TPM-based Modbus/TCP security enhancement method

A protocol and security technology, applied in the field of industrial control, can solve problems such as server impersonation and key theft

Active Publication Date: 2016-06-29
BEIJING UNIV OF TECH
View PDF5 Cites 27 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In the existing security solutions, the problem of security authentication in communication has no...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • TPM-based Modbus/TCP security enhancement method
  • TPM-based Modbus/TCP security enhancement method
  • TPM-based Modbus/TCP security enhancement method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0075] Any change in key information such as operating system key kernel modules and industrial control configuration software in a trusted device will change the trusted measurement value, that is, a change in device status information.

[0076] In order to make those skilled in the art better understand the present invention, the present invention will be further described below in conjunction with the accompanying drawings.

[0077] The trusted Modbus / TCP protocol format is shown in Table 1

[0078] Table 1: Trusted Modbus / TCP Formats

[0079]

[0080] MBAP: Header for Modbus / TCP.

[0081] HashAlgorithm: 1 byte, the hash algorithm is selected according to the computing capability of the device, and the two parties negotiate on the hash algorithm that can be used. The devices on both sides of the communication store the hash algorithm table. If this field is 1, it means SHA-1 is used, and if it is 2, MD5 is used.

[0082] HashItem: This item has a different number of byt...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a trusted platform module (TPM) based Modbus/TCP security enhancement method, and belongs to the industrial control field and the technical field of information. Security of an industrial control system concerns national security. In the existing security scheme, a problem of communication security certificate is not solved radically, and problems that a server is pseudo and secrete keys are stolen exist. According to the TPM-based Modbus/TCP security enhancement method, the idea of trusted computing is introduced, a TPM is added in a device, an identity authentication key of the TPM ensures that the identity of the device is trusted, and measurement information of an operating system and configuration software of the device ensures that the state of the device is trusted. With the participation of a trusted server, identity and state authentication of double parties is completed. Hash Item is added in a protocol format, so that the completeness of a message is ensured. TPM bound keys and authentication data PCR ensure the security of a key Kms in a generation process, and HMAC and the key Kms ensure the identity authentication of the double parties in a communication process.

Description

technical field [0001] The invention belongs to the field of industrial control and the field of information technology, and relates to a safety enhancement method of the communication protocol Modbus / TCP commonly used in industrial control systems. Background technique [0002] Industrial control systems are widely used in key national infrastructure fields such as electric power, chemical industry, oil and gas exploration, and transportation. Therefore, the security of industrial control systems is related to national security. In recent years, with the rapid development of industrial Ethernet technology, Internet technologies such as TCP / IP have been introduced into industrial control systems. While introducing the security threat of TCP / IP technology into the industrial control system, it destroys the closedness of the industrial control system. Exposing vulnerabilities in the design and implementation of widely used proprietary protocols in industrial control systems t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L9/14H04L9/30H04L9/32H04L12/26G06F21/44G06F21/57
CPCG06F21/445G06F21/57H04L9/14H04L9/30H04L9/3247H04L43/10H04L63/083H04L63/101
Inventor 杨静詹静吴欢陶政
Owner BEIJING UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap