CN108833346A - A kind of industrial control system safety communicating method and device - Google Patents

A kind of industrial control system safety communicating method and device Download PDF

Info

Publication number
CN108833346A
CN108833346A CN201810421319.XA CN201810421319A CN108833346A CN 108833346 A CN108833346 A CN 108833346A CN 201810421319 A CN201810421319 A CN 201810421319A CN 108833346 A CN108833346 A CN 108833346A
Authority
CN
China
Prior art keywords
message
timestamp
control system
receiving end
signed data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810421319.XA
Other languages
Chinese (zh)
Inventor
赵磊
史鲁强
王超
张博
程卫平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Tianyuan Creative Technology Ltd
Original Assignee
Beijing Tianyuan Creative Technology Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Tianyuan Creative Technology Ltd filed Critical Beijing Tianyuan Creative Technology Ltd
Priority to CN201810421319.XA priority Critical patent/CN108833346A/en
Publication of CN108833346A publication Critical patent/CN108833346A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Algebra (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The present invention provides a kind of industrial control system safety communicating method and device, and when industrial control system control centre or controlled terminal send the messages such as control or measurement as transmitting terminal, completeness check code or signature are added after message;After receiving end receives message, label are verified or solved to completeness check code or signature, message is handled again after success.Using technical solution of the present invention, industrial control system control centre (main website) can verify the identity of message transmitting party with controlled terminal (substation), prevent malicious persons from control centre (main website) or controlled terminal (substation) being pretended to be to control and destroy industrial control system;The messages such as measurement, control, parameter setting are protected, prevent malicious persons from distorting to message content.Under the premise of supporting existing industry control communication protocol functions, data source authentication, integrity protection and the preventing playback attack function between control centre (main website) and controlled terminal (substation) can be realized.

