Industrial control firewall implementation method supporting extensible protocol detection

A technology for extending protocols and implementation methods, applied in digital transmission systems, electrical components, transmission systems, etc., can solve problems such as high cost of gateway upgrades, failure of gateway manufacturers to obtain detailed information on communication protocols, limited industrial protocols, etc., to achieve configuration Flexible and Simple Effects

Inactive Publication Date: 2015-12-09
北京威努特技术有限公司
View PDF6 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] 1. The industrial protocols supported by the built-in gateway are limited. When the built-in protocol of the gateway cannot meet the demand, it is necessary to contact the gateway manufacturer to upgrade the equipment;
[0006] 2. Considering the confidentiality of the communication

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Industrial control firewall implementation method supporting extensible protocol detection
  • Industrial control firewall implementation method supporting extensible protocol detection

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] Embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings. Such as figure 1 Shown, the present invention comprises the following steps:

[0028] (1) message processing flow;

[0029] (11) First, judge whether the message needs to be detected according to the user-specified transport layer protocol, IP address, TCP / UDP port number, and the fingerprint feature of the message; the fingerprint feature of the message means that the message is different from Unique characteristics of other messages;

[0030] (12) Secondly, for the message that needs to be detected, the corresponding content is extracted by the user's configuration method;

[0031] (13) Finally, compare the extracted content with the legal value of the user's configuration, and make corresponding actions according to the user's configuration;

[0032] (2) Configuration rules; configuration rules are divided into three parts: feature configuration, ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an industrial control firewall implementation method supporting extensible protocol detection. The method is characterized in that safety services can be maintained during protocol upgrading by extending of a safety gateway detection protocol through configuration of a user and defining of protocol features and a detection position through a configuration file. The method has the advantages that 1, hot switch can be realized through configuration, and safety detection services do not need to be stopped during upgrading; and 2, configuration is flexible and simple, and the protocol upgrading does not depend on any gateway equipment manufacturer.

Description

technical field [0001] The invention relates to an implementation method of an industrial control firewall supporting extensible protocol detection, and belongs to the technical field of industrial control network security protection. Background technique [0002] At present, the industrial control system network is a network composed of industrial automation production equipment. Unlike the IT network, the industrial control network has a proprietary communication protocol and communication mechanism. According to the characteristics of the industrial control network, Winnut Technology Co., Ltd. proposes a "white environment" solution, that is, "only trusted devices can access the control network; only trusted messages can be transmitted on the network; only trusted The software is allowed to be executed". In addition to the well-known industrial control protocols, such as Modbus and IEC-104, there are many industrial control protocols that are private or even confidential...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/24
CPCH04L63/02H04L41/0803H04L63/0227H04L63/0263
Inventor 韩延鹏冯全宝郭立龙龙国东黄敏赵宇
Owner 北京威努特技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap