CN104079408B - Strengthen the method for communications security in a kind of industrial control system - Google Patents
Strengthen the method for communications security in a kind of industrial control system Download PDFInfo
- Publication number
- CN104079408B CN104079408B CN201410240791.5A CN201410240791A CN104079408B CN 104079408 B CN104079408 B CN 104079408B CN 201410240791 A CN201410240791 A CN 201410240791A CN 104079408 B CN104079408 B CN 104079408B
- Authority
- CN
- China
- Prior art keywords
- message
- main website
- timestamp
- end side
- control system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000004891 communication Methods 0.000 title claims abstract description 58
- 238000000034 method Methods 0.000 title claims abstract description 33
- 238000012545 processing Methods 0.000 claims abstract description 16
- 230000005540 biological transmission Effects 0.000 claims abstract description 7
- 238000011084 recovery Methods 0.000 claims abstract description 6
- 239000002131 composite material Substances 0.000 claims description 21
- 241001269238 Data Species 0.000 claims description 3
- 230000015572 biosynthetic process Effects 0.000 claims description 3
- 239000000284 extract Substances 0.000 claims description 3
- 238000000605 extraction Methods 0.000 claims description 3
- 238000005728 strengthening Methods 0.000 abstract description 2
- 230000007246 mechanism Effects 0.000 description 19
- 238000013461 design Methods 0.000 description 15
- 230000006870 function Effects 0.000 description 12
- 230000002708 enhancing effect Effects 0.000 description 7
- 230000001360 synchronised effect Effects 0.000 description 6
- 230000008569 process Effects 0.000 description 5
- 238000012795 verification Methods 0.000 description 5
- 238000005457 optimization Methods 0.000 description 4
- 238000001629 sign test Methods 0.000 description 4
- 230000016571 aggressive behavior Effects 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 3
- 230000008859 change Effects 0.000 description 3
- 230000009466 transformation Effects 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 150000001875 compounds Chemical class 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 238000005259 measurement Methods 0.000 description 2
- VNWKTOKETHGBQD-UHFFFAOYSA-N methane Chemical compound C VNWKTOKETHGBQD-UHFFFAOYSA-N 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 238000003860 storage Methods 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- BYACHAOCSIPLCM-UHFFFAOYSA-N 2-[2-[bis(2-hydroxyethyl)amino]ethyl-(2-hydroxyethyl)amino]ethanol Chemical group OCCN(CCO)CCN(CCO)CCO BYACHAOCSIPLCM-UHFFFAOYSA-N 0.000 description 1
- 229920001131 Pulp (paper) Polymers 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 239000003345 natural gas Substances 0.000 description 1
- 239000003921 oil Substances 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 239000000126 substance Substances 0.000 description 1
- XLYOFNOQVPJJNP-UHFFFAOYSA-N water Substances O XLYOFNOQVPJJNP-UHFFFAOYSA-N 0.000 description 1
Abstract
The present invention relates to a kind of method for strengthening communications security in industrial control system, this method is applied in industrial control system, and the industrial control system includes the main website side and end side being in communication with each other, and methods described is implemented by following three stages:(1) preparatory stage before communicating;(2) main website side transmission phase;(3) end side reception, processing and recovery stage.This method is directed in industrial communication systems, communication have the characteristics that client computing capability is weak, time of client from server end, communication channel is unreliable, the system of important traffic requirement real-time and high security.This method is directed to the secure communication of this particular surroundings, provides important traffic message authentication and complete letter ensures, effectively strengthen the security of whole system.
Description
Technical field
The present invention relates to a kind of information security technology, strengthen communications security in particular to a kind of industrial control system
Method.
Background technology
Industrial control system (ICS) is the general name to various control system, including supervisory control and data acquisition (SCADA) (SCADA) system
System, dcs (DCS), and the small-sized control system device of programmable logic controller (PLC) (PLC) etc.Industry
Control system be widely used in electric power, running water, oil, natural gas, chemical industry, communications and transportation, pharmacy, paper pulp and papermaking, the energy,
Food and drink manufactures.Industrial control system is made up of main website, network and substation.The basic functional principle of industrial control system is son
Stand and technical process measurement data are acquired, data are delivered to by main website by network, by network to substation after main website analysis
The order such as control or parameter setting is sent, substation is acted to industrial process and returns to time implementing result and/or state
Main website.
