public List<ResourceVo> findResourcesByIndicator(String libCode,Integer libVersion,String IndicatorCode) throws Exception;
 }
diff --git a/io.sc.engine.rule.server/src/main/java/io/sc/engine/rule/server/blood/service/impl/BloodServiceImpl.java b/io.sc.engine.rule.server/src/main/java/io/sc/engine/rule/server/blood/service/impl/BloodServiceImpl.java
index 12ec6879..76207e41 100644
--- a/io.sc.engine.rule.server/src/main/java/io/sc/engine/rule/server/blood/service/impl/BloodServiceImpl.java
+++ b/io.sc.engine.rule.server/src/main/java/io/sc/engine/rule/server/blood/service/impl/BloodServiceImpl.java
@@ -1,13 +1,11 @@
 package io.sc.engine.rule.server.blood.service.impl;
 
 import io.sc.engine.rule.server.blood.service.BloodService;
-import io.sc.engine.rule.server.model.entity.ModelEntity;
 import io.sc.engine.rule.server.model.entity.ParameterEntity;
+import io.sc.engine.rule.server.model.entity.parameter.IndicatorParameterEntity;
 import io.sc.engine.rule.server.model.repository.ParameterRepository;
 import io.sc.engine.rule.server.model.service.ModelService;
 import io.sc.engine.rule.server.model.service.ParameterService;
-import io.sc.engine.rule.server.model.vo.ModelVo;
-import io.sc.engine.rule.server.resource.entity.ResourceEntity;
 import io.sc.engine.rule.server.resource.service.ResourceService;
 import io.sc.engine.rule.server.resource.vo.ResourceVo;
 import io.sc.platform.orm.service.support.QueryParameter;
@@ -17,6 +15,7 @@ import io.sc.platform.orm.util.EntityVoUtil;
 import io.sc.platform.util.ObjectMapperUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
+import org.springframework.util.StringUtils;
 
 import java.util.*;
 
@@ -28,7 +27,7 @@ public class BloodServiceImpl implements BloodService {
     @Autowired private ResourceService resourceService;
 
     @Override
-    public List<ResourceVo> findByCodeOrNameContains(QueryParameter queryParameter) throws Exception {
+    public List<ResourceVo> findResourcesByParameterCodeAndNameAndType(QueryParameter queryParameter) throws Exception {
         if(!queryParameter.existsCriteria()) {
             return Collections.emptyList();
         }
@@ -75,4 +74,57 @@ public class BloodServiceImpl implements BloodService {
         queryParameter.setCriterias(criterias);
         return EntityVoUtil.toVo(resourceService.list(queryParameter));
     }
+
+    @Override
+    public List<ResourceVo> findResourcesByIndicator(String libCode, Integer libVersion, String indicatorCode) throws Exception {
+        if(!StringUtils.hasText(libCode) || libVersion==null) {
+            return Collections.emptyList();
+        }
+        // 查询参数
+        List<IndicatorParameterEntity> entities =null;
+        if(StringUtils.hasText(indicatorCode)) {
+            entities = parameterService.getRepository().findIndicatorParameterEntityByIndicatorCode(libCode, libVersion, indicatorCode);
+        }else{
+            entities = parameterService.getRepository().findIndicatorParameterEntityByLibCodeAndVersion(libCode, libVersion);
+        }
+        if(entities==null || entities.isEmpty()){
+            return Collections.emptyList();
+        }
+
+        // 获取参数 IDS
+        Set<String> parameterIds = new LinkedHashSet<>();
+        if (entities != null && !entities.isEmpty()) {
+            for (ParameterEntity entity : entities) {
+                parameterIds.add(entity.getId());
+            }
+        }
+        if(parameterIds==null || parameterIds.isEmpty()){
+            return Collections.emptyList();
+        }
+
+        // 获取参数对应的资源 IDS
+        Set<String> resourceIds =new LinkedHashSet<>();
+        if (!parameterIds.isEmpty()) {
+            for (String id : parameterIds) {
+                resourceIds.add(modelService.findRootModelByParameterId(id).getResource().getId());
+            }
+        }
+        if(resourceIds==null || resourceIds.isEmpty()){
+            return Collections.emptyList();
+        }
+
+        // 重新构建查询条件, 并保留排序字段
+        InSet inSet =new InSet();
+        inSet.setFieldName("id");
+        inSet.setValue(resourceIds.toArray(new String[]{}));
+
+        List<Criteria> criterias =new ArrayList<>();
+        criterias.add(inSet);
+        QueryParameter queryParameter =new QueryParameter();
+        queryParameter.setCriterias(criterias);
+        queryParameter.addSortBy("type");
+        queryParameter.addSortBy("namec");
+        queryParameter.addSortBy("version");
+        return EntityVoUtil.toVo(resourceService.list(queryParameter));
+    }
 }
diff --git a/io.sc.engine.rule.server/src/main/java/io/sc/engine/rule/server/model/repository/ParameterRepository.java b/io.sc.engine.rule.server/src/main/java/io/sc/engine/rule/server/model/repository/ParameterRepository.java
index 329c46ab..eafe34d7 100644
--- a/io.sc.engine.rule.server/src/main/java/io/sc/engine/rule/server/model/repository/ParameterRepository.java
+++ b/io.sc.engine.rule.server/src/main/java/io/sc/engine/rule/server/model/repository/ParameterRepository.java
@@ -40,6 +40,9 @@ public interface ParameterRepository extends DaoRepository<ParameterEntity,Strin
 	
