| With the rapid development of Industrial Internet in recent years which breaks the special closure of the previous physical environment of the industrial control system,it leads to the frequent occurrence of industrial control safety incidents in the world and brings bad influence to enterprises.As the core facility for controlling physical processes,Programmable Logic Controllers(PLC)becomes the main target for cyber attackers.Therefore,in order to detect the attack,one can track the running status of the industrial control devices in the field to know that they are still“alive”,that is,Proof of Aliveness Protocol is used to prove its vitality to the open network control center.This thesis proposes two Proof of Aliveness protocols suitable for Programmable Logic Controllers based on the shortcomings of the existing research,and analyzes their performance.The main contents of this thesis are as follows:(1)To deal with the inefficiency of existing Proof of Aliveness Protocol based on hash algorithm running on the PLC platform,we propose a Proof of Aliveness Protocol BC-Po A based on block cipher practical for PLC.We use a single chain structure to build an efficient proof of aliveness,BC-Po A innovatively uses block cipher to calculate each node on the chain,and uses the previous node as the input encryption key,constant is the encrypted message and other nodes except the tail node(last node)are one-time passwords used to prove aliveness.The protocol BC-Po A is instantiated based on two specific block ciphers PRESENT and SPECK,and this thesis proves the security of protocol based on the security assumptions of IND-CPA and an ideal cipher model.Finally,we analyzed the performance of algorithms and protocol on Rockwell Automation's commercial PLC.Experimental results show that when the size of one time slot(35)I is equal to 30 seconds and number of nodes in the chain N is equal to 1051200,the block cipher single chain life cycle is about 1 year,and the BC-Po A protocol is very effective and practical for PLC.(2)In order to solve the problem of the limitation of existing Proof of Aliveness Protocol based on single chain structure in PLC,we propose a Proof of Aliveness Protocol BCPRG-Po A based on self-renewal block cipher chain.We construct pseudo-random number generators in counter mode based on CLEFIA and LEA block cipher algorithms,and then connect multiple block cipher sub-chains.By integrating one-time signature schemes into the structure,we can achieve auto-replenishment of aliveness-proofs,which implies that BC-Po A can be used forever.This thesis aims to study the efficient implementation of the relevant algorithms in protocol based on structured text programming,and block cipher directly uses the round key calculated on PC side to save time cost.By testing the performance on the PLC of the Allen-Bradley brand,the results show that:LEA is more efficient than the CLEFIA algorithm.The time cost of the proof generation algorithm is positively correlated with number of nodes in the chain N,the number of sub-chains?and N have an impact on the auto-replenishment algorithm.Then we analyse the memory overhead of the protocol BCPRG-Po A,which is much smaller than the total memory of the PLC.Finally,some parameter suggestions practical for PLC are put forward to ensure the practicability and high efficiency of the Proof of Aliveness Protocol on the PLC. |
PDF Full Text Request