|
|||||
|
|
| 基于功能码深度检测的Modbus/TCP通信访问控制方法 | |
| 引用本文: | 万明,尚文利,曾鹏,赵剑明.基于功能码深度检测的Modbus/TCP通信访问控制方法[J].信息与控制,2016,45(2):248-256. |
| 作者姓名: | 万明 尚文利 曾鹏 赵剑明 |
| 作者单位: | 1. 中国科学院沈阳自动化研究所,辽宁 沈阳 110016; 2. 中国科学院网络化控制系统重点实验室,辽宁 沈阳 110016 |
| 基金项目: | 国家自然科学基金资助项目(61501447);中科院网络化控制系统重点实验室自主课题 |
| 摘 要: | 针对目前工业控制系统中Modbus/TCP通信协议面临的安全问题,提出了一种基于功能码深度检测的Modbus/TCP通信访问控制方法.该方法基于深度包解析DPI(deep packet inspection)技术,将Modbus/TCP通信数据按功能码分类进行深度解析,不仅实现了传统的功能码、 地址范围的检测,同时还实现了寄存器或线圈的域值检测.研究表明,通过采用“白名单”的访问控制模式,该方法能够有效地隔离非法的Modbus/TCP通信数据流,保障工控设备的安全性. |
| 关 键 词: | Modbus/TCP 访问控制 深度检测 功能码 |
| 收稿时间: | 2015-06-10 |
Modbus/TCP Communication Control Method Based on Deep Function Code Inspection |
|
| WAN Ming,SHANG Wenli,ZENG Peng,ZHAO Jianming.Modbus/TCP Communication Control Method Based on Deep Function Code Inspection[J].Information and Control,2016,45(2):248-256. | |
| Authors: | WAN Ming SHANG Wenli ZENG Peng ZHAO Jianming |
| Affiliation: | 1.Shenyang Institute of Automation, Chinese Academy of Sciences, Shenyang 110016, China; 2.Key Laboratory of Networked Control System, Chinese Academy of Sciences, Shenyang 110016, China |
| Abstract: | In order to resolve the security problem in Modbus/TCP protocol, we propose a Modbus/TCP communication control method based on deep function code inspection. By using the DPI (deep packet inspection) technology, the method deeply analyses the Modbus/TCP packets according to the different function codes. It can check not only the ordinary function codes and addresses, but also the values of registers or coils. In particular, our research results show that, by using the whitelist mode, the method can filter the malicious Modbus/TCP packets effectively, and can provide the security for the industry control devices. |
| Keywords: | Modbus/TCP communication control deep inspection function code |
| 点击此处可从《信息与控制》浏览原始摘要信息 | |
| 点击此处可从《信息与控制》下载全文 | |