 	@Query("select e from IndicatorParameterEntity e where e.libCode=:libCode")
 	public List<IndicatorParameterEntity> findIndicatorParameterEntityByLibCode(@Param("libCode")String libCode);
+
+	@Query("select e from IndicatorParameterEntity e where e.libCode=:libCode and e.libVersion=:libVersion")
+	public List<IndicatorParameterEntity> findIndicatorParameterEntityByLibCodeAndVersion(@Param("libCode")String libCode,@Param("libVersion")Integer libVersion);
 	
 	@Query("select e from IndicatorParameterEntity e where e.libCode=:libCode and e.libVersion=:libVersion and e.indicatorCode=:indicatorCode")
 	public List<IndicatorParameterEntity> findIndicatorParameterEntityByIndicatorCode(@Param("libCode")String libCode,@Param("libVersion")Integer libVersion,@Param("indicatorCode")String indicatorCode);
@@ -55,6 +58,4 @@ public interface ParameterRepository extends DaoRepository<ParameterEntity,Strin
 	
 	@Query("select e from OutParameterEntity e where e.model.id in :ids")
 	public List<OutParameterEntity> findOutParameterEntityByModelIds(@Param("ids") Set<String> modelIds);
-
-	public List<ParameterEntity> findByCodeOrNameContains(@Param("code")String code, @Param("name")String name);
 }
diff --git a/io.sc.platform.jdbc/src/main/java/io/sc/platform/jdbc/util/SqlInjectionPreventer.java b/io.sc.platform.jdbc/src/main/java/io/sc/platform/jdbc/util/SqlInjectionPreventer.java
new file mode 100644
index 00000000..041fa70f
--- /dev/null
+++ b/io.sc.platform.jdbc/src/main/java/io/sc/platform/jdbc/util/SqlInjectionPreventer.java
@@ -0,0 +1,30 @@
+package io.sc.platform.jdbc.util;
+
+/**
+ * 防止 SQL 注入工具类
+ */
+public class SqlInjectionPreventer {
+    private static final String[] STRING_ESCAPED_CHARACTERS = {
+            "'", "\"", "\\", "&", ",", ";", " "
+    };
+
+    public static String escapeString(String input) {
+        StringBuilder escaped = new StringBuilder();
+        for (char c : input.toCharArray()) {
+            if (isEscapeCharacter(c)) {
+                escaped.append('\\');
+            }
+            escaped.append(c);
+        }
+        return escaped.toString();
+    }
+
+    public static boolean isEscapeCharacter(char c) {
+        for (String escapeChar : STRING_ESCAPED_CHARACTERS) {
+            if (c == escapeChar.charAt(0)) {
+                return true;
+            }
+        }
+        return false;
+    }
+}