摘要
可编程逻辑控制器在工业控制系统中扮演着重要的角色,但近年来公开的PLC安全漏洞却呈现逐年增加的态势。针对PLC开展漏洞防御技术研究,对提高工控系统安全具有重要意义。文中基于控制流完整性,提出了一种针对PLC的控制流完整性防御机制来保护PLC免受漏洞劫持。该防御机制通过检查PLC程序中的控制转移指令,基于插桩技术插入校验指令以确保程序按照原有的控制流程图执行,以此保护PLC免受攻击者劫持。为了有效地保证PLC的实时性,引入了循环的影子堆栈。文中所提方案有效地保护了PLC免受漏洞劫持,防御机制的性能开销在平均情况下仅约为3.6%。
PLC plays an important role in industrial control systems.However,the security vulnerability of PLC disclosed in recent years has increased year by year.Carrying out the research on defense technology of vulnerability for PLC is of great significance for improving the security of industrial control system.Based on the control-flow integrity,this study proposes a defense mechanism using control-flow integrity for PLC to protect PLC from vulnerability hijacking.This defense mechanism protects the PLC from being hijacked by attackers through checking the control transfer instruction in the PLC program and inserting check instruction based on pile technology to ensure that the program is executed according to the original control-flow graph.In order to effectively guarantee the real-time performance of the PLC,a cyclic shadow stack is introduced.The proposed scheme effectively protects the PLC from vulnerability hijacking,and the performance overhead of the defense mechanism is only about 3.6%on average.
作者
陈大伟
徐茹枝
CHEN Dawei;XU Ruzhi(School of Control and Computer Engineering,North China Electric Power University,Beijing 102206,China)
出处
《电子科技》
2021年第2期33-37,共5页
Electronic Science and Technology
基金
北京市自然科学基金(4182060)。
关键词
PLC
漏洞
控制流劫持
控制流完整性
工业控制系统
工控安全
PLC
vulnerabilities
control-flow hijacking
control-flow integrity
industrial control system
security of industrial control system