Design And Realization Of Multi-Protocol Industrial Network Security Isolation Equipment

With the development of China's industrial information, the industrial working site security is increasingly important. Information management s ystem provides high production efficiency, but also gives hackers the cha nce to the invade the network and take advantage of the machine. In the key industrial field like electricity, oil and so on, the one-way import tec hnology based on physical isolation can effectively protect the security of the industrial control network.This paper studies how to implement synchronization of the Oracle d atabase and Modbus protocol in one-way isolation method based on the o ne-way import technology. By analyzing the key technologies, the paper f irst design the infrastructure of the isolation equipment, including the con figuration analysis module, the initialization module, the producer consum er module, the communication module, data encoding and decoding modul es. Through the modular design, the system has gained strong scalability in business support.Based on the basic function module, the paper realizes and validates the synchronization of the database and the synchronization of the Modbus protocol.In database synchronization, the isolation system reads the synchronization table through the configuration file, and then the program creates a DML trigger to record the SQL execution statement and save it in the source database. The producer reads the operation record and calls the unidirectional optical network card to send the data, and the remote consumer program execution statement to achieve synchronization. In Modbus synchronization, the basic process is similar with database synchronization. Modbus synchronization achieve the Modbus server and client programs. The system's Modbus emulation client program reads the protected Modbus server data. After analyzing and processing, it calls the unidirectional optical network card to send to the Modbus simulation server of the system. Server-side in accordance with the shared memory technology to achieve data synchronization at the local side, then provide the external Modbus read request the correct response data after synchronization.