摘要
为更好地开展工业控制系统信息安全研究,设计了一种工业控制系统信息安全实验平台。包括攻击端、防护模块、防护规则配置端、监控端和控制器等硬件模块的工业控制系统信息安全平台拓扑架构,以及拒绝服务攻击和伪造数据包攻击与防护的整个过程;设计了信息安全平台的软件框架,并以Modbus/TCP协议为例进行了深度包解析设计。最终,通过实验和测试,验证了设计的工业控制系统信息安全实验平台的性能。
According to the requirements of information security of the industrial control system, we designed an experiment platform based on Modbus/TCP communication protocol. This paper introduces the experimental environment and topology of the information security platform, which includes the complete progress of attacking and protecting and hardware modules such as the attack end, protection module, rule configuration module, monitoring module and controller. We designed the software framework of the platform, which is divided to deep packet analysis of application layer and access control of the deep packet analysis. Here, the application layer includes the function code of the Modbus/TCP protocol, the length of application layer data, coil address, port number and protocol ID. The combination of software and hardware forms the protection module of the information security experiment platform of industrial control system. The protection performance of the platform is proven through practical demonstration.
出处
《实验室研究与探索》
CAS
北大核心
2016年第12期118-121,共4页
Research and Exploration In Laboratory
基金
四川省科技支撑计划项目(2015GZ0105)
