Unlock instant, AI-driven research and patent intelligence for your innovation.

Vulnerability detection method and device for industrial control system

A vulnerability detection and industrial control system technology, applied in transmission systems, electrical components, etc., can solve problems affecting the normal operation of industrial control equipment

Pending Publication Date: 2020-12-15
北京顶象技术有限公司
View PDF4 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In view of this, the object of the present invention is to provide a method and device for detecting loopholes in industrial control systems, so as to alleviate the technical problems in the prior art that affect the normal operation of industrial control equipment when detecting loopholes in industrial control systems

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Vulnerability detection method and device for industrial control system
  • Vulnerability detection method and device for industrial control system
  • Vulnerability detection method and device for industrial control system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0032] According to an embodiment of the present invention, an embodiment of a vulnerability detection method for an industrial control system is provided. It should be noted that the steps shown in the flow chart of the accompanying drawings can be executed in a computer system such as a set of computer-executable instructions, Also, although a logical order is shown in the flowcharts, in some cases the steps shown or described may be performed in an order different from that shown or described herein.

[0033] figure 1 It is a flowchart of a vulnerability detection method for an industrial control system according to an embodiment of the present invention, such as figure 1 As shown, the method includes the following steps:

[0034] Step S102, obtaining the IP network segment and network protocol list of the industrial control network to be detected;

[0035] It should be noted that the above IP network segment may include one IP, multiple IPs, or the entire IP network segm...

Embodiment 2

[0064] The embodiment of the present invention also provides a loophole detection device for an industrial control system, the loophole detection device for the industrial control system is used to implement the loophole detection method for the industrial control system provided in the above-mentioned content of the embodiment of the present invention, the following is provided by the embodiment of the present invention The specific introduction of the vulnerability detection device of the industrial control system.

[0065] Such as Figure 4 as shown, Figure 4 It is a schematic diagram of the above-mentioned vulnerability detection device of the industrial control system, and the vulnerability detection device of the industrial control system includes: an acquisition unit 10 , an execution unit 20 , an extraction unit 30 and a determination unit 40 .

[0066] The obtaining unit 10 is used to obtain the IP network segment and network protocol list of the industrial control ...

Embodiment 3

[0077] An embodiment of the present invention also provides an electronic device, including a memory and a processor, the memory is used to store a program that supports the processor to execute the method described in the first embodiment above, and the processor is configured to execute the program stored in memory.

[0078] see Figure 5 , the embodiment of the present invention also provides an electronic device 100, including: a processor 50, a memory 51, a bus 52 and a communication interface 53, the processor 50, the communication interface 53 and the memory 51 are connected through the bus 52; Executable modules, such as computer programs, stored in the execution memory 51 .

[0079] Wherein, the memory 51 may include a high-speed random access memory (RAM, Random Access Memory), and may also include a non-volatile memory (non-volatile memory), such as at least one disk memory. The communication connection between the system network element and at least one other net...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a vulnerability detection method and device for an industrial control system, and relates to the technical field of equipment security. The method comprises the steps of obtaining an IP network segment and a network protocol list of a to-be-detected industrial control network; sending a compliance detection packet to the industrial control equipment corresponding to each IPin the IP network segment based on the network protocol list, and obtaining a compliance data packet fed back by the industrial control equipment corresponding to each IP based on the compliance detection packet; extracting identity information of the industrial control equipment corresponding to each IP by utilizing the industrial control equipment fingerprint database and the compliance data packet; and based on the identity information of the industrial control equipment corresponding to each IP, the vulnerability detection rule matching database and the vulnerability database, determiningvulnerability information of the industrial control equipment corresponding to each IP, thereby solving the technical problem that normal operation of the industrial control equipment is influenced when vulnerability detection is performed on the industrial control system in the prior art.

Description

technical field [0001] The invention relates to the technical field of equipment security, in particular to a method and device for detecting loopholes in an industrial control system. Background technique [0002] The new infrastructure is an accelerator for the further in-depth digital operation of government and enterprise businesses. With the gradual integration of informatization and industrialization, the informatization of industrial control systems is getting higher and higher. The widespread use of general-purpose software, hardware, and network facilities has broken the original "isolation protection" of traditional industrial control systems. While continuously promoting the development of the Industrial Internet, the security problems faced by traditional IT networks have gradually penetrated into the Industrial Internet. However, compared with traditional IT networks, the characteristics of the Industrial Internet are more complex. Not only does it involve more ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1433
Inventor 王锐畅董阳陈树华
Owner 北京顶象技术有限公司