| With the advent of Industry 4.0 and the integration of cutting-edge information technology,an increasing number of industrial devices are being connected from isolated network environments to public networks,enabling remote control and monitoring of infrastructure.However,while the industrial internet reduces production costs and enhances efficiency,it also introduces numerous traditional network security challenges into industrial control networks.Owing to the real-time demands of industrial control networks and the constraints of device performance,industrial equipment and control protocols exhibit weak security protection,giving rise to a multitude of security risks.Software defined network(SDN)technology,characterized by its programmable network control capabilities,is extensively employed in processing network packets.Some researchers have suggested utilizing SDN technology to tailor control of industrial control networks,thereby bolstering their security and reliability.SDN can facilitate centralized security policy management and enable more agile forwarding and filtering of network traffic,ensuring network security.However,SDN relies on controllers to govern the data plane in the network,which may result in the controller becoming a bottleneck and adversely impacting network performance.Simultaneously,communication and processing delays between forwarding devices and the controller render SDN somewhat unsuitable for industrial control systems.Consequently,this thesis melds SDN technology with blockchain technology to devise a data stream authentication and capture scheme for industrial control networks,allowing for efficient authentication of SDN flow.The primary contributions and innovations of this thesis are as follows:(1)To satisfy the low-latency authentication requirements of flow in industrial control networks,this thesis investigates an SDN data stream authentication scheme based on existing blockchain technology frameworks.The scheme capitalizes on the features of blockchain’s distributed data reliable storage and data integrity,designing an efficient data stream authentication scheme while ensuring the consistency of distributed control systems via blockchain.Additionally,this thesis integrates SDN technology with blockchain technology to propose a distributed SDN control method,aiming to mitigate delays caused by unmatched data packets.The scheme employs blockchain as a communication method between nodes and leverages the consistency of blockchain to guarantee that each node’s behavior aligns with the logic,enabling the flow rule management component and the data stream authentication component of each node to form a logically unified SDN controller.(2)To tackle the issue of unauthenticated data stream processing in industrial control networks,this thesis combines SDN technology to suggest a multi-node data stream capture scheme.The scheme captures unauthenticated flow in the network to supply data sources for subsequent auditing.By utilizing a data flow capture load balancing algorithm,the scheme generates a task allocation plan that maximizes the performance of each node while retaining a certain margin for nodes to address potential emergencies as much as possible. |
PDF Full Text Request