Industrial control system communication encryption method and device, electronic equipment and storage medium

Abstract

The embodiment of the invention discloses an industrial control system communication encryption method and device, electronic equipment and a storage medium, relates to the technical field of industrial control security, and can effectively solve the communication security problem in an industrial control system. The method comprises the following steps: capturing industrial control flow sent by an industrial control upper computer, and releasing non-industrial control flow; encrypting the industrial control flow based on a preset encryption algorithm, and forwarding the encrypted industrial control flow to a hardware decryption device; enabling the hardware decryption device to decrypt the received industrial control flow based on a decryption algorithm corresponding to a preset encryption algorithm; enabling the hardware decryption device to analyze the decrypted industrial control flow and judges whether the decrypted industrial control flow is an important operation instruction ornot: if yes, executing and forwarding interception operation to the industrial control upper computer for confirmation; if the operation instruction is not the important operation instruction, forwarding the operation instruction to the PLC, wherein the important operation instruction comprises downloading, erasing or restarting.

Description

technical field [0001] The invention relates to the technical field of industrial security, in particular to a communication encryption method, device, electronic equipment and storage medium of an industrial control system. Background technique [0002] At present, the communication data between the upper computer (including engineer station, operator station or OPC server) and the programmable logic controller (PLC) in the industrial control network is transmitted in plain text. Once the attacker breaks through the peripheral network and enters the intranet environment , these data are very easy to intercept and leak, and malicious operations such as replay and tampering can be performed on the data link. The plaintext transmission of the industrial control protocol has a serious impact on the safe operation of the industrial control system. At this stage, there is a lack of data transmission and encryption solutions for the industrial control system; There are also a smal...

AI Technical Summary

Problems solved by technology

[0002] At present, the communication data between the upper computer (including engineer station, operator station or OPC server) and the programmable logic controller (PLC) in the industrial control network is transmitted in plain text. Once the attacker breaks through the peripheral network and enters the intranet environment , these data are very easy to intercept and leak, and malicious operations such as replay and tampering can be performed on the data link. The plaintext transmission of the industrial control protocol has a serious impact on the safe operation of the industrial control system. At this stage, there is a lack of data transmission and encryption solutions for the industrial control system; There are also a small number of simple protection methods such as IP address filtering to address this security issue.

None of the above methods fundamentally solve the security problem of data in the communication process

Images