Research On Node Security Authentication Method Of Distributed Industrial Control System

In recent years,industrial Ethernet technology has promoted the integration of Industrial Control System(ICS)and Information Technology(IT)networks,which has deepened the degree of ICS informatization.Although information network integration has improved the efficiency of system generation,it also brings more new information security issues.At the same time,there are a large number of device nodes in the system and the topological structure shows a trend of distributed,the performance bottleneck and security problems in the traditional centralized information control method will become increasingly obvious.In terms of the security and scalability of the key infrastructure,the blockchain and edge computing paradigm are promising technologies that are expected to solve the above challenges.Therefore,this article takes the identity and data security authentication of industrial control network nodes as the starting point,combined with the area Blockchain technology proposes a security authentication framework for industrial control network nodes based on blockchain.At the same time,while ensuring security,it ensures the lightweight of the system security layer and the high scalability of the system.The main research content of the thesis includes the following aspects:(1)A security authentication framework for highly information-oriented ICS nodes is proposed.The framework uses blockchain technology to solve the information security problems brought by the integration of information networks to industrial control networks.The difficulty of applying blockchain technology to industrial control networks lies in the insufficient performance carrying capacity of device nodes.Therefore,this paper proposes and designs an identity authentication mechanism authorized by high-performance edge nodes,and uses this node to be responsible for device node registration,management and identity credentials.Issuance,while verifying the validity and legitimacy of the device node through the trust certificate;in view of the problem that the computing resources of the device node are difficult to guarantee the use of asymmetric encryption to protect the integrity of the data,the commitment scheme based on the truncated hash message authentication code is used to construct a light The magnitude data integrity protection scheme can be customized according to the data characteristics of the node to reduce the number of asymmetric encryption of the node to the greatest extent.(2)According to the multi-layer blockchain framework structure of the node security authentication framework of the industrial control network,a safe and efficient cross-chain communication mechanism is designed to solve the data island effect in the hierarchical blockchain framework,so that not only the identity of the device node can be Information and integrity protection scheme information are managed decentrally,and at the same time,mutual communication and mutual trust between equipment nodes of different subsystems can be realized.This mechanism uses RSA encryption accumulator technology and side chain relay mode.This mechanism keeps the complexity of verification calculation unchanged when the number of transactions increases.At the same time,it can provide effective non-member certification when the transaction does not exist,which improves Improve the security of crosschain communication.(3)Based on the proof of the safety and feasibility of the overall framework,a prototype of a blockchain-based ICS device node security authentication system was designed and developed.Through the Hyperledger Fabric blockchain development platform,smart contracts are used as the implementation method of system functions,and the self-built user interface is used to meet the interaction needs of users and the system,and finally a high-security decentralized industrial control system device node security certification is realized system.