| 引用本文: |
-
孙越,游建舟,宋站威,黄文军,陈曦,孙利民.基于杀伤链模型的PLC安全分析[J].信息安全学报,已采用 [点击复制]
- SunYue,YouJianzhou,SongZhanwei,HuangWenjun,ChenXi,SunLimin.A Cyber Kill Chain Based Analysis of PLC Security[J].Journal of Cyber Security,Accept [点击复制]
|
|
| 摘要: |
| 可编程逻辑控制器(Programmable Logic Controller,PLC)是现代工业控制系统的核心组件,其安全问题与工控系统关键业务的正常运行紧密关联。由于PLC之间系统架构和网络通信等方面的差异性,缺乏标准化的架构与流程来剖析PLC面临的安全问题。杀伤链模型广泛应用于用于描述攻击者入侵行为,本文基于杀伤链模型对PLC安全技术进行分析总结,旨在便于相关研究人员了解此领域最新进展,也为工控安全从业人员提供技术参考。本文首先对PLC基本架构、工作原理和通信协议等进行详细阐述;然后结合杀伤链模型对各类PLC攻击和防御技术进行分类,并对其技术原理进行深入分析;最后本文讨论了未来PLC安全研究趋势。 |
| 关键词: PLC安全 杀伤链模型 工控系统安全 PLC攻击技术 PLC防御技术 PLC取证技术 |
| DOI:10.19363/J.cnki.cn10-1380/tn.2023.06.01 |
| 投稿时间:2020-09-24修订日期:2021-01-29 |
| 基金项目: |
|
| A Cyber Kill Chain Based Analysis of PLC Security |
|
|
|
| Abstract: |
| Programmable Logic Controller(PLC) is the core component of modern industrial control system, and its security is closely related to the crucial processes in industrial control systems. The differences in system architecture and communication protocol of PLCs lead to the deficiencies in standard framework and procedure for the security analysis. The Cyber Kill Chain model has been well-established for representing the behaviour of intruders. Based on the Cyber Kill Chain model, we present an overview of PLC security to facilitate researchers to understand the latest advances, and provide technical reference for cyber security practitioners. Firstly we elaborates on the basic architecture, operation mechanism and communication protocols of PLC. Then referring to the Cyber Kill Chain model, we conduct a detailed classification on various PLC attack and defence technologies, and make in-depth analysis on the technology details. Finally we discuss about the research trend on PLC security issues. |
| Key words: PLC security Cyber Kill Chain model Industrial Control System Security PLC attack technology PLC defense technology PLC forensics technology |
