| Industrial control system is a key infrastructure related to the national economy and people’s livelihood,and ensuring its safety is a national security strategy.In recent years,the development of information technology has promoted the interconnection of industrial control systems and information systems,and has brought new security threats to industrial control networks.This paper is based on the Modbus TCP protocol to study the data security and integrity protection methods in industrial control systems.This paper designs an industrial control information security defense mechanism,which can realize the functions of inter-station authentication,integrity detection,data encryption and decryption,and authorization detection.Inter-station authentication uses time-synchronized dynamic password technology to realize identity authentication between each other by comparing the dynamic passwords of both parties.The integrity detect uses a hash function to calculate the message digest,and uses the digest to detect the integrity of the transmitted data.The encryption and decryption mechanism uses the AES algorithm and the ECC algorithm for encryption and decryption operations to ensure the confidentiality of the communication process.Authorization detection ensures the controllability and safety of modbus commands by setting up a "white list" to filter out illegal communication messages.The industrial control information security defense mechanism proposed in this paper can realize protocol integrity detection,identity authentication,encrypted transmission,and restrict the requesting party’s access authority,which has important significance and effect on ensuring the integrity and security of data transmitted in industrial control systems. |
PDF Full Text Request