CN109739203B - Industrial network boundary protection system - Google Patents
Industrial network boundary protection system Download PDFInfo
- Publication number
- CN109739203B CN109739203B CN201910135999.3A CN201910135999A CN109739203B CN 109739203 B CN109739203 B CN 109739203B CN 201910135999 A CN201910135999 A CN 201910135999A CN 109739203 B CN109739203 B CN 109739203B
- Authority
- CN
- China
- Prior art keywords
- network
- industrial
- network system
- security
- firewall
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/02—Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]
Landscapes
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides an industrial network boundary protection system which comprises a production network system, an data acquisition network system, an office network system and an industrial firewall system, wherein the production network system is connected with the data acquisition network system through the industrial firewall system to realize one-way data transmission, the control and operation of equipment can be finished in the production network, the data acquisition network system comprises an industrial control safety audit platform, and the office network system also comprises an industrial control system information safety supervision and analysis platform, a production scheduling system and a client; the invention can perform behavioral analysis on the communication of the network acquisition system, the production network system and the data acquisition system through the industrial control security audit platform, can complete real-time monitoring of the communication link state in the network through the anomaly monitoring module, improves the security of the industrial network boundary protection system, can perform deep inspection on the data packet based on the application layer through the industrial firewall system, improves the communication security, and has obvious effect on the core asset protection of the production network system.
Description
Technical Field
The invention relates to the field of data application, in particular to an industrial network boundary protection system.
Background
In recent years, the information security incidents of the industrial control system are continuously generated, and malicious software such as a seismic net, a flame, a poison region, a Havex and the like seriously influence the stable operation of key industrial infrastructure, so that the situation that the information security of the industrial control system faces severe is fully reflected. The information security risk and the number of events of the industrial control system still rise, and the situation is very severe.
The primary content of network security isolation protection is to realize access control of network traffic among some important subsystems in a network, which is the basis of network security protection, the security threat faced by the current industrial control network is not only conventional IT attack means or virus infection, but the attack aiming at the security defects and loopholes of the industrial control communication protocol and control equipment can bring more serious harm to the industrial control system, so the grasp of access control granularity becomes the root factor of success or failure of industrial control network security construction, the existing port-level access control strategy cannot protect the attack of malicious codes of the industrial protocol, and an industrial firewall system with an industrial protocol Deep Packet Inspection (DPI) function needs to be arranged at the network boundary to provide more effective industrial protocol application layer protection. Therefore, the invention provides an industrial network boundary protection system to solve the defects in the prior art.
Disclosure of Invention
Aiming at the problems, the invention can perform behavioral analysis on the communication of a network acquisition system, a production network system and a network acquisition system through an industrial control security audit platform, can complete real-time monitoring of the communication link state in the network through an anomaly monitoring module, can summarize and display the abnormal communication generated in the system in an alarm mode, can trace the propagation path of virus trojan in the network, detect whether the industrial control system has security loopholes and hidden dangers, improve the security of an industrial network boundary protection system, can protect ports through an industrial firewall system, can perform deep inspection on data packets based on an application layer, improve the communication security, improve the security of an intelligent manufacturing network on the basis of ensuring the reliability and availability of automation and related network communication information transmission, perfect the security of the intelligent manufacturing network, and prevent attacks, viruses and viruses on core assets of the production network system, The anti-theft effect is obvious.
