Security Research And Improvement Of EtherCAT Protocol Based On CPN

With the rapid development of intelligent manufacturing and big data,the industrial Ethernet protocol becomes more open with the network of industrial control systems.As the industrial Ethernet protocol is a key factor of industrial control systems,its security issues affect the entire system,so its security research is particularly important.Although there are many studies on the security and improvement of industrial Ethernet protocols,these studies lack formal modeling and security evaluation of the protocols,and only focus on the implementation of the security functions of the protocols,which have certain limitations.Therefore,the formal modeling and security assessment of the industrial Ethernet protocol has great scientific value for the security research and security improvement of the protocol.Based on the CPN Tools modeling tool,this thesis takes the currently widely used EtherCAT protocol as a research entity,uses the colored Petri net theory and the Dolev-Yao attack model as method guidance.Firstly,the protocol is modeled formally.Then the attacker model is introduced to evaluate the protocol security.Finally,the corresponding improvement plan is proposed for the evaluation result,and the security verification of the improvement plan is carried out.The main research is as follows:1.Based on the theory layered modeling method of the colored Petri net,this thesis decomposed the master-slave interaction message flow model of the protocol in detail,and established the three-layer HCPN model of the protocol by using the CPN Tools modeling tool.The process of session connection and secure data transmission in the interaction between master and slave stations of the protocol was modeled at a fine-grained level to reflect the details of the protocol operation process,and the consistency of the protocol model was verified by analyzing the results of state space.2.In order to reduce the state space of the attacker model,the original Dolev-Yao attacker model was improved with message splitting and parameterization attacks.In the HCPN model of the original protocol,an improved attacker model is introduced,including 3 types of man-in-the-middle attacks such as tampering,replay and deception,to establish a security evaluation model of the original protocol.By analyzing the state space of the security evaluation model,the security of the protocol is evaluated,and the vulnerability of the protocol is found and analyzed.3.In view of the security evaluation results and existing vulnerabilities of the protocol,an improved scheme is proposed to join the secret key distribution center to authenticate the protocol session connection and add hash value to the transmitted data,so as to defend the protocol against the existing man-in-the-middle attack threats such as tampering,replay and spoofing.In addition,the security of the improved scheme is evaluated,and the effectiveness of the scheme is Verified.