工控网络安全控制器的研究与设计

发布时间：2018-04-24 19:58

本文选题：工控网络 + TCP/IP　；参考：《太原科技大学》2017年硕士论文

【摘要】：随着时代的发展,信息技术被广泛应用于石油、化工、电力等众多领域,但是由于工业控制系统运行环境和平台的相对独立,其安全性也往往被人们忽视。近年来,伴随着企业信息化发展,管理和控制网络更加深入的融合,平台也愈加开放,信息技术在为传统工业控制系统优化升级提供重要支撑的同时也带来了诸多问题,蠕虫、木马、黑客攻击等网络威胁对工业控制系统的冲击愈演愈烈,新一代病毒入侵生产控制系统已经成为威胁生产运营平稳发展的重大安全隐患。在这种环境下,本文针对工业控制系统信息传输网络中信息泄露、信息被篡改和非法信息入侵等问题,提出了一种可用于工业控制各个终端信息点之间信息传输的安全控制器,即工业控制网络安全控制器。首先,阐明了国内外在工业控制网络中存在的安全问题,分析了本工业控制网络安全控制器开发对当前社会的实际意义。列举了市场上已有的工业控制网络安全技术及产品,接着阐述了现有运用比较广泛的加密算法。其次,此控制器选用了TCP/IP协议作为数据传输的基本协议,在数据传输的拆包和封装过程中运用混合密码算法对数据进行加解密。着重对TCP/IP各层协议,尤其是网络层的IP协议,传输层的TCP、UDP协议以及数据传输过程中拆包和复用进行了详细分析。再次,详细阐述了该控制器的设计,包括硬件设计、软件设计方案以及软件的开发和调试过程,并用C语言实现。设计了适用于此工控网络安全控制器的密码算法,介绍了混合密码算法所用到的AES密码算法和RC4密码算法,重点对混合密码算法的算法模型、加解密过程进行了描述,对其安全性能和运算性能作了分析。最后,对控制器进行了算法性能测试和设备性能测试,结果表明该工控网络安全控制器取得了很好的预期效果。
[Abstract]:With the development of the times, information technology is widely used in many fields, such as petroleum, chemical industry, electric power and so on. However, because of the relative independence of the operating environment and platform of industrial control system, its security is often ignored by people. In recent years, with the development of enterprise information, management and control network more in-depth integration, the platform has become more open, information technology has provided important support for the traditional industrial control system optimization and upgrading, but also brought a lot of problems, worms, The impact of network threats such as Trojan horse and hacker attack on industrial control system is increasingly fierce. The new generation of virus intrusion production control system has become a major security hidden danger threatening the smooth development of production and operation. In this environment, aiming at the problems of information leakage, information tampering and illegal information intrusion in the information transmission network of industrial control system, this paper proposes a security controller which can be used to transmit information between different information points of industrial control terminal. Industrial control network security controller. Firstly, the security problems existing in the industrial control network at home and abroad are expounded, and the practical significance of the development of the industrial control network security controller for the current society is analyzed. This paper enumerates the existing industrial control network security technologies and products in the market, and then expounds the existing encryption algorithms which are widely used. Secondly, the controller selects TCP/IP protocol as the basic protocol of data transmission, and uses the mixed cipher algorithm to encrypt and decrypt the data in the process of data packet unpacking and encapsulation. The TCP/IP protocols, especially the IP protocol in the network layer, the TCP / UDP protocol in the transport layer, and the packet unpacking and multiplexing in the process of data transmission are analyzed in detail. Thirdly, the design of the controller is described in detail, including hardware design, software design, software development and debugging process, which is implemented in C language. This paper designs a cryptographic algorithm suitable for this industrial control network security controller, introduces the AES cipher algorithm and RC4 cipher algorithm used in the hybrid cipher algorithm, and emphatically describes the algorithm model of the hybrid cipher algorithm and the process of encryption and decryption. The security performance and computational performance are analyzed. Finally, the algorithm performance test and the equipment performance test of the controller are carried out, and the results show that the industrial control network security controller has achieved good expected results.
【学位授予单位】：太原科技大学
【学位级别】：硕士
【学位授予年份】：2017
【分类号】：TP273

【参考文献】