Description

A kind of industrial control system safety communicating method and device
Technical field
The present invention relates to fields of communication technology, more particularly, to a kind of industrial control system safety communicating method and dress It sets.
Background technique
Industrial control system (Industrial control system, ICS) is the general name to various control system, packet Include supervisory control and data acquisition (SCADA) (Supervisory Control And Data Acquisition, SCADA) system, distributed control System (Distributed Control System DCS) processed and programmable logic controller (PLC) (Programmable Logic Controller PLC) etc small-sized control system device.Industrial control system is widely used in electric power, originally Water, petroleum, natural gas, chemical industry, communications and transportation, pharmacy, paper pulp and papermaking, the energy, food and drink manufacture.
Industrial control system is made of main website, network and substation.The basic functional principle of industrial control system is substation pair Technical process measurement data are acquired, and are sent data to main website by network, are sent by network to substation after main website analysis The order such as control or parameter setting, substation carry out movement to industrial process and time implementing result and/or state are returned to main website. At present communication protocol used in industrial control system include the series of IEC 60870,60970 series of IEC, IEC61850 series, The characteristics of DNP 3 etc., these agreements is using reliability as primary demand, and there is no consider transmitting-receiving certification, data integrity sum number According to secure contents such as confidentiality.
But due to the calculating bad environments of industrial control system application, not only network communication mode is numerous, including special line Dialing, optical fiber private network, mobile GPRS, satellite communication etc., and the state of equipment in a distributed manner, are fully exposed to open meter It calculates among environment, a possibility that there are opponent's attacks;The communication protocol of open network environment and " zero security mechanism " makes work Industry control system faces numerous Information Security Risks.
Summary of the invention
The present invention provides a kind of a kind of Industry Control system for overcoming the above problem or at least being partially solved the above problem System safety communicating method and device, solve the state of the equipment of industrial control system in the prior art in a distributed manner, completely sudden and violent It is exposed among open calculating environment, the communication protocol of open network environment and " zero security mechanism " makes Industry Control system The problem of system faces numerous Information Security Risks.
According to an aspect of the present invention, a kind of industrial control system safety communicating method is provided, including:
After transmitting terminal generates important traffic message to be protected, local zone time is filled after the important traffic message Stamp, and fill after the timestamp by local prefabricated private key, to generate to the important traffic message to the time The signed data of this segment data is stabbed, and the signed data is synthesized into composite safe message and is sent.
Preferably, transmitting terminal generate important traffic message to be protected before further include:
Transmitting terminal generates elliptic curve cryptography key pair, and the key pair includes private key and public key.
It is specifically included preferably, the signed data is synthesized composite safe message and is sent:
Safe packet end mark byte is filled after the signed data, and is synthesized composite safe message and sent out It goes.
A kind of industrial control system secure communication device, including transmitting terminal, it is logical that the transmitting terminal generates key to be protected After believing message, local time stamp is filled after the important traffic message, and is filled after the timestamp by local pre- The private key of system, to generate to the important traffic message to the signed data of this segment data of timestamp, and by the signature Data Synthesis is that composite safe message is sent.
A kind of industrial control system safety communicating method, including:
Receiving end receive transmitting terminal send composite safe message, and extract the timestamp in the composite safe message and Signed data;
Whether the difference of receiving end extraction local zone time, the timestamp and the local zone time is in setting time window In mouthful, if so, whether effective according to the prefabricated public key verifications signed data in receiving end, and to effective signed data at Reason obtains important traffic message.
Preferably, if the difference of the timestamp and the local zone time not in setting time window, abandons The composite safe message;
If the difference of the timestamp and the local zone time, in setting time window, whether the timestamp In the registered timestamp list in receiving end, if it is not, then abandoning the composite safe message.
Preferably, abandoning the composite safe if invalid according to the prefabricated public key verifications signed data in receiving end Message does not return to any data.
Preferably, and to effective signed data carry out processing specifically include:
Receiving end handles the important traffic message, and whether normal, processing is returned if abnormal if observing processing result The timestamp is then registered in timestamp list by exception message if normal, and returns to processing normal message.
A kind of industrial control system secure communication device, including receiving end, the receiving end receive answering for transmitting terminal transmission Safe packet is closed, and extracts the timestamp and signed data in the composite safe message;
Whether the difference of receiving end extraction local zone time, the timestamp and the local zone time is in setting time window In mouthful, if so, whether effective according to the prefabricated public key verifications signed data in receiving end, and to effective signed data at Reason obtains important traffic message.
A kind of industrial control system safety communicating method, including:
