Industrial control network security protection method and system

Abstract

The invention discloses an industrial control network security protection method and an industrial control network security protection system. The method comprises the following steps that: aiming at an external network attack, a front host performs first layer data filter and access control on external network data; a security control host caches data through a common storage region, performs intrusion detection on the data, timely alarms illegal data and informs hosts on two sides; a rear host performs deep filter and access control on the data and causes the legal data to enter an internal network; aiming at an internal network attack, the rear host performs the first data filter and access control on internal network data; the security control host caches the data through the common storage region, performs the intrusion detection on the data, timely alarms the illegal data and informs the hosts on the two sides; and the front host performs the deep filter and access control on the data and causes the legal data to enter an external network. By the method and the system, the network security level of an industrial control system is increased, and the cost on investment, system transformation and management is reduced.

Description

technical field [0001] The invention relates to an industrial control network security protection method and system, belonging to the field of industrial control networks. Background technique [0002] The industrial control system is responsible for the continuous control of the production equipment, which has uninterrupted high reliability requirements and undelayed high real-time requirements. At present, computers and communication equipment in industrial control systems are mostly protected by anti-virus technology and network security technology of IT systems. However, many online and cloud scanning and killing technologies will affect the stability of the system. Antivirus program upgrades and software patches may cause system restarts, which are not suitable for continuous production processes. [0003] Communication in the industrial field includes various forms such as IP network, public wired or wireless network, wireless sensor network, power carrier network, fi...

AI Technical Summary

Problems solved by technology

[0007] The hardware security gatekeeper product of Canadian Tofino company is an active defense technology based on serial hardware protection, but it only supports the communication of the standard Ethernet interface, and cannot access other communication networks, and it cannot effectively defend against internal attacks at the bottom of the control system; The security protection network product of the American Industrial Defender company is a passive defense technology based on online monitoring, but the various monitoring equipment is relatively complicated, and the requirements for the software virus database are relatively high

Domestic technical products in this field are mostly based on IT protection technology, which cannot meet the requirements of industrial control networks

Images