Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Industrial control network situation assessment method

A situation assessment, industrial control network technology, applied in the direction of instruments, character and pattern recognition, electrical components, etc., can solve the wrong decision of enterprise managers, the attack is not easy to be detected, the lack of system hardware, operating software and application software protocol specification standards, etc. problem, to achieve the effect of accurate security situation and improve accuracy rate

Active Publication Date: 2019-07-05
CHONGQING UNIV OF POSTS & TELECOMM
View PDF5 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The main disadvantages are as follows: 1) Due to the large number of equipment vendors in ICS, there is a lack of unified system hardware, operating software, application software, and protocol specification standards, resulting in its own vulnerability in ICS configuration
2) The widely used Modbus TCP protocol in this system lacks authentication and authorization mechanisms, and the data is transmitted in plain text. It is only possible to protect the data collected at the field device layer through the security gateway in the network, while the traditional security protection methods mainly It is a filtering technology based on the packet format matching of the communication protocol. This rule configuration method is difficult to intercept the attacks of many malicious attackers, such as constructing packets that conform to the protocol specifications to attack
3) In the field device layer, the value of the device register is easily tampered by the attacker, but the data packet format still conforms to the protocol specification. This attack is not easy to be detected, which makes the enterprise manager make wrong decisions
In the face of endless unknown network attack methods, it is impossible to block all attacks outside the defense through traditional intrusion detection systems, industrial firewalls, white lists and other passive security defense methods

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Industrial control network situation assessment method
  • Industrial control network situation assessment method
  • Industrial control network situation assessment method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] The present invention will be described in detail below in conjunction with accompanying drawing and specific embodiment:

[0038] The present invention aims at the Modbus TCP protocol characteristic in the industrial control system, according to the controller command interval, the controller gain, the controller cycle time increment, the controller gain increment, the address of the slave station, the data packet cycle check code, the data length, The function code, command or response, and the transmission direction of the data packet are used to construct the eigenvector based on the system state characteristics such as the communication behavior frequency, and the industrial control network situation assessment model based on the improved multi-class support vector machine is established. Use the normal state and various typical attack states to establish a situation value correspondence table, substitute the situation value in this situation table into the support ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an industrial control network situation assessment method. The related industrial control network equipment comprises a security gateway, a programmable logic controller, fieldsensor equipment, a security management platform and an engineer station, the method comprises the following steps that: S1: an engineer station configures and operates an industrial control system,PLCs (Programmable Logic Controller) in each area identify controlled equipment connected with IO (Input / Output) modules of the PLCs, and match an information list of the controlled equipment to forma periodic communication mode of a master station and a slave station; S2, the PLC feeds data information back to the security gateway in real time; a data packet deep analysis system of the securitygateway extracts data characteristics, removes redundant attribute characteristics, and only leaves characteristics related to a system behavior mode, including data characteristics based on a communication protocol, state information of a programmable logic controller, industrial control network system state information and network flow characteristics; and S3, the industrial control network situation assessment model carries out situation assessment on the system and forms an assessment result.

Description

technical field [0001] The invention relates to the technical field of industrial control systems, in particular to an industrial control network situation assessment method. Background technique [0002] Due to the widespread use of common software, hardware and network facilities in industrial control systems, as well as the integration with enterprise management information systems, industrial control systems have become more and more open, and data exchange has occurred with enterprise intranets and even with the Internet. That is to say, the relative closeness of the industrial control system in the physical environment and the specificity of the software and hardware of the industrial control system will be broken. It will be possible to obtain more detailed information about the relevant industrial control system through the Internet or the intranet, and then In addition, the security awareness of enterprises operating industrial control systems is generally poor, whi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06G06K9/62
CPCH04L63/1441G06F18/214
Inventor 王浩杜蛟倪思甜汤梅王平
Owner CHONGQING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com