摘要
针对工业控制系统使用的OPC(Object Linking and Embedding for Process Control)通信协议的安全防护,通过分析OPC客户机和服务器之间的网络流,用截获的网络帧说明如何开放动态生成的TCP连接会话、如何识别同步读写帧,怎样对数据读写操作过滤;强调指出,这种传统的防火墙保护模式,仍可能存在利用暴露的密码攻击、假冒应用要求恶意增加访问次数破坏控制系统运行、借助不明信息流渗透攻击的隐患,为此给出一个防火墙多端口分区保护纵深防御的方案。
Aiming at the security issues of the OPC( Object Linking and Embedding for Process Control) communication protocol in industrial communication networks,through the analysis of frames on traffic between cient and server of OPC,it describes how to open dynamically generated TCP session,how to identify synchronized read and write frames based on OPC protocol,and how to filter read and write requests. It also points out the security risks posed by implementing traditional firewalls,such as facing threats due to leaked passwords,interruption in the operation of control systems by malware which disguises as an application and maliciously increases data access,and facing threats due to penetration of unknown frames on traffic,etc. To address these security threats,this paper provides a solution by creating zones of protection for multports firewall.
作者
傅一帆
霍玉鲜
刘金
姜洪朝
Fu Yifa n;Huo Yuxia n;Lin Jin;Jiang Hongzliao(The 6th Research Institute of China Electronics Corporation,Beijing 102209, China)
出处
《微型机与应用》
2017年第21期1-3,7,共4页
Microcomputer & Its Applications
基金
工业和信息化部"智能制造综合标准化与新模式应用"
核高基重大专项(2017ZX01030202)
关键词
防火墙
OPC
工业控制网络
信息安全
firewall
OPC
industrial communication networlcs
information security
