CN109669443A - Natural gas line control system information security test device and method - Google Patents

Natural gas line control system information security test device and method Download PDF

Info

Publication number
CN109669443A
CN109669443A CN201811623678.XA CN201811623678A CN109669443A CN 109669443 A CN109669443 A CN 109669443A CN 201811623678 A CN201811623678 A CN 201811623678A CN 109669443 A CN109669443 A CN 109669443A
Authority
CN
China
Prior art keywords
natural gas
gas line
control system
sensor
information security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811623678.XA
Other languages
Chinese (zh)
Inventor
耿洋洋
刘雯雯
魏强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Information Engineering University of PLA Strategic Support Force
Original Assignee
Information Engineering University of PLA Strategic Support Force
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Information Engineering University of PLA Strategic Support Force filed Critical Information Engineering University of PLA Strategic Support Force
Priority to CN201811623678.XA priority Critical patent/CN109669443A/en
Publication of CN109669443A publication Critical patent/CN109669443A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B23/00Testing or monitoring of control systems or parts thereof
    • G05B23/02Electric testing or monitoring
    • G05B23/0205Electric testing or monitoring by means of a monitoring system capable of detecting and responding to faults
    • G05B23/0218Electric testing or monitoring by means of a monitoring system capable of detecting and responding to faults characterised by the fault detection method dealing with either existing or incipient faults
    • G05B23/0221Preprocessing measurements, e.g. data collection rate adjustment; Standardization of measurements; Time series or signal analysis, e.g. frequency analysis or wavelets; Trustworthiness of measurements; Indexes therefor; Measurements using easily measured parameters to estimate parameters difficult to measure; Virtual sensor creation; De-noising; Sensor fusion; Unconventional preprocessing inherently present in specific fault detection methods like PCA-based methods

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Automation & Control Theory (AREA)
  • Testing And Monitoring For Control Systems (AREA)

Abstract

The invention belongs to industrial control information security technology areas, in particular to a kind of natural gas line control system information security test device and method, the device includes: including control centre and programmable controller, control centre includes: engineer station, operator station and database server;Programmable controller is connected with natural gas line physical process simulation test stand, for receiving sensor data and controls actuator movement, wherein sensor includes at least the water level sensor and pressure gauge pipe pressure sensor of both reboiler and regenerator;Actuator includes at least the start stop switch of pumping unit of kowtowing, pipeline light, pressures cycle pump, inlet and outlet electrically operated valve, aerosol producer, cathodic protection and urban area light.The present invention can really restore industrial environment, enhance the fidelity of test process and the reliability of experimental data, and the network attack in natural gas line control system operational process is effectively relieved, improves the reliability and stability in its operational process.

