摘要
针对目前工控终端设备易受远程代码攻击、系统固件缺乏安全校验的问题,以PLC为例,通过软硬件结合的方式构建可信的安全防护体系。采用Xilinx Zynq-7000工业级芯片搭建硬件环境,并通过嵌入式系统移植,在可信计算技术基础上,以协同处理的方式实现了快速加解密验证。用哈希(Hash)算法对PLC系统启动文件进行了完整性验证,保证了PLC系统的可信启动。试验结果验证了利用该方法保证终端设备安全的正确性及可行性,其能够为工业嵌入式设备构建安全可信的运行环境。
Aiming at the problems of current industrial control terminal equipment, such as vulnerable to remote code attacks and the system firmware lacks a security check, etc. , taking PLC as an example; the trusted security protection architecture is built through combining the hardware and software. By using Xilinx Zynq -7000 industrial - grade chip,the hardware environment is established; and through transplanting the embedded system, with the co - processing mode, the fast encryption and decryption verification are achieved on the basis of the trusted computing technology. Hash algorithm is used for checking the boot file integrity of PLC system,to ensure credible startup of PLC system. Thetest results verify the correctness and feasibility of using this method to ensure the safety of terminal equipment and to build a safe and reliable operating environment for industrial embedded devices.
出处
《自动化仪表》
CAS
2016年第12期76-78,共3页
Process Automation Instrumentation
基金
国家高新技术研究发展计划("863"计划)基金资助项目(编号:2015 AA043901-01)
国家住房和城乡建设部科学技术计划基金资助项目(编号:2016-K8-062)
关键词
智能制造
工业4.0
工业控制系统
信息安全
网络安全
安全防护体系
HASH算法
嵌入式PLC
Intelligent manufacturing Industry 4. 0 Industrial control system Information security Network security Safety protection system Hash algorithm Embedded PLC
