CN109739203B - Industrial network boundary protection system - Google Patents

Industrial network boundary protection system Download PDF

Info

Publication number
CN109739203B
CN109739203B CN201910135999.3A CN201910135999A CN109739203B CN 109739203 B CN109739203 B CN 109739203B CN 201910135999 A CN201910135999 A CN 201910135999A CN 109739203 B CN109739203 B CN 109739203B
Authority
CN
China
Prior art keywords
network
industrial
network system
security
firewall
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910135999.3A
Other languages
Chinese (zh)
Other versions
CN109739203A (en
Inventor
翟宝根
胡容茂
朱广宇
李劲宝
倪玉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing World Village Cloud Data Industry Group Co ltd
Original Assignee
Nanjing World Village Cloud Data Industry Group Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing World Village Cloud Data Industry Group Co ltd filed Critical Nanjing World Village Cloud Data Industry Group Co ltd
Priority to CN201910135999.3A priority Critical patent/CN109739203B/en
Publication of CN109739203A publication Critical patent/CN109739203A/en
Application granted granted Critical
Publication of CN109739203B publication Critical patent/CN109739203B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/02Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]

Abstract

The invention provides an industrial network boundary protection system which comprises a production network system, an data acquisition network system, an office network system and an industrial firewall system, wherein the production network system is connected with the data acquisition network system through the industrial firewall system to realize one-way data transmission, the control and operation of equipment can be finished in the production network, the data acquisition network system comprises an industrial control safety audit platform, and the office network system also comprises an industrial control system information safety supervision and analysis platform, a production scheduling system and a client; the invention can perform behavioral analysis on the communication of the network acquisition system, the production network system and the data acquisition system through the industrial control security audit platform, can complete real-time monitoring of the communication link state in the network through the anomaly monitoring module, improves the security of the industrial network boundary protection system, can perform deep inspection on the data packet based on the application layer through the industrial firewall system, improves the communication security, and has obvious effect on the core asset protection of the production network system.

Description

Industrial network boundary protection system
Technical Field
The invention relates to the field of data application, in particular to an industrial network boundary protection system.
Background
In recent years, the information security incidents of the industrial control system are continuously generated, and malicious software such as a seismic net, a flame, a poison region, a Havex and the like seriously influence the stable operation of key industrial infrastructure, so that the situation that the information security of the industrial control system faces severe is fully reflected. The information security risk and the number of events of the industrial control system still rise, and the situation is very severe.
The primary content of network security isolation protection is to realize access control of network traffic among some important subsystems in a network, which is the basis of network security protection, the security threat faced by the current industrial control network is not only conventional IT attack means or virus infection, but the attack aiming at the security defects and loopholes of the industrial control communication protocol and control equipment can bring more serious harm to the industrial control system, so the grasp of access control granularity becomes the root factor of success or failure of industrial control network security construction, the existing port-level access control strategy cannot protect the attack of malicious codes of the industrial protocol, and an industrial firewall system with an industrial protocol Deep Packet Inspection (DPI) function needs to be arranged at the network boundary to provide more effective industrial protocol application layer protection. Therefore, the invention provides an industrial network boundary protection system to solve the defects in the prior art.
Disclosure of Invention
Aiming at the problems, the invention can perform behavioral analysis on the communication of a network acquisition system, a production network system and a network acquisition system through an industrial control security audit platform, can complete real-time monitoring of the communication link state in the network through an anomaly monitoring module, can summarize and display the abnormal communication generated in the system in an alarm mode, can trace the propagation path of virus trojan in the network, detect whether the industrial control system has security loopholes and hidden dangers, improve the security of an industrial network boundary protection system, can protect ports through an industrial firewall system, can perform deep inspection on data packets based on an application layer, improve the communication security, improve the security of an intelligent manufacturing network on the basis of ensuring the reliability and availability of automation and related network communication information transmission, perfect the security of the intelligent manufacturing network, and prevent attacks, viruses and viruses on core assets of the production network system, The anti-theft effect is obvious.
The invention provides an industrial network boundary protection system, which comprises a production network system, an data acquisition network system, an office network system and an industrial firewall system, wherein the production network system comprises a PLC (programmable logic controller), a sensor, an intelligent instrument and a DCS (distributed control system), the PLC, the sensor, the intelligent instrument and the DCS are all connected with the data acquisition network system through the industrial firewall system, the PLC, the sensor and the intelligent instrument are all independently connected with a station control server, the production network system is connected with the data acquisition network system through the industrial firewall system to realize data unidirectional transmission, the control and operation of equipment can be completed in the production network, the data acquisition network system comprises an industrial control safety audit platform, an acquisition server, a real-time database, a Web database server and a relational database, the acquisition server, the real-time database, the Web database server and the relational database are all connected with the industrial control safety audit platform, the collection server and the real-time database are used for collecting and updating real-time data of the PLC, the sensor and the intelligent instrument, the Web database server and the relational database are used for processing data of the DCS, the data acquisition network system is connected with the office network system through an industrial firewall system, the office network system also comprises an industrial control safety audit platform, the real-time database, the Web database server and the relational database, the industrial control safety audit platform can conduct behavior analysis on communication of the data acquisition network system, the production network system and the data acquisition network system, the office network system also comprises an industrial control system information safety supervision and analysis platform, a production scheduling system and a client, the industrial control system information safety supervision and analysis platform comprises an abnormity monitoring module, a trusted computing terminal, a mobile storage medium management and control system and a network safety management platform, the system comprises an abnormality monitoring module, a trusted computing terminal, a network security management platform, a mobile storage medium management system and a network security management platform, wherein the abnormality monitoring module is connected with the trusted computing terminal, the abnormality monitoring module, the trusted computing terminal and the mobile storage medium management system are all connected with the network security management platform, and the network security management platform is used for receiving alarms and logs from an industrial firewall system and the trusted terminal;
the industrial firewall system uses the technology of an industrial communication protocol white list, and is internally provided with a PC/Modbus/DNP3 and a Profinet proprietary industrial communication protocol;
the industrial firewall system is internally provided with a firewall configuration online modification module, and the firewall configuration online modification module can modify the industrial firewall system strategy of the configuration in real time without influencing the real-time communication of a factory;
the firewall configuration online modification module is powered by double power supplies and is provided with a power failure alarm output unit, and the firewall configuration online modification module can be configured with a Bypass function;
the abnormal monitoring module comprises a network data flow monitoring unit, a network abnormal data alarming and tracing unit, an operation record and protocol depth analyzing unit, an information stealing alarming unit and an unknown equipment access prompting unit, wherein the network data flow monitoring unit, the network abnormal data alarming and tracing unit, the operation record and protocol depth analyzing unit, the information stealing alarming unit and the unknown equipment access prompting unit cooperate to complete real-time monitoring of the communication link state in the network, collect and display abnormal communication generated in the system in an alarming mode, trace the propagation path of the virus Trojan in the network, and detect whether a safety leak and a hidden danger exist in the industrial control system.
The further improvement lies in that: the trusted computing terminal is a trusted computing terminal with cipher hardware as a core and is used for realizing the security and the credibility of a communication environment among a computing environment, a production network system, a data acquisition network system and an office network system.
The further improvement lies in that: the trusted computing terminal comprises an authorization server and a security client, wherein the security client is used for comprehensively measuring all processes of the system and submitting measurement information to the authorization server, the authorization server can edit the received measurement information to generate a white list and then provide the white list for the security client to download, the security client protects the system and application according to the downloaded white list and uploads abnormal information and interception logs in the system and the application to an industrial control security audit platform.
The further improvement lies in that: the mobile storage medium management and control system can realize the identity authentication of the host computer to the mobile storage medium, the access control of the host computer to the mobile storage medium and the downloading and updating of the access information of the host computer.
The further improvement lies in that: the industrial control security audit platform also realizes strict audit on access and use behaviors of the mobile equipment, and audit contents comprise access time, an access operation station, an access subject, an accessed object, an access mode, an access result, date and time and user information.
The invention has the beneficial effects that: the system can perform behavioral analysis on the communication of a network acquisition system, a production network system and the network acquisition system through an industrial control security audit platform, can monitor the state of a communication link in the network in real time through an anomaly monitoring module, collect and display the anomaly communication generated in the system in an alarm mode, trace the propagation path of a virus trojan in the network, detect whether the industrial control system has security loopholes and hidden dangers, improve the security of an industrial network boundary protection system, can protect ports through an industrial firewall system, can perform deep inspection on data packets based on an application layer, improve the communication security, improve the security of an intelligent manufacturing network on the basis of ensuring the reliability and the availability of automation and related network communication information transmission, have obvious effects of preventing attacks, viruses and stealing of core assets of the production network system, and can modify the strategy of the configured industrial firewall system in real time through a firewall configuration online modification module The real-time communication of a factory is not influenced, the project implementation risk is greatly reduced, the communication environment between a computing environment, a production network system, a data acquisition network system and an office network system can be safe and credible through the credible computing terminal, unknown malicious codes are damaged in immunity, and high-level malicious attacks can be responded.
Drawings
FIG. 1 is a schematic diagram of the system of the present invention.
Detailed Description
In order to further understand the present invention, the following detailed description will be made with reference to the following examples, which are only used for explaining the present invention and are not to be construed as limiting the scope of the present invention.
According to fig. 1, the embodiment provides an industrial network boundary protection system, which includes a production network system, a data acquisition network system, an office network system and an industrial firewall system, wherein the production network system includes a PLC, a sensor, an intelligent instrument and a DCS system, the PLC, the sensor, the intelligent instrument and the DCS system are all connected to the data acquisition network system through the industrial firewall system, and the PLC, the sensor and the intelligent instrument are all separately connected to a station control server, the production network system is connected to the data acquisition network system through the industrial firewall system to realize unidirectional data transmission, control and operation of equipment can be completed in the production network, the data acquisition network system includes an industrial control security audit platform, an acquisition server, a real-time database, a Web database server and a relational database, the acquisition server, the real-time database, the Web database server and the relational database are all connected to the industrial control security audit platform, the collection server and the real-time database are used for collecting and updating real-time data of the PLC, the sensor and the intelligent instrument, the Web database server and the relational database are used for processing data of the DCS, the data acquisition network system is connected with the office network system through an industrial firewall system, the office network system also comprises an industrial control safety audit platform, the real-time database, the Web database server and the relational database, the industrial control safety audit platform can conduct behavior analysis on communication of the data acquisition network system, the production network system and the data acquisition network system, the office network system also comprises an industrial control system information safety supervision and analysis platform, a production scheduling system and a client, the industrial control system information safety supervision and analysis platform comprises an abnormity monitoring module, a trusted computing terminal, a mobile storage medium management and control system and a network safety management platform, the system comprises an abnormality monitoring module, a trusted computing terminal, a network security management platform, a mobile storage medium management system and a network security management platform, wherein the abnormality monitoring module is connected with the trusted computing terminal, the abnormality monitoring module, the trusted computing terminal and the mobile storage medium management system are all connected with the network security management platform, and the network security management platform is used for receiving alarms and logs from an industrial firewall system and the trusted terminal;
the industrial firewall system uses the technology of an industrial communication protocol white list, and is internally provided with a PC/Modbus/DNP3 and a Profinet proprietary industrial communication protocol;
the industrial firewall system is internally provided with a firewall configuration online modification module, and the firewall configuration online modification module can modify the industrial firewall system strategy of the configuration in real time without influencing the real-time communication of a factory;
the firewall configuration online modification module is powered by double power supplies and is provided with a power failure alarm output unit, and the firewall configuration online modification module can be configured with a Bypass function;
the abnormal monitoring module comprises a network data flow monitoring unit, a network abnormal data alarming and tracing unit, an operation record and protocol depth analyzing unit, an information stealing alarming unit and an unknown equipment access prompting unit, wherein the network data flow monitoring unit, the network abnormal data alarming and tracing unit, the operation record and protocol depth analyzing unit, the information stealing alarming unit and the unknown equipment access prompting unit cooperate to complete real-time monitoring of the communication link state in the network, collect and display abnormal communication generated in the system in an alarming mode, trace the propagation path of the virus Trojan in the network, and detect whether a safety leak and a hidden danger exist in the industrial control system.
The trusted computing terminal is a trusted computing terminal with cipher hardware as a core and is used for realizing the security and the credibility of a communication environment among a computing environment, a production network system, a data acquisition network system and an office network system.
The trusted computing terminal comprises an authorization server and a security client, wherein the security client is used for comprehensively measuring all processes of the system and submitting measurement information to the authorization server, the authorization server can edit the received measurement information to generate a white list and then provide the white list for the security client to download, the security client protects the system and application according to the downloaded white list and uploads abnormal information and interception logs in the system and the application to an industrial control security audit platform.
The mobile storage medium management and control system can realize the identity authentication of the host computer to the mobile storage medium, the access control of the host computer to the mobile storage medium and the downloading and updating of the access information of the host computer.
The industrial control security audit platform also realizes strict audit on access and use behaviors of the mobile equipment, and audit contents comprise access time, an access operation station, an access subject, an accessed object, an access mode, an access result, date and time and user information.
The system can perform behavioral analysis on the communication of a network acquisition system, a production network system and the network acquisition system through an industrial control security audit platform, can monitor the state of a communication link in the network in real time through an anomaly monitoring module, collect and display the anomaly communication generated in the system in an alarm mode, trace the propagation path of a virus trojan in the network, detect whether the industrial control system has security loopholes and hidden dangers, improve the security of an industrial network boundary protection system, can protect ports through an industrial firewall system, can perform deep inspection on data packets based on an application layer, improve the communication security, improve the security of an intelligent manufacturing network on the basis of ensuring the reliability and the availability of automation and related network communication information transmission, have obvious effects of preventing attacks, viruses and stealing of core assets of the production network system, and can modify the strategy of the configured industrial firewall system in real time through a firewall configuration online modification module The real-time communication of a factory is not influenced, the project implementation risk is greatly reduced, the communication environment between a computing environment, a production network system, a data acquisition network system and an office network system can be safe and credible through the credible computing terminal, unknown malicious codes are damaged in immunity, and high-level malicious attacks can be responded.
The foregoing illustrates and describes the principles, general features, and advantages of the present invention. It will be understood by those skilled in the art that the present invention is not limited to the embodiments described above, which are described in the specification and illustrated only to illustrate the principle of the present invention, but that various changes and modifications may be made therein without departing from the spirit and scope of the present invention, which fall within the scope of the invention as claimed. The scope of the invention is defined by the appended claims and equivalents thereof.