After transmitting terminal generates important traffic message to be protected, local zone time is filled after the important traffic message Stamp, and fill after the timestamp by local prefabricated private key, to generate to the important traffic message to the time The signed data of this segment data is stabbed, and the signed data is synthesized into composite safe message and is sent;
Receiving end receive transmitting terminal send composite safe message, and extract the timestamp in the composite safe message and Signed data;
Whether the difference of receiving end extraction local zone time, the timestamp and the local zone time is in setting time window In mouthful, if so, whether effective according to the prefabricated public key verifications signed data in receiving end, and to effective signed data at Reason obtains important traffic message.
The present invention proposes a kind of industrial control system safety communicating method and device, when industrial control system control centre or When controlled terminal sends the messages such as control or measurement as transmitting terminal, completeness check code or signature are added after message;It receives After end receives message, label are verified or solved to completeness check code or signature, message is handled again after success.Using this The technical solution of inventive embodiments, industrial control system control centre (main website) and controlled terminal (substation) can send message The identity of side is verified, and prevents malicious persons from pretending to be control centre (main website) or controlled terminal (substation) to industrial control system It is controlled and is destroyed;The messages such as measurement, control, parameter setting are protected simultaneously, prevent malicious persons to message content Distort, the present invention can be realized control centre (main website) and controlled under the premise of supporting existing industry control communication protocol functions Data source authentication, integrity protection and preventing playback attack function between terminal (substation).
Detailed description of the invention
Fig. 1 is to generate schematic diagram according to key pair of the embodiment of the present invention;
Fig. 2 is the transmitting terminal transmission flow schematic diagram according to the embodiment of the present invention;
Fig. 3 is to receive flow diagram according to the receiving end of the embodiment of the present invention.
Specific embodiment
With reference to the accompanying drawings and examples, specific embodiments of the present invention will be described in further detail.Implement below Example is not intended to limit the scope of the invention for illustrating the present invention.
As depicted in figs. 1 and 2, a kind of industrial control system safety communicating method is shown in figure, including:
After transmitting terminal generates important traffic message to be protected, local zone time is filled after the important traffic message Stamp, and fill after the timestamp by local prefabricated private key, to generate to the important traffic message to the time The signed data of this segment data is stabbed, and the signed data is synthesized into composite safe message and is sent.
As shown in Fig. 2, in the present embodiment, when industrial control system control centre or controlled terminal are sent as transmitting terminal When the messages such as control or measurement, transmitting terminal generates to be protected, original important traffic message, and the important traffic message is in this reality Applying becomes original message M in example, completeness check code or signature are added after message.
In the present embodiment, further include before transmitting terminal generates important traffic message to be protected:
Transmitting terminal generates elliptic curve cryptography key pair, and the key pair includes private key and public key.Elliptic curve label Name function Sign (tosign, Prik)->Signature is ellipse curve signature function, and input tosign is number to be signed According to PriK is private key, and output signature is signature;
Elliptic curve sign test function verify (sign, Pubk)->0/err is elliptic curve sign test function, input Sign is signature, and PubK is public key key, and output 0 is expressed as signature correctly, other indicate mistakes;":" indicate string-concatenation Behind character string.
As shown in fig. 1, transmitting terminal generates elliptic curve cryptography key pair PriK and PubK.Here elliptic curve Cryptographic algorithm refers in particular to what the present invention used, by the elliptic curve cryptography of depth optimization.Here generating algorithm key pair, It should be realized using by hard-wired encrypted card, encryption chip, encryption equipment, to guarantee the safety of private key storage.
Local time stamp M is filled after transmitting terminal original message | | timestamp.
Transmitting terminal fills the signature by local prefabricated private key to original message to this segment data of timestamp after timestamp Data signature=Sign (M | | timestamp, PriK).
Specifically, in the present embodiment, the signed data is synthesized into composite safe message sends and specifically include:
Safe packet end mark byte end is filled after the signed data, and synthesizes composite safe message SM hair See off, SM=Signature | | end.
A kind of industrial control system secure communication device, including transmitting terminal, the transmitting terminal are additionally provided in the present embodiment After generating important traffic message to be protected, local time stamp is filled after the important traffic message, and in the time Filling is by local prefabricated private key after stamp, to generate to the important traffic message to the signature of this segment data of timestamp Data, and the signed data is synthesized into composite safe message and is sent.
A kind of industrial control system safety communicating method is additionally provided in the present embodiment, including:
Receiving end receive transmitting terminal send composite safe message, and extract the timestamp in the composite safe message and Signed data;
Whether the difference of receiving end extraction local zone time, the timestamp and the local zone time is in setting time window In mouthful, if so, whether effective according to the prefabricated public key verifications signed data in receiving end, and to effective signed data at Reason obtains important traffic message.
Industrial control system control centre (main website) and controlled terminal (substation) can carry out the identity of message transmitting party Verifying, prevents malicious persons from control centre (main website) or controlled terminal (substation) being pretended to be to control and break industrial control system It is bad;The messages such as measurement, control, parameter setting are protected simultaneously, prevent malicious persons from distorting to message content.
Specifically, as shown in figure 3, according to composite safe message to extract original important traffic message (original for receiving end Message M) timestamp (timestamp) and signed data signature;Local zone time localtime is extracted in receiving end, when comparing Between whether stab in reasonable time window, (localtime-timestamp)<W?;
Specifically, if described in the difference of the timestamp and the local zone time not in setting time window, abandons Composite safe message does not return to any data;
If the difference of the timestamp and the local zone time, in setting time window, whether the timestamp In the registered timestamp list L in receiving end, if it is not, then abandoning the composite safe message.
In the present embodiment, receiving end is according to the prefabricated whether effective ret=verify of public key verifications signed data (signature, PubK), ret=0?If prefabricated public key verifications signed data is invalid according to receiving end, abandon described multiple Safe packet is closed, does not return to any data.
In the present embodiment, and processing is carried out to effective signed data to specifically include:
Receiving end handles the important traffic message, and whether normal, processing is returned if abnormal if observing processing result The timestamp is then registered in timestamp list L if normal, and returns to processing normal message by exception message.
It can be according to original after receiving composite safe message M for existing old terminal (substation) in operating status Data format, the normal part original load m read in frame, ignores the processing to completeness check code.For example, in the Chinese people Include length item in the 1-ISO/IEC8802-3 frame format of republic power industry standard IEC61850-8-1, can recorde The length of message." 4.2 101 specifications can be changed frame length lattice in " IEC60870-5-101/104 is applied to electrical power distribution automatization system " The length of message can be listed in formula " by " length L " item.Integrity verification code/signature length can be preset, or It is determined according to algorithm, security parameter.
In above-described embodiment, transmitting terminal signs to the summary info of message, and receiving end carries out data source according to signature Certification and integrity verification, ensure that the safety of information exchange;Signature is placed on behind original, can be compatible with as far as possible existing Industrial control system communication protocol;New model terminal carries out verification processing, and old terminal can be omitted the processing of completeness check code, So as to compatible with existing system as far as possible, the significant cost that all devices are transformed is avoided.
A kind of industrial control system secure communication device, including receiving end, the receiving end are additionally provided in the present embodiment The composite safe message that transmitting terminal is sent is received, and extracts the timestamp and signed data in the composite safe message;
Whether the difference of receiving end extraction local zone time, the timestamp and the local zone time is in setting time window In mouthful, if so, whether effective according to the prefabricated public key verifications signed data in receiving end, and to effective signed data at Reason obtains important traffic message.
A kind of industrial control system safety communicating method is additionally provided in the present embodiment, including:
After transmitting terminal generates important traffic message to be protected, local zone time is filled after the important traffic message Stamp, and fill after the timestamp by local prefabricated private key, to generate to the important traffic message to the time The signed data of this segment data is stabbed, and the signed data is synthesized into composite safe message and is sent;
Receiving end receive transmitting terminal send composite safe message, and extract the timestamp in the composite safe message and Signed data;
Whether the difference of receiving end extraction local zone time, the timestamp and the local zone time is in setting time window In mouthful, if so, whether effective according to the prefabricated public key verifications signed data in receiving end, and to effective signed data at Reason obtains important traffic message.
The present invention proposes a kind of industrial control system safety communicating method and device, when industrial control system control centre or When controlled terminal sends the messages such as control or measurement as transmitting terminal, completeness check code or signature are added after message;It receives After end receives message, label are verified or solved to completeness check code or signature, message is handled again after success.Using this The technical solution of inventive embodiments, industrial control system control centre (main website) and controlled terminal (substation) can send message The identity of side is verified, and prevents malicious persons from pretending to be control centre (main website) or controlled terminal (substation) to industrial control system It is controlled and is destroyed;The messages such as measurement, control, parameter setting are protected simultaneously, prevent malicious persons to message content Distort, the present invention can be realized control centre (main website) and controlled under the premise of supporting existing industry control communication protocol functions Data source authentication, integrity protection and preventing playback attack function between terminal (substation).
Finally, method of the invention is only preferable embodiment, it is not intended to limit the scope of the present invention.It is all Within the spirit and principles in the present invention, any modification, equivalent replacement, improvement and so on should be included in protection of the invention Within the scope of.

Claims (10)

1. a kind of industrial control system safety communicating method, which is characterized in that including:
After transmitting terminal generates important traffic message to be protected, local time stamp is filled after the important traffic message, and It is filled after the timestamp by local prefabricated private key, to generate to the important traffic message to this section of the timestamp The signed data of data, and the signed data is synthesized into composite safe message and is sent.
2. industrial control system safety communicating method according to claim 1, which is characterized in that transmitting terminal generates to be protected Important traffic message before further include:
Transmitting terminal generates elliptic curve cryptography key pair, and the key pair includes private key and public key.
3. industrial control system safety communicating method according to claim 1, which is characterized in that close the signed data It sends and specifically includes as composite safe message:
Safe packet end mark byte is filled after the signed data, and is synthesized composite safe message and sent.
4. a kind of industrial control system secure communication device, which is characterized in that including transmitting terminal, the transmitting terminal generates to be protected Important traffic message after, local time stamp is filled after the important traffic message, and fill after the timestamp By local prefabricated private key, to generate to the important traffic message to the signed data of this segment data of timestamp, and will The signed data synthesizes composite safe message and sends.
5. a kind of industrial control system safety communicating method, which is characterized in that including:
Receiving end receives the composite safe message that transmitting terminal is sent, and extracts the timestamp and signature in the composite safe message Data;
Whether the difference of receiving end extraction local zone time, the timestamp and the local zone time is in setting time window It is interior, if so, whether effective according to the prefabricated public key verifications signed data in receiving end, and to effective signed data at Reason obtains important traffic message.
6. industrial control system safety communicating method according to claim 5, which is characterized in that if the timestamp and institute The difference of local zone time is stated not in setting time window, then abandons the composite safe message;
If the difference of the timestamp and the local zone time, in setting time window, whether the timestamp is connecing Receiving end is locally in registered timestamp list, if it is not, then abandoning the composite safe message.
7. industrial control system safety communicating method according to claim 5, which is characterized in that if prefabricated according to receiving end Public key verifications signed data it is invalid, then abandon the composite safe message, do not return to any data.
8. industrial control system safety communicating method according to claim 5, which is characterized in that and to effective number of signature It is specifically included according to processing is carried out:
Receiving end handles the important traffic message, and whether normal, it is abnormal that processing is returned if abnormal if observing processing result The timestamp is then registered in timestamp list by message if normal, and returns to processing normal message.
9. a kind of industrial control system secure communication device, which is characterized in that including receiving end, the receiving end receives transmitting terminal The composite safe message of transmission, and extract timestamp and signed data in the composite safe message;
Whether the difference of receiving end extraction local zone time, the timestamp and the local zone time is in setting time window It is interior, if so, whether effective according to the prefabricated public key verifications signed data in receiving end, and to effective signed data at Reason obtains important traffic message.
10. a kind of industrial control system safety communicating method, which is characterized in that including:
After transmitting terminal generates important traffic message to be protected, local time stamp is filled after the important traffic message, and It is filled after the timestamp by local prefabricated private key, to generate to the important traffic message to this section of the timestamp The signed data of data, and the signed data is synthesized into composite safe message and is sent;
Receiving end receives the composite safe message that transmitting terminal is sent, and extracts the timestamp and signature in the composite safe message Data;
Whether the difference of receiving end extraction local zone time, the timestamp and the local zone time is in setting time window It is interior, if so, whether effective according to the prefabricated public key verifications signed data in receiving end, and to effective signed data at Reason obtains important traffic message.
CN201810421319.XA 2018-05-04 2018-05-04 A kind of industrial control system safety communicating method and device Pending CN108833346A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810421319.XA CN108833346A (en) 2018-05-04 2018-05-04 A kind of industrial control system safety communicating method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810421319.XA CN108833346A (en) 2018-05-04 2018-05-04 A kind of industrial control system safety communicating method and device

Publications (1)

Publication Number Publication Date
CN108833346A true CN108833346A (en) 2018-11-16

Family

ID=64147472

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810421319.XA Pending CN108833346A (en) 2018-05-04 2018-05-04 A kind of industrial control system safety communicating method and device

Country Status (1)

