| Wireless industrial control network in nuclear power,transportation,machinery manufacturing and other fields widely used,the security issues and national infrastructure is closely related.Since 2010,"shock network" after the virus,for the wireless industrial control network attacks endless.In the wireless industrial control network,the transmission of data mainly includes field data and control data.Field data is mainly used to monitor and manage the production of the site,the control data is mainly used to control the production process.These two types of data are closely linked with the production of the product,in order to protect the wireless industrial control network in the two kinds of data can be safely transmitted,this paper has done the following work:(1)Explore the architecture of wireless industrial control network,analyze the vulnerability of wireless industrial control network data transmission,trace the causes of security threats in wireless industrial control network,summarize the requirements of secure data transmission in wireless industrial control network and wireless industry control the computing power of field devices in the network and other restrictions.(2)According to the characteristics of high real-time control loop and limited resources,a secure data transmission scheme is proposed.In the scheme,the DES algorithm is used to encrypt the control data to ensure the confidentiality of the data transmission.Using the MD5 algorithm,the hash value is added to the data to ensure the integrity of the data transmission.As a result of the DES algorithm,Key update is very important.This paper presents a dynamic key scheme based on event synchronization.The simulation experiment is carried out by Simulink tool in MATLAB,which verifies the efficiency and security of the algorithm.(3)In this paper,a secure data transmission scheme based on mutual authentication is proposed in this paper,which is not feasible for the control link(monitoring terminal)in the wireless industrial control network.In the scheme,the host computer through the identity table to store the legal monitoring terminal identification,through the use of SM2 and SM4 encryption algorithm for high entropy random number and identity identification to decrypt the identity to confirm the legitimacy of identity,and ultimately through the authentication message to ensure that the session secret The security of the key.In the host computer to confirm the message,The monitoring terminal and the engineering station can use the session key for the transmission of the field data.Finally,the use of PC to simulate the engineering station and security center,monitoring the terminal using LPC1768 microprocessor,transmission protocol selection TCP / IP,through the experimental results can verify the program can achieve two-way authentication and time overhead within the allowable range. |
PDF Full Text Request