Description

Natural gas line control system information security test device and method
Technical field
The invention belongs to industrial control information security technology area, in particular to a kind of natural gas line control system information Safety instrumentation and method.
Background technique
Industrial control system (Industrial control system, ICS) is a kind of computer based for monitoring The system of physical process is widely used in the crucial base of multiple countries such as the energy, traffic, water conservancy, security protection, food and large-scale manufacture Infrastructure industry.As the control equipment in industrial control system accesses internet, can only be generated in physical world originally Actual influence can reach identical purpose by attacking network space now, lead to the information security in industrial control system Problem is faced with formidable challenges.Safety test is carried out in industrial control system (ICS) helps to reduce network attack to system Influence.The high availability of ICS requires to make it difficult to directly carry out in industry spot safety test, and the structure of ICS test envelope Building is a basic work for studying ICS information security issue.
Currently, for Natural Gas system test envelope build there are mainly two types of: semi-hardware type simulation test bed, virtualization Test envelope.University of New Orleans establishes the natural gas line test envelope an of HWIL simulation, as shown in Figure 1, using true Programmable logic controller (PLC) (PLC) be connected to human-computer interaction interface (HMI) and during engineer interacts, for monitoring object The state of reason process uses true sensor, and actuator, which simulates, simply simulates natural gas line physical process.The survey It is higher to try bed fidelity, but test envelope physical process emulation is too simple, can not reflect the industry of true natural gas work Business process.Alves et al. proposes novel expansible, the inexpensive virtualization test exclusively for the exploitation of SCADA test platform Bed, has virtualized SCADA system component and has simulated natural gas line testboard, simulates HMI using ScadaBR simulation software, makes With the virtual networked control systems of OpenPLC, object is waken up with a start to natural gas line using the simulation of the simulation softwares such as Matlab/Simulink Reason modeling.The test envelope is at low cost, scalability is strong, but virtualization technology is only capable of virtualizing and configuring out in virtual machine The controller and its related software in source, and it is difficult to the relevant loophole of mainstream controller in test and verification scene.
Summary of the invention
For this purpose, the present invention provides a kind of natural gas line control system information security test device and method, it can be true Industrial environment is restored, the fidelity of test process and the reliability of experimental data are enhanced, natural gas line control system is effectively relieved Network attack in system operational process, improves the reliability and stability in its operational process.
According to design scheme provided by the present invention, a kind of natural gas line control system information security test device, packet Containing the control centre for being equipped with natural gas line control system and for receive control centre instruct and trigger actuator movement Programmable controller, the programmable controller are connect by interchanger with control centre, and the control centre includes: for soft The engineer station of part programming, the database server for the operator station of human-computer interaction, and for storing data;It is described can Programmable controller is connected with natural gas line physical process simulation test stand, for receiving sensor data and controls execution Device movement, wherein sensor includes at least the water level sensor of both reboiler and regenerator and pressure gauge pipeline pressure passes Sensor;Actuator include at least kowtow pumping unit, pipeline light, pressures cycle pump, inlet and outlet electrically operated valve, aerosol producer, The start stop switch of cathodic protection and urban area light.
Above-mentioned, natural gas is simulated in the natural gas line physical process simulation test stand from exploiting to being delivered to family Whole flow process at least exploits in the whole flow process, filters, purifies, transmitting, pressurizeing, storing and storage and transportation process.
Preferably, exploitation process is provided with the gas recovery well for natural gas extraction and the producing well for oil extraction;It crosses Filter process is provided with the TEG dehydration system for grease filtering;Cleaning procedure is provided with the decarburization system for cleaning and desulfurization System and desulphurization system;Transmission process is provided with the gas transmission station for transport;Pressurization operation is provided with pressurizing point;Storage and storage and transportation Process is provided with air accumulator and substation tank car.
Above-mentioned, in programmable controller, digital output end is connect with actuator, and analog input end and sensor connect It connects.
Above-mentioned, engineer station has by software programming foundation for the right feed channel control system information security of test days Challenge model;The challenge model distorts natural gas line control system control logic or programmable controller by simulating interference Input and output carry out fragile point analysis test in natural gas line control system control process.
Above-mentioned, the natural gas line physical process simulation test stand is the simulating table by building on sand table.
A kind of natural gas line control system information security test method is believed based on above-mentioned natural gas line control system It ceases safety instrumentation to realize, realizes that process includes following content:
According to programmable controller inputoutput data and operator station control instruction data, building is used for natural gas line The challenge model of fragile point analysis in control system control process;
According to challenge model, natural gas line control system control logic is distorted by interference or programmable controller inputs Output obtains natural gas line control system control process loophole.
It in above-mentioned method, constructs in challenge model, carries out Denial of Service attack modeling and integrality according to supplemental characteristic Attacking analysis, wherein supplemental characteristic includes at least: measurement value sensor, measurement value sensor bound, programmable controller The sensor values and sensor values bound received, programmable controller output variable bound, actuator response shape State, actuator response state mobility scale, operator station variable output, and attack duration.
In above-mentioned method, Denial of Service attack modeling process includes sensor Denial of Service attack, controller refusal clothes Business attack establishes corresponding challenge model for three situations with actuator Denial of Service attack respectively.
In above-mentioned method, integrality attacking analysis process, comprising distorting sensor acquisition data and programmable controller Variable data, forgery programmable controller is sent to the director data of actuator and operator station is sent to programmable controller Director data;According to distorting and forging situation, corresponding challenge model is established respectively.
Beneficial effects of the present invention:
The present invention restores industrial environment using true PLC and control centre's host computer website, enhances the fidelity of test envelope The reliability of degree and experimental data;It is low in order to solve natural gas line physical process fidelity, the problems such as industrial flow is simple, Using the operation flow of true sensor and the reduction natural gas processing of brake combination pipe mould, can simulate by force about To the Denial of Service attack of city gas pipeline control system and complete sexual assault under the conditions of beam, natural gas tube is effectively avoided Network attack in road control system operational process, improves the reliability and stability in its operational process.
Detailed description of the invention:
Fig. 1 is information security test device schematic diagram in embodiment;
Fig. 2 is natural gas line physical process simulation test stand schematic diagram in embodiment;
Fig. 3 is natural gas line physical process simulation test stand control point bit distribution figure in embodiment;
Fig. 4 is information security test method flow chart in embodiment;
Fig. 5 is to attack control schematic diagram in embodiment;
Fig. 6 is analog sensor Denial of Service attack curve graph in embodiment;
Fig. 7 is programmable analog controller Denial of Service attack curve graph in embodiment;
Fig. 8 is analog sensor integrality attack curve figure in embodiment;
Fig. 9 is programmable analog controller integrality attack curve figure in embodiment.
Specific embodiment:
To make the object, technical solutions and advantages of the present invention clearer, understand, with reference to the accompanying drawing with technical solution pair The present invention is described in further detail.
Existing Natural Gas duct size information safety test bed physical process simulates integrality and virtualization technology is supported It is insufficient.Although virtualization test envelope can use the OpenPLC software virtualization controller increased income, to closing source task equipment Deficiency is supported in virtualization, and comprising a large amount of proprietary hardware and software in control system, these proprietary hardware and softwares are difficult to It is realized using virtualization technology.Existing matter emulation test envelope simulates integrality deficiency, physical process modeling to physical process Mostly it is abstracted simplified industrial flow, it is difficult to the network relevant to physical process control under analog physical information fusion conditions Attack.For this purpose, in the embodiment of the present invention, it is shown in Figure 1, a kind of natural gas line control system information security test is provided Device instructs comprising being equipped with the control centre of natural gas line control system and for receiving control centre and triggers execution The programmable controller of device movement, the programmable controller are connect by interchanger with control centre, control centre's packet Contain: the database service for the engineer station of software programming, for the operator station of human-computer interaction, and for storing data Device;The programmable controller is connected with natural gas line physical process simulation test stand, simultaneously for receiving sensor data Control actuator movement, wherein sensor includes at least the water level sensor and manometer tube of both reboiler and regenerator Road pressure sensor;Actuator includes at least pumping unit of kowtowing, pipeline light, pressures cycle pump, inlet and outlet electrically operated valve, cigarette The start stop switch of fog generator, cathodic protection and urban area light.
It is shown in Figure 2, natural gas is simulated in natural gas line physical process simulation test stand from exploiting to being delivered to family Whole flow process, at least exploit in the whole flow process, filter, purify, transmitting, pressurizeing, storing and storage and transportation process.Preferably, it opens It adopts process and is provided with the gas recovery well for natural gas extraction and the producing well for oil extraction;Filter progress, which is provided with, to be used for The TEG dehydration system of grease filtering;Cleaning procedure is provided with decarbonization system and desulphurization system for cleaning and desulfurization;Transmission Process is provided with the gas transmission station for transport;Pressurization operation is provided with pressurizing point;Storage and storage and transportation process be provided with air accumulator and Substation tank car.
Shown in Figure 3, in programmable controller, digital output end is connect with actuator, analog input end and biography Sensor connection.Engineer station establishes the attack having for the right feed channel control system information security of test days by software programming Model;The challenge model distorts natural gas line control system control logic or programmable controller input by simulating interference Output carries out fragile point analysis test in natural gas line control system control process.Above-mentioned, the natural gas line object Reason process simulation testing stand is the simulating table by building on sand table.
Control centre can be equipped with the engineer station of Unity Pro programming software by one, and one is equipped with WinCC configuration software Operator station and a historical database server.Field device can be completed by a Schneider 140PLC and control centre Interaction and physical process control.Physical process include true sensor, electrically operated valve, heater, aerosol producer, Light bulb, the real controllers such as pipe mould, sensor and actuator, Natural Gas pipeline physical simulation test platform can be by ruler Very little is that 2.4 meters * 4 meters * 0.7 meter (wide * long * high) sand table is built, simulated in simulation test stand including gas transmission station, dewatering system, The process sections such as decarbonization system, desulphurization system, pressurizing point, gas recovery well, air accumulator and structures, and from the exploitation in source until It is conveyed to user and needs complete process and show.As shown in Fig. 2, Gas Industry needs to include main industry in testboard Business: natural gas extraction, oil extraction, grease filtering technique, cleaning and desulfurization system, pressurizing point, substation tank car, gas transmission station, gas storage Tank, TEG dehydration system, compressor assembly etc..It include motor, water pump, valve, air compressor machine, frequency converter, stepping in testboard Motor etc., multiple physical sensors such as pressure gauge, liquidometer, flowmeter, thermometer and brake.City gas pipeline emulation Testing stand can simulate natural gas from series of business such as exploitation, filtering, purification, transmission, pressurization, storage and storage and transportations, and In the important service process of natural gas, when embodying operation flow generation industry control safety failure, caused serious consequence.Fig. 3 In include 13 digital quantity output signals (DO) and 5 analog input signals (AI), DO the and AI module of PLC and physics are imitated The corresponding relationship of true testing stand is acquired by the start and stop of PLC control DO point and the data of AI point, and table 1 is the memory in PLC The mapping relations of I/O point in address and sand table.
The mapping relations of I/O point in memory address and sand table in table 1:PLC
The input data of controller refers to from the control that the process data and outside HMI of internal sensor measurement are initiated It enables, after the control algolithm of controller calculates, the output data of controller is sent to actuator, and attacker can be by dry Disturb and distort the normal operation of the input and output influence production process of control logic or controller.
Based on above-mentioned natural gas line control system information security test device, the embodiment of the present invention also provides a kind of day Right feed channel control system information security test method, it is shown in Figure 4, include following content:
S101, foundation programmable controller inputoutput data and operator station control instruction data, building is for natural The challenge model of fragile point analysis in feed channel control system control process;
S102, foundation challenge model, distort natural gas line control system control logic or PLC technology by interference Device input and output obtain natural gas line control system control process loophole.
It in above-mentioned method, constructs in challenge model, carries out Denial of Service attack modeling and integrality according to supplemental characteristic Attacking analysis, wherein supplemental characteristic includes at least: measurement value sensor, measurement value sensor bound, programmable controller The sensor values and sensor values bound received, programmable controller output variable bound, actuator response shape State, actuator response state mobility scale, operator station variable output, and attack duration.
In above-mentioned method, Denial of Service attack modeling process includes sensor Denial of Service attack, controller refusal clothes Business attack establishes corresponding challenge model for three situations with actuator Denial of Service attack respectively.
In above-mentioned method, integrality attacking analysis process, comprising distorting sensor acquisition data and programmable controller Variable data, forgery programmable controller is sent to the director data of actuator and operator station is sent to programmable controller Director data;According to distorting and forging situation, corresponding challenge model is established respectively.
In Fig. 5, the fragile point analysis of control process, (zi(k)): zi(k) indicate sensor i at the k moment to physical process Real-time measurement values, andWhereinWithIt is the upper and lower of measurement value sensor Limit.
(yi(k)): yi(k) sensor values that controller i is arrived in k reception is indicated,WhereinWithIt is the bound for the sensor values that controller receives.
(ui(k)): ui(k) output valve of the controller i at the k moment is indicated, andWhereinWithIt is the bound of the variable of controller output.
(vi(k)): vi(k) state that actuator response controller generates is indicated, andWhereinWithIt is the bound of actuator state mobility scale.
(xi(k)): xi(k) output valve of the operating process variable because of operator station i in moment k is indicated, and WhereinWithIt is the bound of the variable of controller output.
(Tτ): TτIndicate attack duration, ksAt the time of indicating that attack starts, keAt the time of indicating that attack terminates, institute With Tτ=[ks,ke]。
It is easy to be denied service attack in communication process from sensor to actuator, attack A1, A2, A3 in Fig. 5 Respectively indicate to sensor, controller, actuator Denial of Service attack.yi' (k), ui' (k), vi' (k) respectively indicate sensing The response policy of device, controller and actuator reply dos attack.
After sensor refusal service, controller will be considered that the data of sensor maintain always yi(ks), yi(ks) indicate to pass Sensor is rejected the numerical value at service attack moment, and before and after dos attack, the response signal of sensor is expressed as yi'(k)
After controller refusal service, actuator can keep being worked on by the manipulating variable value at dos attack moment, and HMI Website and controller communication are interrupted, and before and after dos attack, the process variable value of controller can be expressed as ui' (k), HMI website The output valve of operating process variable is xi'(k)。
Likewise, before and after dos attack, the response signal of actuator can be expressed as vi'(k)
The input and output of modification sensor, controller and actuator are passed through to reach shadow to the complete sexual assault of control system Ring the purpose of physics controlled process.A4 is attacked in Fig. 5 indicates that attacker distorts the data acquired from sensor, and A5 is indicated Attacker distorts the process variable value of controller, and A6 indicates that attacker forges controller and is sent to the instruction of actuator, A7 expression Attacker forges the instruction that HMI website is sent to controller.
A4: attacker can distort numerical value in sensor, so that yi(k)≠zi(k), sensor signal is represented byIn order not to be detected by the Outlier Detection Algorithm in system, the numerical value of sensor should be maintained in constraint,It should be limited toαi(k) challenging dose introduced for attacker.
