Multi-protocol industrial communication safety gateway and communication method with gateway applied

Abstract

The invention relates to a multi-protocol industrial communication safety gateway and a communication method with the gateway applied. In the data communication process, a source gateway encrypts data through a secret key management mechanism module and a VPN encryption and decryption module and then sends the data to a target gateway. The target gateway decrypts the data through the VPN encryption and decryption module, and provides safe detection and control service for data communication through a safety domain safety protection module; if the data are safe, secret key decryption is carried out on application layer data, the types of the application layer data are judged, an application management safety module is used for management if the application layer data are application management data, and an application layer message detecting and filtering module is called for detecting and filtering messages if the application layer data are application layer messages. The mode of combination of the VPN encryption and decryption, the secret key encryption and decryption, and the application layer message detecting and filtering is adopted for communication safety assurance; the safety domain safety protection and the application safety management are adopted for gateway application safety assurance.

Description

technical field [0001] The invention relates to a security gateway product, in particular to a multi-protocol industrial communication security gateway and a communication method using the gateway. Background technique [0002] The data exchange between general industrial control networks requires industrial communication gateways to convert. Since industrial control network data communication involves a variety of industrial communication protocols, industrial control gateways pay more attention to protocol data conversion. Most of the existing general gateways only target one protocol. Therefore, it cannot be directly applied to the industrial control network. Moreover, the security protection of the existing gateway is relatively weak, which cannot guarantee the communication security of the industrial control network. Contents of the invention [0003] In order to solve the above problems, the present invention provides a communication security gateway that can suppor...

AI Technical Summary

Problems solved by technology

[0002] The data exchange between general industrial control networks requires industrial communication gateways to convert. Since industrial control network data communication involves a variety of industrial communication protocols, industrial control gateways pay more attention to protocol data conversion. Most of the existing general gateways only target one protocol. Therefore, it cannot be directly applied to the industrial control network

Moreover, the security protection of the existing gateway is relatively weak, which cannot guarantee the communication security of the industrial control network

Images