Dynamic defense method of industrial control network with endogenous security

An industrial control network and dynamic defense technology, which is applied in the direction of program control, general control system, control/regulation system, etc., can solve the problems of data legality, insufficient integrity verification, lack of change, and defense effect to be improved, etc., to achieve improved The effect of security defense performance, avoiding security risks, and easy promotion and implementation

Active Publication Date: 2019-04-02
COMP APPL RES INST CHINA ACAD OF ENG PHYSICS
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, the control network itself is still an open system. The specific manifestations are: open communication protocols, data transmission in plain text, insufficient data legality and integrity verification, and lack of identity authentication and access control between control devices. Internet attacks are difficult to be effective, and the defense strategies adopted are mainly traditional passive defense based on prior knowledge, lack of changes, and the defense effect needs to be improved

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Dynamic defense method of industrial control network with endogenous security
  • Dynamic defense method of industrial control network with endogenous security
  • Dynamic defense method of industrial control network with endogenous security

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0057] The present invention will be further described in detail below in conjunction with the accompanying drawings, so that those skilled in the art can implement it with reference to the description.

[0058] It should be understood that terms such as "having", "comprising" and "including" as used herein do not entail the presence or addition of one or more other elements or combinations thereof.

[0059] According to the implementation form of an endogenously secure industrial control network dynamic defense method of the present invention, the present invention will be further described in conjunction with the following six examples.

[0060] In Example 1, combined with figure 1 The security message format is given. Specifically, the security message is defined on the basis of the TCP / IP message 101, and the "authentication password" 103, "time stamp" 104, "time stamp" 104, " Additional information such as "summary" 105 and "fragment identification" 106 forms a new data...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an intrinsically secure industrial control network's dynamic defense method. The method comprises the step of carrying out IP message reconstruction in the network transport layer through the encryption algorithm for dynamic reconfiguration and in combination with the dynamic changes of the keys and passwords so as to establish an intrinsically secure and special data transmission channel among the node devices. The present invention provides an intrinsically secure industrial control network's dynamic defense method, which aims to solve the problems existing in a traditional industrial control network's defense system, and based on the open Ethernet communication links, a multi-mode, dynamic, and transparent secure and special transmission channel is created, which can effectively blocks illegal and unauthorized accesses from the internet and the man-in-the-middle attacks and repetitive attacks, changes passive defense into active defense, and turns boundary security into intrinsic security. The invention further proposes a data transmission method applied to the intrinsically secure industrial control network's dynamic defense method.

Description

technical field [0001] The invention relates to a dynamic defense method for an industrial control network facing the field of industrial control security. More specifically, the present invention relates to a specific method for establishing a multi-mode, dynamic and transparent secure dedicated data transmission channel between industrial control devices. Background technique [0002] With the deep integration of informatization and industrialization and the introduction and development of "Industry 4.0", "Intelligent Manufacturing", and "Internet +", the industrial control network is no longer a closed "island", but needs to be deeply integrated with the Internet and the Internet of Things , for the control network whose security is very fragile, it will inevitably bring huge security risks. [0003] Traditional security defense measures can only adopt the defense-in-depth technology based on partition isolation when facing specific problems such as high real-time and re...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCG05B19/054G05B2219/1103
Inventor 员天佑倪志高杨永辉姚导箭周小伟刘金安宝冉
Owner COMP APPL RES INST CHINA ACAD OF ENG PHYSICS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products