The communication protocol used at present in industrial control system include IEC60870 series, IEC60970 series,
IEC61850 series, DNP3 etc., it is using reliability as primary demand the characteristics of these agreements, considers transmitting-receiving certification, number
According to secure contents such as integrality and data securities.And the computing environment of industrial control system application is severe, not only network leads to
Letter mode is numerous, including special line dialing, optical fiber private network, mobile GPRS, satellite communication etc., and the state of equipment in a distributed manner,
It is fully exposed among open computing environment, there is opponent's attack.Open network environment and " zero safe machine
The communication protocol of system " causes industrial control system to face numerous Information Security Risks.
For such case, on the premise of the existing communication protocol of compatibility and data format, the extension of function with high safety,
With very strong realistic meaning.
The content of the invention
In view of the shortcomings of the prior art, it is an object of the invention to provide strengthen communications security in a kind of industrial control system
Method, this method for it is unidirectional, just for important communication message, using the Elliptic Curve Cryptosystem of depth optimization, after
Sew formula design, using a series of targetedly method for security protection such as important traffic enrollment mechanism and timestamp mechanism, realize
The necessary security function such as authentication, integrity protection, while do not interfere with the work of the industrial control system.
The purpose of the present invention is realized using following technical proposals:
Strengthen the method for communications security in a kind of industrial control system, it is theed improvement is that, methods described is applied to
In industrial control system, the industrial control system includes the main website side being in communication with each other and end side, methods described pass through following
Three phases are implemented:
(1) preparatory stage before communicating;
(2) main website side transmission phase;
(3) end side reception, processing and recovery stage.
Further, the preparatory stage comprises the steps before the communication of described (1):
Step 102:Main website lateral root is according to SM2 disclosed in national No. 21 bulletins (issue on December 17th, 2010) of Password Management office
Ellipse curve public key cipher algorithm generates elliptic curve cryptography key pair, including private key PriK and public key PubK;
Step 104:The key pair of main website side preset ellipse curve cryptography algorithm, including private key PriK and public key PubK;Its
In private key PriK to be deposited by encrypted card, encryption chip or encryption equipment it is preset;Storage should be ensured that security, will not let out
Leakage;
Step 106:The public key PubK of the preset main website side in end side.
Further, the main website side transmission phase of described (2) comprises the steps:
Step 202:Main website side generates to be protected, original important traffic message, and the important traffic message is original
Message M;
Step 204:Local time stamp M is filled after original message M in main website side | | timestamp;
Step 206:Filled after timestamp by the preset private key PriK in main website side to original message M to timestamp main website side
The signed data signature=Sign (M | | timestamp, PriK) of this segment data;
Step 208:Safe packet end mark byte end, the compound peace of formation are filled after signed data in main website side
Full message SM, the SM=Signature | | end;
Step 210:Main website side sends composite safe message SM to end side.
Further, in the step 202, important traffic message refers to the control in industrial control system communication protocol
Message;It is unidirectional signature authentication to the signature verifications carried out of the original message M in communication in the step 206.
Further, the end side of described (3) receives, processing and recovery stage comprise the steps:
Step 302:End side receives composite safe message SM;
Step 304:End side extracts original important traffic message time according to composite safe message SM and stabbed
Timestamp and signed data signature;
Step 306:End side extraction local time stamp localtime;
Step 308:Compare time tolerance whether in reasonable time window W, i.e., (localtime-timestamp)<
WIf in rational time window W, step 310 is carried out;Otherwise, step 309 is carried out;Reasonable time window W value according to
Depending on concrete application scene, it is set as 30 seconds in industrial control system example.
Step 309:The composite safe message SM is abandoned, does not return to any data;
Step 310:Whether compare important traffic message time stamp timestamp in local registered timestamp list L
In;If so, then carry out step 311;Otherwise, step 312 is carried out;
Step 311:The composite safe message SM is abandoned, does not return to any data;
Step 312:Whether effective, the i.e. ret=verify according to the public key PubK checking signed datas that end side is preset
(signature, PubK), ret=0If so, carry out step 314;Otherwise, step 313 is carried out;
Step 313:The composite safe message SM is abandoned, does not return to any data;
Step 314:End side handles original message M, and whether observation result is normal;If normal, step 316 is carried out,
Otherwise, step 315 is carried out;
Step 315:Return to processing exception message;
Step 316:Important traffic message time stamp timestamp is registered in timestamp list L by end side;
Step 317:Return to processing normal message.
Compared with the prior art, the beneficial effect that reaches of the present invention is:
Particularity of the 1- present invention according to communication system, has analysed in depth that be likely encountered universal and special is a variety of to attack
Form is hit, devises targetedly safety measure, communication security can be effectively ensured and resist attack.
The safe enhanced scheme that the 2- present invention designs on the basis of the particularity of former communication system is analysed in depth, not only may be used
Effectively to strengthen communication security, while it ensure that communication efficiency is barely affected.
The 3- present invention has the characteristics of compatibility is strong at the same time, is especially suitable in large area terminal protocol transformation process, needs
Want compatible the old and new's agreement, the situation of the old and new's terminal.
The design of the 4- present invention is this asymmetric that scheme, main website side need to increase encryption due to the unilateral authentication of use
The password related hardwares such as card, encryption chip and encryption equipment, and terminal can be realized with pure software.Because main website quantity is few and close
Code product price is inexpensive, and if terminal transformation with software realizes that cost is lower, so the implementation economic benefit protrusion of the present invention, generation
Valency is low and high efficiency, it may be said that is quality-high and inexpensive.
Brief description of the drawings
Fig. 1 is the Key predistribution flow chart of preparatory stage before communication provided by the invention;
Fig. 2 is the flow chart of generation message in main website side provided by the invention;
Fig. 3 is the flow chart of processing safe packet in end side provided by the invention;
Fig. 4 is the flow chart for the method for strengthening communications security in industrial control system provided by the invention.
Embodiment
The embodiment of the present invention is described in further detail below in conjunction with the accompanying drawings.
It is defined as follows term:
Ellipse curve signature function Sign (tosign, Prik)->Signature is ellipse curve signature function, defeated
It is data to be signed to enter tosign, and PriK is private key, and output signature is signature;
Elliptic curve sign test function verify (sign, Pubk)->0/err is elliptic curve sign test function, input
Sign is signature, and PubK is public key key, and output 0 is expressed as signature correctly, and other represent mistakes;
a||b:By character string b splicings behind character string a.
The invention solves a technical problem be to provide in a kind of industrial control system strengthen communications security side
Method, the communication in this industrial control system have that end side computing capability is weak, time of end side is from main website end, communication
Channel is unreliable, important traffic frequency is relatively low but the features such as requiring real-time and high security.For these features, the present invention is set
Counted it is a kind of it is unidirectional, just for important communication message, set using the Elliptic Curve Cryptosystem of depth optimization, using suffix formula
Count, using a series of targetedly method for security protection such as important traffic enrollment mechanism and timestamp mechanism, realize identity and recognize
The necessary security function such as card, integrity protection, while do not interfere with the work of the industrial control system.
Below in conjunction with the communication characteristic of this Special industrial control system, illustrate that the present invention strengthens the side of communications security
Method, while prove its security.
First, requirement of real-time and the high security requirement of the weak computing capability and important traffic of end side are considered.This hair
The communication both sides of bright targeted this Special industrial control system, i.e. main website and terminal, their computing capability is widely different,
Main website side configuration is higher, and end side configuration is relatively low, and the MCU dominant frequency of the use of low-end models therein may only have tens,
Internal memory only has tens K.Because application program will also take most of resource, leave the safety enhancing usable resource of work(for has very much
Limit.Simultaneously because the important traffic of this Special industrial control system also has requirement of real-time and high security requirement, and here
Security, most importantly to prevent terminal from receiving the important traffic message at illegal main website end.Not influence terminal to greatest extent
The application function of side, the design is not protected to all communications, and only important traffic therein is protected, and simply unidirectional
Protection.This unidirectional and only for crucial message design triggers a series of unique safety problems, follow-up design focal point
It is placed on and solves in these safety problems.
Before the safety problem that further analysis the design faces, here unidirectionally and only for key under detailed explanation
The specific meaning of message, to explain follow-up safety problem and solution.
It is so-called unidirectional, refer to that the message in the direction only from main website to terminal is signed.
So-called important traffic, refers to the control message in this Special industrial control system communication protocol, and control message makes
Frequency is relatively low, but operating result directly affects production and living and personal safety, extremely important.Control message to real-time and
Security requirement is all higher.
The unidirectional and design only for crucial message, refer to removing control report in communicating to this Special industrial control system
Message outside text, still by original realization, without modification.And to controlling message, message is signed by main website, is then sent to
End side, terminal make sign test after receiving message, if sign test decryption does not all have mistake, receive this message, and carry out next
Walk the work of application.And the reply message of terminal does not change, main website side is still replied with former plaintext version.
Design only for crucial message has no problem in most of agreement, but in the logical of this Special industrial control system
It can cause some problems or hidden danger in letter agreement.The both ends of the communication protocol of this Special industrial control system, i.e. main website side and end
There is correct time source side, main website side, and the time of end side derives from main website side, passes through the time synchronized report of communication
Text is realized, and this time synchronized message is protected not as crucial message.Due to the communication of this Special industrial control system
Channel is dangerous, so attacker can reach control terminal time, so as to control crucial report by control time sync message
The timestamp of text and the difference of end side time, this may cause to do the design of function of safety protection to exist using the end side time
Serious loophole.
It is above-mentioned to be explained in detail for Special industrial control system communication protocol, unique time synchronized message aggression,
In addition there are other general protocol attack forms, it is main for the communication protocol for employing certification and encryption mechanism
If Replay Attack.
Replay Attack is a kind of attack type, and attacker obtains effective transmission number first with network monitoring or other modes
According to it is issued destination host again again afterwards.Encryption and certification can effectively prevent the various attacks form such as Session Hijack,
But Replay Attack is not prevented.
In order to prevent Replay Attack, timestamp, sequence number and challenge 3 kinds of mechanism of question and answer can be typically used.
The basic thought of timestamp mechanism is:Main frame receives a message, and and if only if, and its timestamp distance included is worked as
The preceding moment is near enough.It requires that the clock of communicating pair keeps synchronous, and this basis is in this Special industrial control system
Without.Attacker can utilize the time of time synchronized message aggression change terminal, make expired crucial message still to reach
The purpose that can be received by end side.So timestamp mechanism strengthens uncomfortable for the communications security of this Special industrial control system
With.
One initial sequence number of offered and increment method are needed using the communication of sequence number mechanism, then according in message
Sequence number judge the freshness of message.Sequence number mechanism why for this Special industrial control system communications security increase
Strong inapplicable is because the process of negotiation sequence number needs two-way encryption certification in itself, and this method is needed to original agreement
Change is too many.
Put question to and the Basic practice of acknowledgement mechanism is:It is expected to obtain careful A from B, issue the random value N of B mono- in advance,
And it is A to require in the message of B responses comprising N or F (N), F, the simple function that B makes an appointment.And in replies of the A by judging B
N or consistent carefully whether being retransmitted to judge this of whether being sent with oneself of F (N).Because with phase as sequence number mechanism
As reason, put question to and acknowledgement mechanism do not apply to equally this Special industrial control system communications security enhancing.
