摘要
针对可编程逻辑控制器(PLC)设备安全性评估的需求,在通用标准(CC)的基础上,对PLC保护轮廓(PP)进行研究,重点分析梳理PLC安全环境中存在的假设、威胁和组织安全策略,进而推导出其安全目的,最后提出对应的安全要求,用于PLC设备的安全性评估和开发。利用此PP,针对PLC的组态下装中仿冒身份的安全威胁,提出基于SM3算法的挑战-响应动态口令机制实现PLC与上位机的身份的验证。
As the security evaluation for Programmable Logic Controller is required, based on Common Criteria, Protection Profile is dasigned for PLC. Analysis on security environment (include threats, assumptions, organizational security policies) is mainly performed, following corresponding security objectives is deduced, so that security requirements are proposed. The PLC protection profile can be widely applied to security evaluation and development of PLC. Using this PLC PP, a dynamic password system is praided based on challenge/response mechanism and SM3 to solve the threaten of insecure authentication between PLC and upper computer.
作者
张钟
傅一帆
王皓
张晓莉
王毅璇
ZHANG Zhong;FU Yi-fan;WANG Hao;ZHANG Xiao-li;WANG Yi-xuan(National Computer System Engineering Research Institute of China, Beijing 102209 China)
出处
《自动化技术与应用》
2019年第5期87-91,共5页
Techniques of Automation and Applications
关键词
PLC
通用准则
保护轮廓
PLC
common criteria
protection profile