期刊文献+

工控系统中PLC安全漏洞及控制流完整性研究 被引量:4

Research on Security Vulnerabilities and Control Flow Integrity of PLC in Industrial Control System
下载PDF
导出
摘要 可编程逻辑控制器在工业控制系统中扮演着重要的角色,但近年来公开的PLC安全漏洞却呈现逐年增加的态势。针对PLC开展漏洞防御技术研究,对提高工控系统安全具有重要意义。文中基于控制流完整性,提出了一种针对PLC的控制流完整性防御机制来保护PLC免受漏洞劫持。该防御机制通过检查PLC程序中的控制转移指令,基于插桩技术插入校验指令以确保程序按照原有的控制流程图执行,以此保护PLC免受攻击者劫持。为了有效地保证PLC的实时性,引入了循环的影子堆栈。文中所提方案有效地保护了PLC免受漏洞劫持,防御机制的性能开销在平均情况下仅约为3.6%。 PLC plays an important role in industrial control systems.However,the security vulnerability of PLC disclosed in recent years has increased year by year.Carrying out the research on defense technology of vulnerability for PLC is of great significance for improving the security of industrial control system.Based on the control-flow integrity,this study proposes a defense mechanism using control-flow integrity for PLC to protect PLC from vulnerability hijacking.This defense mechanism protects the PLC from being hijacked by attackers through checking the control transfer instruction in the PLC program and inserting check instruction based on pile technology to ensure that the program is executed according to the original control-flow graph.In order to effectively guarantee the real-time performance of the PLC,a cyclic shadow stack is introduced.The proposed scheme effectively protects the PLC from vulnerability hijacking,and the performance overhead of the defense mechanism is only about 3.6%on average.
作者 陈大伟 徐茹枝 CHEN Dawei;XU Ruzhi(School of Control and Computer Engineering,North China Electric Power University,Beijing 102206,China)
出处 《电子科技》 2021年第2期33-37,共5页 Electronic Science and Technology
基金 北京市自然科学基金(4182060)。
关键词 PLC 漏洞 控制流劫持 控制流完整性 工业控制系统 工控安全 PLC vulnerabilities control-flow hijacking control-flow integrity industrial control system security of industrial control system
  • 相关文献

参考文献1

二级参考文献15

共引文献16

同被引文献50

引证文献4

二级引证文献8

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部