To preventing the analysis of Replay Attack based on more than, it can be seen that conventional anti-replay mechanism is targeted to the present invention
Scene be inapplicable.The safety enhancing design of communication protocol employs timestamp mechanism in this Special industrial control system
Combined with important traffic enrollment mechanism to prevent Replay Attack.Timestamp mechanism therein is set by the way that whether detection time stamp exceedes
Fixed reasonable time window is come for preventing single message from resetting, important traffic enrollment mechanism requires that end side record is successful every time
The timestamp of important traffic, and prevent from combining time synchronized message aggression by refusing the important traffic of timestamp repetition
Replay Attack.The problem of causing registration list long in the presence of too high due to important traffic frequency in theory using enrollment mechanism,
But because important traffic frequency is relatively low in the actual use of this Special industrial control system, this problem is simultaneously not present.
The main contents of the above-mentioned communications security enhancing design for having analyzed industrial control system.Except the above,
The communications security enhancing of industrial control system is designed as further improving processing speed of the end side to encrypting message identifying, adopts
With security in ripe public key algorithm it is higher, calculate the more preferable elliptic curve of performance, and depth optimization has been done to algorithm.
The main advantage of elliptic curve cryptography be in some cases it used than other methods it is smaller close
Key --- such as RSA cryptographic algorithms --- provides suitable or greater degree safety.Therefore very tight to bandwidth requirement
Can particularly useful, the communication scenes just suitable for this Special industrial control system in connection.
In addition, the communications security enhancing of this Special industrial control system is designed to ensure that to this Special industrial control system
In do not apply the design terminal compatibility, employ suffix formula safe packet design, i.e., the original of important traffic is not changed,
Increase safe packet, including timestamp, signed data and verification data etc. behind, form composite safe message.Using we
The whole composite safe message of terminal processes of method, the terminal of the design is not used then only to handle original report in running status
Text.
It is provided by the invention enhancing communications security method flow chart as shown in figure 4, this method pass through it is following three
Stage is implemented:
(1) preparatory stage before communicating, flow chart is as shown in figure 1, comprise the steps:
Step 102:Main website lateral root is according to SM2 disclosed in national No. 21 bulletins (issue on December 17th, 2010) of Password Management office
Ellipse curve public key cipher algorithm generates elliptic curve cryptography key pair, including private key PriK and public key PubK.Here
Elliptic curve cryptography refers in particular to what the present invention used, by the elliptic curve cryptography of depth optimization.Here generation is calculated
Method key pair, it should be realized using by hard-wired encrypted card, encryption chip, encryption equipment, to ensure the safety of private key storage
Property.
Step 104:The key pair of main website side preset ellipse curve cryptography algorithm, including private key PriK and public key PubK.
Step 106:The public key PubK of the preset main website side in end side.
(2) main website side transmission phase, flow chart is as shown in Fig. 2 comprise the steps:
Step 202:Main website side generates to be protected, original important traffic message, and the message is referred to herein as original report
Literary M.
Step 204:Local time stamp M is filled after original message in main website side | | timestamp.
Step 206:Filled after timestamp by local preset private key to this hop count of original message to timestamp main website side
According to signed data signature=Sign (M | | timestamp, PriK).
Step 208:Safe packet end mark byte end, the compound peace of formation are filled after signed data in main website side
Full message SM;That is SM=Signature | | end;
Step 210:Main website side sends composite safe message.
(3) end side reception, processing and recovery stage, flow chart is as shown in figure 3, comprise the steps:
Step 302:End side receives composite safe message SM;
Step 304:End side extracts original important traffic message time according to composite safe message SM and stabbed
Timestamp and signed data signature;
Step 306:End side extraction local time stamp localtime;
Step 308:Compare time tolerance whether in reasonable time window W, i.e., (localtime-timestamp)<
WIf in rational time window W, step 310 is carried out;Otherwise, step 309 is carried out;Reasonable time window W value according to
Depending on concrete application scene, it is set as 30 seconds in industrial control system example.
Step 309:The composite safe message SM is abandoned, does not return to any data;
Step 310:Whether compare important traffic message time stamp timestamp in local registered timestamp list L
In;If so, then carry out step 311;Otherwise, step 312 is carried out;
Step 311:The composite safe message SM is abandoned, does not return to any data;
Step 312:Whether effective, the i.e. ret=verify according to the public key PubK checking signed datas that end side is preset
(signature, PubK), ret=0If so, carry out step 314;Otherwise, step 313 is carried out;
Step 313:The composite safe message SM is abandoned, does not return to any data;
Step 314:End side handles original message M, and whether observation result is normal;If normal, step 316 is carried out,
Otherwise, step 315 is carried out;
Step 315:Return to processing exception message;
Step 316:Important traffic message time stamp timestamp is registered in timestamp list L by end side;
Step 317:Return to processing normal message.
, can be according to original after receiving complex controll message M for the existing old terminal (substation) in running status
Data format, the normal original load m parts read in frame, ignores the processing to completeness check code.For example, in the Chinese people
Include length item in republic power industry standard IEC61850-8-1 1-ISO/IEC8802-3 frame formats, can record
The length of message.In " IEC60870-5-101/104 is applied to electrical power distribution automatization system " " the variable frame length format of 4.2101 stipulations "
In by the way that " length L " items can list the length of message.The length of integrity verification code/signature can be preset, Huo Zhegen
Determined according to algorithm, security parameter.
In above-described embodiment, main website side is signed to the summary info of message, and receiving terminal carries out data source according to signature
Certification and integrity verification, it ensure that the security that information exchanges;Signature is placed on behind original, the compatibility that can try one's best is
There is industrial control system communication protocol;End side carries out verification process, and old terminal can omit the processing of completeness check code,
It is compatible with existing system so as to try one's best, avoid the significant cost to all devices transformation.
When industrial control system control centre or controlled terminal send the message such as control or measurement as transmitting terminal, reporting
Completeness check code or signature are added after text;After receiving terminal receives message, completeness check code or signature are verified or solved
Label, message is handled again after success.It is (main using the technical scheme of the embodiment of the present invention, industrial control system control centre
Stand side) identity of message transmitting party can be verified with controlled terminal (substation side), prevent malicious persons from pretending to be in control
The heart (main website side) or controlled terminal (substation side) are controlled and destroyed to industrial control system;Simultaneously to measuring, controlling, parameter
The messages such as setting are protected, and prevent malicious persons from being distorted to message content.The present invention is supporting existing industry control communication protocol
On the premise of function, data source authentication between control centre (main website side) and controlled terminal (substation side), complete can be realized
Property protection and preventing playback attack function.
Finally it should be noted that:The above embodiments are merely illustrative of the technical scheme of the present invention and are not intended to be limiting thereof, to the greatest extent
The present invention is described in detail with reference to above-described embodiment for pipe, those of ordinary skills in the art should understand that:Still
The embodiment of the present invention can be modified or equivalent substitution, and without departing from any of spirit and scope of the invention
Modification or equivalent substitution, it all should cover among scope of the presently claimed invention.
Claims (2)
1. strengthen the method for communications security in a kind of industrial control system, it is characterised in that the industrial control system includes
The main website side being in communication with each other and end side, methods described are implemented by following three stages:
(1) preparatory stage before communicating;
(2) main website side transmission phase;
(3) end side reception, processing and recovery stage;
The preparatory stage comprises the steps before the communication of (1):
Step 102:Main website lateral root generates according to SM2 ellipse curve public key ciphers algorithm disclosed in national No. 21 bulletins of Password Management office
Elliptic curve cryptography key pair, including private key PriK and public key PubK;
Step 104:The key pair of main website side preset ellipse curve cryptography algorithm, including private key PriK and public key PubK;It is therein
Private key PriK will be deposited preset by encrypted card, encryption chip or encryption equipment;
Step 106:The public key PubK of the preset main website side in end side;
The main website side transmission phase of (2) comprises the steps:
Step 202:Main website side generates to be protected, original important traffic message, and the important traffic message is original message
M;
Step 204:Local time stamp M is filled after original message M in main website side | | timestamp;
Step 206:Filled after timestamp by the preset private key PriK in main website side to this section of original message M to timestamp main website side
The signed data signature=Sign (M | | timestamp, PriK) of data;
Step 208:Safe packet end mark byte end, the composite safe report of formation are filled after signed data in main website side
Literary SM, the SM=Signature | | end;
Step 210:Main website side sends composite safe message SM to end side;
The end side of (3) receives, processing and recovery stage comprise the steps:
Step 302:End side receives composite safe message SM;
Step 304:End side according to composite safe message SM extract original important traffic message time stab timestamp and
Signed data signature;
Step 306:End side extraction local time stamp localtime;
Step 308:Compare time tolerance whether in reasonable time window W, i.e., (localtime-timestamp)<WIf
In rational time window W, then step 310 is carried out;Otherwise, step 309 is carried out;Reasonable time window W value is according to specific
Depending on application scenarios, it is set as 30 seconds in industrial control system example.
Step 309:The composite safe message SM is abandoned, does not return to any data;
Step 310:Compare important traffic message time stamp timestamp whether in local registered timestamp list L;If
It is then to carry out step 311;Otherwise, step 312 is carried out;
Step 311:The composite safe message SM is abandoned, does not return to any data;
Step 312:Whether effective, the i.e. ret=verify according to the public key PubK checking signed datas that end side is preset
(signature, PubK), ret=0If so, carry out step 314;Otherwise, step 313 is carried out;
Step 313:The composite safe message SM is abandoned, does not return to any data;
Step 314:End side handles original message M, and whether observation result is normal;If normal, step 316 is carried out, otherwise,
Carry out step 315;
Step 315:Return to processing exception message;
Step 316:Important traffic message time stamp timestamp is registered in timestamp list L by end side;
Step 317:Return to processing normal message.
2. the method as described in claim 1, it is characterised in that in the step 202, important traffic message refers to industrial control
Control message in system communication protocol processed;In the step 206, original message M to timestamp this segment data signature is tested
Demonstrate,prove as unidirectional signature authentication.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410240791.5A CN104079408B (en) | 2014-05-30 | 2014-05-30 | Strengthen the method for communications security in a kind of industrial control system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410240791.5A CN104079408B (en) | 2014-05-30 | 2014-05-30 | Strengthen the method for communications security in a kind of industrial control system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104079408A CN104079408A (en) | 2014-10-01 |
| CN104079408B true CN104079408B (en) | 2018-01-19 |
Family
ID=51600466
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410240791.5A Active CN104079408B (en) | 2014-05-30 | 2014-05-30 | Strengthen the method for communications security in a kind of industrial control system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104079408B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105491060B (en) | 2015-12-30 | 2019-07-02 | 北京神州绿盟信息安全科技股份有限公司 | Method, apparatus, client and the equipment of defending distributed denial of service attack |
| CN106291603A (en) * | 2016-07-29 | 2017-01-04 | 中传数广(合肥)技术有限公司 | Guarantee method, terminal and the system applying data correctly to export |
| CN108833346A (en) * | 2018-05-04 | 2018-11-16 | 北京天元创新科技有限公司 | A kind of industrial control system safety communicating method and device |
| CN111049657B (en) * | 2019-12-10 | 2021-04-20 | 成都理工大学 | CAN bus network equipment node access authority management method and system |
| CN113472520B (en) * | 2021-08-07 | 2022-06-03 | 山东省计算中心(国家超级计算济南中心) | ModbusTCP (Transmission control protocol) security enhancement method and system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101175076A (en) * | 2007-10-23 | 2008-05-07 | 赵运磊 | High-efficiency, deniable, safety-unforgeable cryptographic key exchanging protocol of on-line computation |
| CN101441693A (en) * | 2008-11-25 | 2009-05-27 | 西安理工大学 | Security protection method for electric document digital signing based on elliptical curve |
| CN101800989A (en) * | 2010-01-19 | 2010-08-11 | 重庆邮电大学 | Anti-replay-attack system for industrial wireless network |
| CN103490895A (en) * | 2013-09-12 | 2014-01-01 | 北京斯庄格科技有限公司 | Industrial control identity authentication method and device with state cryptographic algorithms |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| DE102009045133A1 (en) * | 2009-09-29 | 2011-03-31 | Robert Bosch Gmbh | Method for manipulation protection of sensor data and sensor for this purpose |
-
2014
- 2014-05-30 CN CN201410240791.5A patent/CN104079408B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101175076A (en) * | 2007-10-23 | 2008-05-07 | 赵运磊 | High-efficiency, deniable, safety-unforgeable cryptographic key exchanging protocol of on-line computation |
| CN101441693A (en) * | 2008-11-25 | 2009-05-27 | 西安理工大学 | Security protection method for electric document digital signing based on elliptical curve |
| CN101800989A (en) * | 2010-01-19 | 2010-08-11 | 重庆邮电大学 | Anti-replay-attack system for industrial wireless network |
| CN103490895A (en) * | 2013-09-12 | 2014-01-01 | 北京斯庄格科技有限公司 | Industrial control identity authentication method and device with state cryptographic algorithms |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104079408A (en) | 2014-10-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103581173B (en) | Safe data transmission method, system and device based on industrial Ethernet | |
| CN104079408B (en) | Strengthen the method for communications security in a kind of industrial control system | |
| CN106101147B (en) | A kind of method and system for realizing smart machine and the communication of remote terminal dynamic encryption | |
| Naik et al. | Cyber security—iot | |
| CN105610848B (en) | Possess the centralized data security method and system of source data Security Assurance Mechanism | |
| CN107248994A (en) | A kind of method for sending information, processing method and processing device | |
| CN106357690B (en) | data transmission method, data sending device and data receiving device | |
| CN104158653A (en) | Method of secure communication based on commercial cipher algorithm | |
| CN102780698A (en) | User terminal safety communication method in platform of Internet of Things | |
| CN107395312A (en) | A kind of secure network method for synchronizing time and device | |
| CN103095696A (en) | Identity authentication and key agreement method suitable for electricity consumption information collection system | |
| CN106656510A (en) | Encryption key acquisition method and system | |
| CN105610837A (en) | Method and system for identity authentication between master station and slave station in SCADA (Supervisory Control and Data Acquisition) system | |
| Wu et al. | The weakness of integrity protection for LTE | |
| CN104954130B (en) | A kind of method for authenticating entities and device | |
| CN108833346A (en) | A kind of industrial control system safety communicating method and device | |
| CN103778353A (en) | Method, device and system for signing electronic file | |
| CN109922022A (en) | Internet of Things communication means, platform, terminal and system | |
| CN106789845A (en) | A kind of method of network data security transmission | |
| CN109309689B (en) | Method for verifying message source authenticity and content integrity | |
| CN106230840B (en) | A kind of command identifying method of high security | |
| CN110505049A (en) | A kind of text information transmission method, apparatus and system | |
| CN104469757B (en) | Safe login method | |
| CN107835168A (en) | A kind of authentication method being multiplied based on client information sequence spreading matrix transposition | |
| CN104639330A (en) | GOOSE (Generic Object Oriented Substation Event) message integrity authentication method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20160425 Address after: 100031 Xicheng District West Chang'an Avenue, No. 86, Beijing Applicant after: State Grid Corporation of China Applicant after: China Electric Power Research Institute Applicant after: State Grid Smart Grid Institute Address before: 100031 Xicheng District West Chang'an Avenue, No. 86, Beijing Applicant before: State Grid Corporation of China Applicant before: China Electric Power Research Institute |
|
| CB02 | Change of applicant information |
Address after: 100031 Xicheng District West Chang'an Avenue, No. 86, Beijing Applicant after: State Grid Corporation of China Applicant after: China Electric Power Research Institute Applicant after: GLOBAL ENERGY INTERCONNECTION RESEARCH INSTITUTE Address before: 100031 Xicheng District West Chang'an Avenue, No. 86, Beijing Applicant before: State Grid Corporation of China Applicant before: China Electric Power Research Institute Applicant before: State Grid Smart Grid Institute |
|
| COR | Change of bibliographic data | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |