JP6376996B2 - Information communication system and information communication method - Google Patents

Description

  The present invention relates to an information communication system for communicating input / output information in a control system for controlling equipment.

  Conventionally, a cryptographic processing system including a key management device, a business application device, an encryption / decryption device, and a client application device is known (see, for example, Patent Document 1). In this cryptographic processing system, the key management device manages keys used for cryptographic processing in the business application device. The business application apparatus uses the acquired password to request the key management apparatus to acquire a key, and passes the key acquired from the key management apparatus to the encryption / decryption apparatus. The encryption / decryption device performs information encryption and decryption using the key acquired from the business application device.

JP 2012-175187 A

  By the way, in a control system for controlling a device, since control with high responsiveness is required for the device, real-time property is required for performing encryption processing of input / output information communicated by the control system. Here, in the cryptographic processing system described in Patent Document 1, since real-time performance is not required, when performing information encryption processing and decryption processing, the load associated with encryption processing and decryption processing increases. In this case, it is only necessary to delay the process, and it is possible to suppress the load associated with the encryption process and the decryption process. On the other hand, it is difficult to perform the encryption process and the decryption process in real time.

  Accordingly, an object of the present invention is to provide an information communication system and an information communication method capable of rapidly encrypting and decrypting input / output information even in a control system that requires real-time performance.

  An information communication system according to the present invention is a control system for controlling devices connected to an input / output device. In the information communication system for communicating input / output information, a network communication unit connected to an external network and the network communication A communication bus connected to the communication bus, and an internal network connected to the communication bus, the internal network connected to the communication bus, and a device connected to the input / output device A network capable of bidirectional communication is formed between a plurality of IO communication units including an IO communication unit, and the IO communication unit generates and manages an encryption key, and the managed encryption The input / output information is encrypted based on a key to generate encrypted information, and the encrypted information is decrypted based on the managed encryption key. Characterized by having a a decryption processing unit for generating said output information Te.

  According to this configuration, the encryption key can be generated and managed by the IO communication unit. For this reason, since it can suppress that an encryption key is managed by apparatuses other than IO communication part, for example, the control part etc. which are connected to a communication bus, the leakage of the encryption key from a control part can be suppressed. For this reason, leakage and falsification of input / output information can be suppressed, and tamper resistance can be improved. Furthermore, since encryption and decryption can be performed in a plurality of IO communication units, encryption / decryption processing can be executed in a distributed manner, and processing load can be reduced. Even in a control system, input / output information can be quickly encrypted and decrypted.

  Moreover, it is preferable that the said IO communication part updates the said encryption key produced | generated in the said encryption key production | generation management part for every preset update time.

  According to this configuration, since the encryption key can be easily updated by the encryption key generation management unit of the IO communication unit, even if the encryption key is leaked, the encryption key can be different from the leaked encryption key. Further, tamper resistance can be improved.

  The plurality of IO communication units include the IO communication unit serving as a master and the IO communication unit serving as a slave, and the IO communication unit serving as a master is the encryption code shared by the encryption key generation management unit. It is preferable to generate a key and transmit the generated common encryption key to the IO communication unit serving as a slave.

  According to this configuration, the plurality of IO communication units in the ring network can perform encryption and decryption using the common encryption key. That is, the input / output information can be generated by decrypting the encrypted information encrypted by any IO communication unit by any IO communication unit. For this reason, even if a predetermined IO communication unit malfunctions due to a failure or the like, it can be encrypted and decrypted by other IO communication units in the ring network using a common encryption key. Redundancy can be ensured and reliability can be ensured. For this reason, the communication failure of the input / output information accompanying the encryption and decryption errors can be suppressed, and the operation rate related to the communication of the input / output information can be increased.

  Moreover, it is preferable that a plurality of the IO communication units generate different encryption keys in the respective encryption key generation management units and transmit the generated encryption keys to the other IO communication units.

  According to this configuration, the encryption keys managed by the plurality of IO communication units can be made different. For this reason, diversity can be given to the encryption key and tamper resistance can be improved. Here, since the generated encryption key is transmitted to other IO communication units, even if a predetermined IO communication unit malfunctions due to a failure or the like, it is transmitted by another IO communication unit in the ring network. Since encryption and decryption can be performed using the encrypted key, redundancy can be ensured and reliability can be ensured.