Country Link
CN (1) CN108833346A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110058565A (en) * 2019-03-01 2019-07-26 中国电子科技网络信息安全有限公司 A kind of Industry Control PLC system fingerprint analogy method based on (SuSE) Linux OS
CN110717188A (en) * 2019-09-29 2020-01-21 武汉海昌信息技术有限公司 Document reading and amending safety method based on asymmetric encryption technology
CN112615820A (en) * 2020-12-05 2021-04-06 百果园技术(新加坡)有限公司 Replay attack detection method, device, equipment and storage medium
CN112818183A (en) * 2021-02-03 2021-05-18 恒安嘉新(北京)科技股份公司 Data synthesis method and device, computer equipment and storage medium
CN113726524A (en) * 2021-09-02 2021-11-30 山东安控信息科技有限公司 Secure communication method and communication system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101441693A (en) * 2008-11-25 2009-05-27 西安理工大学 Security protection method for electric document digital signing based on elliptical curve
US20120303973A1 (en) * 2009-09-29 2012-11-29 James Newsome Method for protecting sensor data from manipulation and sensor to that end
CN104079408A (en) * 2014-05-30 2014-10-01 国家电网公司 Method for enhancing communication safety in industrial control system
CN104811427A (en) * 2014-01-27 2015-07-29 沈阳中科奥维科技股份有限公司 Secure industrial control system communication method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101441693A (en) * 2008-11-25 2009-05-27 西安理工大学 Security protection method for electric document digital signing based on elliptical curve
US20120303973A1 (en) * 2009-09-29 2012-11-29 James Newsome Method for protecting sensor data from manipulation and sensor to that end
CN104811427A (en) * 2014-01-27 2015-07-29 沈阳中科奥维科技股份有限公司 Secure industrial control system communication method
CN104079408A (en) * 2014-05-30 2014-10-01 国家电网公司 Method for enhancing communication safety in industrial control system

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110058565A (en) * 2019-03-01 2019-07-26 中国电子科技网络信息安全有限公司 A kind of Industry Control PLC system fingerprint analogy method based on (SuSE) Linux OS
CN110717188A (en) * 2019-09-29 2020-01-21 武汉海昌信息技术有限公司 Document reading and amending safety method based on asymmetric encryption technology
CN112615820A (en) * 2020-12-05 2021-04-06 百果园技术(新加坡)有限公司 Replay attack detection method, device, equipment and storage medium
CN112818183A (en) * 2021-02-03 2021-05-18 恒安嘉新(北京)科技股份公司 Data synthesis method and device, computer equipment and storage medium
CN112818183B (en) * 2021-02-03 2024-05-17 恒安嘉新(北京)科技股份公司 Data synthesis method, device, computer equipment and storage medium
CN113726524A (en) * 2021-09-02 2021-11-30 山东安控信息科技有限公司 Secure communication method and communication system

Similar Documents

Publication Publication Date Title
CN108833346A (en) A kind of industrial control system safety communicating method and device
CN106612176B (en) One kind being based on quantum true random number arranging key negotiating system and machinery of consultation
CN106101147B (en) A kind of method and system for realizing smart machine and the communication of remote terminal dynamic encryption
CN103618610B (en) A kind of information security algorithm based on energy information gateway in intelligent grid
CN100499641C (en) System and method for implementing an enhanced transport layer security protocol
CN109088870A (en) A kind of method of new energy plant stand generator unit acquisition terminal secure accessing platform
CN202856452U (en) Power distribution network system
CN103888444B (en) A kind of safe distribution of electric power authentication device and its method
CN102137095A (en) Industrial control system data exchange safety protection method and system and device thereof
CN103178956B (en) Method for realizing encrypted authentication of distribution automation remote control command
CN103873461B (en) Based on the safety interacting method of the GOOSE message of IEC62351
US20060280297A1 (en) Cipher communication system using device authentication keys
CN108323230B (en) Method for transmitting key, receiving terminal and distributing terminal
CN106357690A (en) Data transmission method, data sending device and data receiving device
CN110224823B (en) Transformer substation message safety protection method and device, computer equipment and storage medium
CN109257328A (en) A kind of safety interacting method and device of scene operation/maintenance data
CN105610837A (en) Method and system for identity authentication between master station and slave station in SCADA (Supervisory Control and Data Acquisition) system
CN104079408B (en) Strengthen the method for communications security in a kind of industrial control system
CN110505049A (en) A kind of text information transmission method, apparatus and system
CN104639328B (en) A kind of GOOSE message authentication method and system
CN101141278B (en) Data transmission system, data transmission method, data processing method and corresponding device
CN111541699B (en) Method for safely transmitting data based on IEC102 communication protocol
CN104639330A (en) GOOSE (Generic Object Oriented Substation Event) message integrity authentication method
CN107070653A (en) A kind of POS transaction encryptions system, method, POSP front servers and POS terminal
Ruland et al. Non-repudiation Services for the MMS Protocol of IEC 61850

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20181116