| The industrial control systems are initially closed and small in scale,and only need to ensure physical security to basically meet the requirements.Therefore,security factors aren't taken into account in the initial design of the field bus protocol Modbus.With the development of industrial control system and the wide application of TCP IP protocol,Modbus protocol and TCP IP are integrated to form Modbus TCP.However,Modbus TCP protocol does not solve the security problems existing in the original Modbus protocol,and even introduces the design defects of TCP IP protocol,which makes the security problem of Modbus TCP protocol more serious.Traditional firewall,intrusion detection and other network security equipment can only protect the data from the network layer and transmission layer,and cannot defend against the attack against the application layer.In this paper,the Modbus TCP protocol itself and related literatures are deeply studied,and some shortcomings of it are analyzed.The protocol is improved and a more secure communication protocol(Modbus-E protocol)is proposed to realize the security reinforcement of industrial control system.Considering the security problems existing in the design of Modbus TCP protocol,such as the lack of identity authentication mechanism,integrity verification mechanism,anti-replay mechanism,function code abuse protection mechanism and data encryption transmission mechanism,a safe Modbus protocol(Modbus-E protocol)is proposed in this paper based on the principles of cryptography.Based on the Modbus TCP protocol,the original industrial control system is strengthened by adding filling fields.In view of the lack of identity authentication mechanism and integrity verification mechanism in the original protocol,the data is signed in Modbus-E protocol to ensure the verifiability of data by using digital signature algorithm.In view of the lack of anti-replay mechanism in the original protocol,the principle of synchronization and the unidirectional principle of hash function are used in Modbus-E protocol to ensure the uniqueness of data by adding synchronous identification field before ADU field.In view of the lack of protection mechanism against abuse of function codes in the original protocol,a "white list" filtering mechanism is set up in this paper,which ensures the controllability of instructions is based on the quaternions of "Privilege Level-IP-Device ID-Function Code".In view of the lack of data encryption and transmission mechanism in the original protocol,symmetric key algorithm is used in Modbus-E protocol to encrypt the PDU field of the original Modbus TCP protocol,which ensures the confidentiality of data.Finally,the secure communication of data can be realized without increasing the communication process.Through the simulation experiment verification and the result analysis,the authentication type attack,man-in-the-middle attack and replay attack which against the instruction of the attacker can be protected by Modbus-E protocol.Compared with the existing methods,this method is more secure and more efficient,which can comprehensively improve the security of Modbus TCP communication. |
PDF Full Text Request