基于协议解析的工控网络安全仿真平台设计

工业控制网络的安全防护通常采用防火墙技术和多种复杂的应用层协议协同完成,但是未涉及应用层协议的深入分析。为了更好地保障工控网络数据访问的安全,结合工控网络报文定制性的特点,详细分析了基于应用层协议解析的安全防护策略。该方案在工业防火墙的基础上,通过对工控网络通信协议的报文深入解析,直接在报文层面解析过滤,从而拦截与功能实现无关的报文,并发现隐藏较深的威胁。以OPC协议为例,搭建了基于应用层协议深度解析的工控网络安全仿真测试平台,并利用石化企业现场设备的通信数据对该平台进行了验证。所提出的安防策略为工控网络安全设备的设计和制造提供了一种基于应用层协议解析的方案,具备较高级别的安全性能。

Design of Information Security Simulation Platform of Industrial Control Network Based on Protocol Analysis

In order to ensure the safety of industrial control network,many kinds of firewall technology are usually implemented.Although many complex application layer protocols are accomplished collaboratively,but,analysis in-depth of application layer protocols is not involved.To guarantee the security of data access in industrial control network,the security protection strategy based on application layer protocol parsing in detail is analyzed in this paper,which is based on the customization characteristics of transmission message of industrial control network.On the basis of traditional network firewall technology,this scheme can deeply analyze the transmission messages of industrial communication protocol and filter them directly at message level.Thus,it can intercept transmission messages that are not related with function realization,and discover hidden threats.Taking the OPC protocol as an example,a simulation platform is developed based on analyzing application layer protocol for the industrial control network security,and the platform is validated by using the real communication data of equipment in a petrochemical enterprise.The proposed security strategy provides a solution based on analyzing application layer protocol for manufacturing security equipment of industrial control network,which has a high level of security performance.