信息安全研究 ›› 2017, Vol. 3 ›› Issue (6): 560-567.
• 电子认证专辑 • 上一篇 下一篇
阎诗晨
收稿日期:
出版日期:
发布日期:
通讯作者:
作者简介:
Received:
Online:
Published:
摘要: 随着网络技术在分布式控制系统(distributed numerical control, DNC)中的使用与普及,传统的DNC系统面临越来越严峻的信息安全问题.为了深入分析网络化DNC系统的通信安全风险隐患,提出利用靶场技术构建DNC高逼真半实物平台的方法,分析DNC系统内的工业通信协议和文件传输协议及其安全性,特别得出了等时同步协议、DHCP和SSHv2面对的安全风险.基于安全性分析,提出相应的DNC系统安全防护建议,为现实网络化制造系统的安全防护提供借鉴.
关键词: 网络信息安全, 分布式数控, 网络化数控靶场, 协议安全分析, DNC系统安全防护
Abstract: Widely available, lowcost Internet Protocol (IP) devices are now replacing specialized proprietary control protocols in Distributed Numerical Control (DNC) system, which increases the possibility of cyber security vulnerabilities and incidents. In order to analyze the security of protocol in DNC system, in this paper, a cyber range technique for building DNC system is proposed. The potential risks against DNC system are then revealed based on the security analysis on the acquired boundary protocol. Respective to the risks, the boundary protection policies are formulated at last, suggesting the protection measures taken for real manufacturing industry.
Key words: network information security, distributed numerical control, numerical control cyber range, analysis of protocol security, DNC system security
阎诗晨. 基于靶场技术的DNC网络安全分析[J]. 信息安全研究, 2017, 3(6): 560-567.
0 / / 推荐
导出引用管理器 EndNote|Ris|BibTeX
链接本文: http://www.sicris.cn/CN/
http://www.sicris.cn/CN/Y2017/V3/I6/560
