Security Research TCP / IP Protocol For Industrial Control Network Remote Data Communication Gateways Based Technology

With the development of information technology, industrial control network based on TCP/IP has been widely used in industrial control network, makes the local industrial control networks became possible to communicate through the Internet,due to the Internet using TCP/IP protocol can not be remote communication data confidentiality and integrity security services, remote communication between the industrial control network directly through the Internet, the data in the Internet transmission process will inevitably encounter the threat of network attacks, in order to ensure that the remote control network between the communication security, the need for the previous data in the communication process to provide appropriate security services to meet the security needs of the industrial control network for remote communication.This paper takes China Railway Large Maintenance Machinery Group Co.Ltd.Kunming’s tamping machine project as the background, research-based remote secure communication between the industrial control network of the TCP/IP protocol, Papers in remote communication between industrial control network based on communication gateway, according to the industrial control network security needs of remote communication, have designed and implemented of the communications gateway security mechanisms.The safety mechanism is composed of five modules,wherein system management module which correspond each module orderly work, node management module to authenticate the device in the internal network and for remote communication, realize the reliability of the data source, the access control module through the node management module provides equipment list for access to data filtering, realize the controllability of in and out of the data management,communication negotiation module negotiation communication consistent for both sides of communication, data processing module according to the communication negotiation module generate communication list for access to authentication and encryption of data, to provide access to the data source client-side authentication, confidentiality and integrity protection of the security services.Finally enabled security mechanisms communication gateway remote communication test results show that using the security mechanisms of the communications gateway in the remote communication process can be effective to provide protection for the data to meet the design requirements.