摘要
根据EPA控制网络系统安全的要求,提出了一种跨越OSI模型多层安全机制的嵌入式EPA网桥设计方案。首先给出了嵌入式EPA网桥的工作原理及其功能结构,并结合EPA协议和嵌入式操作系统的多任务调度机制,提出了采用各微网段信息传输的逻辑隔离方法来实现EPA现场信息传输的安全性;最后给出一种嵌入式EPA安全网桥的硬件实施方案和网桥端口报文收发及基于安全机制报文信息处理的软件流程。测试结果表明,EPA安全网桥能够有效地保障现场设备层的报文转发和网络信息安全,并具有较低的报文转发延迟。
Based on safety requirement of Ethernet for plant automation (EPA) system, a new design scheme of embedded EPA bridge was presented with security mechanism across multi-layers in OSI model. Firstly, working principle and function framework of the embedded EPA bridge are given, then combining with EPA protocol and muhitask scheduling mechanism of embedded operation system, the logical isolation method for message transmission of every micro-segment is adopted to realize the security performance of EPA field message transmission. Finally, the hardware implementation scheme of embedded EPA safety bridge is designed, and the software flows of port message sending or receiving and message information processing with security mechanism are given. Test results show that the EPA safety bridge can effectively guarantee the message transmission and the security of network communication in the field device layer, and it has less delay time for message transmission.
出处
《仪器仪表学报》
EI
CAS
CSCD
北大核心
2008年第2期289-294,共6页
Chinese Journal of Scientific Instrument
基金
国家863/CIMS计划项目(2006AA040301)资助
关键词
EPA
安全机制
微网段
信息隔离
安全网桥
Ethernet for plant automation (EPA)
security mechanism
micro-segment
message isolation
safety bridge
