Content-based deep communication control for networked control system
作者: Ming Wan , Wenli Shang , Linghe Kong , Peng Zeng
DOI: 10.1007/S11235-016-0223-X
关键词:
摘要: In smart cities, the networked control system plays a significant role in transportation systems, power stations or other critical infrastructures, and it is facing many security issues. From this point, paper proposes content-based deep communication approach to guarantee its security. Based on layer architecture, analyzes interactive content depth according different industrial protocols, implements access between two distinct enclaves. For OPC Classic, we acquire dynamic port provided by server, open new connection belonging port; for Modbus/TCP, not only analyze ordinary function codes addresses, but also check register coil values using multi-bit Trie-tree matching algorithm. Besides, white-listing strategy introduced satisfy special requirements of communication. Our experiment results show that, one hand proposed provides Modbus/TCP defenses depth; has less than 1 ms forwarding latency 0 packet loss rate when rule number reaches 200, all these meet availability system. particular, been successfully applied several real-world petrochemical systems.
springer.com
sci-hub.se 参考文章(21)
Katherine R. Davis, Charles M. Davis, Saman A. Zonouz, Rakesh B. Bobba, Robin Berthier, Luis Garcia, Peter W. Sauer, A Cyber-Physical Modeling and Assessment Framework for Power Grid Infrastructures IEEE Transactions on Smart Grid. ,vol. 6, pp. 2464- 2475 ,(2015) , 10.1109/TSG.2015.2424155
Dorottya Papp, Zhendong Ma, Levente Buttyan, Embedded systems security: Threats, vulnerabilities, and attack taxonomy conference on privacy security and trust. pp. 145- 152 ,(2015) , 10.1109/PST.2015.7232966
Zakarya Drias, Ahmed Serhrouchni, Olivier Vogel, Taxonomy of attacks on industrial control protocols 2015 International Conference on Protocol Engineering (ICPE) and International Conference on New Technologies of Distributed Systems (NTDS). pp. 1- 6 ,(2015) , 10.1109/NOTERE.2015.7293513
Artemios G. Voyiatzis, Konstantinos Katsigiannis, Stavros Koubias, A Modbus/TCP Fuzzer for testing internetworked industrial systems 2015 IEEE 20th Conference on Emerging Technologies & Factory Automation (ETFA). pp. 1- 6 ,(2015) , 10.1109/ETFA.2015.7301400
Béla Genge, Christos Siaterlis, Igor Nai Fovino, Marcelo Masera, A cyber-physical experimentation environment for the security analysis of networked industrial control systems Computers & Electrical Engineering. ,vol. 38, pp. 1146- 1161 ,(2012) , 10.1016/J.COMPELECENG.2012.06.015
Maryna Krotofil, Dieter Gollmann, Industrial control systems security: What is happening? international conference on industrial informatics. pp. 670- 675 ,(2013) , 10.1109/INDIN.2013.6622964
Igor Nai Fovino, Alessio Coletta, Andrea Carcano, Marcelo Masera, Critical State-Based Filtering System for Securing SCADA Network Protocols IEEE Transactions on Industrial Electronics. ,vol. 59, pp. 3943- 3950 ,(2012) , 10.1109/TIE.2011.2181132
Wei Zhao, Feng Xie, Yong Peng, Yang Gao, Xuefeng Han, Haihui Gao, Dejin Wang, Security Testing Methods and Techniques of Industrial Control Devices 2013 Ninth International Conference on Intelligent Information Hiding and Multimedia Signal Processing. pp. 433- 436 ,(2013) , 10.1109/IIH-MSP.2013.114
Weirong Jiang, Viktor K. Prasanna, Data Structure Optimization for Power- Efficient IP Lookup Architectures IEEE Transactions on Computers. ,vol. 62, pp. 2169- 2182 ,(2013) , 10.1109/TC.2012.199
M. H. Schwarz, J. Borcsok, A survey on OPC and OPC-UA: About the standard, developments and investigations 2013 XXIV International Conference on Information, Communication and Automation Technologies (ICAT). pp. 1- 6 ,(2013) , 10.1109/ICAT.2013.6684065