摘要
随着现代化工业网络的不断发展,越来越多的工控网络安全问题层出不穷。在工控网络中Modbus协议应用最为普遍。然而Modbus工控网络却没有安全通信的机制,极易受到恶意攻击。根据文献追踪来看,目前还没有效的解决方案。为解决这些安全问题,提出了针对Modbus工控网络主从设备的认证模型、双重认证算法以及算法的配置方案。该算法利用了哈希链以及对称加密的一些特点,是针对Modbus工控网络主从设备有限的计算和存储能力而设计的轻量型认证算法。通过安全性分析可知,该认证算法能有效抵御常见Modbus工控网络的安全问题,并且算法的配置方案能有效减小认证算法对主从设备通信的干扰。
With the development of modern industrial networks,more and more security problems appear.The Modbus protocol application is widely used in the industrial control network.However,the Modbus protocol is not secure,thus,it is vulnerable to malicious attacks.As far as is known there is no effective solution till now.In order to solve these security problems,this paper presents a dual authentication model,algorithm and configuration scheme for master and slave devices of Modbus based industrial network.The algorithm utilizes some features of Hash chain and symmetric encryption,and it is a lightweight authentication algorithm designed for the limited computing and storage capacity of Modbus based remote control system.The security analysis shows that the authentication algorithm can effectively resist the security problems of the common Modbus based industrial control network,and the algorithm configuration scheme can effectively reduce the interference of the authentication algorithm to the master and slave devices.
作者
张玉鹏
温蜜
ZHANG Yupeng;WEN Mi(School of Automation Engineering,Shanghai University of Electric Power,Shanghai 200090,China;School of Computer Science and Technology,Shanghai University of Electric Power,Shanghai 200090,China)
出处
《计算机工程与应用》
CSCD
北大核心
2018年第20期93-98,共6页
Computer Engineering and Applications
基金
国家自然科学基金(No.61572311
No.61602295)
上海市曙光计划(No.16SG47)
上海市地方能力项目(No.15110500700)
关键词
Modbus工控网络
安全通信
认证算法
哈希链
对称加密
安全性分析
Modbus industrial control network
secure communication
authentication algorithm
Hash chain
symmetric encryption
security analysis
