| With the development of industrial informatization, information technology’s influence on the industry is getting deeper, the threat in the field of traditional information security is gradually spreading to the field of industrial control system. Issues of the industrial control system security have become increasingly prominent. Due to the closure of supervisory control and data acquisition in industrial control system and the lack of security software development specifications, the software development process of SCADA software pays less attention on security.There must be more safety defects existing during the development of SCADA softwares. Therefore, how to improve the security of SCADA software is the primary problem that we need to solve.Based on the functional analysis of the target supervisory control and data acquisition in industrial control system, this essay, in turn, positioning the key modules, reversing analysis and the corresponding camouflage modules, add the corresponding protection strategy in the camouflage modules, in order to implement the security protection of the key modules in this software.First of all, write the corresponding Pintools based on the Pin platform, acquire the execution traces information of the closed source software.Then, obtain the key modules of the software through statistics and analysis of the execution information in software execution traces. According to the different instrumentation granularity, this paper presents two methods on positioning of the key modules: The key modules positioning method based on the comparison of execution traces at the instruction level and the key modules positioning method based on the coverage of execution traces at the routine level. Both trespectively get the key modules of the software from the instruction and the routine level.And then, make semi-automatic reverse analysis on the obtained key modules, get the specific information of the function in these modeles, such as function parameters, the function return value, etc.Finally, based on the idea of DLL hijack, intercept and capture the executi on flow in the process of the execution of the software, so as to make the corresponding safety testing before the calling of these functions. Before and after the execution of the function in the original modules, this paper gathered the parameters and return value of the function. According to the data testing strategy and testing results, subsequent operations will be conducted.After the testing in Win CC, one of the supervisory control and data acquisition in industrial control system,feasibility and effectiveness of this method have been proved. According to the research of this article, different security tasks can be completed through different security detection strategies,which provides a new train of thought for closed source SCADA software safet y protection. |
PDF Full Text Request