An industrial Ethernet communication data encryption transparent transmission module

Abstract

The invention discloses an industrial Ethernet communication data encryption transparent transmission module which is used for being connected between a communication node and a communication network and performing encryption and decryption on communication data. The industrial Ethernet communication data encryption transparent transmission module comprises an ARM (Advanced RISC Machine) processor, a power management module and an encryption algorithm storage chip; the power management module is connected with a power end of the ARM processor; an encryption rule is gated through the ARM processor during electrification; the encryption rule which is set before the power failure is stored after the power failure of the ARM processor; the encryption algorithm storage chip is connected with a storage extension end of the ARM processor; multiple encryption algorithm modules are integrated in the encryption algorithm storage chip; two Ethernet interfaces and a standard serial port are formed in the ARM processor, wherein one of the two Ethernet interfaces serves as a plain code data interface which is used for connecting with the communication node, the other Ethernet interface serves as an encrypted data interface which is connected with the communication network, and the standard serial port is connected with a configuration computer which is used for configuring the encryption rule for the encryption transparent transmission module. According to the industrial Ethernet communication data encryption transparent transmission module, the safe high-speed transmission of network signals can be implemented.

Description

technical field [0001] The invention belongs to the technical field of industrial control information security, in particular to an industrial Ethernet communication data encryption transparent transmission module. Background technique [0002] Due to its good openness, cheap price, high efficiency, and ease of use, Ethernet communication is an ideal way for information sharing and exchange, and it has developed vigorously in the field of industrial control in recent years. However, there are some security flaws in the existing TCP / IP protocol: the industrial Ethernet communication process usually follows the standard Ethernet protocol, and the format of the user's data area in the protocol packet is fixed, such as the position and length range, and the general user data is not encrypted. It is easy to be monitored and hijacked, the TCP / IP service is fragile, and the security policy is lacking. It is easy to intercept user data and obtain user information by using network p...

AI Technical Summary

Problems solved by technology

However, there are some security flaws in the existing TCP / IP protocol: the industrial Ethernet communication process usually follows the standard Ethernet protocol, and the format of the user's data area in the protocol packet is fixed, such as the position and length range, and the general user data is not encrypted. It is easy to be monitored and hijacked, the vulnerability of TCP / IP services, and the lack of security policies

The data communication network of the industrial control system is based on the computer network. The TCP / IP-based network itself does not consider security issues. Even if it is isolated from the Internet, it cannot prevent internal attacks. The security threat of the data communication network still exists.

At the same time, conventional information encryption technologies such as DES, AES, RAS, etc. are often complicated to use and inefficient, and it is difficult to meet the needs of high-speed real-time transmission of large amounts of data in modern industrial control systems.

Images