Research On Oil Depot IoT Network Isolation System Based On FPGA

With the rapid development of networks,various information and application systems have gained rapid popularity and widespread use,at the same time,the industrial Internet have flourished.while cyber security issues have become more complex.To protect data,intellectual property,information systems and critical infrastructure,cyber security has become one of the biggest challenges in various fields.Oil depot stations undertake the key task of oil supply and energy security,and the security of information security of industrial control systems is directly related to the security of oil depot production.Therefore,there is an urgent need to study the technical ways of data transfer between industrial networks such as oil depots and confidential networks,in order to increase the data transfer speed,while meeting the requirements of intelligent manufacturing for data accuracy.In order to meet the data transmission requirements of IOT in oil depots,this thesis develops an FPGA-based network isolation system for the Io T in oil depots to achieve high-speed and stable data transmission under the premise of ensuring security.In this thesis,the physical isolation network gate technology is studied and the general design of the network isolation system is given based on the top-down approach.The main content includes the following aspects:1.Complete the hardware platform construction of the network isolation system.The hardware construction of network isolation system mainly refers to the selection and configuration of exchange isolation card chips and the implementation of circuit functions.Based on the hardware requirements of the network isolation system,the Xilinx Kintex-7 series XC7K325T-2FFG900 I chip was selected,the PCIe bus was chosen for communication between the switch isolation card and the host computer,the Aurora fibre optic protocol was used for communication between the two cards,and DDR3 SDRAM was used for data caching.Other basic circuit modules are also implemented.2.Complete the software design of the network isolation system.The software design primarily involves the logic design of the mitigation isolation card and the design of the upper computer driver and application program.Design PCIe communication module using PCIe XDMA IP core to inplement the communication between the board and the host computer;complete the fiber optic data transmission between two boards based on Aurora IP core;design data control module and cache module at the same time to realize the cache of data.The driver and application for the PCIe switch isolation card are designed under Linux environment to enable the host computer to control the card and thus complete the information interaction.3.Complete the overall testing of the network isolation system.Two PC hosts were used to simulate the self-built confidential office network and non-confidential industrial control network of the oil depot station,and the network isolation system was formed by connecting two boards via optical fibre to test the whole system,so as to achieve safe and high-speed data transmission under the premise of physical isolation and provide reference for the subsequent design of reliable and high-speed data transmission for the industrial Internet of Things.