Research And Application On Security Verification Technology Of Industrial Control System Based On Network Twin

The deep integration of industrial Internet and intelligent manufacturing,energy and electricity,national defense industry and other fields has made significant contributions to the construction of a new pattern of industrial development in China,but the interconnection of industrial control systems and networks has also brought serious cyber security threats.Since Industrial control systems need to ensure the real-time and reliability of the manufacturing process,it is not appropriate to make changes to the field equipment and network environment,which makes it difficult to analyze the security verification of industrial control systems and network environment.The network twin technology can build a twin network environment of real industrial control systems and devices through network events and device function simulation,which provides a solution to the above problem.The thesis adopts twin network to carry out security attack and defense verification of industrial control system,takes the simulation method of industrial control system configuration logic and security service component logic in twin network as the research point,designs and implements a twin network-based industrial control system security verification scheme and corresponding system,which can analyze the security verification of industrial control system configuration logic,device logic and network environment in the twin environment without affecting the real system.The main work is as follows.1.For the problem of insufficient safety analysis of configuration logic due to inappropriate testing on field devices,a network twin-based method for simulating the configuration logic of industrial control systems is proposed.The method realizes the industrial control protocols and the functional logic simulation of master and slave devices in the network simulator,forming an industrial control twin network.The execution logic simulation of industrial control slave devices to control request data,including the logic of instruction execution,logic operation,and result response,is realized in the PLC simulator,forming the industrial control configuration logic based on the twin network.2.For the problem of inadequate security policy verification caused by the network environment that cannot be easily changed,a network twin-based security service component simulation method is proposed.The method realizes the functional logic simulation of security service components such as firewall,intrusion detection,and security net gate based on twin network,supporting the security policy configuration and security verification analysis of twin network.3.For the problem of difficulty in implementing security verification analysis in real environments,a network twin-based security verification scheme for industrial control systems is designed and the corresponding system is implemented.The system has the function of industrial control twin network event simulation and security verification analysis,which can perform network event regeneration,security policy verification,threat detection analysis,malicious attack and command simulation verification and other security attack and defense verification on industrial control system configuration logic and network environment in the twin network.Through functional testing and verification,the proposed method and system can perform security verification analysis of industrial control system configuration logic and network environment in twin networks,and patch and verify security policies according to the exposed threats and hazards,thus providing a reference for the improvement of industrial control system network security defense effectiveness.