  Further, the input / output information includes control logic executed by the control unit, and when the control logic is downloaded to the control unit, the network communication unit receives the control logic from the external network, The control logic is transmitted to the IO communication unit, and when the IO communication unit receives the control logic from the network communication unit, based on the encryption key managed by the encryption key generation management unit, the control logic It is preferable that an encryption control logic is generated by encrypting and transmitting the generated encryption control logic to the control unit, and the control unit stores the encryption control logic.

  According to this configuration, the control unit stores the encryption control logic encrypted in the IO communication unit. For this reason, when the control logic is not executed, it is stored in the state of the encryption control logic, so that leakage and falsification of the control logic can be suppressed, and tamper resistance can be improved.

  Further, when the control logic is executed by the control unit, the control unit transmits the stored encryption control logic to the IO communication unit, and the IO communication unit receives the encryption control from the control unit. When the logic is received, based on the encryption key managed by the encryption key generation management unit, the encryption control logic is decrypted to generate the control logic, and the generated control logic is transmitted to the control unit It is preferable.

  According to this configuration, when executing the control logic, the control unit can decrypt the encryption control logic in the IO communication unit to obtain the control logic, and receive and execute the control logic transmitted from the IO communication unit. it can.

  The input / output information includes control data communicated between the control unit and the input / output device, and the IO communication unit generates and generates the encryption key by the encryption key generation management unit. The encryption key is transmitted to the control unit and the input / output device, and the control unit and the input / output device manage the encryption key transmitted from the IO communication unit, and based on the encryption key, It is preferable that the control data is encrypted to generate encrypted control data, and the generated control data is decrypted to generate the control data.

  According to this configuration, since the control data is encrypted and the encrypted encrypted control data can be communicated between the control unit and the input / output device, leakage of control data and tampering can be suppressed. The tamper resistance can be improved.

  The input / output information includes control data communicated between the control unit and the input / output device, and the control unit or the input / output device is connected between the control unit and the input / output device. A key generation request signal for requesting generation of the encryption key for the connection corresponding to the connection is transmitted to the IO communication unit, and the IO communication unit receives the key generation request signal from the control unit or the input / output device. Upon receipt, the encryption key generation management unit generates the encryption key for connection, transmits the generated encryption key for connection to the control unit and the input / output device corresponding to the connection, and the control unit The input / output device preferably discards the encryption key for connection when the connection between the control unit and the input / output device is released.

  According to this configuration, the control data is encrypted using the encryption key for connection corresponding to the connection between the control unit and the input / output device, and the encrypted encrypted control data is transferred to the control unit and the input / output device. Can communicate with. In addition, when the connection is released, the connection encryption key is discarded, so that leakage of control data using the encryption key, tampering, etc. can be further suppressed, and tamper resistance is improved more suitably. Can be planned.

  The information communication method of the present invention is an information communication method for encrypting and decrypting the input / output information using the information communication system, wherein the encryption key generation management unit of the IO communication unit An encryption key generation step for generating and managing an encryption key, and an encryption processing unit of the IO communication unit to generate encryption information by encrypting the input / output information using the managed encryption key, An encryption / decryption process step of generating the input / output information by decrypting the encrypted information using the managed encryption key.

  According to this configuration, the encryption key can be generated and managed by the IO communication unit. For this reason, since it can suppress that an encryption key is managed by a control part, the leakage of the encryption key from a control part can be suppressed. For this reason, leakage and falsification of input / output information can be suppressed, and tamper resistance can be improved. Furthermore, since encryption and decryption can be performed in a plurality of IO communication units, encryption / decryption processing can be executed in a distributed manner, and processing load can be reduced. Even in a control system, input / output information can be quickly encrypted and decrypted.

FIG. 1 is a configuration diagram schematically illustrating the information communication system according to the first embodiment. FIG. 2 is a configuration diagram schematically showing the IO communication unit. FIG. 3 is an explanatory diagram regarding the control logic developed by the control unit. FIG. 4 is a flowchart of the encryption process when the control logic is downloaded in the information communication system according to the first embodiment. FIG. 5 is a flowchart of the decrypting process when the control logic is executed in the information communication system according to the first embodiment. FIG. 6 is a flowchart of encryption processing at the time of communication of control data in the information communication system according to the third embodiment. FIG. 7 is a flowchart of encryption processing at the time of communication of control data in the information communication system according to the fourth embodiment.

  Embodiments according to the present invention will be described below in detail with reference to the drawings. In addition, this invention is not limited by this embodiment. In addition, constituent elements in the following embodiments include those that can be easily replaced by those skilled in the art or those that are substantially the same. Furthermore, the constituent elements described below can be appropriately combined, and when there are a plurality of embodiments, the embodiments can be combined.

[Embodiment 1]
FIG. 1 is a configuration diagram schematically illustrating the information communication system according to the first embodiment. As shown in FIG. 1, the information communication system 1 according to the first embodiment is a system used to communicate input / output information in a control system 6 that controls a device 5. Here, prior to the description of the information communication system 1, the control system 6 will be described.

  The control system 6 is a system that controls devices 5 such as valves and motors provided in a power generation plant, for example. The control system 6 includes a control unit 7 and a plurality of input / output devices 8 connected to the plurality of devices 5. The control unit 7 may be a distributed control device using a plurality of control devices, and is not particularly limited. The control system 6 transmits control data generated by the control unit 7 to the input / output device 8 and transmits control data output from the input / output device 8 to the control unit 7. For this reason, the information communication system 1 communicates control data as input / output information communicated between the control unit 7 and the input / output device 8.

  In addition, since the information communication system 1 is connected to the external network 10, the control system 6 can download the control logic used in the control of the control system 6 to the control unit 7 via the external network 10. It is possible. For this reason, the information communication system 1 communicates the control logic as input / output information downloaded to the control unit 7.

  Here, the input / output information communicated in the control system 6 requires real-time communication in order to perform highly responsive control on the device 5. In addition, since the information communication system 1 is connected to the external network 10, the input / output information communicated by the control system 6 is encrypted in order to suppress information leakage to the outside.

  Next, the information communication system 1 will be described with reference to FIG. As shown in FIG. 1, the information communication system 1 includes a firewall unit 11, a network communication adapter (network communication unit) 12, a communication bus 13, and a ring network 14. The information communication system 1 is connected to an external network 10.

  The external network 10 is, for example, the Internet, and is a network that is a general-purpose communication method that allows access from the outside. In addition to the information communication system 1, a maintenance device 17 and an operator device 18 are connected to the external network 10.

  The maintenance device 17 updates the control logic Mi described below used in the control of the control system 6, and updates the updated control logic Mi via the external network 10 and the information communication system 1. Or deliver to. The operator device 18 controls the control system 6 via the external network 10 and the information communication system 1.

  The firewall unit 11 is connected to the external network 10 and performs bidirectional information communication with the external network 10. The firewall unit 11 selects various types of information including input / output information input from the external network 10. Various types of selected information are communicated in a network within the information communication system 1.

  The network communication adapter 12 is connected to the firewall unit 11 and performs bidirectional information communication with the firewall unit 11. The network communication adapter 12 is connected to the communication bus 13 and performs bidirectional information communication with the communication bus 13.

  Various information including input / output information is transmitted to the communication bus 13. The communication bus 13 is a custom communication method for performing communication according to a specific communication standard, and for example, LVDS (Low Voltage Differential Signaling) is used. In addition to the network communication adapter 12 described above, the control unit 7 of the control system 6 and the ring network 14 are connected to the communication bus 13.

  The ring network 14 is a communication network formed in a ring shape. For example, an Ethernet ring (registered trademark) is used. Specifically, the ring network 14 includes a plurality of IO communication units 21 and is formed by connecting the plurality of IO communication units 21 in a ring shape using a transmission cable.

  The plurality of IO communication units 21 include a bus IO communication unit 21 a connected to the communication bus 13 and a device IO communication unit 21 b connected to the input / output device 8. An IO communication scanner having a scanner function is applied to the bus IO communication unit 21a, and bidirectional information communication is performed between the communication bus 13 and the ring network 14. The device IO communication unit 21b is applied with an IO communication adapter, acquires input / output information input from the adjacent bus IO communication unit 21a or another adjacent device IO communication unit 21b, and outputs the input / output information to the input / output device 8. . Further, the device IO communication unit 21b outputs the input / output information input from the input / output device 8 to the adjacent bus IO communication unit 21a or another adjacent device IO communication unit 21b. In FIG. 1, for the sake of simplicity, only one input / output device 8 is connected to the device IO communication unit 21b. However, a plurality of input / output devices 8 are normally connected to one device IO communication unit 21b. Is done.

  The information communication system 1 configured as described above communicates control logic as input / output information between the external network 10 and the control unit 7, and input / output information between the control unit 7 and the input / output device 8. And communicate control data. Here, the input / output information is encrypted by the plurality of IO communication units 21.

  Next, the IO communication unit 21 will be described with reference to FIG. FIG. 2 is a configuration diagram schematically showing the IO communication unit. In the information communication system 1, input / output information encryption / decryption processing is executed by the IO communication unit 21.

  The IO communication unit 21 has a full-duplex communication configuration, and includes two input physical layers 31, two output physical layers 32, two transmission circuits 33, two reception circuits 34, and a buffer unit 35. A first address decoder 36, a second address decoder 37, an input / output circuit 38, a frame buffer unit 39, and an encryption / decryption processing circuit 40.

  Each input physical layer 31 converts an electrical signal transmitted on the ring network 14 into data to be a bit string. Each output physical layer 32 converts data to be a bit string into an electric signal and transmits it on a network.

  Each transmission circuit 33 outputs the input / output information input from the first address decoder 36 and the buffer unit 35 to the output physical layer 32. Each receiving circuit 34 outputs the input / output information input from the input physical layer 31 to the first address decoder 36.

  The buffer unit 35 temporarily stores the input / output information input from the first address decoder 36 and outputs the stored input / output information to each transmission circuit 33. The first address decoder 36 acquires the input / output information input from each receiving circuit 34 and outputs the input / output information to the second address decoder 37 based on the first address information included in the acquired input / output information. Or input / output information is output to the transmission circuit 33 or the buffer unit 35.

  The second address decoder 37 acquires the input / output information input from the first address decoder 36, and based on the second address information included in the acquired input / output information, the input / output circuit 38, the frame buffer unit 39, or Input / output information is output to the encryption / decryption processing circuit 40.

  The input / output circuit 38 outputs the input / output information input from the second address decoder 37 and the frame buffer unit 39 to the input / output device 8. The input / output circuit 38 outputs the input / output information input from the input / output device 8 to the frame buffer unit 39.

  The frame buffer unit 39 temporarily stores the input / output information input from the second address decoder 37 and the input / output circuit 38, and outputs the stored input / output information to the input / output circuit 38 or the transmission circuit 33.

  The encryption / decryption processing circuit 40 performs encryption processing or decryption processing on the input / output information input from the second address decoder 37. Here, the encryption / decryption processing circuit 40 has a function as the encryption key generation management unit 40a and a function as the encryption / decryption processing unit 40b. The encryption key generation management unit 40a generates and manages encryption keys using random numbers. The encryption / decryption processing unit 40b generates input / output information by encrypting the input / output information based on the managed encryption key, and generates input / output information by decrypting the encryption information based on the managed encryption key. doing.

  Here, the plurality of IO communication units 21 of the first embodiment includes a master IO communication unit (hereinafter referred to as a master IO communication unit) 21, and a slave IO communication unit (hereinafter referred to as a slave IO communication unit) 21. The encryption / decryption process is performed using the common encryption key generated by the master IO communication unit 21. The master IO communication unit 21 is selected according to a preset selection process.

  Hereinafter, processing related to generation and management of encryption keys by the master IO communication unit 21 and the slave IO communication unit 21 will be described. The master IO communication unit 21 generates a common encryption key in the encryption / decryption processing circuit 40 and manages the generated common encryption key (encryption key generation step). In addition, the master IO communication unit 21 transmits the common encryption key generated by the encryption / decryption processing circuit 40 to the slave communication unit 21. When the slave communication unit 21 acquires the common encryption key, the encryption / decryption processing circuit 40 manages the common encryption key. Therefore, the plurality of IO communication units 21 manage a common encryption key in the encryption / decryption processing circuit 40.

  Further, the master IO communication unit 21 updates the common encryption key every preset update time. For example, when the next update time is Tn, the latest update time is Tc, and the update cycle is Tu, the master IO communication unit 21 sets the next update time Tn to “Tn = Tc + Tu”.

  Next, with reference to FIG. 3 to FIG. 5, an operation flow for performing encryption processing and decryption processing in the information communication system 1 will be described. FIG. 3 is an explanatory diagram regarding the control logic developed by the control unit. FIG. 4 is a flowchart of the encryption process when the control logic is downloaded in the information communication system according to the first embodiment. FIG. 5 is a flowchart of the decrypting process when the control logic is executed in the information communication system according to the first embodiment.

  In the operation flow shown in FIG. 4, the IO communication unit 21 performs encryption processing using a common encryption key, and controls the control logic as input / output information distributed from the maintenance device 17 to the external network 10. A case of downloading to the control unit 7 via the above will be described.

  As illustrated in FIG. 3, the control unit 7 is configured using, for example, a CPU, and an encrypted data storage area E1 that stores an encryption control logic that is an encrypted control logic in a memory provided in the CPU. And a decrypted data storage area E2 for storing the decrypted control logic, and a control logic execution area E3 for expanding and executing the control logic.

  As shown in FIG. 4, the control logic is transmitted from the maintenance device 17 to the network communication adapter 12 via the external network 10 (step S1). Then, the network communication adapter 12 acquires the control logic, and transmits the acquired control logic to the predetermined IO communication unit 21 (step S2). The IO communication unit 21 acquires the control logic, performs encryption processing on the acquired control logic in the encryption / decryption processing circuit 40 using a common encryption key, and generates encryption control logic (step S3: Encryption / decryption process). The IO communication unit 21 transmits the generated encryption control logic to the control unit 7 (step S4). The control unit 7 stores (saves) the acquired encryption control logic in the encrypted data storage area E1.

  Next, the operation flow shown in FIG. 5 will be described. In the operation flow shown in FIG. 5, a case will be described in which the IO communication unit 21 executes a decryption process using a common encryption key and also executes a control logic in the control unit 7.

  As shown in FIG. 5, the control unit 7 transmits the encryption control logic stored in the encrypted data storage area E1 to the predetermined IO communication unit 21 (step S11). The IO communication unit 21 acquires the encryption control logic, and the encryption / decryption processing circuit 40 executes the decryption process using the common encryption key in the encryption / decryption processing circuit 40 to generate the control logic (Step S1). S12: Encryption / decryption processing step). The IO communication unit 21 transmits the generated control logic to the control unit 7 (step S13). The control unit 7 stores the acquired control logic in the decrypted data storage area E2 and develops it in the control logic execution area E3 to execute the control logic (step S14).

  As described above, according to the first embodiment, the IO communication unit 21 can generate and manage an encryption key. For this reason, since it can suppress that a control part 7 manages an encryption key, the leakage of the encryption key from the control part 7 can be suppressed. For this reason, the leakage and falsification of the control logic as input / output information can be suppressed, and tamper resistance can be improved. Furthermore, since encryption and decryption can be performed in a plurality of IO communication units 21, encryption / decryption processing can be executed in a distributed manner, and processing load can be reduced, so that real-time performance is required. Even in the control system 6 that is used, the input / output information can be quickly encrypted and decrypted.

  Further, according to the first embodiment, since the encryption key can be easily updated by the encryption key generation management unit 40a of the IO communication unit 21, even if the encryption key is leaked, the encryption key different from the leaked encryption key And tamper resistance can be improved.

  Further, according to the first embodiment, the plurality of IO communication units 21 in the ring network 14 can perform encryption and decryption using a common encryption key. For this reason, the encrypted information encrypted by any IO communication unit 21 can be decrypted by any IO communication unit 21 to generate input / output information. For this reason, even if a predetermined IO communication unit 21 malfunctions due to a failure or the like, encryption and decryption can be performed by another IO communication unit 21 in the ring network 14 using a common encryption key. Therefore, redundancy can be ensured and reliability can be ensured. For this reason, the communication failure of the input / output information accompanying the encryption and decryption errors can be suppressed, and the operation rate of the information communication system 1 related to the communication of the input / output information can be increased.

