Industrial firewall without industrial protocol (IP) distributed type depth check arithmetic based on industrial protocol object linking and embedding for process control (OPC) classic

Abstract

The invention relates to an industrial firewall without industrial protocol (IP) distributed type depth check arithmetic based on industrial protocol object linking and embedding for process control (OPC) classic. An industrial firewall is arranged on an advanced position of a protected device, and network information is not needed to be configurated in advance. Installation, management and configuration of the firewall are simplified. At the same time, the industrial firewall without IP is designed to be arranged on an edge of industry network, handled flow is less, network delay is short, and instantaneity is good.

Description

technical field [0001] The invention belongs to the field of network technology, and in particular relates to an IP-free distributed industrial firewall depth inspection algorithm based on the industrial protocol OPC Classic. Background technique [0002] With the development of IP-based industrial equipment, the importance of network security has become increasingly prominent in industrial networks. The current industrial network is mainly protected by traditional IT firewalls. Such IT firewalls are generally deployed at network entrances, such as between switches. It is used to centrally filter all network traffic, and it is difficult to precisely control the delay caused by it. At the same time, in industrial networks, communication protocols such as OPC and Modbus have been widely used. These protocols are in the application layer of the ISO network architecture. In order to meet the requirements of industrial security, it is necessary to perform operations such as conne...

AI Technical Summary

Problems solved by technology

[0002] With the development of IP-based industrial equipment, the importance of network security has become increasingly prominent in industrial networks. The current industrial network is mainly protected by traditional IT firewalls. Such IT firewalls are generally deployed at network entrances, such as between switches. It is used to centrally filter all network traffic, and it is difficult to precisely control the delay caused by it

At the same time, in industrial networks, communication protocols such as OPC and Modbus have been widely used. These protocols are in the application layer of the ISO network architecture. In order to meet the requirements of industrial security, it is necessary to perform operations such as connection tracking and format checking on network packets. However, Traditional IT firewalls do not carry out in-depth security detection and protection against the characteristics of industrial communication protocols, and cannot effectively protect industrial equipment. Moreover, it is necessary to consider the existing network topology and configure IP, routing and other information during installation, which greatly increases deployment configuration management. The complexity of traditional IT firewalls cannot meet the needs of industrial network security, and cannot realize in-depth inspection of industrial protocols

Images