The invention provides an industrial network boundary protection system, which comprises a production network system, an data acquisition network system, an office network system and an industrial firewall system, wherein the production network system comprises a PLC (programmable logic controller), a sensor, an intelligent instrument and a DCS (distributed control system), the PLC, the sensor, the intelligent instrument and the DCS are all connected with the data acquisition network system through the industrial firewall system, the PLC, the sensor and the intelligent instrument are all independently connected with a station control server, the production network system is connected with the data acquisition network system through the industrial firewall system to realize data unidirectional transmission, the control and operation of equipment can be completed in the production network, the data acquisition network system comprises an industrial control safety audit platform, an acquisition server, a real-time database, a Web database server and a relational database, the acquisition server, the real-time database, the Web database server and the relational database are all connected with the industrial control safety audit platform, the collection server and the real-time database are used for collecting and updating real-time data of the PLC, the sensor and the intelligent instrument, the Web database server and the relational database are used for processing data of the DCS, the data acquisition network system is connected with the office network system through an industrial firewall system, the office network system also comprises an industrial control safety audit platform, the real-time database, the Web database server and the relational database, the industrial control safety audit platform can conduct behavior analysis on communication of the data acquisition network system, the production network system and the data acquisition network system, the office network system also comprises an industrial control system information safety supervision and analysis platform, a production scheduling system and a client, the industrial control system information safety supervision and analysis platform comprises an abnormity monitoring module, a trusted computing terminal, a mobile storage medium management and control system and a network safety management platform, the system comprises an abnormality monitoring module, a trusted computing terminal, a network security management platform, a mobile storage medium management system and a network security management platform, wherein the abnormality monitoring module is connected with the trusted computing terminal, the abnormality monitoring module, the trusted computing terminal and the mobile storage medium management system are all connected with the network security management platform, and the network security management platform is used for receiving alarms and logs from an industrial firewall system and the trusted terminal;
the industrial firewall system uses the technology of an industrial communication protocol white list, and is internally provided with a PC/Modbus/DNP3 and a Profinet proprietary industrial communication protocol;
the industrial firewall system is internally provided with a firewall configuration online modification module, and the firewall configuration online modification module can modify the industrial firewall system strategy of the configuration in real time without influencing the real-time communication of a factory;
the firewall configuration online modification module is powered by double power supplies and is provided with a power failure alarm output unit, and the firewall configuration online modification module can be configured with a Bypass function;
the abnormal monitoring module comprises a network data flow monitoring unit, a network abnormal data alarming and tracing unit, an operation record and protocol depth analyzing unit, an information stealing alarming unit and an unknown equipment access prompting unit, wherein the network data flow monitoring unit, the network abnormal data alarming and tracing unit, the operation record and protocol depth analyzing unit, the information stealing alarming unit and the unknown equipment access prompting unit cooperate to complete real-time monitoring of the communication link state in the network, collect and display abnormal communication generated in the system in an alarming mode, trace the propagation path of the virus Trojan in the network, and detect whether a safety leak and a hidden danger exist in the industrial control system.
The further improvement lies in that: the trusted computing terminal is a trusted computing terminal with cipher hardware as a core and is used for realizing the security and the credibility of a communication environment among a computing environment, a production network system, a data acquisition network system and an office network system.
The further improvement lies in that: the trusted computing terminal comprises an authorization server and a security client, wherein the security client is used for comprehensively measuring all processes of the system and submitting measurement information to the authorization server, the authorization server can edit the received measurement information to generate a white list and then provide the white list for the security client to download, the security client protects the system and application according to the downloaded white list and uploads abnormal information and interception logs in the system and the application to an industrial control security audit platform.
The further improvement lies in that: the mobile storage medium management and control system can realize the identity authentication of the host computer to the mobile storage medium, the access control of the host computer to the mobile storage medium and the downloading and updating of the access information of the host computer.
The further improvement lies in that: the industrial control security audit platform also realizes strict audit on access and use behaviors of the mobile equipment, and audit contents comprise access time, an access operation station, an access subject, an accessed object, an access mode, an access result, date and time and user information.
The invention has the beneficial effects that: the system can perform behavioral analysis on the communication of a network acquisition system, a production network system and the network acquisition system through an industrial control security audit platform, can monitor the state of a communication link in the network in real time through an anomaly monitoring module, collect and display the anomaly communication generated in the system in an alarm mode, trace the propagation path of a virus trojan in the network, detect whether the industrial control system has security loopholes and hidden dangers, improve the security of an industrial network boundary protection system, can protect ports through an industrial firewall system, can perform deep inspection on data packets based on an application layer, improve the communication security, improve the security of an intelligent manufacturing network on the basis of ensuring the reliability and the availability of automation and related network communication information transmission, have obvious effects of preventing attacks, viruses and stealing of core assets of the production network system, and can modify the strategy of the configured industrial firewall system in real time through a firewall configuration online modification module The real-time communication of a factory is not influenced, the project implementation risk is greatly reduced, the communication environment between a computing environment, a production network system, a data acquisition network system and an office network system can be safe and credible through the credible computing terminal, unknown malicious codes are damaged in immunity, and high-level malicious attacks can be responded.
Drawings
FIG. 1 is a schematic diagram of the system of the present invention.
Detailed Description
In order to further understand the present invention, the following detailed description will be made with reference to the following examples, which are only used for explaining the present invention and are not to be construed as limiting the scope of the present invention.
According to fig. 1, the embodiment provides an industrial network boundary protection system, which includes a production network system, a data acquisition network system, an office network system and an industrial firewall system, wherein the production network system includes a PLC, a sensor, an intelligent instrument and a DCS system, the PLC, the sensor, the intelligent instrument and the DCS system are all connected to the data acquisition network system through the industrial firewall system, and the PLC, the sensor and the intelligent instrument are all separately connected to a station control server, the production network system is connected to the data acquisition network system through the industrial firewall system to realize unidirectional data transmission, control and operation of equipment can be completed in the production network, the data acquisition network system includes an industrial control security audit platform, an acquisition server, a real-time database, a Web database server and a relational database, the acquisition server, the real-time database, the Web database server and the relational database are all connected to the industrial control security audit platform, the collection server and the real-time database are used for collecting and updating real-time data of the PLC, the sensor and the intelligent instrument, the Web database server and the relational database are used for processing data of the DCS, the data acquisition network system is connected with the office network system through an industrial firewall system, the office network system also comprises an industrial control safety audit platform, the real-time database, the Web database server and the relational database, the industrial control safety audit platform can conduct behavior analysis on communication of the data acquisition network system, the production network system and the data acquisition network system, the office network system also comprises an industrial control system information safety supervision and analysis platform, a production scheduling system and a client, the industrial control system information safety supervision and analysis platform comprises an abnormity monitoring module, a trusted computing terminal, a mobile storage medium management and control system and a network safety management platform, the system comprises an abnormality monitoring module, a trusted computing terminal, a network security management platform, a mobile storage medium management system and a network security management platform, wherein the abnormality monitoring module is connected with the trusted computing terminal, the abnormality monitoring module, the trusted computing terminal and the mobile storage medium management system are all connected with the network security management platform, and the network security management platform is used for receiving alarms and logs from an industrial firewall system and the trusted terminal;
the industrial firewall system uses the technology of an industrial communication protocol white list, and is internally provided with a PC/Modbus/DNP3 and a Profinet proprietary industrial communication protocol;
the industrial firewall system is internally provided with a firewall configuration online modification module, and the firewall configuration online modification module can modify the industrial firewall system strategy of the configuration in real time without influencing the real-time communication of a factory;
the firewall configuration online modification module is powered by double power supplies and is provided with a power failure alarm output unit, and the firewall configuration online modification module can be configured with a Bypass function;
the abnormal monitoring module comprises a network data flow monitoring unit, a network abnormal data alarming and tracing unit, an operation record and protocol depth analyzing unit, an information stealing alarming unit and an unknown equipment access prompting unit, wherein the network data flow monitoring unit, the network abnormal data alarming and tracing unit, the operation record and protocol depth analyzing unit, the information stealing alarming unit and the unknown equipment access prompting unit cooperate to complete real-time monitoring of the communication link state in the network, collect and display abnormal communication generated in the system in an alarming mode, trace the propagation path of the virus Trojan in the network, and detect whether a safety leak and a hidden danger exist in the industrial control system.
The trusted computing terminal is a trusted computing terminal with cipher hardware as a core and is used for realizing the security and the credibility of a communication environment among a computing environment, a production network system, a data acquisition network system and an office network system.
The trusted computing terminal comprises an authorization server and a security client, wherein the security client is used for comprehensively measuring all processes of the system and submitting measurement information to the authorization server, the authorization server can edit the received measurement information to generate a white list and then provide the white list for the security client to download, the security client protects the system and application according to the downloaded white list and uploads abnormal information and interception logs in the system and the application to an industrial control security audit platform.
