本文已被:浏览 2329次 下载 1102次
投稿时间:2016-09-17 修订日期:2016-12-23
投稿时间:2016-09-17 修订日期:2016-12-23
中文摘要: 由于工业控制系统(industrial control system,ICS)系统中的通信协议在设计之初很少考虑安全性,传统的ICS网络专用协议很容易遭到来自TCP/IP网络的远程攻击。本文通过增加可信硬件,结合远程证明方法设计了一种新的可信Modbus/TCP通信协议,提高使用专用通信协议的ICS网络安全性。修改了ICS网络中现场设备和控制设备中原有Modbus/TCP通信栈以达到双向认证的目的。利用远程证明方法基于白名单对Modbus/TCP客户机、服务器双方身份和安全状态信息进行认证。这些信息的更新由在线的证明服务器维护并推送给现场设备以减轻通信负担。协议数据通过2种方式受到保护:一是,通信过程中的消息认证密钥由可信硬件保护,只有拥有可信硬件绑定密钥的合法设备才能解密,保证通信数据无法在不被发现的情况下被篡改;二是,加密协议的敏感操作信息的密钥也受到可信硬件的保护。目前,还没有其他公开文献将可信组件引入Modbus/TCP通信环境中以保证其安全性。提出的可信Modbus/TCP协议具备完整性、可认证性、新鲜性和机密性4个安全属性。协议由HLPSL语言描述,使用SPAN工具验证,未发现可被攻击者利用的入侵路径。协议性能消耗最大的是认证子协议密码相关功能,但该消耗仅存在于首次通信前和周期性验证失败后。若采用针对ICS环境优化后的专用可信硬件,替代本文使用的通用可信硬件,相关开销将大幅降低。因协议字段的增加造成通信开销较小,仅为μs级。提出的可信Modbus/TCP协议能够满足ICS正常业务性能要求,既能防范非法通信实体,又能防范原本合法但因系统被篡改后不再可信的通信实体对协议通信发起的攻击。
中文关键词: 通信安全 安全协议 工业控制系统 Modbus/TCP 远程证明
Abstract:Due to the lack of security design,vulnerabilities of traditional Industrial Control Networks (ICS) protocols can be easily exploited remotely from TCP/IP network.In this paper,a novel security enhanced Modbus/TCP protocol called trusted Modbus/TCP was proposed for ICS network based on remote attestation and trusted hardwares.For bidirectional authentication,the proposed protocol modified the original Modbus/TCP communication stack of both field devices and control devices in ICS.Based on a white list,the identities of communication devices and the information of security status were attested.Updates of these information were maintained by an on-line attestation sever,and lately pushed to the field devices in order to reduce its burden.The protocol data were protected in two ways.Firstly,all data couldn't be tampered without knowing by legal devices who had the authenticating key protected by trusted hardwares;secondly,sensitive Modbus/TCP operation data was encrypted under the protection of trusted hardwares.To the authors' best knowledge,there is as yet no paper in the open literature that introduced trusted components into Modbus/TCP network to secure the communication between ICS devices.The trusted Modbus/TCP protocol was described with the HLPSL language.The four security properties, including integrity,authenticity,confidentiality and the freshness of protocol data,were verified with the SPAN tools without finding intruding path.The most time-consuming cryptographic operations for authentication were used only when establishing the communication session or after previous authentication failed.Moreover,the time cost could be reduced rapidly after adopting the latest dedicated trusted hardware for the ICS,compared to the experiments using current Trusted Platform Module (TPM).The overheads of increased protocol packet size compared to the original protocol were μs-level.In conclusion,the trusted Modbus/TCP proposed is practical for the ICS,since it could not only protect protocol data transferred on Modbus/TCP network from illegal entities,but also protect the data from legal entities whose system was tampered.
keywords: communication security secure protocol industrial control system Modbus/TCP remote attestation
文章编号:201601026 中图分类号: 文献标志码:
基金项目:国家高技术研究发展计划资助项目(2015AA016002);高等学校博士学科点专项科研基金资助项目(20131103120001);国家重点研发计划资助项目(2016YFB0800204)
| 作者 | 单位 |
| 詹静 | 北京工业大学 计算机学院, 北京 100124 可信计算北京市重点实验室, 北京 100124 信息安全等级保护关键技术国家工程实验室, 北京 100124 |
| 杨静 | 北京工业大学 计算机学院, 北京 100124 |
作者简介:
引用文本:
詹静,杨静.基于远程证明的可信Modbus/TCP协议研究[J].工程科学与技术,2017,49(1):197-205.
ZHAN Jing,YANG Jing.Research on Remote Attestation-based Trusted Modbus/TCP Protocol[J].Advanced Engineering Sciences,2017,49(1):197-205.
引用文本:
詹静,杨静.基于远程证明的可信Modbus/TCP协议研究[J].工程科学与技术,2017,49(1):197-205.
ZHAN Jing,YANG Jing.Research on Remote Attestation-based Trusted Modbus/TCP Protocol[J].Advanced Engineering Sciences,2017,49(1):197-205.