Claims (5)

1. An industrial network boundary protection system, characterized by: the production network system comprises a production network system, a data acquisition network system, an office network system and an industrial firewall system, wherein the production network system comprises a PLC (programmable logic controller), a sensor, an intelligent instrument and a DCS (distributed control system), the PLC, the sensor, the intelligent instrument and the DCS are all connected with the data acquisition network system through the industrial firewall system, the PLC, the sensor and the intelligent instrument are all independently connected with a station control server, the production network system is connected with the data acquisition network system through the industrial firewall system to realize data one-way transmission, control and operation of equipment can be completed in the production network, the data acquisition network system comprises an industrial control safety audit platform, an acquisition server, a real-time database, a Web database server and a relational database, the acquisition server, the real-time database, the Web database server and the relational database are all connected with the industrial control safety audit platform, and the acquisition server and the real-time database are used for acquiring and updating the PLC, The system comprises a sensor and real-time data of an intelligent instrument, wherein a Web database server and a relational database are used for processing data of a DCS (distributed control system), the data acquisition network system is connected with an office network system through an industrial firewall system, the office network system also comprises an industrial control safety audit platform, a real-time database, a Web database server and a relational database, the industrial control safety audit platform can conduct behavior analysis on communication of the data acquisition network system, a production network system and the data acquisition network system, the office network system also comprises an industrial control system information safety supervision and analysis platform, a production scheduling system and a client, the industrial control system information safety supervision and analysis platform comprises an abnormity monitoring module, a trusted computing terminal, a mobile storage medium management and control system and a network safety management platform, the abnormity monitoring module is connected with the trusted computing terminal, and the abnormity monitoring module, the Web database server and the relational database are used for processing the data of the DCS system, The trusted computing terminal and the mobile storage medium management and control system are both connected with a network security management platform, and the network security management platform is used for receiving alarms and logs from the industrial firewall system and the trusted terminal;
the industrial firewall system uses the technology of an industrial communication protocol white list, and is internally provided with a PC/Modbus/DNP3 and a Profinet proprietary industrial communication protocol;
the industrial firewall system is internally provided with a firewall configuration online modification module, and the firewall configuration online modification module can modify the industrial firewall system strategy of the configuration in real time without influencing the real-time communication of a factory;
the firewall configuration online modification module is powered by double power supplies and is provided with a power failure alarm output unit, and the firewall configuration online modification module can be configured with a Bypass function;
the abnormal monitoring module comprises a network data flow monitoring unit, a network abnormal data alarming and tracing unit, an operation record and protocol depth analyzing unit, an information stealing alarming unit and an unknown equipment access prompting unit, wherein the network data flow monitoring unit, the network abnormal data alarming and tracing unit, the operation record and protocol depth analyzing unit, the information stealing alarming unit and the unknown equipment access prompting unit cooperate to complete real-time monitoring of the communication link state in the network, collect and display abnormal communication generated in the system in an alarming mode, trace the propagation path of the virus Trojan in the network, and detect whether a safety leak and a hidden danger exist in the industrial control system.
2. The industrial network boundary defense system of claim 1, wherein: the trusted computing terminal is a trusted computing terminal with cipher hardware as a core and is used for realizing the security and the credibility of a communication environment among a computing environment, a production network system, a data acquisition network system and an office network system.
3. The industrial network boundary defense system of claim 1, wherein: the trusted computing terminal comprises an authorization server and a security client, wherein the security client is used for comprehensively measuring all processes of the system and submitting measurement information to the authorization server, the authorization server can edit the received measurement information to generate a white list and then provide the white list for the security client to download, the security client protects the system and application according to the downloaded white list and uploads abnormal information and interception logs in the system and the application to an industrial control security audit platform.
4. The industrial network boundary defense system of claim 1, wherein: the mobile storage medium management and control system can realize the identity authentication of the host computer to the mobile storage medium, the access control of the host computer to the mobile storage medium and the downloading and updating of the access information of the host computer.
5. The industrial network boundary defense system of claim 1, wherein: the industrial control security audit platform also realizes strict audit on access and use behaviors of the mobile equipment, and audit contents comprise access time, an access operation station, an access subject, an accessed object, an access mode, an access result, date and time and user information.
CN201910135999.3A 2019-02-25 2019-02-25 Industrial network boundary protection system Active CN109739203B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910135999.3A CN109739203B (en) 2019-02-25 2019-02-25 Industrial network boundary protection system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910135999.3A CN109739203B (en) 2019-02-25 2019-02-25 Industrial network boundary protection system

Publications (2)

Publication Number Publication Date
CN109739203A CN109739203A (en) 2019-05-10
CN109739203B true CN109739203B (en) 2021-09-21

Family

ID=66368104

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910135999.3A Active CN109739203B (en) 2019-02-25 2019-02-25 Industrial network boundary protection system

Country Status (1)

Country Link
CN (1) CN109739203B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113315794A (en) * 2020-02-26 2021-08-27 宝山钢铁股份有限公司 Hardware architecture of computing system network for online intelligent analysis of blast furnace production
CN112073431B (en) * 2020-09-24 2021-12-07 中广核工程有限公司 Security defense method and system for industrial control system network
CN112258683B (en) * 2020-10-20 2022-07-01 云账户技术(天津)有限公司 Inspection method and device for business system
CN112838948A (en) * 2020-12-30 2021-05-25 江苏亨通工控安全研究院有限公司 Integrated industrial safety supervision and analysis system
CN113176765A (en) * 2021-04-22 2021-07-27 深圳市威斯登信息科技有限公司 Safety monitoring method and system for operation state of industrial control device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1422585A3 (en) * 2002-11-19 2004-10-13 Rockwell Software Inc. System and methodology providing audit recording and tracking in real time industrial controller environment
CN102546638A (en) * 2012-01-12 2012-07-04 冶金自动化研究设计院 Scene-based hybrid invasion detection method and system
CN103036886A (en) * 2012-12-19 2013-04-10 珠海市鸿瑞软件技术有限公司 Industrial controlling network safety protecting method
CN103441926A (en) * 2013-08-27 2013-12-11 西北工业大学 Security gateway system of numerically-controlled machine tool network
CN106559399A (en) * 2015-09-30 2017-04-05 北京军地联合网络技术中心 A kind of the Internet mobile terminal synthesis managing and control system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1422585A3 (en) * 2002-11-19 2004-10-13 Rockwell Software Inc. System and methodology providing audit recording and tracking in real time industrial controller environment
CN102546638A (en) * 2012-01-12 2012-07-04 冶金自动化研究设计院 Scene-based hybrid invasion detection method and system
CN103036886A (en) * 2012-12-19 2013-04-10 珠海市鸿瑞软件技术有限公司 Industrial controlling network safety protecting method
CN103441926A (en) * 2013-08-27 2013-12-11 西北工业大学 Security gateway system of numerically-controlled machine tool network
CN106559399A (en) * 2015-09-30 2017-04-05 北京军地联合网络技术中心 A kind of the Internet mobile terminal synthesis managing and control system

Also Published As

Publication number Publication date
CN109739203A (en) 2019-05-10

Similar Documents

Publication Publication Date Title
CN109739203B (en) Industrial network boundary protection system
Zolanvari et al. Machine learning-based network vulnerability analysis of industrial Internet of Things
Yaacoub et al. Cyber-physical systems security: Limitations, issues and future trends
Pliatsios et al. A survey on SCADA systems: secure protocols, incidents, threats and tactics
Lin et al. Cyber attack and defense on industry control systems
Tsiknas et al. Cyber threats to industrial IoT: a survey on attacks and countermeasures
EP1887754B1 (en) A system that provides early detection, alert, and response to electronic threats
Jardine et al. Senami: Selective non-invasive active monitoring for ics intrusion detection
CN109922085B (en) Safety protection system and method based on CIP (common interface protocol) in PLC (programmable logic controller)
CN111245793A (en) Method and device for analyzing abnormity of network data
Eden et al. A forensic taxonomy of SCADA systems and approach to incident response
US20210273957A1 (en) Cyber security for software-as-a-service factoring risk
CN111835680A (en) Safety protection system of industry automatic manufacturing
Abouzakhar Critical infrastructure cybersecurity: a review of recent threats and violations
Yang et al. Harmonizing safety and security risk analysis and prevention in cyber-physical systems
Djenna et al. Internet of things meet internet of threats: New concern cyber security issues of critical cyber infrastructure
Gao Cyberthreats, attacks and intrusion detection in supervisory control and data acquisition networks
Pan et al. Anomaly behavior analysis for building automation systems
Zhang et al. Investigating the impact of cyber attacks on power system reliability
Satyanarayana Detection and blocking of replay, false command, and false access injection commands in scada systems with modbus protocol
Kamal et al. Identifying and scoring vulnerability in scada environments
Sand Incident handling, forensics sensors and information sources in industrial control systems
AbuEmera et al. Security Framework for Identifying threats in Smart Manufacturing Systems Using STRIDE Approach
Yılmaz et al. ICS Cyber Attack Analysis and a New Diagnosis Approach
Thiriet et al. Some Considerations on Dependability Issues and Cyber-Security of Cyber-Physical Systems

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant