工业以太网协议脆弱性与安全防护技术综述

冯涛; 鲁晔; 方君丽

doi:10.11959/j.issn.1000-436x.2017277

您当前的位置：

首页 >

文章列表页 >

工业以太网协议脆弱性与安全防护技术综述

综述 | 更新时间：2024-06-05

- 工业以太网协议脆弱性与安全防护技术综述
- Research on vulnerability and security technology of industrial Ethernet protocol
- 通信学报 2017年38卷第Z2期页码：185-196
- 作者机构：
  
  1. 兰州理工大学计算机与通信学院，甘肃兰州 730050
  2. 兰州理工大学电气工程与信息工程学院，甘肃兰州 730050
  3. 甘肃省工业工程先进控制重点实验室，甘肃兰州 730050
  4. 兰州理工大学电气与控制工程国家级实验教学示范中心，甘肃兰州 730050
- 作者简介：
  
  [ "冯涛（1970-），男，甘肃临洮人，博士，兰州理工大学研究员、博士生导师，主要研究方向为网络与信息安全、密码学。" ]
  [ "鲁晔（1986-），男，陕西宝鸡人，兰州理工大学博士生，主要研究方向为工业控制网络安全与协议安全。" ]
  [ "方君丽（1985-），女，甘肃天水人，兰州理工大学讲师，主要研究方向为网络与信息安全。" ]
- 基金信息：
  
  国家自然科学基金资助项目(61462060);国家自然科学基金资助项目(61762060);甘肃省科技计划青年科技基金计划(1610RJYA008)
- DOI：10.11959/j.issn.1000-436x.2017277
  中图分类号： TP309
- 网络出版日期：2017-11，
  
  纸质出版日期：2017-11-25
- 稿件说明：
移动端阅览
冯涛, 鲁晔, 方君丽. 工业以太网协议脆弱性与安全防护技术综述[J]. 通信学报, 2017,38(Z2):185-196.

Tao FENG, Ye LU, Jun-li FANG. Research on vulnerability and security technology of industrial Ethernet protocol[J]. Journal on communications, 2017, 38(Z2): 185-196.
冯涛, 鲁晔, 方君丽. 工业以太网协议脆弱性与安全防护技术综述[J]. 通信学报, 2017,38(Z2):185-196. DOI： 10.11959/j.issn.1000-436x.2017277.

Tao FENG, Ye LU, Jun-li FANG. Research on vulnerability and security technology of industrial Ethernet protocol[J]. Journal on communications, 2017, 38(Z2): 185-196. DOI： 10.11959/j.issn.1000-436x.2017277.

摘要

为解决工业控制系统信息安全问题，对工业以太网协议安全进行深入研究，报告了协议安全防护的研究现状。首先论述了工业控制系统和工业以太网协议的体系结构，分析了5种主要协议的脆弱性。其次从外部主动防御技术、内部被动防御技术和协议安全改进三个方面，提出完善的工业以太网协议安全防护模型，并对主要防护技术进行论述，最后指出未来工业以太网协议信息安全改进的发展方向和研究方法。

Abstract

To solve the information security of industrial control system

the safety of industrial Ethernet protocol was studied deeply

the research status of protocol security protection was reported and the vulnerability of the five-major protocol was analyzed.Firstly

the architecture of industrial control system and industrial Ethernet protocol was discussed.Secondly

from the three aspects of external active defense technology

internal passive defense technology and protocol security improvement

a perfect industrial Ethernet protocol security protection model was put forward

and the main protection technology was discussed.Finally

the future development direction and research ideas of information security improvement of industrial Ethernet protocol were pointed out.

关键词

Keywords

references

袁胜 . 中国制造 2025,工控安全不容忽视——工业控制系统被谁“反控” [J ] . 中国信息安全 , 2016 ( 4 ): 44 - 47 .

YUAN S . Made in China 2025,industrial safety can not be ignored industrial control system who "anti-control" [J ] . China Information Security , 2016 ( 4 ): 44 - 47 .

罗军舟 , 杨明 , 凌振 , 等 . 网络空间安全体系与关键技术 [J ] . 中国科学:信息科学 , 2016 , 46 ( 8 ):939.

LUO J Z , YANG M , LIN Z , et al . Cyberspace security system and key technologies [J ] . Scientia Sinica Information , 2016 , 46 ( 8 ): 9 - 39 .

屈婉莹 , 魏为民 , 朱苏榕 . 工业控制系统通信协议安全研究 [C ] \\ 全国智能电网用户端能源管理学术年会 . 2015 .

QU W Y , WEI W M , ZHU S R . Research on communication protocol security of industrial control system [C ] // Clients nationwide smart grid energy management Annual Conference . 2015 .

陶耀东 , 李宁 , 曾广圣 . 工业控制系统安全综述 [J ] . 计算机工程与应用 , 2016 , 52 ( 13 ): 8 - 18 .

TAO Y D , LI N , ZENG G S.Review of industrial control systems security . Computer Engineering and Applications [J ] . Computer Engineering and Applications , 2016 , 52 ( 13 ): 8 - 18 .

柴天佑 . 工业过程控制系统研究现状与发展方向 [J ] . 中国科学:信息科学 , 2016 , 46 ( 8 ):1003.

CHAI T Y . Research status and development direction of industrial process control system [J ] . Scientia Sinica Information , 2016 , 46 ( 8 ):1003.

夏春明 , 刘涛 , 王华忠 , 等 . 工业控制系统信息安全现状及发展趋势 [J ] . 信息安全与技术 , 2013 , 4 ( 2 ): 13 - 18 .

XIA C M , LIU T , WANG Z H , et al . Industrial control system security analysis [J ] . Information Security and Technology , 2013 , 4 ( 2 ): 13 - 18 .

PIGGIN R S H , . Development of industrial cyber security standards:IEC 62443 for SCADA and industrial control system security [C ] // Control and Automation 2013:Uniting Problems and Solutions,IET , 2013 : 1 - 6 .

彭勇 , 江常青 , 谢丰 , 等 . 工业控制系统信息安全研究进展 [J ] . 清华大学学报自然科学版 , 2012 ( 10 ): 1396 - 1408 .

PENG Y , JIANG C Q , XIE F , et al . Industrial control system cyber security research [J ] . Tsinghua Univ (Sci＆Tech) , 2012 ( 10 ): 1396 - 1408 .

SHAHZAD A , LEE M , LEE Y K , et al . Real time MODBUS transmissions and cryptography security designs and enhancements of protocol sensitive information [J ] . Symmetry , 2015 , 7 ( 3 ): 1176 - 1210 .

NARDONE R , RODRÍGUEZ R J , MARRONE S . Formal security assessment of Modbus protocol [C ] // Internet Technology and Secured Transactions . 2017 .

KOBAYASHI T H , JR A B B , MEDEIROS J P S , et al . Analysis of malicious Traffic in Modbus/TCP Communications [C ] // International Workshop on Critical Information Infrastructures Security . Springer Berlin Heidelberg , 2008 : 200 - 210 .

HUITSING P , CHANDIA R , PAPA M , et al . Attack taxonomies for the Modbus protocols [J ] . International Journal of Critical Infrastructure Protection , 2008 , 1 ( 1 ): 37 - 44 .

GRANDGENETT R , GANDHI R , MAHDNEY W . Exploitation of Allen Bradley's implementation of Ethernet/IP for denial of service against industrial control systems [C ] \\ 9th International Conference on Cyber Warfare and Security , 2014 : 58 - 65 .

LAUGHTER S A , WILLIAMS R D . An Ethernet/IP security review with intrusion detection applications [J ] . Science , 2006 , 105 ( 2731 ): 475 - 6 .

孙溪 . CIP Safety网络协议通信层协议关键技术的分析 [J ] . 仪器仪表标准化与计量 , 2014 ( 4 ): 28 - 30 .

SUN X , . Analysis of the key technology for communication layer protocol in CIP [J ] . safety and Metrology 2014 ( 4 ): 28 - 30 .

ZHANG D , WANG J , ZHANG H . Peach improvement on PROFINET-DCP for industrial control system vulnerability detection [C ] // International Conference on Electrical,Computer Engineering and Electronics . 2015 .

ÂKERBERG J , BJÖRKMAN M , . Exploring security in PROFINET IO [C ] // Computer Software and Applications Conference,2009.COMPSAC '09.IEEE International . 2009 : 406 - 412 .

LEHNHOFF S , ROHJANS S , USLAR M , et al . OPC unified architecture:a service-oriented architecture for smart grids [C ] // International Workshop on Software Engineering for the Smart Grid . 2012 : 1 - 7 .

PUYS M , POTET M L , LAFOURCADE P . Formal analysis of security properties on the OPC-UA SCADA protocol [C ] // International Conference on Computer Safety,Reliability,and Security . Springer International Publishing , 2016 : 67 - 75 .

HUANG R , FENG L , PAN D . Research on OPC UA security [C ] // Industrial Electronics and Applications . 2010 : 1439 - 1444 .

QIAO J X . Research on OPC security mechanism based on MTS/COM+ [J ] . Computer Technology ＆ Development , 2007 .

BAGARIA S , PRABHAKAR S B , SAQUIB Z . Flexi-DNP3:flexible distributed network protocol version 3 (DNP3) for SCADA security [C ] // International Conference on Recent Trends in Information Systems . 2012 : 293 - 296 .

MAJDALAWIEH M , PARISIPRESICCE F , WIJESEKERA D . DNPSec:distributed network protocol version 3 (DNP3) security framework [M ] . Advances in Computer,Information,and Systems Sciences,and Engineering . 2007 ： 227 - 234 .

CRAIN J A , BRATUS S . Bolt-on security extensions for industrial control system protocols:A case study of DNP3 SAv5 [J ] . IEEE Security ＆ Privacy Magazine , 2015 , 13 ( 3 ): 74 - 79 .

IAN Y X , . Real-time and interactive attacks on DNP3 critical infrastructure using Scapy [C ] // Australasian Information Security Conference (ACSW-AISC) . 2015 .

DARWISH I , IGBE O , SAADAWI T . Vulnerability assessment and experimentation of Smart Grid DNP3 [J ] . Journal of Cyber Security , 2016 , 5 ( 1 ): 23 - 54 .

JIN D , NICOL D M , YAN G . An event buffer flooding attack in DNP3 controlled SCADA systems [C ] // Simulation Conference . 2011 : 2619 - 2631 .

张盛山 , 尚文利 , 万明 , 等 . 基于区域/边界规则的Modbus TCP通讯安全防御模型 [J ] . 计算机工程与设计 , 2014 , 35 ( 11 ): 3701 - 3707 .

ZHANG S S , SHANG W L , WAN M , et al . Security defense module of Modbus TCP communication based on region/enclave rules [J ] . Computer Engineering and Design , 2014 , 35 ( 11 ): 3701 - 3707 .

KATO W M I , KOIKE M , MATTA M . Dynamic zoning based on situational activities for ICS security [C ] // The 10th Asian Control Conference(ASCC) . 2015 : 1 - 5 .

JEON B S , NA J C . A study of cyber security policy in industrial control system using data diodes [C ] // The 18th International Conference on Advanced Communication Technology (ICACT) . 2016 : 314 - 317 .

ICS-CERT . Targeted cyber intrusion detection and mitigation strategies [R ] . Washington:DHS , 2013 -02.

FOVINO I N , CARCANO A , MUREL T D L , et al . Modbus/DNP3 State-Based Intrusion Detection System [C ] // IEEE International Conference on Advanced Information NETWORKING and Applications . 2010 : 729 - 736 .

姜伟伟 , 刘光杰 , 戴跃伟 . 基于Snort的Modbus TCP工控协议异常数据检测规则设计 [J ] . 计算机科学 , 2015 , 42 ( 11 ): 212 - 216 .

JIANG W W , LIU G J , DAI Y W . Design of Modbus TCP industrial control network protocol abnormal data detection rules based on snort [J ] . Computer Science , 2015 , 42 ( 11 ): 212 - 216 .

赖英旭 , 刘增辉 , 蔡晓田 , 等 . 工业控制系统入侵检测研究综述 [J ] . 通信学报 , 2017 , 38 ( 2 ): 143 - 156 .

LAI Y X , LIU Z H , CAI X T , et al . Research on intrusion detection of industrial control system [J ] . Journal on Communications , 2017 , 38 ( 2 ): 143 - 156 .

WILHIOT K . Who’s really attacking your ICS equipment [R ] . Silicon Valley：Trend Micro Incorporated , 2013 .

周昆 . 一种基于 Honeyd 的过程控制蜜罐系统的平台搭建研究 [D ] . 上海:华东理工大学 , 2014 .

ZHOU K . A honeypot process control system platform based on honeyd [D ] . Shanghai:East China University of Science and Technology , 2014 .

PONOMAREV S , ATKISON T . Industrial control system network intrusion detection by telemetry analysis [J ] . IEEE Transactions on Dependable and Secure Computing , 2016 , 13 ( 2 ): 252 - 260 .

于长奇 . 工控设备漏洞挖掘技术研究 [D ] . 北京:北京邮电大学 , 2015 .

YU C Q . The Study of Industrial Control System Device Vulnerability Discovery [D ] . Beijing:Beijing University of Posts and Telecommunications , 2015 .

王欢欢 . 工控系统漏洞扫描技术的研究 [D ] . 北京:北京邮电大学 , 2015 .

WANG H H . Research on vulnerability scanning technology of industrial control system [D ] . Beijing University of Posts and Telecommunications , 2015 .

伊胜伟 , 张翀斌 , 谢丰 , 等 . 基于Peach的工业控制网络协议安全分析研究 [J ] . 清华大学学报自然科学版 , 2017 , 57 ( 1 ): 50 - 54 .

YI S W , ZHANG C B , XIE F , et al . Security analysis of industrial control network protocols based on Peach [J ] . J Tsinghua Univ (Sci ＆Technol) , 2017 , 57 ( 1 ): 50 - 54 .

CHEUNG S , DUTERTRE B , FONG M , et al . Using model-based intrusion detection for SCADA networks [C ] // The Scada Security Scientific Symposium . 2016 .

FOVINO I N , CARCANO A , MUREL T D L , et al . Modbus/DNP3 state-based intrusion detection system [J ] . Advanced Information Networking and Applications , 2010 : 729 - 736 .

YANG D Y , USYNIN A , HINES J W . Anomaly-based intrusion detection for SCADA systems [J ] . International Atomic Energy Agency (IAEA),Technical Meeting on Cyber Security,Idaho , 2016 .

TSANG C H , KWONG S . Multi-agent intrusion detection system in industrial network using ant colony clustering approach and unsupervised feature extraction [M ] . 2016 .

NSS E , FRINCKE D A , MCKINNON A D , et al . Configurable Middleware-Level Intrusion Detection for Embedded Systems [C ] // International Workshop on Security in Distributed Computing Systems . IEEE Computer Society , 2015 : 144 - 151 .

罗新强 . 低开销工业无线网络安全机制研究 [D ] . 北京:北京科技大学 , 2015 .

LUO X Q . Research on Low-Cost Security Mechanism of Industrial Wireless Network [D ] . Beijing:University of Science and Technology Beijing , 2015 .

MOREIRA N , MOLINA E , LÁZARO J , et al . Cyber-security in substation automation systems [J ] . Renewable ＆ Sustainable Energy Reviews , 2016 , 54 : 1552 - 1562 .

BINOD V , DIMITRIOS M , HUSSEIN T M . Authentication and Authorization Mechanisms for Substation Automation in Smart Grid Network [J ] . IEEE Network , 2013 ( 1 ): 5 - 11 .

TSANG P P , SMITH S W . YASIR:a low-latency,high-integrity security retrofit for legacy SCADA systems [C ] // The 23rd International Axiomatic Security Conference . Springer US , 2008 : 445 - 459 .

SOLOMAKHIN R , TSANG P , SMITH S . High security with low latency in legacy SCADA systems [J ] . Advances in Information ＆Communication Technology , 2010 , 342 : 63 - 79 .

WEI D , LU Y , JAFARI M , et al . Protecting smart grid automation systems against cyberattacks [J ] . IEEE Transactions on Smart Grid , 2011 , 2 ( 4 ): 782 - 795 .

PREMNATH A P , JO J Y , KIM Y . Application of NTRU cryptographic algorithm for SCADA security [C ] // International Conference on Information Technology . 2014 : 341 - 346 .

PATEL S C , BHATT G D , GRAHAM J H . Improving the cyber security of SCADA communication networks [J ] . Communications of the ACM , 2009 , 52 ( 7 ): 139 - 142 .

SABALIAUSKAITE G , MATHUR A P . Design of intelligent checkers to enhance the security and safety of cyber physical systems [C ] // The 38th Annual International Computers,Software and Applications Conference Workshops , 2014 : 7 - 12 .

HAO J P , PIECHOCKI R J , KALESHI D , et al . Sparse malicious false data injection attacks and defense mechanisms in smart grids [J ] . IEEE Transactions on Industrial Informatics , 2015 , 11 ( 5 ): 1198 - 1209 .

辛耀中 , 石俊杰 , 周京阳 , 等 . 智能电网调度控制系统现状与技术展望 [J ] . 电力系统自动化 , 2015 , 39 ( 1 ): 2 - 8 .

XIN Y Z , SHI J J , ZHOU J Y , et al . Technology development trends of smart grid dispatching and control systems [J ] . Automation of Electric Power Systems , 2015 , 39 ( 1 ): 2 - 8 .

陈来军 , 梅生伟 , 陈颖 . 智能电网信息安全及其对电力系统生存性的影响 [J ] . 控制理论与应用 , 2012 , 29 ( 2 ): 240 - 244 .

CHEN L J , MEI S W , CHEN Y . Smart grid information security and its influence on power system survivability [J ] . Control Theory ＆ Applications , 2012 , 29 ( 2 ): 240 - 244 .

曾鸣 , 李红林 , 薛松 , 等 . 系统安全背景下未来智能电网建设关键技术发展方向—印度大停电事故深层次原因分析及对中国电力工业的启示 [J ] . 中国电机工程学报 , 2012 , 32 ( 25 ): 175 - 181 .

ZENG M , LI H L , XUE S , et al . Key technologies of future smart grid construction based on power system security:a view of blackout in India and experience and enlightment to power industry in China [J ] . Proceedings of the CSEE , 2012 , 32 ( 25 ): 175 - 181 .

丁冠军 , 樊邦奎 , 兰海滨 , 等 . 智能电网信息安全威胁及防御策略研究 [J ] . 电力信息与通信技术 , 2014 , 12 ( 5 ): 58 - 63 .

DING G J , FAN B K , LAN H B , et al . Research on information security threats and defense strategies for smart grid [J ] . Electric Power ICT , 2014 , 12 ( 5 ): 58 - 63 .

刘雪艳 , 张强 , 李战明 . 智能电网信息安全研究综述 [J ] . 智能电网 , 2014 , 12 ( 4 ): 56 - 60 .

LIU X Y , ZHANG Q , LI Z M . A Survey on information security for smart grid [J ] . Electric Power ICT , 2014 , 12 ( 4 ): 56 - 60 .

张海鹏 . 智能电网信息安全威胁及防御技术研究 [D ] . 石家庄：河北科技大学 , 2014 .

ZHANG H P . Smart grid information security threats and defense technology research [D ] . Shijiazhuang:Hebei University of Science and Technology , 2014 .

LU Z , LU X , WANG W , et al . Review and evaluation of security threats on the communication networks in the smart grid [C ] // Proceedings of IEEE Military Communications Conference,San Jose . 2010 . 1830 - 1835 .

LI H , MAO R , LAI L , et al . Compressed meter reading for delay-sensitive and secure load report in smart grid [C ] // Proceedings of the 1st IEEE International Conference on Smart Grid Communications,Gaithersburg . 2010 : 114 - 119 .

RIAL A , DANEZIS G . Privacy-preserving smart metering [C ] // In:Proceedings of the 10th Annual ACM Workshop on Privacy in the Electronic Society . 2011 : 49 - 60 .

RUJ S , NAYAK A . A decentralized security framework for data aggregation and access control in smart grids [J ] . IEEE Trans Ind Electron , 2013 , 4 : 196 - 205

ROTTONDI C , VERTICALE G , CAPONE A . Privacy-preserving smart metering with multiple data consumers [J ] . Computer Network , 2013 , 57 : 1699 - 1713

BIRMAN K , JELASITY M , KLEINBERG R , et al . Building a secure and privacy-preserving smart grid [J ] . ACM Special Interest Group Operating Syst Rev , 2015 , 49 : 131 - 136

LI H , LAI L , QIU R C . Communication capacity requirement for reliable and secure state estimation in smart grid [C ] // Proceedings of the 1st IEEE International Conference on Smart Grid Communications,Gaithersburg . 2010 : 191 - 196

张彤 . 电力可信网络体系及关键技术的研究 [D ] . 北京:华北电力大学 , 2013 .

ZHANG T . Research on theory and key technologies of trustednetwork in electric power industry control system [D ] . Beijing:North China Electric Power University , 2013 .

詹静 , 杨静 . 基于远程证明的可信 Modbus/TCP 协议研究 [J ] . 四川大学学报(工程科学版) , 2017 , 49 ( 1 ): 197 - 205 .

ZHAN J , YANG J . Research on remote attestation-based trusted Modbus/TCP protocol [J ] . Advanced Engineering Sciences , 2017 , 49 ( 1 ): 197 - 205 .

邵诚 , 钟梁高 . 一种基于可信计算的工业控制系统信息安全解决方案 [J ] . 信息与控制 , 2015 , 44 ( 5 ): 628 - 633 .

SHAO C , ZHONG L G . Research of information security solutions of industrial control system based on trusted computing [J ] . Information and Control , 2015 , 44 ( 5 ): 628 - 633 .

袁勇 , 王飞跃 . 区块链技术发展现状与展望 [J ] . 自动化学报 , 2016 , 42 ( 4 ): 481 - 494 .

YUAN Y , WANG F Y . Blockchain:the state of the art and future trends [J ] . Acta Automatica Sinica , 2016 , 42 ( 4 ): 481 - 494 .

浏览量

2325

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

工业互联网流量分析技术综述

室内定位隐私保护综述

无线隐蔽通信容量限与实现技术综述

信息安全领域内实体共指消解技术研究

基于混沌理论的彩色QR编码水印技术研究