The mobile storage medium management and control system can realize the identity authentication of the host computer to the mobile storage medium, the access control of the host computer to the mobile storage medium and the downloading and updating of the access information of the host computer.
The industrial control security audit platform also realizes strict audit on access and use behaviors of the mobile equipment, and audit contents comprise access time, an access operation station, an access subject, an accessed object, an access mode, an access result, date and time and user information.
The system can perform behavioral analysis on the communication of a network acquisition system, a production network system and the network acquisition system through an industrial control security audit platform, can monitor the state of a communication link in the network in real time through an anomaly monitoring module, collect and display the anomaly communication generated in the system in an alarm mode, trace the propagation path of a virus trojan in the network, detect whether the industrial control system has security loopholes and hidden dangers, improve the security of an industrial network boundary protection system, can protect ports through an industrial firewall system, can perform deep inspection on data packets based on an application layer, improve the communication security, improve the security of an intelligent manufacturing network on the basis of ensuring the reliability and the availability of automation and related network communication information transmission, have obvious effects of preventing attacks, viruses and stealing of core assets of the production network system, and can modify the strategy of the configured industrial firewall system in real time through a firewall configuration online modification module The real-time communication of a factory is not influenced, the project implementation risk is greatly reduced, the communication environment between a computing environment, a production network system, a data acquisition network system and an office network system can be safe and credible through the credible computing terminal, unknown malicious codes are damaged in immunity, and high-level malicious attacks can be responded.
The foregoing illustrates and describes the principles, general features, and advantages of the present invention. It will be understood by those skilled in the art that the present invention is not limited to the embodiments described above, which are described in the specification and illustrated only to illustrate the principle of the present invention, but that various changes and modifications may be made therein without departing from the spirit and scope of the present invention, which fall within the scope of the invention as claimed. The scope of the invention is defined by the appended claims and equivalents thereof.
Claims (5)
1. An industrial network boundary protection system, characterized by: the production network system comprises a production network system, a data acquisition network system, an office network system and an industrial firewall system, wherein the production network system comprises a PLC (programmable logic controller), a sensor, an intelligent instrument and a DCS (distributed control system), the PLC, the sensor, the intelligent instrument and the DCS are all connected with the data acquisition network system through the industrial firewall system, the PLC, the sensor and the intelligent instrument are all independently connected with a station control server, the production network system is connected with the data acquisition network system through the industrial firewall system to realize data one-way transmission, control and operation of equipment can be completed in the production network, the data acquisition network system comprises an industrial control safety audit platform, an acquisition server, a real-time database, a Web database server and a relational database, the acquisition server, the real-time database, the Web database server and the relational database are all connected with the industrial control safety audit platform, and the acquisition server and the real-time database are used for acquiring and updating the PLC, The system comprises a sensor and real-time data of an intelligent instrument, wherein a Web database server and a relational database are used for processing data of a DCS (distributed control system), the data acquisition network system is connected with an office network system through an industrial firewall system, the office network system also comprises an industrial control safety audit platform, a real-time database, a Web database server and a relational database, the industrial control safety audit platform can conduct behavior analysis on communication of the data acquisition network system, a production network system and the data acquisition network system, the office network system also comprises an industrial control system information safety supervision and analysis platform, a production scheduling system and a client, the industrial control system information safety supervision and analysis platform comprises an abnormity monitoring module, a trusted computing terminal, a mobile storage medium management and control system and a network safety management platform, the abnormity monitoring module is connected with the trusted computing terminal, and the abnormity monitoring module, the Web database server and the relational database are used for processing the data of the DCS system, The trusted computing terminal and the mobile storage medium management and control system are both connected with a network security management platform, and the network security management platform is used for receiving alarms and logs from the industrial firewall system and the trusted terminal;
the industrial firewall system uses the technology of an industrial communication protocol white list, and is internally provided with a PC/Modbus/DNP3 and a Profinet proprietary industrial communication protocol;
the industrial firewall system is internally provided with a firewall configuration online modification module, and the firewall configuration online modification module can modify the industrial firewall system strategy of the configuration in real time without influencing the real-time communication of a factory;
the firewall configuration online modification module is powered by double power supplies and is provided with a power failure alarm output unit, and the firewall configuration online modification module can be configured with a Bypass function;
the abnormal monitoring module comprises a network data flow monitoring unit, a network abnormal data alarming and tracing unit, an operation record and protocol depth analyzing unit, an information stealing alarming unit and an unknown equipment access prompting unit, wherein the network data flow monitoring unit, the network abnormal data alarming and tracing unit, the operation record and protocol depth analyzing unit, the information stealing alarming unit and the unknown equipment access prompting unit cooperate to complete real-time monitoring of the communication link state in the network, collect and display abnormal communication generated in the system in an alarming mode, trace the propagation path of the virus Trojan in the network, and detect whether a safety leak and a hidden danger exist in the industrial control system.
2. The industrial network boundary defense system of claim 1, wherein: the trusted computing terminal is a trusted computing terminal with cipher hardware as a core and is used for realizing the security and the credibility of a communication environment among a computing environment, a production network system, a data acquisition network system and an office network system.
3. The industrial network boundary defense system of claim 1, wherein: the trusted computing terminal comprises an authorization server and a security client, wherein the security client is used for comprehensively measuring all processes of the system and submitting measurement information to the authorization server, the authorization server can edit the received measurement information to generate a white list and then provide the white list for the security client to download, the security client protects the system and application according to the downloaded white list and uploads abnormal information and interception logs in the system and the application to an industrial control security audit platform.
4. The industrial network boundary defense system of claim 1, wherein: the mobile storage medium management and control system can realize the identity authentication of the host computer to the mobile storage medium, the access control of the host computer to the mobile storage medium and the downloading and updating of the access information of the host computer.
5. The industrial network boundary defense system of claim 1, wherein: the industrial control security audit platform also realizes strict audit on access and use behaviors of the mobile equipment, and audit contents comprise access time, an access operation station, an access subject, an accessed object, an access mode, an access result, date and time and user information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910135999.3A CN109739203B (en) | 2019-02-25 | 2019-02-25 | Industrial network boundary protection system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910135999.3A CN109739203B (en) | 2019-02-25 | 2019-02-25 | Industrial network boundary protection system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109739203A CN109739203A (en) | 2019-05-10 |
| CN109739203B true CN109739203B (en) | 2021-09-21 |
Family
ID=66368104
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910135999.3A Active CN109739203B (en) | 2019-02-25 | 2019-02-25 | Industrial network boundary protection system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109739203B (en) |
Families Citing this family (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| DE102019220249A1 (en) * | 2019-12-19 | 2021-06-24 | Siemens Mobility GmbH | Transmission device for transmitting data |
| CN113315794A (en) * | 2020-02-26 | 2021-08-27 | 宝山钢铁股份有限公司 | Hardware architecture of computing system network for online intelligent analysis of blast furnace production |
| CN112073431B (en) * | 2020-09-24 | 2021-12-07 | 中广核工程有限公司 | Security defense method and system for industrial control system network |
| CN112258683B (en) * | 2020-10-20 | 2022-07-01 | 云账户技术(天津)有限公司 | Inspection method and device for business system |
| CN112437040A (en) * | 2020-10-26 | 2021-03-02 | 北京珞安科技有限责任公司 | Industrial network security firewall boundary protection system |
| CN112838948B (en) * | 2020-12-30 | 2023-02-28 | 江苏亨通工控安全研究院有限公司 | Integrated industrial safety supervision and analysis system |
| CN113176765A (en) * | 2021-04-22 | 2021-07-27 | 深圳市威斯登信息科技有限公司 | Safety monitoring method and system for operation state of industrial control device |
| CN113949539A (en) * | 2021-09-27 | 2022-01-18 | 广东核电合营有限公司 | Protection method for network security of KNS system of nuclear power plant and KNS system |
| CN114006760B (en) * | 2021-11-01 | 2023-07-18 | 西安思源学院 | Database information security prevention and control system |
| CN114660974B (en) * | 2022-04-22 | 2022-11-08 | 珠海市洛奇云联科技有限公司 | Industrial manufacturing intelligent system and remote control method thereof |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1422585A3 (en) * | 2002-11-19 | 2004-10-13 | Rockwell Software Inc. | System and methodology providing audit recording and tracking in real time industrial controller environment |
| CN102546638A (en) * | 2012-01-12 | 2012-07-04 | 冶金自动化研究设计院 | Scene-based hybrid invasion detection method and system |
| CN103036886A (en) * | 2012-12-19 | 2013-04-10 | 珠海市鸿瑞软件技术有限公司 | Industrial controlling network safety protecting method |
| CN103441926A (en) * | 2013-08-27 | 2013-12-11 | 西北工业大学 | Security gateway system of numerically-controlled machine tool network |
| CN106559399A (en) * | 2015-09-30 | 2017-04-05 | 北京军地联合网络技术中心 | A kind of the Internet mobile terminal synthesis managing and control system |
-
2019
- 2019-02-25 CN CN201910135999.3A patent/CN109739203B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1422585A3 (en) * | 2002-11-19 | 2004-10-13 | Rockwell Software Inc. | System and methodology providing audit recording and tracking in real time industrial controller environment |
| CN102546638A (en) * | 2012-01-12 | 2012-07-04 | 冶金自动化研究设计院 | Scene-based hybrid invasion detection method and system |
| CN103036886A (en) * | 2012-12-19 | 2013-04-10 | 珠海市鸿瑞软件技术有限公司 | Industrial controlling network safety protecting method |
| CN103441926A (en) * | 2013-08-27 | 2013-12-11 | 西北工业大学 | Security gateway system of numerically-controlled machine tool network |
| CN106559399A (en) * | 2015-09-30 | 2017-04-05 | 北京军地联合网络技术中心 | A kind of the Internet mobile terminal synthesis managing and control system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109739203A (en) | 2019-05-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109739203B (en) | Industrial network boundary protection system | |
| Zolanvari et al. | Machine learning-based network vulnerability analysis of industrial Internet of Things | |
| Lin et al. | Cyber attack and defense on industry control systems | |
| EP4111665A1 (en) | Cyber security for a software-as-a-service factoring risk | |
| CN111245793A (en) | Method and device for analyzing abnormity of network data | |
| US11689544B2 (en) | Intrusion detection via semantic fuzzing and message provenance | |
| CN109922085B (en) | Safety protection system and method based on CIP (common interface protocol) in PLC (programmable logic controller) | |
| Jardine et al. | Senami: Selective non-invasive active monitoring for ics intrusion detection | |
| CN114567463B (en) | Industrial network information safety monitoring and protecting system | |
| CN113596028B (en) | Method and device for handling network abnormal behaviors | |
| Abouzakhar | Critical infrastructure cybersecurity: A review of recent threats and violations | |
| CN111835680A (en) | Safety protection system of industry automatic manufacturing | |
| CN114666088A (en) | Method, device, equipment and medium for detecting industrial network data behavior information | |
| Satyanarayana | Detection and blocking of replay, false command, and false access injection commands in scada systems with modbus protocol | |
| Alruwaili | Intrusion detection and prevention in industrial iot: A technological survey | |
| CN114125083A (en) | Industrial network distributed data acquisition method and device, electronic equipment and medium | |
| Zhang et al. | Investigating the impact of cyber attacks on power system reliability | |
| Wali | Analysis of security challenges in cloud-based SCADA systems: A survey | |
| CN110493200B (en) | Industrial control system risk quantitative analysis method based on threat map | |
| Gao | Cyberthreats, attacks and intrusion detection in supervisory control and data acquisition networks | |
| Kamal et al. | Identifying and scoring vulnerability in scada environments | |
| Rencelj Ling et al. | Securing Communication and Identifying Threats in RTUs: A Vulnerability Analysis | |
| Yılmaz et al. | ICS Cyber attack analysis and a new diagnosis approach | |
| KR102540904B1 (en) | A security total management system for weak security management based on big data and a total method of security | |
| CN115102725B (en) | Security audit method, device and medium for industrial robot |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |