Unlock instant, AI-driven research and patent intelligence for your innovation.

A Modbus communication access control method based on self-learning rules

An access control and self-learning technology, applied in the direction of comprehensive factory control, comprehensive factory control, electrical program control, etc., can solve the problems of lack of Modbus protocol data packet in-depth analysis technology, automatic generation of access control rules for inability to communicate data, etc. Reduce the possibility of rule misoperation, save time, and improve efficiency

Active Publication Date: 2017-11-28
SHENYANG INST OF AUTOMATION - CHINESE ACAD OF SCI
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] However, in industrial control systems, the Modbus protocol is an application layer protocol. The existing access control methods based on Netfilter / iptables can only complete the matching of the key fields of the network layer and the transport layer of the data packet, and lack data for the Modbus protocol. Packet in-depth analysis technology, unable to realize in-depth analysis and detection of Modbus application data
At the same time, the existing access control rules are only entered manually, and access control rules cannot be automatically generated based on the communication data captured in the network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Modbus communication access control method based on self-learning rules
  • A Modbus communication access control method based on self-learning rules
  • A Modbus communication access control method based on self-learning rules

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] The present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments.

[0040] In order to ensure the safety of Modbus communication in the industrial control system and prevent malicious attacks or misoperations of the Modbus slave station by the Modbus master station, the present invention provides a Modbus communication access control method based on self-learning rules. see figure 1 , shows the basic model of a Modbus communication access control method based on self-learning rules in the present invention. The method of the present invention can be implemented on the communication gateway between the Modbus master station and the Modbus slave station, by capturing the data communicated between the Modbus master station and the Modbus slave station, matching the Modbus access control rules, and realizing the detection and verification of the Modbus master station accessing the Modbus slave station control. T...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a Modbus communication access control method based on self-learning rules. The method is based on the Netfilter / iptables technical framework, adopts the data packet deep analysis technology to realize the deep analysis of the Modbus communication protocol in the industrial control system, and completes the Modbus master station Access control of data communication with Modbus slave station; works on Modbus TCP / IP network, supports two transmission protocols of TCP and UDP; has self-learning rule function, realizes Modbus access control by setting self-learning time and self-learning threshold Automatic generation of rules. The invention can detect and prevent abnormal behavior in the Modbus communication process, and guarantee the reliability and safety of the industrial control system.

Description

technical field [0001] The invention relates to an access control method for Modbus communication, which can detect and prevent abnormal requests initiated by a Modbus master station to a Modbus slave station, and belongs to the field of industrial control network security. Background technique [0002] With the continuous integration of informatization and industrialization, information network technology has been widely used in industrial control systems. However, most of the existing industrial control systems do not consider network security factors. The explosive dissemination of information on such aspects has made it easier to implement information and network security attacks on industrial control systems, and the information security problems of industrial control systems have become increasingly severe. [0003] Access control technology is a method to achieve security between different networks or network security domains. It can enhance the security of internal n...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06G05B19/418
CPCY02P90/02
Inventor 万明尚文利曾鹏赵剑明刘贤达张华良
Owner SHENYANG INST OF AUTOMATION - CHINESE ACAD OF SCI