  Further, according to the first embodiment, the control unit 7 stores the encryption control logic encrypted in the IO communication unit 21. For this reason, when the control logic is not executed, it is stored in the state of the encryption control logic, so that leakage and falsification of the control logic can be suppressed, and tamper resistance can be improved.

  Further, according to the first embodiment, when executing the control logic, the control unit 7 decrypts the encrypted control logic in the IO communication unit 21 to obtain the control logic, and receives the control logic transmitted from the IO communication unit 21. And can be executed.

[Embodiment 2]
Next, the information communication system 1 according to the second embodiment will be described. In the second embodiment, parts that are different from the first embodiment will be described in order to avoid redundant descriptions, and parts that are the same as those in the first embodiment will be described with the same reference numerals.

  In the information communication system 1 according to the first embodiment, the encryption / decryption processing circuit 40 executes encryption / decryption processing using a common encryption key. However, in the information communication system 1 according to the second embodiment, different encryption keys are used. The encryption / decryption processing circuit 40 executes encryption / decryption processing. Note that the system configuration of the information communication system 1 is the same as that of the first embodiment, and a description thereof will be omitted. Hereinafter, processing related to generation and management of encryption keys by the plurality of IO communication units 21 will be described.

  The plurality of IO communication units 21 generate different encryption keys in each encryption / decryption processing circuit 40 and manage the generated encryption keys. Each IO communication unit 21 transmits the encryption key generated by the encryption / decryption processing circuit 40 to the adjacent IO communication units 21 adjacent to each other in the ring network 14. When the IO communication units 21 on both sides acquire the encryption key, the encryption / decryption processing circuit 40 manages the encryption key. Therefore, each IO communication unit 21 manages the encryption key generated by itself and the encryption key generated by another IO communication unit 21 in the encryption / decryption processing circuit 40. In addition, the plurality of IO communication units 21 update their encryption keys at preset update times as in the first embodiment.

  As described above, according to the second embodiment, the encryption keys managed by the plurality of IO communication units 21 can be different. For this reason, diversity can be given to the encryption key and tamper resistance can be improved. Here, since the generated encryption key is transmitted to the IO communication unit 21 on both sides, even if the predetermined IO communication unit 21 becomes malfunctioning due to a failure or the like, it is transmitted by the IO communication unit 21 on both sides. Since encryption and decryption can be performed using an encryption key, redundancy can be ensured and reliability can be ensured.

  In the second embodiment, the encryption key generated by the predetermined IO communication unit 21 is transmitted to the IO communication units 21 adjacent to each other, but may be transmitted to any IO communication unit 21 and is not particularly limited.

[Embodiment 3]
Next, the information communication system 1 according to the third embodiment will be described with reference to FIG. FIG. 6 is a flowchart of encryption processing at the time of communication of control data in the information communication system according to the third embodiment. In the third embodiment, parts that are different from the first and second embodiments will be described in order to avoid redundant descriptions, and parts that have the same configurations as those in the first and second embodiments will be described with the same reference numerals.

  In the information communication system 1 according to the first and second embodiments, the encryption / decryption processing of the control logic that is input / output information is executed by the encryption / decryption processing circuit 40. In the information communication system 1 according to the third embodiment, the control unit 7 and the input / output device 8 execute encryption / decryption processing of control data communicated between the control unit 7 and the input / output device 8 as input / output information. ing. In the third embodiment, the plurality of IO communication units 21 generate and manage a common encryption key as in the first embodiment.

  Hereinafter, with reference to FIG. 6, an operation flow for performing encryption processing and decryption processing in the information communication system 1 will be described. 6 illustrates a case where the control data is encrypted by the control unit 7 and the control data is decrypted by the input / output device 8. However, the control data is encrypted by the input / output device 8 and the control data is controlled by the control unit 7. The same applies to the case of decoding.

  As shown in FIG. 6, the predetermined IO communication unit 21 transmits a common encryption key to be managed to the control unit 7 and the input / output device 8 (step S21). When acquiring the encryption key, the control unit 7 performs encryption processing on the control data output to the input / output device 8 using the acquired encryption key, and generates encryption control data (step S22). The control unit 7 transmits the generated encryption control data to the input / output device 8 via the information communication system 1 (step S23). When the input / output device 8 acquires the encryption control data, the input / output device 8 performs a decryption process on the acquired encryption control data by using the acquired encryption key transmitted from the IO communication unit 21 to generate control data (step). S24).

