摘要: |
近年来,针对工控系统的攻击越来越多,工业控制系统应用大多涉及国计民生,其安全问题不容忽视。我国工控系统中现场PLC、终端、RTU等控制设备大部分使用国外的控制组件,对于未知的逻辑炸弹和后门基本没有安全防护能力。为此,本文以拟态技术为基础,提出了一种通用的拟态安全处理机架构,采用基于状态保存的两步清洗技术和高可靠判决策略,使得符合该架构规范的应用程序均能借助拟态处理架构防护操作系统、处理机和外围器件可能出现已知或未知的后门/漏洞,最后的仿真验证结果验证了该系统可以有效地抵御多种类型的攻击。 |
关键词: 拟态安全 工业控制 处理机 清洗和判决方法 |
DOI:10.19363/j.cnki.cn10-1380/tn.2017.01.005 |
Received:September 04, 2016Revised:September 25, 2016 |
基金项目:本课题得到上海市科研计划项目工业控制拟态安全处理器原型验证(14DZ1104800);5G大规模协作无线传输关键技术研发(2014AA01A704);网络空间拟态安全异构冗余机制研究(No.61572520);网络空间拟态防御基础理论研究(No.61521003);国家自然科学基金面上项目(61572520)资助。 |
|
Architecture of Mimic Security Processor for Industry Control System |
WEI Shuai,YU Hong,GU Zeyu,ZHANG Xingming |
National Digital Switching System Engineering & Technological R & D Center, Zhengzhou 450002, China |
Abstract: |
Over the last years, attacks targeting ICSs, most of which largely concern national welfare and the people's livelihood, are prevailing and should not be neglected. In our country, the vital pieces in ICSs such as PLCs, terminals, RTUs and so on mostly come from abroad. Without independency or control over these pieces, we cannot achieve protection against unknown logic bombs or backdoors. Based on Mimic Technology, this paper presents a new general architecture of mimic security processor. This processor uses status-based two-step cleanout method and high-reliable arbitration method. APPs that conform to this architecture can protect the operating system, the processor and other modules from known or unknown backdoors/vulnerabilities. The simulations at the end prove mimic security processor can defend multi types of attacks. |
Key words: Mimic security industry control processor cleanout and arbitration method |