CN113194027A - Safety communication gateway system for industrial internet of automatic wharf - Google Patents
Safety communication gateway system for industrial internet of automatic wharf Download PDFInfo
- Publication number
- CN113194027A CN113194027A CN202110555301.0A CN202110555301A CN113194027A CN 113194027 A CN113194027 A CN 113194027A CN 202110555301 A CN202110555301 A CN 202110555301A CN 113194027 A CN113194027 A CN 113194027A
- Authority
- CN
- China
- Prior art keywords
- module
- management
- log
- safety
- configuration
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004891 communication Methods 0.000 title claims abstract description 61
- 238000004886 process control Methods 0.000 claims abstract description 15
- 238000004519 manufacturing process Methods 0.000 claims abstract description 14
- 238000007726 management method Methods 0.000 claims description 80
- 230000006870 function Effects 0.000 claims description 25
- 238000012550 audit Methods 0.000 claims description 16
- 238000004458 analytical method Methods 0.000 claims description 11
- 238000001914 filtration Methods 0.000 claims description 11
- 230000007123 defense Effects 0.000 claims description 8
- 230000002776 aggregation Effects 0.000 claims description 7
- 238000004220 aggregation Methods 0.000 claims description 7
- 238000012544 monitoring process Methods 0.000 claims description 6
- 238000013475 authorization Methods 0.000 claims description 5
- 238000007689 inspection Methods 0.000 claims description 4
- 238000003860 storage Methods 0.000 claims description 3
- 238000013519 translation Methods 0.000 claims description 3
- 238000013461 design Methods 0.000 abstract description 3
- 238000002955 isolation Methods 0.000 abstract description 3
- 230000000694 effects Effects 0.000 abstract description 2
- 238000010586 diagram Methods 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 4
- 230000002265 prevention Effects 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 3
- 238000000034 method Methods 0.000 description 3
- 230000007480 spreading Effects 0.000 description 2
- 238000003892 spreading Methods 0.000 description 2
- 238000001514 detection method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 239000012634 fragment Substances 0.000 description 1
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 1
- 230000008676 import Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000007482 viral spreading Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/66—Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a safety communication gateway system facing to an industrial internet of an automatic wharf, which comprises a hardware part, a software part and a safety communication gateway, wherein the hardware part comprises a hardware platform module, the software part adopts a B/S mode and comprises a software module, and the safety communication gateway is respectively arranged between a port management layer and the automatic wharf, between a production management layer and a process control layer, between the process control layer and a field equipment layer and between safety domains of the automatic wharf. The safety communication gateway system adopts a modular design, divides the automatic wharf network into different safety channels aiming at the safety risk and the protection target of the automatic wharf network, and defines different safety strategies based on each safety channel, thereby achieving the effects of regional isolation, communication management and control, real-time alarm and centralized configuration and management of network equipment.
Description
Technical Field
The invention relates to the technical field of internet security communication, in particular to a security communication gateway system for an industrial internet of an automatic wharf.
Background
With the gradual realization of global informatization, the automatic container terminal is taken as the key development direction of future ports, the informatization process of the automatic container terminal is continuously accelerated and simultaneously faces the trouble of frequent safety events, and the network technology protection facing the automatic container terminal needs to cover two parts of enterprise network safety and industrial internet safety and run through a port management layer, a production management layer, a process control layer and a field device layer. The boundary protection means of the industrial control network in the prior art has low safety performance, incomplete safety measures and unsatisfactory defense performance.
Disclosure of Invention
The invention aims to provide a safety communication gateway system facing to the industrial internet of an automatic wharf, which adopts a modular design, divides the automatic wharf network into different safety channels aiming at the safety risk and the protection target of the automatic wharf network, and defines different safety strategies based on each safety channel.
In order to achieve the purpose, the invention adopts the following technical scheme:
the invention provides a safety communication gateway system facing an industrial internet of an automatic wharf, which comprises a hardware part, a software part combined with the hardware part and a safety communication gateway facing the industrial internet of the automatic wharf, wherein the hardware part comprises a hardware platform module, the software part adopts a B/S mode and comprises a software module, and the safety communication gateway is respectively arranged between a port management layer and the automatic wharf, between a production management layer and a process control layer, between the process control layer and a field device layer and between safety domains of the automatic wharf.
As one aspect of the secure communication gateway system facing the industrial internet of the automated wharf, the hardware platform module is based on a secure general software platform and comprises:
the Modbus module is used for deeply analyzing a Modbus communication protocol; and/or
The OPC module is used for deeply analyzing an OPC communication protocol; and/or
The network intelligent learning and discovering module is used for intelligently learning the Internet; and/or
And the other module is used for providing a module of hardware configuration for the hardware platform module.
As an aspect of the secure communication gateway system facing the industrial internet of the automation terminal, the hardware platform module further includes:
a configuration client interface for providing configuration and operation services to a user; and/or
And the log sending interface is used for communicating with the log server to realize the functions of log collection, management, audit and alarm.
As one aspect of the safety communication gateway system facing the industrial Internet of the automatic wharf, the configuration client interface and the centralized management and configuration end provide the communication module, the authentication module and the multi-machine management module for the user to provide configuration and operation services for the user through a graphical user interface based on a WINDOS system.
As one aspect of the safety communication gateway system facing the industrial Internet of the automatic wharf, the log sending interface is communicated with the log server and uploads the data of each task/scheduling/reservation/acceptance platform of the automatic wharf to the database ECS and the database HIS based on the WINDOS system, and the functions of log collection, log management, log audit and log alarm are realized.
As one aspect of the secure communication gateway system facing the industrial internet of the automation terminal, the software module comprises:
the packet filtering module is used for realizing the functions of accessing and controlling the user; and/or
The industrial protocol deep analysis module is used for realizing the function of deep inspection on the basic communication protocol; and/or
The intrusion defense module is used for effectively defending various attacks and defending malicious code defense functions of defending attacks such as partial trojans, worms, spyware, buffer overflow software and the like, and can expand a defense range according to the requirements of a wharf site; and/or
And the redundant interface aggregation module is used for binding redundant interfaces generated by two or more physical interfaces, improving the bandwidth in an aggregation mode and increasing the reliability of a network link in a hot standby mode.
As an aspect of the secure communication gateway system facing the industrial internet of the automation terminal, the software module further includes:
the authority management module is used for creating the authority of the configuration administrator; and/or
AAA authentication module, which is used to control the access for the user as the center, and realizes the authentication, authorization and accounting functions of the user; and/or
The safety audit and log alarm module is used for realizing log query, log statistics, alarm, log storage online management, third-party log collection and analysis tool support and keyword replacement functions; and/or
The centralized management module is used for carrying out configuration, management and monitoring through a centralized management platform workstation; and/or the system management module is used for recovering factory configuration, exporting a configuration file of the current equipment and automatically generating rules for protection.
As one aspect of the secure communication gateway system for the industrial internet of the automation terminal, the packet filtering module includes basic access control, two-layer access control, IP/MAC address binding, source/destination address translation and session management.
As one aspect of the secure communication gateway system facing the industrial internet of the automation terminal, the administrator authority includes:
the super administrator is used for creating the authority of the configuration administrator and viewing and configuring the management authority; and/or a super auditor, for establishing authority of the audit administrator and configuring log parameters; and/or
A configuration administrator for configuring various parameters and policies of the security gateway; and/or
And the audit manager is used for checking the configuration parameters of the security gateway and auditing the log.
As one aspect of the safety communication gateway system facing the industrial internet of the automatic wharf, the port management layer comprises a data center, operation and decision support and various wharf management platforms; the production management layer comprises a data center, a wharf operating system, an equipment state monitoring picture and a remote operation platform; the process control layer comprises a wharf equipment management system consisting of a shore bridge management system, a track crane management system and a horizontal transportation management system; the field device layer comprises a bridge crane, an AGV and a track crane.
By adopting the technical scheme, the invention has the following advantages:
the invention provides a safety communication gateway system facing an industrial internet of an automatic wharf according to a deep defense concept of series standards of industrial communication network and system safety, which is a system combining software and hardware, adopts a modular design, faces the automatic wharf, and respectively makes specific safety measures aiming at a port management layer, a production management layer, a process control layer and a field equipment layer so as to achieve the effects of regional isolation, communication management and control, real-time alarm and centralized configuration and management of network equipment.
Drawings
Other features, objects and advantages of the present invention will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, with reference to the accompanying drawings.
FIG. 1 is a device architecture diagram of a hardware platform module of the present invention;
FIG. 2 is a diagram of the deployment of the hardware platform module of the present invention connected to a client via a secure communication gateway;
fig. 3 is a deployment diagram of the secure communication gateway system in the industrial internet of the automated terminal of the present invention.
Detailed Description
The technical solutions of the present invention are described in detail below with reference to the accompanying drawings, and the detailed features and advantages of the present invention are described in detail in the detailed description, which is sufficient for anyone skilled in the art to understand the technical contents of the present invention and implement the present invention, and the related objects and advantages of the present invention can be easily understood by those skilled in the art from the description, the claims and the accompanying drawings disclosed in the present specification.
FIG. 1 shows a device configuration diagram of a hardware platform module; the invention provides a safety communication gateway system facing to an industrial internet of an automatic wharf, which comprises a hardware part, a software part combined with the hardware part and a safety communication gateway facing to the industrial internet of the automatic wharf, wherein: the hardware part includes a hardware platform module, and in one embodiment, the hardware platform module is based on a secure universal software platform (SVP) as shown in fig. 1, and specifically includes: the Modbus module is used for deeply analyzing a Modbus communication protocol; and/or OPC module, the module used for analyzing the depth of OPC communication protocol; and/or the network intelligent learning and finding module is used for intelligently learning the internet; and/or other modules for providing hardware configurations to the hardware platform module.
FIG. 2 is a deployment diagram of the hardware platform module of the present invention connected to a user terminal through a secure communication gateway; in a specific embodiment, the hardware platform module further comprises a configuration client interface for providing configuration and operation services for a user; and/or a log sending interface, which is used for communicating with a log server to realize the functions of log collection, management, audit and alarm. Wherein: the configuration client interface and the centralized management and configuration end provide configuration and operation services for users through a graphical user interface by using a communication module, an authentication module and a multi-machine management module based on a WINDOS system, the log sending interface is communicated with the log server and uploads data of each task/scheduling/reservation/acceptance platform of the automated wharf to a database ECS and a database HIS based on the WINDOS system, and the functions of log collection, log management, log audit and log alarm are specifically shown in FIG. 2.
The invention provides a safety communication gateway system facing to an industrial internet of an automatic wharf, which further comprises a software part, wherein the software part adopts a management mode of a B/S mode, and comprises a software module, and the software module comprises a packet filtering module, an industrial protocol deep analysis module, an intrusion prevention module, a redundant interface aggregation module, an authority management module, an AAA authentication module, a safety audit and log alarm module, a centralized management module and a system management module.
Wherein: and the packet filtering module comprises basic access control (packet filtering), two-layer access control (Ethernet packet filtering), IP/MAC address binding (physical address binding), source/destination address translation (NAT) and session management functions. Based on the access control function of the user, different white list access strategies can be specified according to different operators and engineers; the intelligent current-limiting ARP control function in the two-layer access control function can conveniently and effectively prevent the network storm from spreading, and greatly prolongs the service life of the old PLC on the dock site.
The industrial protocol deep analysis module supports the identification and detection of more than 50 industrial control protocols and carries out deep inspection on OPC, Modbus, DNP3.0, IEC60870-5-104 and Omron FINS protocols. The special technology combined with the state packet filtering can carry out deep inspection on the basis of the state, thereby not only improving the performance, but also greatly improving the safety of the protocols. The technology has good expansibility, and can sequentially expand and support other common industrial control network protocols such as Profibet, Ethernet/IP and the like.
The intrusion prevention module can effectively prevent various fragment attacks, Flood attacks, Winnuke attacks, charge _ Dos attacks, Snork attacks, malicious missing scans, Localhost _ Source _ Spoof attacks, port scanning attacks, Source routing attacks and LAND attacks, and prevent malicious code prevention functions of partial attacks such as Trojan horses, worms, spyware, buffer overflow software and the like, and can expand the prevention range according to the field requirements of the wharf.
The redundant interface aggregation module is used for binding two or more redundant interfaces generated by physical interfaces, improving the bandwidth in an aggregation mode and increasing the reliability of a network link in a hot standby mode; the bridge interfaces generated by binding two or more physical interfaces can be connected into the industrial Internet of the automatic wharf in series; a single physical interface is provided with a plurality of logic sub-interfaces to realize single-arm network topology; different VLANs are divided on the redundant interface, the bridge interface and the physical interface, and the VLAN interface supports the requirement of the VLAN in the industrial network.
The authority management module is used for dividing the administrator authority into four types, namely a super administrator, a super auditor, a configuration administrator and an audit administrator, wherein the super administrator not only has the authority of creating the configuration administrator, but also has the authority of checking and configuring the management; the super auditor not only has the authority to create the audit manager, but also has the configuration log parameters. A configuration administrator may configure various parameters and policies of the security gateway; and the auditing manager can only check the configuration parameters of the security gateway and perform an auditing function on the log.
The AAA Authentication module performs access control with a user as a center, and realizes Authentication (Authentication), Authorization (Authorization), and Accounting (Accounting) functions of the user.
The safety audit and log alarm module has the functions of log query, log statistics, alarm, log storage online management, third-party log collection and analysis tool support and keyword replacement.
And the centralized management module can be used for configuration, management and monitoring through a centralized management platform workstation.
The system management module can support one-key restoration and restore factory configuration; the method supports the import of configuration information through files, and supports the export of configuration files of the current equipment; local upgrading and one-key system upgrading after networking are supported; supporting multi-operation mode switching; supporting the self-learning of all protocols passing through the firewall by the firewall, and automatically generating rules for protection; the management mode based on the management channel and the management address is supported, and the management channel configured with IPv4 and the IPv6 management channel are supported.
FIG. 3 shows a deployment diagram of a secure communication gateway system in the industrial Internet of an automation terminal; the invention provides a safety communication gateway system facing an industrial internet of an automatic wharf, in a specific embodiment, the safety communication gateway facing the industrial internet of the automatic wharf is respectively deployed between a port management layer and the automatic wharf and between a production management layer and a process control layer, the process control layer and a field device layer and the safety domains of the automatic wharf are specifically shown in fig. 3, wherein: the port management layer comprises a data center, operation and decision support and various wharf management platforms; the production management layer comprises a data center, a wharf operating system (TOS), a device state monitoring picture (GUI) and a remote operation platform (ROS); the process control layer mainly comprises a wharf Equipment Management System (EMS) consisting of a Quay Crane Management System (QCMS), a track crane management system (CD) and a horizontal transport management system (VMS); the field equipment layer mainly comprises wharf field equipment such as a bridge crane (STS), an AGV trolley, a track crane and the like.
The port management layer and the automated wharf are deployed in a manner of ensuring data exchange safety of each task/scheduling/appointment/acceptance platform from the management layer, deep analysis and filtration of industrial protocols are achieved, safety protection is implemented on data transmission of service performance, operation decision, production plan and the like, transmission data are prevented from being tampered and stolen, meanwhile, equipment supports security identity authentication based on a domestic cryptographic algorithm, and illegal access and operation of unauthorized users are avoided.
The deployment mode between the production management layer and the process control layer of the automatic wharf disconnects the direct network connection between the management information network and the industrial internet of the automatic wharf from the physical layer, realizes the deep analysis of main industrial communication protocols such as OPC, Modbus and the like and the data synchronization function between ECS (engineering center server) and HIS (high-level infrastructure) of a wharf common database, and realizes the safe data exchange and network isolation of the boundary of the control network and the information network.
The deployment mode between the process control layer and the field device layer can implement interface control and protection on the USB port, the network port and the serial port of the bridge crane and the track crane controller, carry out deep analysis and filtration on an industrial protocol reporting the production state, carry out identity authentication on an operator by applying the identity authentication technology of a domestic cryptographic algorithm, strictly control the access authorization of the field control device, prevent illegal external connection and illegal access, carry out transmission control on sensitive data, avoid important sensitive processing data from being stolen, and prevent spreading and spreading of viruses.
The deployment mode among safety domains of the automatic wharf can ensure the clean and stable operation of the control system in the area at the network boundary of a bridge crane control system, a track crane control system and an AGV trolley control system. The method comprises the steps of carrying out deep analysis and control on an industrial protocol of communication among regions, discovering and prohibiting unauthorized equipment from accessing a network in real time, automatically identifying and protecting sensitive data transmitted by a control system in a code head production region, strictly controlling business operation among the regions, automatically learning and optimizing a boundary protection strategy, identifying normal production communication, preventing illegal operation among different systems, and accordingly guaranteeing the validity of the business operation in each system.
Finally, it should be noted that while the present invention has been described with reference to the specific embodiments thereof, it should be understood by those skilled in the art that the above embodiments are only for illustrating the present invention and are not to be construed as limiting the present invention, and various equivalent changes and substitutions may be made therein without departing from the spirit of the present invention, and therefore, it is intended that all changes and modifications to the above embodiments within the spirit and scope of the present invention be covered by the appended claims.
Claims (10)
1. The utility model provides a safety communication gateway system towards automation pier industry internet which characterized in that, includes the hardware part, with the software part that the hardware part combined together and the safety communication gateway towards automation pier industry internet, the hardware part includes hardware platform module, the software part adopts the B/S mode, includes software module, safety communication gateway deploys respectively between harbour management layer and automation pier, between production management layer and the process control layer, between process control layer and the field device layer and between each security domain of automation pier.
2. The secure communication gateway system oriented to the industrial internet of the automated wharf of claim 1, wherein the hardware platform module is based on a secure general software platform and comprises:
the Modbus module is used for deeply analyzing a Modbus communication protocol; and/or
The OPC module is used for deeply analyzing an OPC communication protocol; and/or
The network intelligent learning and discovering module is used for intelligently learning the Internet; and/or
And the other module is used for providing a module of hardware configuration for the hardware platform module.
3. The automated dock industry internet oriented secure communication gateway system of claim 2, wherein the hardware platform module further comprises:
a configuration client interface for providing configuration and operation services to a user; and/or
And the log sending interface is used for communicating with the log server to realize the functions of log collection, management, audit and alarm.
4. An automated terminal industry internet oriented secure communications gateway system as claimed in claim 3 wherein the configuration client interface and centralized management and configuration end is based on a WINDOWS system providing configuration and operational services to the user via a graphical user interface with the communications module, the authentication module and the multiple machine management module.
5. The safety communication gateway system oriented to the industrial internet of the automated wharf as claimed in claim 3, wherein the log sending interface is in communication with the log server and uploads data of each task/scheduling/reservation/acceptance platform of the automated wharf to the database ECS and the database HIS based on a WINDOS system, and log collection, log management, log audit and log alarm functions are realized.
6. The automated dock industry internet oriented secure communication gateway system of claim 1, wherein the software module comprises:
the packet filtering module is used for realizing the functions of accessing and controlling the user; and/or
The industrial protocol deep analysis module is used for realizing the function of deep inspection on the basic communication protocol; and/or
The intrusion defense module is used for effectively defending various attacks and defending malicious code defense functions of defending attacks such as partial trojans, worms, spyware, buffer overflow software and the like, and can expand a defense range according to the requirements of a wharf site; and/or
And the redundant interface aggregation module is used for binding redundant interfaces generated by two or more physical interfaces, improving the bandwidth in an aggregation mode and increasing the reliability of a network link in a hot standby mode.
7. The automated dock industry internet oriented secure communication gateway system of claim 6, wherein the software modules further comprise:
the authority management module is used for creating the authority of the configuration administrator; and/or
AAA authentication module, which is used to control the access for the user as the center, and realizes the authentication, authorization and accounting functions of the user; and/or
The safety audit and log alarm module is used for realizing log query, log statistics, alarm, log storage online management, third-party log collection and analysis tool support and keyword replacement functions; and/or
The centralized management module is used for carrying out configuration, management and monitoring through a centralized management platform workstation; and/or the system management module is used for recovering factory configuration, exporting a configuration file of the current equipment and automatically generating rules for protection.
8. The secure communications gateway system towards industrial internet of an automated terminal according to claim 6, wherein said packet filtering module comprises basic access control, layer two access control, IP/MAC address binding, source/destination address translation and session management.
9. The automated dock industry internet oriented secure communication gateway system of claim 7, wherein the administrator privileges include:
the super administrator is used for creating the authority of the configuration administrator and viewing and configuring the management authority; and/or a super auditor, for establishing authority of the audit administrator and configuring log parameters; and/or
A configuration administrator for configuring various parameters and policies of the security gateway; and/or
And the audit manager is used for checking the configuration parameters of the security gateway and auditing the log.
10. The secure communication gateway system oriented to the industrial internet of the automated wharf of claim 1, wherein the port management layer comprises a data center, operation and decision support and various wharf management platforms; the production management layer comprises a data center, a wharf operating system, an equipment state monitoring picture and a remote operation platform; the process control layer comprises a wharf equipment management system consisting of a shore bridge management system, a track crane management system and a horizontal transportation management system; the field device layer comprises a bridge crane, an AGV and a track crane.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110555301.0A CN113194027A (en) | 2021-05-21 | 2021-05-21 | Safety communication gateway system for industrial internet of automatic wharf |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110555301.0A CN113194027A (en) | 2021-05-21 | 2021-05-21 | Safety communication gateway system for industrial internet of automatic wharf |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113194027A true CN113194027A (en) | 2021-07-30 |
Family
ID=76984535
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110555301.0A Pending CN113194027A (en) | 2021-05-21 | 2021-05-21 | Safety communication gateway system for industrial internet of automatic wharf |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113194027A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114180365A (en) * | 2022-01-12 | 2022-03-15 | 天津港第二集装箱码头有限公司 | Full-automatic wharf operation management system for loading and unloading along shore |
| CN114745226A (en) * | 2022-03-31 | 2022-07-12 | 和中通信科技有限公司 | Switching center-based cross-domain secure switching method between enterprises |
| CN117240599A (en) * | 2023-11-07 | 2023-12-15 | 国家工业信息安全发展研究中心 | Security protection method, device, equipment, network and storage medium |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080165789A1 (en) * | 2006-12-29 | 2008-07-10 | Prodea Systems, Inc. | Billing, Alarm, Statistics and Log Information Handling in Multi-Services Gateway Device at User Premises |
| CN104320332A (en) * | 2014-11-13 | 2015-01-28 | 济南华汉电气科技有限公司 | Multi-protocol industrial communication safety gateway and communication method with gateway applied |
| CN104683332A (en) * | 2015-02-10 | 2015-06-03 | 杭州优稳自动化系统有限公司 | Security isolation gateway in industrial control network and security isolation method thereof |
| CN104753936A (en) * | 2015-03-24 | 2015-07-01 | 西北工业大学 | Opc security gateway system |
| CN107040459A (en) * | 2017-03-27 | 2017-08-11 | 高岩 | A kind of intelligent industrial secure cloud gateway device system and method |
| CN108494672A (en) * | 2018-04-17 | 2018-09-04 | 上海振华重工(集团)股份有限公司 | A kind of industrial communication gateway, industrial data security isolation system and method |
| CN109474607A (en) * | 2018-12-06 | 2019-03-15 | 连云港杰瑞深软科技有限公司 | A kind of industrial control network safeguard protection monitoring system |
| WO2020032889A2 (en) * | 2018-06-26 | 2020-02-13 | Asartech Arge Tasarim Muhendislik Limited Sirketi | A gateway and a communication network comprising said gateway |
| GB202006718D0 (en) * | 2019-08-19 | 2020-06-17 | Jiangsu Jinheng Information Tech Co Ltd | Data compatible gateway system |
| CN111988438A (en) * | 2020-09-21 | 2020-11-24 | 浙江柯瑞普科技有限公司 | Work site personnel management system |
| CN112738063A (en) * | 2020-12-25 | 2021-04-30 | 山东钢铁集团日照有限公司 | Industrial control system network safety monitoring platform |
-
2021
- 2021-05-21 CN CN202110555301.0A patent/CN113194027A/en active Pending
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080165789A1 (en) * | 2006-12-29 | 2008-07-10 | Prodea Systems, Inc. | Billing, Alarm, Statistics and Log Information Handling in Multi-Services Gateway Device at User Premises |
| CN104320332A (en) * | 2014-11-13 | 2015-01-28 | 济南华汉电气科技有限公司 | Multi-protocol industrial communication safety gateway and communication method with gateway applied |
| CN104683332A (en) * | 2015-02-10 | 2015-06-03 | 杭州优稳自动化系统有限公司 | Security isolation gateway in industrial control network and security isolation method thereof |
| CN104753936A (en) * | 2015-03-24 | 2015-07-01 | 西北工业大学 | Opc security gateway system |
| CN107040459A (en) * | 2017-03-27 | 2017-08-11 | 高岩 | A kind of intelligent industrial secure cloud gateway device system and method |
| CN108494672A (en) * | 2018-04-17 | 2018-09-04 | 上海振华重工(集团)股份有限公司 | A kind of industrial communication gateway, industrial data security isolation system and method |
| WO2020032889A2 (en) * | 2018-06-26 | 2020-02-13 | Asartech Arge Tasarim Muhendislik Limited Sirketi | A gateway and a communication network comprising said gateway |
| CN109474607A (en) * | 2018-12-06 | 2019-03-15 | 连云港杰瑞深软科技有限公司 | A kind of industrial control network safeguard protection monitoring system |
| GB202006718D0 (en) * | 2019-08-19 | 2020-06-17 | Jiangsu Jinheng Information Tech Co Ltd | Data compatible gateway system |
| CN111988438A (en) * | 2020-09-21 | 2020-11-24 | 浙江柯瑞普科技有限公司 | Work site personnel management system |
| CN112738063A (en) * | 2020-12-25 | 2021-04-30 | 山东钢铁集团日照有限公司 | Industrial control system network safety monitoring platform |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114180365A (en) * | 2022-01-12 | 2022-03-15 | 天津港第二集装箱码头有限公司 | Full-automatic wharf operation management system for loading and unloading along shore |
| CN114745226A (en) * | 2022-03-31 | 2022-07-12 | 和中通信科技有限公司 | Switching center-based cross-domain secure switching method between enterprises |
| CN114745226B (en) * | 2022-03-31 | 2023-09-05 | 和中通信科技有限公司 | Inter-enterprise cross-domain security switching method based on switching center |
| CN117240599A (en) * | 2023-11-07 | 2023-12-15 | 国家工业信息安全发展研究中心 | Security protection method, device, equipment, network and storage medium |
| CN117240599B (en) * | 2023-11-07 | 2024-02-20 | 国家工业信息安全发展研究中心 | Security protection method, device, equipment, network and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113194027A (en) | Safety communication gateway system for industrial internet of automatic wharf | |
| US7761923B2 (en) | Process control methods and apparatus for intrusion detection, protection and network hardening | |
| US7051369B1 (en) | System for monitoring network for cracker attack | |
| US7213265B2 (en) | Real time active network compartmentalization | |
| Varadharajan | A practical method to counteract denial of service attacks | |
| CN104320332A (en) | Multi-protocol industrial communication safety gateway and communication method with gateway applied | |
| CN110636086B (en) | Network protection testing method and device | |
| CN214306527U (en) | Gas pipe network scheduling monitoring network safety system | |
| CN213521957U (en) | Network access system based on digital ship network security | |
| Ubaid et al. | Mitigating address spoofing attacks in hybrid SDN | |
| Ward et al. | Cyber security issues for protective relays; c1 working group members of power system relaying committee | |
| Kumar et al. | Protocols, solutions, and testbeds for cyber-attack prevention in industrial SCADA systems | |
| Toosarvandani et al. | The risk assessment and treatment approach in order to provide LAN security based on ISMS standard | |
| KR20020075319A (en) | Intelligent Security Engine and Intelligent and Integrated Security System Employing the Same | |
| Hershey et al. | Procedure for detection of and response to distributed denial of service cyber attacks on complex enterprise systems | |
| Vokorokos et al. | Network security on the intrusion detection system level | |
| Limmer et al. | Survey of event correlation techniques for attack detection in early warning systems | |
| Umasuthan | Protecting the Communications Network at Layer 2 | |
| Peterson | Intrusion detection and cyber security monitoring of SCADA and DCS Networks | |
| Weerathunga et al. | Securing IEDs against cyber threats in critical substation automation and industrial control systems | |
| Ojha et al. | Effective OT Cyber Security for Modern Grid Operations and Asset Management | |
| Kiuchi et al. | Security technologies, usage and guidelines in SCADA system networks | |
| Parmar et al. | Multi-agent approach for anomaly detection in automation networks | |
| Coughlin et al. | EDSGuard: Enforcing network security requirements for energy delivery systems | |
| Haji et al. | Practical security strategy for SCADA automation systems and networks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210730 |
|
| RJ01 | Rejection of invention patent application after publication |