| With the continuous development and evolution of industrialization and informationization, more and more traditional computer technology have been widely used in the industrial automation control field, such as aerospace, food manufacturing, transportation, pharmaceutical and petroche-mical, power and water. At present, more than80%key infrastructure invo-lved to the people’s livelihood depend on industrial control system to realize the automatic operation. Therefore, the industrial control system security is related to national strategic security.However, since "Earthquake Network" in2010, a series of industrial safety event indicates that industrial control system is facing the serious threat of attack, security issues of industrial control system become prominent increasingly.There is too much difference between the field of industrial control system security and the field of traditional information security, the industrial control system has higher requirement to equipment in availability, real-time, controllability and so on. Therefore, finding out the industrial control system vulnerabilities timely and accurately can help us win the war of industrial control system security. However, the traditional technology of vulnerability scanning mostly based on Internet, and can not be timely found vulnerabilities in the industrial control system. Moreover, many industry control system equipment is very fragile, and can not withstand the burden leaded by frequent scanning from traditional vulnerability scanning technology.This paper puts forward a kind of industrial control system vulnerability scanning method based on hierarchical detection by studying industrial control system communication protocol, improving the method of detection in traditional network and combining network detection and system detection,based on the disadvantage of traditional vulnerability scanning technology can not scan the vulnerability of industrial control system effectively. The main work in the paper are:1. Summarizes the traditional vulnerability scanning technology, and analyzes the difference between industrial control system and traditional network. By reading the relevant literature and data, summarizes the classification and main methods of traditional vulnerability scanning techno-logy, and analyzes the difference between industrial control system and traditional network in typical characteristics and the security mechanism.2. Studies the industrial control system communication protocol, and proposes a kind of industrial control system vulnerability scanning method based on hierarchical detection. By studying PROFINET real-time communication standard, proposes a kind of industrial control system vulnerability scanning method based on hierarchical detection, the method is composed by industrial control system detection and data comparison, the industrial control system detection part detects the industrial control system from the network level and system level, the data comparison part matches the industrial control system vulnerabilities by comparison of industrial control system detail information gotten in the industrial control system detection part and industrial control system vulnerabilitiy database.3. Designs and implements the ICS vulnerability scanning system, and tests the ICS vulnerability scanning system. Based on the study of industrial control system vulnerability scanning method, designs the architecture of ICS vulnerability scanning system, and implements the industrial control system detection module and data comparison module, builds an experimental environment based on Siemens industrial control system, and tests the ICS vulnerability scanning system, the result of the test shows that the industrial control system vulnerability scanning method based on hierarchical detection proposed in the paper can scan vulnerabilities of industrial control system effectively. |
PDF Full Text Request