A5: attacker distorts the performance variable of controller, so that ui(k)≠F(zi(k)), controller signals can be expressed as It should be limited toαi(k) challenging dose introduced for attacker.
Similarly, A6, A7 can be represented asIt should be limited to It should be limited toαi(k) challenging dose introduced for attacker.
Further to verify effectiveness of the invention, it is real that simulation is carried out below by the challenge model of triethylene glycol dewatering process flow It tests, explanation is further explained to technical solution of the present invention:
The temperature of gas is affected to triethylene glycol dehydration efficiency, and the temperature sensor value for defining experimental bench absorption tower is y1 (k), poor glycol inlet temperature of stabilizer sensor values is y2(k), the temperature sensor value of triethylene glycol. solution is y in reboiler3(k), into The natural gas temperature for entering absorption tower should be maintained at 15 DEG C -48 DEG C, i.e. y1(k) ζ should be limited to1=[15,48] DEG C, poor glycol into Tower temperature should be lower than 60 DEG C, i.e. y2(k) ζ should be limited to2≤ 60 DEG C, triethylene glycol. solution temperature should be lower than 204 DEG C in reboiler, i.e., y3(k) ζ should be limited to3≤204℃。
Into the temperature y on absorption tower1(k)=13 DEG C, when the temperature on absorption tower is less than 15 DEG C, triethylene glycol can be the same as in gas Liquid hydrocarbon class forms emulsion, so heating equipment need to be arranged before import separator, after heating equipment is started to work, such as Fig. 6 institute Show, in H-hour kS=10Min is to sensor y1Initiate Denial of Service attack, y1Value y1(ks)=23.6 DEG C, and Attack finish time kS=40Min, y1The value of sensor stills remain in y1(ke)=23.6 DEG C, in fact, terminating k in attacke Moment has reached 53.4 DEG C into the true temperature for absorbing tower gas, and is more than when entering the temperature for absorbing tower gas At 48 DEG C, the loss of triethylene glycol increases, and the vapor content in air increases, from fig. 6, it can be seen that (a) indicates time graph, (b) temperature curve is indicated, the moisture content in attack finish time natural gas is significantly larger than the 112mg/ in constrained qualification m3, dehydration efficiency decline in addition natural gas in the excessively high corrosion rate that will increase pipeline of water content.Likewise, attacker can To poor glycol inlet temperature of stabilizer sensor y2With the temperature sensor y of triethylene glycol. solution in reboiler3Dos attack is carried out, so that Sensor y2Value be greater than 60 DEG C, sensor y3Value be greater than 204 DEG C, can make that triethylene glycol loses or thermal decomposition is rotten.To The production process of natural gas is interfered, product quality and productivity are reduced.
Absorption tower operating pressure is bigger, and the water content in gas is lower, and dehydrating effect is better, the operating pressure value on absorption tower It is generally kept in 2.5MPa-10.0Mpa, when operation is greater than 10.0MPa for a long time, equipment damage is will cause or even occurs quick-fried It is fried.Controller u1Control absorption tower operating pressure pump valve v1, it is assumed that controller u1Current state is pressure in control absorption tower Continue to increase state, ideally, when controller detect absorption tower side sit pressure after reaching the upper limit, pressure pump can be closed And current pressure values are kept, as shown in fig. 7, attacker can be when operating pressure reaches maximum value to controller u1Initiation is refused Exhausted service attack so that the operating pressure in absorption tower continues to increase, absorb tower pressure interior force it is excessive after, can make dewatering system into Enter unsafe condition, may result in absorption tower damage or explosion.
Controller u1Control absorption tower operating pressure pump valve v1, v1It is u1Actuator, pressure pump valve v1Refusal service Identical attack result in Fig. 7 is also resulted in, such as starts k in the attack of Fig. 7s, controller u1On detecting that operating pressure reaches Limit, to actuator v1Initiate to close the instruction of pressure pump, but pressure pump is damaged and cannot respond to out code at this time, so inhaling The pressure received in tower can continue to increase.
Assuming that u1Control absorption tower operating pressure pump valve v1, y4For pressure sensor, attacker is by introducing challenging dose α4 (k), so that y4(k)+α4(k)=0.Controller u1Absorption tower pressure pump valve can be opened, but since controller constantly receives The false pressure data of 0MPa, controller can continue to increase pressure value.As shown in figure 8, in H-hour kS=1Hr, attack Person distorts pressure sensor and is sent to controller u1Middle numerical value, so that y4(k)≠z4(k), controller can constantly increase pressure Pressure in pump, and operating pressure in absorption tower is greater than 10MPa for a long time and will lead to absorption tower and enters unsafe condition, very To equipment damage.
Attacker can also directly distort controller u1It is sent to actuator v1Order.The operating pressure on absorption tower is bigger, Dehydrating effect is better.Assuming that the startup operation pressure on absorption tower is 2Mpa, in order to increase triethylene glycol dehydration efficiency, reduce natural Water content in gas needs to increase the operating pressure on absorption tower, and under normal circumstances, operator passes through controller u1Open pressurization It pumps and pressurizes to absorption tower, as shown in figure 9, attacker is in k after pressure pump is openedsTo controller u when=0.51Carry out integrality Attack, distorts controller u1Performance variable so that actuator force (forcing) pump v1It closes, operating pressure is allowed to remain at 3MPa's It under pressure, is dehydrated at this pressure, the water content in natural gas is greater than 112mg/m3, dehydration efficiency declines, in natural gas The excessively high corrosion rate that can accelerate pipeline of water content, cause product quality and productivity to reduce, maintenance cost increases.
