Review of PLC Security Issues in Industrial Control System

Programmable Logic Controllers(PLC),core of industrial control systems,is widely used in industrial control systems.The security of PLC is the key to the security of industrial control systems.Nowadays,a large number of industrial control systems are connected to the Internet which exposes the PLC equipment to the Internet,and thus raising security concerns.First of all,we introduce the basic principle of PLC in this paper.Then we analyze the PLC code security,firmware security,network security,virus vulnerability and Modbus communication protocol by reviewing the previous related work.Finally,we make a summary of the current security protection methods.

Information Security Evaluation of Industrial Control Systems Using Probabilistic Linguistic MCDM Method

Industrial control systems(ICSs)are widely used in various fields,and the information security problems of ICSs are increasingly serious.The existing evaluation methods fail to describe the uncertain evaluation information and group evaluation information of experts.Thus,this paper introduces the probabilistic linguistic term sets(PLTSs)to model the evaluation information of experts.Meanwhile,we propose a probabilistic linguistic multi-criteria decision-making(PL-MCDM)method to solve the information security assessment problem of ICSs.Firstly,we propose a novel subscript equivalence distance measure of PLTSs to improve the existing methods.Secondly,we use the Best Worst Method(BWM)method and Criteria Importance Through Inter-criteria Correlation(CRITIC)method to obtain the subjective weights and objective weights,which are used to derive the combined weights.Thirdly,we use the subscript equivalence distance measure method and the combined weight method to improve the probabilistic linguistic Visekriterijumska Optimizacija I Kompromisno Resenje(PL-VIKOR)method.Finally,we apply the proposed method to solve the information security assessment problem of ICSs.When comparing with the existing methods such as the probabilistic linguistic Tomada deDecisão Iterativa Multicritério(PL-TODIM)method and probabilistic linguistic Technique for Order Preference by Similarity to Ideal Solution(PL-TOPSIS)method,the case example shows that the proposed method can provide more reasonable ranking results.By evaluating and ranking the information security level of different ICSs,managers can identify problems in time and guide their work better.

A New Intrusion Detection Algorithm AE-3WD for Industrial Control Network

In this paper,we propose a intrusion detection algorithm based on auto-encoder and three-way decisions(AE-3WD)for industrial control networks,aiming at the security problem of industrial control network.The ideology of deep learning is similar to the idea of intrusion detection.Deep learning is a kind of intelligent algorithm and has the ability of automatically learning.It uses self-learning to enhance the experience and dynamic classification capabilities.We use deep learning to improve the intrusion detection rate and reduce the false alarm rate through learning,a denoising AutoEncoder and three-way decisions intrusion detection method AE-3WD is proposed to improve intrusion detection accuracy.In the processing,deep learning AutoEncoder is used to extract the features of high-dimensional data by combining the coefficient penalty and reconstruction loss function of the encode layer during the training mode.A multi-feature space can be constructed by multiple feature extractions from AutoEncoder,and then a decision for intrusion behavior or normal behavior is made by three-way decisions.NSL-KDD data sets are used to the experiments.The experiment results prove that our proposed method can extract meaningful features and effectively improve the performance of intrusion detection.

Automated federated learning‐based adversarial attack and defence in industrial control systems

With the development of deep learning and federated learning(FL),federated intrusion detection systems(IDSs)based on deep learning have played a significant role in securing industrial control systems(ICSs).However,adversarial attacks on ICSs may compromise the ability of deep learning-based IDSs to accurately detect cyberattacks,leading to serious consequences.Moreover,in the process of generating adversarial samples,the selection of replacement models lacks an effective method,which may not fully expose the vulnerabilities of the models.The authors first propose an automated FL-based method to generate adversarial samples in ICSs,called AFL-GAS,which uses the prin-ciple of transfer attack and fully considers the importance of replacement models during the process of adversarial sample generation.In the proposed AFL-GAS method,a lightweight neural architecture search method is developed to find the optimised replacement model composed of a combination of four lightweight basic blocks.Then,to enhance the adversarial robustness,the authors propose a multi-objective neural archi-tecture search-based IDS method against adversarial attacks in ICSs,called MoNAS-IDSAA,by considering both classification performance on regular samples and adver-sarial robustness simultaneously.The experimental results on three widely used intrusion detection datasets in ICSs,such as secure water treatment(SWaT),Water Distribution,and Power System Attack,demonstrate that the proposed AFL-GAS method has obvious advantages in evasion rate and lightweight compared with other four methods.Besides,the proposed MoNAS-IDSAA method not only has a better classification performance,but also has obvious advantages in model adversarial robustness compared with one manually designed federated adversarial learning-based IDS method.

Real Time Automation and Ratio Control Using PLC&SCADA in Industry 4.0

Industrial Control Systems(ICS)and SCADA(Supervisory Control and Data Acquisition)systems play a critical role in the management and regulation of critical infrastructure.SCADA systems brings us closer to the real-time application world.All process and equipment control capability is typically provided by a Distributed Control System(DCS)in industries such as power stations,agricultural systems,chemical and water treatment plants.Instead of control through DCS,this paper proposes a SCADA and PLC(Programmable Logic Controller)system to control the ratio control division and the assembly line division inside the chemical plant.A specific design and implementation method for development of SCADA/PLC based real time ratio control and automated assembly line system in a chemical plant is introduced.The assembly line division is further divided into sorting stage,filling stage and the auxiliary stage,which includes the capping unit,labelling unit and then the storage.In the ratio control division,we have defined the levels inside the mixer and ratio of the raw materials through human machine interface(HMI)panel.The ratio of raw materials is kept constant on the basis of flow rates of wild stream and manipulated stream.There is a flexibility in defining new levels and the ratios of the raw materials inside the mixer.But here we taken the predefined levels(low,medium,high)and ratios(3:4,2:1,2:5).Control valves are used for regulating the flow of the compositions.In the assembly line division,the containers are sorted on the basis of size and type of material used i.e.,big sized metallic containers and small sized non-metallic containers by inductive and capacitive proximity sensors.All the processes are facilitated with laser beam type or reflective type sensors on the conveyor system.Building a highly stable and dependable PLC/SCADA system instead of Distributed Control System is required to achieve automatic management and control of chemical industry processes to reduce waste manpower and physical resources,as well as to improve worker safety.

Machine learning for intrusion detection in industrial control systems:challenges and lessons from experimental evaluation

Gradual increase in the number of successful attacks against Industrial Control Systems(ICS)has led to an urgent need to create defense mechanisms for accurate and timely detection of the resulting process anomalies.Towards this end,a class of anomaly detectors,created using data-centric approaches,are gaining attention.Using machine learning algorithms such approaches can automatically learn the process dynamics and control strategies deployed in an ICS.The use of these approaches leads to relatively easier and faster creation of anomaly detectors compared to the use of design-centric approaches that are based on plant physics and design.Despite the advantages,there exist significant challenges and implementation issues in the creation and deployment of detectors generated using machine learning for city-scale plants.In this work,we enumerate and discuss such challenges.Also presented is a series of lessons learned in our attempt to meet these challenges in an operational plant.

A note on diagnosis and performance degradation detection in automatic control systems towards functional safety and cyber security

This note addresses diagnosis and performance degradation detection issues from an integrated viewpoint of functionality maintenance and cyber security of automatic control systems.It calls for more research attention on three aspects:(i)application of control and detection uni ed framework to enhancing the diagnosis capability of feedback control systems,(ii)projection-based fault detection,and complementary and explainable applications of projection-and machine learning-based techniques,and(iii)system performance degradation detection that is of elemental importance for today's automatic control systems.Some ideas and conceptual schemes are presented and illustrated by means of examples,serving as convincing arguments for research e orts in these aspects.They would contribute to the future development of capable diagnosis systems for functionality safe and cyber secure automatic control systems.

研华三款产品赢得美国《Control Engineering》三个编辑选择奖

研华公司工业自动化事业群FPM-3170荣获美国《Control Engineering》杂志第三个编辑选择奖(Editor’s Choice Award)。头两个奖分别来自《Industrial Automation News》(ADAM-6500，3月；以及FPM-2150G．8月)。这两个产品都出现在他们相应月刊的IAN封面中。

基于RockwellControlLogix的烧结机烟气脱硫装置自动控制系统设计与实现

本文介绍了以罗克韦尔ControlLogix冗余PAC为核心的攀钢钒烧结机烟气脱硫装置自动控制系统。简述了烟气脱硫装置曲工艺流程及控制要求，着重描述了基于冗余PAC的该烟气脱硫控制系统的设计，主要包括系统硬件架构、采用RSView32组态软件的人机界面画面设计和采用RSLogix5000软件的PAC应用程序设计以及相关数据通信网络等。该系统实现了良好的自动化监控和管理功能。

半定量信息工业控制异构网络安全评估

工业控制系统的异构性及其与互联网深度融合给工控系统安全评估带来精度不高等诸多问题.本文提出一种基于半定量信息的工业异构网络安全态势评估模型,该模型可以提高评估精度,解决难以描述不确定性信息和难以契合工控异构网络复杂结构等现存问题.该方法将工业控制网络划分为不同异构子网,根据子网特点选取有针对性的评估属性,并使用性能优秀的ER规则对不同类型的评估属性进行融合,可以有效利用定性知识和定量数据,获得更加准确的评估结果.在多个实际工业控制网络数据集上进行评估实验得到的结果表明:本文提出的模型与网络安全评估实际参考值的均方根误差值比RF、BP、SVM模型分别降低了80.2%、40.8%和87.7%,验证了该模型的有效性和准确性.

产教融合理念下化工仪表及自动化课程教学改革探究

本文以产教融合理念为基础,针对化工仪表及自动化课程教学进行改革研究。以学生学习反应釜温度PID控制参数整定设置知识点为例,从理论教学和产业应用两个角度分析微分时间常数TD取值对温控系统过渡过程特性影响及调节阀流量特性和控制死区等因素对TD值的限制问题,提升学生深刻理解TD常数意义。在此基础上,提出教学改革措施,旨在提高学生的实践能力和创新意识。本研究表明,通过产教融合的教学模式和教学方法,可以显著提高学生的对化工自动化课程的学习效果,为其未来的职业发展打下坚实的基础。

干部考核标准化线上评议系统的研究和应用

本研究旨在探讨计算机和网络技术在政务部门的标准化应用情景研究,通过设计、研发、应用干部考核标准化线上评议系统,并在疫情特殊环境下得到应用,实现既符合疫情人群不聚集的要求,又加快推进线上考核评议工作标准化的进程,本文对其研究与应用进行了讨论和分析。这些结果对于深入理解政务业务标准化具有重要意义。

美国商务部工业与安全局情报工作透视

[研究目的]从情报学和情报工作专业视角研究美国商务部工业与安全局(The Bureau of Industry and Secur-ity of U.S.Department of Commerce,BIS)的情报工作,为新时期中国情报学和情报工作创新发展提供参考。[研究方法]通过BIS官方网站信息内容研究、官方网站重要文件研究、瓦森纳协定官方网站信息内容研究、BIS典型执法案例研究相结合的方法,研究BIS情报工作的全貌和精要。[研究结论]从情报学和情报工作专业视角对BIS的组织机构使命、组织网络、信息网络、人际网络、法律保障、典型情报工作、提升美国出口商情报能力的主要工作进行研究,揭示了BIS情报工作全貌、精要和最突出的关键成功因素。

新型ADETCS下工业信息物理系统综合安全控制

针对一类虚假数据注入(FDI)攻击与故障共存的工业信息物理系统(ICPS),在新型自适应离散事件触发通信机制(ADETCS)下,研究了综合安全控制与通信的协同设计问题。引入ADETCS取代传统离散事件触发通信机制,构建安全与通信可自适应协同优化运行的ICPS架构;通过对ADETCS中阈值函数的优化设计,获得一种可随系统动态行为双向连续变化的新型ADETCS;在该机制下,基于主动容侵和容错的思想,通过构造Lyapunov泛函,借助新型Bessel-Legebdre不等式、锥补线性化(CCL)等少保守性技术,在统一的自适应变采样框架下,推证出鲁棒估计器与综合安全控制器的求解方法,使ICPS可同时防御FDI攻击与故障,并具有更优的自适应通信调节能力。仿真结果表明:新型ADETCS中阈值函数的巧妙设计及CCL的应用,相较现存通信机制和设计方法,可使ICPS的综合安全控制性能与资源节约获得更优的折中平衡。

化工机械设备与电气自动化控制的有机融合探讨

现阶段,化工企业内的机械设备不断增多,这些导致机械设备的自动化控制难度更大,将化工机械设备和电气自动化控制有机融合,能够建立一个庞大有序的自动化控制体系,将全部的化工机械设备涵盖在内,为机械设备的自动化监管和控制提供有效的技术支持。对此,就化工机械设备和电气自动化控制有机融合的意义、目标以及特点进行了分析,说明了化工机械设备和电气自动化控制融合的关键技术,并探究了具体的融合的应用。

基于区块链隐私保护的工业网络输出指令安全控制算法设计

当前工业网络输出指令加密机制多为目标式和独立式,导致指令安全控制效果不理想,丢包率增加,为此提出基于区块链隐私保护的工业网络输出指令安全控制算法。设计工业网络指令安全控制辨识目标,将此目标导入初始的安全指令控制加密程序中,设置一个基础的控制指令。以其作为引导,进行安全控制目标的扩展及生成,对指令的内容进行多层级加密。在指令加密处理的基础上,根据输出指令安全控制指标及参数的限制,设计不同的安全控制标准和双向控制条件,将安全控制辨识目标导入当前的区块链双向控制结构中,形成一个具体细化的控制结构。在控制结构中,利用区块链技术将区块控制程序与重叠指令的控制程序关联起来,实现动态化的指令输出安全控制。实验结果表明:这种安全控制算法能够对全部工业网络输出指令数据进行加密处理,能够最大程度上保证工业网络输出指令隐私安全,丢包率在5.2%以下,控制正确率较高,具有较高的实际应用价值。

工控协议安全研究综述

工控协议安全是保障ICS稳定运行的关键,大量工控协议在设计阶段忽视了对安全性的考量,导致目前大部分主流工控协议普遍存在脆弱性问题。结合ICS架构和工控协议的发展特征,深入解析目前工控协议普遍面临的脆弱性问题和攻击威胁。同时,针对工控协议的潜在漏洞,深入分析基于静态符号执行、代码审计和模糊测试等工控协议漏洞挖掘技术,并从工控协议的规范设计、通信机制以及第三方中间件3个方面全面剖析协议设计的安全防护技术。另外,从沙箱研制、安全防护及漏洞挖掘等方面,对工控协议安全的未来发展趋势进行展望。

一种虚实结合的工控安全实训靶场平台设计

针对目前实体工控安全实训靶场不能开展多人同时在线操作的实验教学、攻防比赛、红蓝对抗,以及虚拟工控安全实训靶场不能基于应用层和实体设备开展攻击演示、漏洞扫描与挖掘、安全研究等问题.设计了一种虚实结合的工控安全实训靶场平台,通过融合实体设备仿真和虚拟化应用层仿真的能力,满足用户开展实验教学、攻防演练、红蓝对抗、漏洞扫描与挖掘、攻击效果演示以及安全研究等工作,为今后我国工控安全实训靶场建设提供参考依据.

SSPN-RA:基于SS-petri网的工业控制系统安全一体化风险评估方法

随着信息化与工业化的融合不断加深,工业控制系统中信息域与物理域交叉部分越来越多,传统信息系统的网络攻击会威胁工业控制系统网络。传统的工业控制系统安全评估方法只考虑功能安全的风险,而忽略了信息安全风险对功能安全的影响。文中提出一种基于改进petri网的工业控制系统功能安全和信息安全一体化风险建模方法(Safety and Security Petri Net Risk Assessment,SSPN-RA),其中包括一体化风险识别、一体化风险分析、一体化风险评估3个步骤。所提方法首先识别并抽象化工业控制系统中的功能安全与信息安全数据,然后在风险分析过程中通过构造结合Kill Chain的petri网模型,分析出功能安全与信息安全中所存在的协同攻击路径,对petri网中功能安全与信息安全节点进行量化。同时,通过安全事件可能性以及其造成的各类损失计算出风险值,实现对工业控制系统的一体化风险评估。在开源的仿真化工工业控制系统下验证该方法的可行性,并与功能安全故障树分析和信息安全攻击树分析进行对比。实验结果表明,所提方法能够定量地得到工业控制系统的风险值,同时也解决了功能安全与信息安全单一领域分析无法识别的信息物理协同攻击和安全风险问题。

工业控制系统网络安全防护体系建设研究

工业控制系统是国家关键基础信息系统,其安全性已提升到国家战略层面。随着工业化与信息化的深度融合,智能制造技术将打破传统的人机物协同边界,工业控制系统将直接面对来自网络的安全威胁。结合工业控制系统遭遇的网络病毒攻击事件,对照《信息安全技术网络安全等级保护基本要求》的通用要求,对工业控制系统的特性和面临的网络安全威胁进行了研究。提出了构建从通信网络、区域边界到计算环境的多层级、多层次安全防护,对网络监测运营平台和安全管理中心进行系统监控与管理的纵深防护体系。初步建成的工业控制系统网络安全防护体系经过网络安全等级保护测评与实践验证,可有效应对多种新型网络攻击、防止恶意软件的破坏、阻止恶意报文的传输,从而保护工业控制系统的安全运行。同时,工业控制系统遭遇网络病毒攻击后的应对措施及经验,对实战防御研究及防护体系的建设完善具有借鉴和指导意义。