  As described above, according to the third embodiment, the control data is encrypted, and the encrypted encrypted control data can be communicated between the control unit 7 and the input / output device 8. In other words, since the information communication system 1 communicates the encrypted control data, it is possible to suppress leakage and falsification of the control data and to improve tamper resistance.

[Embodiment 4]
Next, the information communication system 1 according to Embodiment 4 will be described with reference to FIG. FIG. 7 is a flowchart of encryption processing at the time of communication of control data in the information communication system according to the fourth embodiment. In the fourth embodiment, parts that are different from those in the first to third embodiments will be described in order to avoid duplicate descriptions, and parts that have the same configuration as those in the first to third embodiments will be described with the same reference numerals.

  In the information communication system 1 according to the third embodiment, the control unit 7 and the input / output device 8 execute the encryption / decryption process of control data as input / output information using a common encryption key. In the information communication system 1 according to the fourth embodiment, using the encryption key corresponding to the connection between the control unit 7 and the input / output device 8, the control unit 7 and the input / output Running on device 8.

  Hereinafter, with reference to FIG. 7, an operation flow for performing encryption processing and decryption processing in the information communication system 1 will be described. 7 illustrates a case where the control data is encrypted by the control unit 7 and the control data is decrypted by the input / output device 8. However, the control data is encrypted by the input / output device 8, and the control data is controlled by the control unit 7. The same applies to the case of decoding.

  As shown in FIG. 7, the control unit 7 establishes a connection with the input / output device 8 that transmits control data (step S31). When the connection with the input / output device 8 is established, the control unit 7 transmits a key generation request signal for requesting generation of an encryption key for a connection corresponding to the connection to a predetermined IO communication unit 21 (step S32). ). When acquiring the key generation request signal, the IO communication unit 21 generates and manages the encryption key by the encryption / decryption processing circuit 40 based on the acquired key generation request signal (step S33). The IO communication unit 21 transmits the generated encryption key to the control unit 7 and the input / output device 8 (step S34). When the control unit 7 acquires the encryption key, the control unit 7 performs encryption processing on the control data output to the input / output device 8 using the acquired connection encryption key to generate encryption control data (step S1). S35). The control unit 7 transmits the generated encryption control data to the input / output device 8 via the information communication system 1 (step S36). When the input / output device 8 acquires the encryption control data, the input / output device 8 decrypts the acquired encryption control data using the connection encryption key transmitted from the IO communication unit 21 and generates control data. (Step S37). Thereafter, the control unit 7 determines whether or not to release the connection with the input / output device 8 (step S38). When canceling the connection (step S38: Yes), the control unit 7 discards the connection encryption key used by the control unit 7 and the input / output device 8 (step S39). On the other hand, if the connection is not released (No at Step S38), the control unit 7 proceeds to Step S35 again.

  As described above, according to the fourth embodiment, the control data is encrypted using the connection encryption key corresponding to the connection between the control unit 7 and the input / output device 8, and the encrypted control data is encrypted. Communication can be performed between the control unit 7 and the input / output device 8. Also, when the connection is released, the encryption key for connection is discarded, so that leakage of control data using the encryption key, tampering, and the like can be suppressed, and tamper resistance is improved more suitably. be able to.

DESCRIPTION OF SYMBOLS 1 Information communication system 5 Apparatus 6 Control system 7 Control part 8 Input / output device 10 External network 11 Firewall part 12 Network communication adapter 13 Communication bus 14 Ring type network 17 Maintenance apparatus 18 Operator apparatus 21 IO communication part 21a Bus IO communication part 21b Device IO communication unit 31 Input physical layer 32 Output physical layer 33 Transmission circuit 34 Reception circuit 35 Buffer unit 36 First address decoder 37 Second address decoder 38 Input / output circuit 39 Frame buffer unit 40 Encryption / decryption processing circuit 40a Encryption key generation management Section 40b Encryption / decryption processing section E1 Encrypted data storage area E2 Decrypted data storage area E3 Control logic execution area

Claims (9)

In an information communication system for communicating input / output information in a control system that controls equipment connected to the input / output device,
A network communication unit connected to an external network;
A communication bus connected to the network communication unit;
An internal network connected to the communication bus,
The internal network forms a network capable of bidirectional communication between a plurality of IO communication units including a bus IO communication unit connected to the communication bus and a device IO communication unit connected to the input / output device. ,
The IO communication unit generates an encryption key and manages an encryption key, and generates the encryption information by encrypting the input / output information based on the managed encryption key, and the managed a decryption processing unit for generating said output information by decrypting the encrypted information based on the encryption key, the possess,
The input / output information includes a control logic executed by a control unit connected to the communication bus,
When downloading the control logic to the control unit,
When the network communication unit receives the control logic from the external network, the network communication unit transmits the control logic to the IO communication unit,
When the IO communication unit receives the control logic from the network communication unit, the IO communication unit generates the encryption control logic by encrypting the control logic based on the encryption key managed by the encryption key generation management unit, Send the generated encryption control logic to the control unit,
The information communication system , wherein the control unit stores the encryption control logic .   The information communication system according to claim 1, wherein the IO communication unit updates the encryption key generated by the encryption key generation management unit at a preset update time.   The information communication system according to claim 1, wherein the internal network is a ring network in which a plurality of the IO communication units form a ring network. The plurality of IO communication units include the IO communication unit serving as a master and the IO communication unit serving as a slave,
The IO communication unit serving as a master generates the common encryption key in the encryption key generation management unit, and transmits the generated common encryption key to the IO communication unit serving as a slave. Item 4. The information communication system according to any one of Items 1 to 3.   The plurality of IO communication units generate different encryption keys in the respective encryption key generation management units, and transmit the generated encryption keys to other IO communication units. 4. The information communication system according to any one of items 3. When executing the control logic in the control unit,
The control unit transmits the stored encryption control logic to the IO communication unit,
Upon receiving the encryption control logic from the control unit, the IO communication unit generates the control logic by decrypting the encryption control logic based on the encryption key managed by the encryption key generation management unit and, the information communication system according to any one of claims 1 to 5, the generated said control logic and transmits to the control unit. The input / output information includes control data communicated between the control unit connected to the communication bus and the input / output device,
The IO communication unit generates the encryption key in the encryption key generation management unit, transmits the generated encryption key to the control unit and the input / output device,
The control unit and the input / output device manage the encryption key transmitted from the IO communication unit, encrypt the control data based on the encryption key, and generate encrypted control data. information communication system according to any one of claims 1 to 6 for decrypting the encrypted control data and generates the control data. The input / output information includes control data communicated between the control unit connected to the communication bus and the input / output device,
The control unit or the input / output device transmits a key generation request signal for requesting generation of the encryption key for a connection corresponding to a connection between the control unit and the input / output device to the IO communication unit. ,
When the IO communication unit receives the key generation request signal from the control unit or the input / output device, the encryption key generation management unit generates the encryption key for connection, and generates the generated encryption key for the connection. , Transmit to the control unit and the input / output device corresponding to the connection,
It said control unit and said input device, when a connection between the control unit and the input device is released, one of claims 1, characterized in that discarding the encryption key for the connection 6 of The information communication system according to claim 1. An information communication method for encrypting and decrypting the input / output information using the information communication system according to any one of claims 1 to 8 ,
An encryption key generation step of generating and managing the encryption key in the encryption key generation management unit of the IO communication unit;
In the encryption processing unit of the IO communication unit, the input / output information is encrypted using the managed encryption key to generate encrypted information, and the encrypted information is generated using the managed encryption key. An encryption / decryption processing step for decrypting and generating the input / output information ,
The input / output information includes a control logic executed by a control unit connected to the communication bus,
When downloading the control logic to the control unit,
In the encryption / decryption processing step, when the network communication unit receives the control logic from the external network, the control logic is transmitted to the IO communication unit, and the IO communication unit transmits the control logic from the network communication unit. Is received, the control logic is encrypted based on the encryption key managed by the encryption key generation management unit to generate an encryption control logic, and the generated encryption control logic is transmitted to the control unit. The information communication method , wherein the control unit stores the encryption control logic .

Images