In the present invention control website that is extensive, easily configuring (packet can be built using the technology of virtualization in network layer Include the websites such as engineer station, operator station, history server, opc server), it is combined using true sensor and brake Some pipe moulds restore and simulate the operation flow that high simulative feed channel controls each link, improve the fidelity of test envelope Degree enhances the reliability of experimental data in test envelope.And the operating process of control system is combined, pass through the defeated of handling controller Enter output data source, the Denial of Service attack and complete sexual assault to control system model.By being dehydrated using triethylene glycol Physical constraint condition in operation flow, building natural gas line control system and process control correlation attack scene, analyze day Tender spots in right feed channel control system control process, so that the loophole in control system operating process is found out, it is further complete It is apt to its natural gas line control system information security, the network in natural gas line control system operational process is effectively avoided to attack It hits, improves the reliability and stability in its operational process.
Unless specifically stated otherwise, the opposite step of the component and step that otherwise illustrate in these embodiments, digital table It is not limit the scope of the invention up to formula and numerical value.
Based on above-mentioned method, the embodiment of the present invention also provides a kind of server, comprising: one or more processors;It deposits Storage device, for storing one or more programs, when one or more of programs are held by one or more of processors Row, so that one or more of processors realize above-mentioned method.
Based on above-mentioned method, the embodiment of the present invention also provides a kind of computer-readable medium, is stored thereon with computer Program, wherein the program realizes above-mentioned method when being executed by processor.
The technical effect and preceding method embodiment phase of device provided by the embodiment of the present invention, realization principle and generation Together, to briefly describe, Installation practice part does not refer to place, can refer to corresponding contents in preceding method embodiment.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description It with the specific work process of device, can refer to corresponding processes in the foregoing method embodiment, details are not described herein.
In all examples being illustrated and described herein, any occurrence should be construed as merely illustratively, without It is as limitation, therefore, other examples of exemplary embodiment can have different values.
It should also be noted that similar label and letter indicate similar terms in following attached drawing, therefore, once a certain Xiang Yi It is defined in a attached drawing, does not then need that it is further defined and explained in subsequent attached drawing.
The flow chart and block diagram in the drawings show the system of multiple embodiments according to the present invention, method and computer journeys The architecture, function and operation in the cards of sequence product.In this regard, each box in flowchart or block diagram can be with A part of a module, section or code is represented, a part of the module, section or code includes one or more A executable instruction for implementing the specified logical function.It should also be noted that in some implementations as replacements, box Middle marked function can also occur in a different order than that indicated in the drawings.For example, two continuous boxes are actually It can be basically executed in parallel, they can also be executed in the opposite order sometimes, and this depends on the function involved.Also it wants It, can be with it is noted that the combination of each box in block diagram and or flow chart and the box in block diagram and or flow chart It is realized, or with specialized hardware and can calculated with the dedicated hardware based system for executing defined function or movement The combination of machine instruction is realized.
In several embodiments provided herein, it should be understood that disclosed systems, devices and methods, it can be with It realizes by another way.The apparatus embodiments described above are merely exemplary, for example, the division of the unit, Only a kind of logical function partition, there may be another division manner in actual implementation, in another example, multiple units or components It can be combined or can be integrated into another system, or some features can be ignored or not executed.Another point, it is shown or The mutual coupling, direct-coupling or communication connection discussed can be through some communication interfaces, device or unit Indirect coupling or communication connection can be electrical property, mechanical or other forms.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple In network unit.Some or all of unit therein can be selected to realize this embodiment scheme according to the actual needs Purpose.
It, can also be in addition, the functional units in various embodiments of the present invention may be integrated into one processing unit It is that each unit physically exists alone, can also be integrated in one unit with two or more units.
It, can be with if the function is realized in the form of SFU software functional unit and when sold or used as an independent product It is stored in the executable non-volatile computer-readable storage medium of a processor.Based on this understanding, of the invention Technical solution substantially the part of the part that contributes to existing technology or the technical solution can be with software in other words The form of product embodies, which is stored in a storage medium, including some instructions use so that One computer equipment (can be personal computer, server or the network equipment etc.) executes each embodiment institute of the present invention State all or part of the steps of method.And storage medium above-mentioned include: USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic or disk etc. it is each Kind can store the medium of program code.
Finally, it should be noted that embodiment described above, only a specific embodiment of the invention, to illustrate the present invention Technical solution, rather than its limitations, scope of protection of the present invention is not limited thereto, although with reference to the foregoing embodiments to this Invention is described in detail, those skilled in the art should understand that: any technology people for being familiar with the art Member in the technical scope disclosed by the present invention, can still modify to technical solution documented by previous embodiment or Variation or equivalent replacement of some of the technical features can be readily occurred in;And these modifications, variation or replacement, and So that the essence of corresponding technical solution is detached from the spirit and scope of technical solution of the embodiment of the present invention, should all cover in the present invention Protection scope within.Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (10)

1. a kind of natural gas line control system information security test device, the control comprising being equipped with natural gas line control system Center processed and the programmable controller that actuator movement is instructed and triggered for receiving control centre, the programmable controller pass through Interchanger is connect with control centre, which is characterized in that the control centre includes: for the engineer station of software programming, being used for The operator station of human-computer interaction, and database server for storing data;The programmable controller and natural gas line Physical process simulation test stand is connected, and for receiving sensor data and controls actuator movement, wherein sensor at least wraps Water level sensor and pressure gauge pipe pressure sensor containing both reboiler and regenerator;Actuator includes at least pumping of kowtowing Oil machine, pressures cycle pump, imports and exports opening for electrically operated valve, aerosol producer, cathodic protection and urban area light at pipeline light Guard's valve.
2. natural gas line control system information security test device according to claim 1, which is characterized in that the day The whole flow process at natural gas family from exploiting to being delivered to is simulated in right feed channel physical process simulation test stand, in the whole flow process At least exploit, filter, purification, transmission, pressurization, storage and storage and transportation process.
3. natural gas line control system information security test device according to claim 2, which is characterized in that exploitation work Sequence is provided with the gas recovery well for natural gas extraction and the producing well for oil extraction;Filter progress is provided with for grease mistake The TEG dehydration system of filter;Cleaning procedure is provided with decarbonization system and desulphurization system for cleaning and desulfurization;Transmission process is set It is equipped with the gas transmission station for transport;Pressurization operation is provided with pressurizing point;Storage and storage and transportation process are provided with air accumulator and substation tank Vehicle.
4. natural gas line control system information security test device according to claim 1, which is characterized in that programmable In controller, digital output end is connect with actuator, and analog input end is connect with sensor.
5. natural gas line control system information security test device according to claim 1, which is characterized in that engineer It stands and the challenge model having for the right feed channel control system information security of test days is established by software programming;The challenge model is logical It crosses simulation interference and distorts natural gas line control system control logic or programmable controller input and output, carry out natural gas line Fragile point analysis test in control system control process.
6. natural gas line control system information security test device according to claim 1, which is characterized in that the day Right feed channel physical process simulation test stand is the simulating table by building on sand table.
7. a kind of natural gas line control system information security test method, which is characterized in that any based on claim 1~6 Natural gas line control system information security test device described in is realized, realizes that process includes following content:
According to programmable controller inputoutput data and operator station control instruction data, building is controlled for natural gas line The challenge model of fragile point analysis in system control process;
According to challenge model, natural gas line control system control logic is distorted by interference or programmable controller input is defeated Out, natural gas line control system control process loophole is obtained.
8. natural gas line control system information security test method according to claim 7, which is characterized in that building is attacked It hits in model, carries out Denial of Service attack modeling and integrality attacking analysis according to supplemental characteristic, wherein supplemental characteristic at least wraps Contain: measurement value sensor, measurement value sensor bound, the sensor values and sensor values that programmable controller receives Bound, programmable controller output variable bound, actuator response state, actuator response state mobility scale, operation Member station variable output, and attack duration.
9. natural gas line control system information security test method according to claim 8, which is characterized in that refusal clothes Be engaged in attacking analysis process, include sensor Denial of Service attack, controller Denial of Service attack and actuator Denial of Service attack, For three situations, corresponding challenge model is established respectively.
10. natural gas line control system information security test method according to claim 8, which is characterized in that complete Sexual assault modeling process forges programmable controller comprising distorting sensor acquisition data and programmable controller variable data The director data and operator station that are sent to actuator are sent to the director data of programmable controller;Feelings are distorted and forged to foundation Shape establishes corresponding challenge model respectively.
CN201811623678.XA 2018-12-28 2018-12-28 Natural gas line control system information security test device and method Pending CN109669443A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811623678.XA CN109669443A (en) 2018-12-28 2018-12-28 Natural gas line control system information security test device and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811623678.XA CN109669443A (en) 2018-12-28 2018-12-28 Natural gas line control system information security test device and method

