| Industrial control system plays an important role in the fields related to the national economy and power, transportation, etc. It has been facing the Internet security threats, such as viruses, Trojans, and hackers because of the widely use of general purpose protocols and hardware equipment. Modbus TCP/IP protocol is widely used in industrial control systems, but it has some defects including no certification, no authorization, and plaintext transmission, thus it has serious impacts on the security of industrial control systems. So it is worth studying how to enhance the security of the network which uses the Modbus TCP/IP without replacing the protocol and equipment.This thesis focuses on the defects mentioned above, and designs a model to promote Modbus TCP/IP protocol’s security and achieves the following main modules:(1) Kernel module. This module gets the Modbus TCP/IP packets and makes a simple connection authentication based on the IP address and physical address.(2) Filter module. This module filters the Modbus TCP/IP packets by using white list. It filters the function code, coil register address, and data. And it also checks the packet format and drops the invalid packet.(3) Encryption and decryption module. This module uses hybrid encryption method to protect Modbus TCP/IP data. AES algorithm is used to encrypt the data, and RSA is used to encrypt the key.(4) Configuration module. This module configures the program and white list.(5) Logging module. This module records the filtering message.Experimental results show that this system works well as designed. Compared with the Tofino’s similar product, our system almost has the same performance with extra data filter and improves the security. Compared with SSLVPN, encryption and decryption module reduces the delay time and overcomes the middle attack in VPN. The whole system improves Modbus TCP/IP security and has practical value. |
PDF Full Text Request