Industrial IOT Security Technology

With the development of science and technology, modern industrial production isincreasing the degree of automation, but the computing resources of the industrial controlsystems is limited, only take into account in the design efficiency and time-related features, sothey do not pay enough attention to control system network security, and duo to immaturethings, ever-changing virus and network attacks of industrial networking protocol, securityhas become one main bottlenecks constraining of Industrial IOT. Therefore, how toeffectively protect Industrial IOT security seemed imminent. The subject is based on thiscontext, started security-depth research on the network layer of Industrial IOT.To analyze current situation of Industrial IOT security technology, combined withIndustrial IOT security specifications, security threats and security policy, proposed the use ofstateful firewall to protect Industrial IOT security. Through the system requirements analysis,firewall technology comparison and modeling, establish the overall design of Industrial IOTstate inspection firewall.In order to meet the heuristic optimization algorithm need network topology mappingproblem, implement a Industrial IOT topology discovery protocol (TDL) based on the sensinglayer, derivation dummy devices determine rules of Industrial IOT based on incompleteknowledge.This Industrial IOT state inspection firewall in accordance with the way of programdesign can be divided in two parts: application and driver. Use VisualStudio2008to buildXnetFireWall applications to achieve a filtering rule configuration, packet capture and packetprocessing time statistics and other functions. The use of WDK to achieve the Industrial IOTstate inspection firewall driver that is divided into three functional devices: packet filteringdevice, the state inspection device and control processing device.Put firewall driver on the gateway protocol to solve existing Industrial IOT firewall can`tdetect all protocols. Use state machine to design establish a connection and disconnected stateinspection process, to avoid the security vulnerabilities. For connectionless protocols, usevirtual connection to achieve its state detection. Matching rate for state table the issue, thedesign of the match instead of using the hash table entries match-by-program, compared to thetraditional rule matching method, this method has increased by approximately5times faster.Dynamic management of time-out ways to avoid the Dos attacks and forged FIN packetnetwork attacks.Through package filtering module and state inspection module were tested. Test resultsshow that the underlying9600bps Token Ring and100M Ethernet composed of IndustrialIOT network environment, the state of things industry than the traditional firewall, packetfiltering firewall detection efficiency of34.865%, security test show Industrial IOT stateinspection firewall can protect the network packet attack, as the industry of things networkperimeter security devices that can effectively protect the network security industry things.