摘要
由于PLC控制系统有别于传统的计算机网络系统,传统的病毒检测、网络入侵检测技术无法有效检测PLC控制系统攻击。设计一种非介入式的PLC控制系统入侵检测方法,采用以太网数据监听与现场控制网数据监听技术相结合的方法,通过PLC控制系统输入输出业务信息一致性检测,实现PLC恶意代码篡改数据攻击检测,通过业务规则检测实现违反业务约束的恶意控制指令检测。完成了PLC控制系统入侵检测系统开发,测试表明系统可以有效检测PLC系统的恶意代码攻击和恶意控制指令攻击。
Because PLC control systems are different from the traditional computer network systems,the traditional virus detection technology and network intrusion detection technology fail to effectively detect the attacks to PLC control system.In view of the above,a non⁃intrusive intrusion detection method for PLC control system is designed,which adopts the method combining the Ethernet data monitoring and field control network data monitoring technologies to realize the detection of malicious code tampering data attack to PLC by the consistency detection of input and output business information of PLC control system,and implement the detection of malicious control instructions violating business constraints by business rule detection.The intrusion detection system for PLC control system has been developed.The testing results show that the system can effectively detect malicious codes and malicious control commands that attack the PLC control system.
作者
陈志文
张伟燕
苏靖峰
员天佑
郭照新
CHEN Zhiwen;ZHANG Weiyan;SU Jingfeng;YUN Tianyou;GUO Zhaoxin(Institute of Computer Application,China Academy of Engineering Physics,Mianyang 621900,China)
出处
《现代电子技术》
北大核心
2020年第1期72-75,共4页
Modern Electronics Technique
基金
国防基础科研计划资助项目(JCKY2016212C005)
国家重点研发计划项目(2016YFB08002)
