摘要
针对工业控制网络信息安全以及病毒防护,以广泛应用的ModbusTCP为研究对象,采用ModbusTCP通信协议深度解析检测与网络层防火墙功能相结合,设计了Modbus TCP的专用工业网络状态安全监视器。根据配置策略实现未授权设备的非法访问、网络状态、异常报文的识别,采用边界法实现Modbus关键数据的监测,提出并实现了基于工艺关系的安全监视策略。实验结果表明,该工具在不影响正常网络通信的情况下,针对要保护的关键设备,可从网络层、数据流量、设备关键数据以及工艺关系等多层次进行保护,当有非法入侵访问时实时显示具体报警信息,对当前的工业网络安全具有重要意义。
For the industrial network security and virus protection,A special industrial Ethernet security monitor with industrial network layer firewall and depth detection on Modbus TCP is designded for protecting industrial control network.According to the configuration of safety strategy,the monitor can detect unauthorized access,network status and abnormal message,and the critical data of Modbus by using the boundary method,a security monitoring strategy based on process relation is proposed and implemented.Display alarm information and give Suggestions for processing.After testing,the results show that the tools has no influence on the normal industrial control network,the key device can be protected from multiple levels,such as network layer,data flow,key equipment data and process relations.and can effectively detect the exception of industrial control network based on the configuration strategy.
作者
韩丹涛
赵艳领
公彦杰
Han Dantao;Zhao Yanling;Gong Yanjie(Instrumentation Technology&Economy Institute,Beijing 100055,China)
出处
《电子测量技术》
2019年第8期110-114,共5页
Electronic Measurement Technology
基金
工信部2016年智能制造综合标准化与新模式应用专项"电子信息产品智能工厂/数字化车间物流综合标准化及试验验证"项目资助
