English | 中文

手机二维码
 
【打印本页】      【下载PDF全文】   查看/发表评论  下载PDF阅读器  关闭
←前一篇|后一篇→ 过刊浏览    高级检索
本文已被:浏览 48次   下载 43 本文二维码信息
码上扫一扫!
PLC攻防关键技术研究进展
徐震,周晓军,王利明,陈泽龙,陈凯,闫振博,张伟,陈聪
分享到: 微信 更多
(中国科学信息工程研究所信息安全重点实验室 北京 中国 100093;中国科学信息工程研究所信息安全重点实验室 北京 中国 100093;中国科学院大学 网络空间安全学院 北京 中国 100049)
摘要:
震网病毒爆发之后,工控系统开始逐渐成为攻击者的主要攻击目标之一。随着对工业控制系统不断的不断了解,攻击者的攻击手段日益复杂化,攻击手段更加复杂,应用技术更加先进,攻击手法更加多样。PLC作为工业控制系统中重要的基础性控制设备,其面临的信息安全问题值得重视。论文从攻防的角度,首先对PLC的基本结构和工作原理进行了深入剖析,分析其脆弱性;然后对PLC攻击技术进行了分类,并详细分析了各类攻击技术的攻击原理;对国内外PLC安全防护技术领域的研究进行了概括性的总结和归纳;最后给出了PLC信息安全的未来研究趋势及展望。
关键词:  PLC攻击  PLC安全  工业控制系统  工控系统安全  工控系统攻击  控制系统攻击  设备攻击
DOI:10.19363/J.cnki.cn10-1380/tn.2019.05.04
投稿时间:2018-01-02修订日期:2018-03-22
基金项目:本课题得到(1)天基资源网络化服务体系构建与在轨验证课题6:天基信息安全共享与服务机制研究的支持,No.ZDRW-KT-2016-02-06;(2)北京市科学技术委员会(Beijing Municipal Science&Technology Commission)的课题“国家关键基础设施安全监管平台核心技术研究(Research on Core Technologies of national key infrastructure security super-vision platform)”,No.Z161100002616032;(3)国家重点研发计划基金资助项目(China National Key R&D Program)No.2016QY06X1205的资助。
Recent Advances in PLC Attack and Protection Technology
XU Zhen,ZHOU Xiaojun,WANG Liming,CHEN Zelong,CHEN Kai,YAN Zhenbo,ZHANG Wei,CHEN Cong
State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China
Abstract:
After the outbreak of Stuxnet, Industrial Control System (ICS) began to become one of the targets of attack. With the continuous understanding of the industrial control system, attackers are more sophisticated, using complex means and more advanced technology, to launch various attack. As an important basic control equipment in industrial control system, PLC (Programmable Logic Controller) information security issues are worthy of attention. From the perspective of both the attacker and defender, the paper first analyzes the basic architecture and working principle of the PLC and points out its vulnerabilities, then classifies the PLC attack, and analyzes the attack principle of all kinds of attack technology thoroughly; it gives a general summary of PLC information security research progress at home and abroad. Finally, future research trend and prospects for PLC information security are presented.
Key words:  PLC attack  PLC security  Industrial Control System  Industrial Control System Security  Industrial Control System attack  Control System attack  Device attack