Publications (1)

Publication Number Publication Date
CN109669443A true CN109669443A (en) 2019-04-23

Family

ID=66146450

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811623678.XA Pending CN109669443A (en) 2018-12-28 2018-12-28 Natural gas line control system information security test device and method

Country Status (1)

Country Link
CN (1) CN109669443A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110955157A (en) * 2019-11-11 2020-04-03 沈阳化工大学 Energy system information security simulation platform construction method
CN111273564A (en) * 2020-02-03 2020-06-12 国家工业信息安全发展研究中心 Natural gas conveying system simulation platform
US11322568B2 (en) 2019-12-30 2022-05-03 Wuhan Tianma Micro-Electronics Co., Ltd. Display panel and display device having a micro-cavity structure with transflective layers

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101093058A (en) * 2007-06-28 2007-12-26 天津大学 System and method for automatic monitoring pipeline network of fuel gas in city
US20100243066A1 (en) * 2006-10-18 2010-09-30 Lockheed Martin Corporation Closed-Loop Sensor Tester for Simulating Open-Area Releases
CN102314784A (en) * 2011-04-02 2012-01-11 成都盛特石油装备模拟技术开发有限公司 System and method for simulating natural gas pressurization and distribution for oil and gas storage and transportation
CN104615105A (en) * 2014-12-30 2015-05-13 浙江中控科教仪器设备有限公司 Simulation teaching system for petrochemical industry
CN106168795A (en) * 2016-09-20 2016-11-30 航天长征化学工程股份有限公司 Coal gasification dynamic simulation system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100243066A1 (en) * 2006-10-18 2010-09-30 Lockheed Martin Corporation Closed-Loop Sensor Tester for Simulating Open-Area Releases
CN101093058A (en) * 2007-06-28 2007-12-26 天津大学 System and method for automatic monitoring pipeline network of fuel gas in city
CN102314784A (en) * 2011-04-02 2012-01-11 成都盛特石油装备模拟技术开发有限公司 System and method for simulating natural gas pressurization and distribution for oil and gas storage and transportation
CN104615105A (en) * 2014-12-30 2015-05-13 浙江中控科教仪器设备有限公司 Simulation teaching system for petrochemical industry
CN106168795A (en) * 2016-09-20 2016-11-30 航天长征化学工程股份有限公司 Coal gasification dynamic simulation system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
王亚楠: "过程控制系统欺骗攻击与信息安全防护", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *
路晓: "城市燃气SCADA系统安全模拟平台的设计与实现", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110955157A (en) * 2019-11-11 2020-04-03 沈阳化工大学 Energy system information security simulation platform construction method
US11322568B2 (en) 2019-12-30 2022-05-03 Wuhan Tianma Micro-Electronics Co., Ltd. Display panel and display device having a micro-cavity structure with transflective layers
CN111273564A (en) * 2020-02-03 2020-06-12 国家工业信息安全发展研究中心 Natural gas conveying system simulation platform

Similar Documents

Publication Publication Date Title
CN109669443A (en) Natural gas line control system information security test device and method
Li et al. Modelling of adsorption in rotating packed bed using artificial neural networks (ANN)
CN107308807A (en) A kind of experimental provision for simulating industrial smoke dry desulfurization
CN1105950C (en) Method for blade temp. estimation in a steam turbine
CN103566707A (en) Oil gas recovery device
CN106878257B (en) Industrial network closed-loop control method and system with intelligent attack protection function
CN107609313A (en) A kind of passive safety system analysis method for reliability peculiar to vessel
CN107906375A (en) Pipeline leakage detection method and system based on weighting arrangement entropy
Rajput et al. Process-aware cyberattacks for thermal desalination plants
CN112017070A (en) Method and system for evaluating transient stability of power system based on data enhancement
Du et al. Development of hybrid surrogate model structures for design and optimization of CO2 capture processes: Part I. Vacuum pressure swing adsorption in a confined space
CN206950974U (en) A kind of experimental provision for simulating industrial smoke dry desulfurization
Skjervold et al. Thermal energy storage integration for increased flexibility of a power plant with post-combustion CO2 capture
CN107678879A (en) A kind of apparatus and method verified in real time for bus and memory cell data block
Enaasen et al. Dynamic modeling of the solvent regeneration part of a CO2 capture plant
CN206508586U (en) Recovery system for organic solvent
Yuan et al. Self-consistent mean field model of hydrogel and its numerical simulation
CN203919327U (en) Concrete sample steam curing device
CN203264535U (en) Drying agent regeneration system
Hou et al. On-line monitoring and optimization of performance indexes for limestone wet desulfurization technology
CN204093268U (en) A kind of temperature swing absorption unit for the protection of membrane separation plant
CN104007710A (en) Automatic tracing method of oscillation phenomenon of chemical oscillation circuit
CN209878250U (en) Thermal vibration test system for automobile emission processor
Guo et al. Experimental research on leaf vein geometric characteristics of multibranch horizontal well for coalbed methane recovery
CN207928880U (en) Organic exhaust gas recycling and processing device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20190423