• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

使用可信平台模块的自动化和监控与数据采集系统的加密注意事项。

Cryptographic Considerations for Automation and SCADA Systems Using Trusted Platform Modules.

机构信息

Department of Automation and Applied Informatics, Faculty of Automation and Computers, University Politehnica Timisoara, 300223 Timisoara, Romania.

出版信息

Sensors (Basel). 2019 Sep 27;19(19):4191. doi: 10.3390/s19194191.

DOI:10.3390/s19194191
PMID:31569636
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC6806326/
Abstract

The increased number of cyber threats against the Supervisory Control and Data Acquisition (SCADA) and automation systems in the Industrial-Internet-of-Things (IIoT) and Industry 4.0 era has raised concerns in respect to the importance of securing critical infrastructures and manufacturing plants. The evolution towards interconnection and interoperability has expanded the vulnerabilities of these systems, especially in the context of the widely spread legacy standard protocols, by exposing the data to the outside network. After gaining access to the system data by launching a variety of attacks, an intruder can cause severe damage to the industrial process in place. Hence, this paper attempts to respond to the security issue caused by legacy structures using insecure communication protocols (e.g., Modbus TCP, DNP3, S7), presenting a different perspective focused on the capabilities of a trusted platform module (TPM). Furthermore, the intent is to assure the authenticity of the data transmitted between two entities on the same (horizontal interoperation) or different (vertical interoperation) hierarchical levels communicating through Modbus TCP protocol based on functionalities obtained by integrating trusted platform modules. From the experimental results perspective, the paper aims to show the advantages of integrating TPMs in automation/SCADA systems in terms of security. Two methods are proposed in order to assure the authenticity of the messages which are transmitted, respectively the study presents the measurements related to the increased time latency introduced due to the proposed concept.

摘要

随着工业物联网 (IIoT) 和工业 4.0 时代对监控和数据采集 (SCADA) 和自动化系统的网络威胁日益增加,人们越来越关注保护关键基础设施和制造工厂的重要性。向互联和互操作性的发展扩大了这些系统的漏洞,特别是在广泛传播的传统标准协议的背景下,因为这些协议将数据暴露在外部网络中。入侵者通过发起各种攻击获取系统数据后,就可以对现有工业流程造成严重破坏。因此,本文试图通过使用不可信的通信协议(如 Modbus TCP、DNP3、S7)来解决遗留结构引起的安全问题,提出了一种不同的观点,重点关注可信平台模块 (TPM) 的功能。此外,目的是确保通过 Modbus TCP 协议进行通信的同一(水平互操作)或不同(垂直互操作)层次结构的两个实体之间传输的数据的真实性,基于通过集成可信平台模块获得的功能。从实验结果的角度来看,本文旨在展示在自动化/SCADA 系统中集成 TPM 的优势,特别是在安全性方面。提出了两种方法来确保传输消息的真实性,分别研究了由于所提出的概念而引入的增加的时间延迟的相关测量。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/827a/6806326/a4d4da6c686c/sensors-19-04191-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/827a/6806326/e8ddb69d8652/sensors-19-04191-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/827a/6806326/fde9b64b8b51/sensors-19-04191-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/827a/6806326/22119c562254/sensors-19-04191-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/827a/6806326/2941d7dd6ca8/sensors-19-04191-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/827a/6806326/2ca35e168f1a/sensors-19-04191-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/827a/6806326/a4d4da6c686c/sensors-19-04191-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/827a/6806326/e8ddb69d8652/sensors-19-04191-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/827a/6806326/fde9b64b8b51/sensors-19-04191-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/827a/6806326/22119c562254/sensors-19-04191-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/827a/6806326/2941d7dd6ca8/sensors-19-04191-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/827a/6806326/2ca35e168f1a/sensors-19-04191-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/827a/6806326/a4d4da6c686c/sensors-19-04191-g006.jpg

相似文献

1
Cryptographic Considerations for Automation and SCADA Systems Using Trusted Platform Modules.使用可信平台模块的自动化和监控与数据采集系统的加密注意事项。
Sensors (Basel). 2019 Sep 27;19(19):4191. doi: 10.3390/s19194191.
2
Elliptic Curve Cryptography Considerations for Securing Automation and SCADA Systems.椭圆曲线密码学在保障自动化和监控系统安全中的考虑因素。
Sensors (Basel). 2023 Mar 1;23(5):2686. doi: 10.3390/s23052686.
3
TTAS: Trusted Token Authentication Service of Securing SCADA Network in Energy Management System for Industrial Internet of Things.TTAS:工业物联网能源管理系统中保障SCADA网络安全的可信令牌认证服务
Sensors (Basel). 2021 Apr 11;21(8):2685. doi: 10.3390/s21082685.
4
A Role-Based Access Control Model in Modbus SCADA Systems. A Centralized Model Approach.基于角色的访问控制模型在 Modbus SCADA 系统中的应用。一种集中式模型方法。
Sensors (Basel). 2019 Oct 14;19(20):4455. doi: 10.3390/s19204455.
5
Design and Development of Layered Security: Future Enhancements and Directions in Transmission.分层安全的设计与开发:传输方面的未来增强与方向
Sensors (Basel). 2016 Jan 6;16(1):37. doi: 10.3390/s16010037.
6
Toward an Applied Cyber Security Solution in IoT-Based Smart Grids: An Intrusion Detection System Approach.迈向基于物联网的智能电网中的应用网络安全解决方案:入侵检测系统方法。
Sensors (Basel). 2019 Nov 14;19(22):4952. doi: 10.3390/s19224952.
7
A Secure, Intelligent, and Smart-Sensing Approach for Industrial System Automation and Transmission over Unsecured Wireless Networks.一种用于工业系统自动化以及在不安全无线网络上传输的安全、智能且具备智能传感的方法。
Sensors (Basel). 2016 Mar 3;16(3):322. doi: 10.3390/s16030322.
8
Automatic Hybrid Access Control in SCADA-Enabled IIoT Networks Using Machine Learning.基于机器学习的 SCADA 增强型工业物联网网络中的自动混合访问控制。
Sensors (Basel). 2023 Apr 12;23(8):3931. doi: 10.3390/s23083931.
9
Multi-Stage Learning Framework Using Convolutional Neural Network and Decision Tree-Based Classification for Detection of DDoS Pandemic Attacks in SDN-Based SCADA Systems.基于卷积神经网络和决策树分类的多阶段学习框架,用于检测基于软件定义网络的监控与数据采集系统中的分布式拒绝服务大规模攻击。
Sensors (Basel). 2024 Feb 5;24(3):1040. doi: 10.3390/s24031040.
10
Cyber security risk assessment for SCADA and DCS networks.针对SCADA和DCS网络的网络安全风险评估
ISA Trans. 2007 Oct;46(4):583-94. doi: 10.1016/j.isatra.2007.04.003. Epub 2007 Jul 10.

引用本文的文献

1
Elliptic Curve Cryptography Considerations for Securing Automation and SCADA Systems.椭圆曲线密码学在保障自动化和监控系统安全中的考虑因素。
Sensors (Basel). 2023 Mar 1;23(5):2686. doi: 10.3390/s23052686.
2
TTAS: Trusted Token Authentication Service of Securing SCADA Network in Energy Management System for Industrial Internet of Things.TTAS:工业物联网能源管理系统中保障SCADA网络安全的可信令牌认证服务
Sensors (Basel). 2021 Apr 11;21(8):2685. doi: 10.3390/s21082685.
3
Approaching OPC UA Publish-Subscribe in the Context of UDP-Based Multi-Channel Communication and Image Transmission.

本文引用的文献

1
Smart Industrial IoT Monitoring and Control System Based on UAV and Cloud Computing Applied to a Concrete Plant.基于无人机和云计算的智能工业物联网监控与控制系统应用于混凝土搅拌站
Sensors (Basel). 2019 Jul 28;19(15):3316. doi: 10.3390/s19153316.
2
Extracting Value from Industrial Alarms and Events: A Data-Driven Approach Based on Exploratory Data Analysis.从工业警报和事件中提取价值:一种基于探索性数据分析的数据驱动方法。
Sensors (Basel). 2019 Jun 20;19(12):2772. doi: 10.3390/s19122772.
3
Infrastructure for Integration of Legacy Electrical Equipment into a Smart-Grid Using Wireless Sensor Networks.
在基于 UDP 的多通道通信和图像传输的上下文中探讨 OPC UA 发布-订阅。
Sensors (Basel). 2021 Feb 11;21(4):1296. doi: 10.3390/s21041296.
利用无线传感器网络将传统电气设备集成到智能电网中的基础设施。
Sensors (Basel). 2018 Apr 24;18(5):1312. doi: 10.3390/s18051312.