Abstract:
In order to resolve the security problem in Modbus/TCP protocol, we propose a Modbus/TCP communication control method based on deep function code inspection. By using the DPI (deep packet inspection) technology, the method deeply analyses the Modbus/TCP packets according to the different function codes. It can check not only the ordinary function codes and addresses, but also the values of registers or coils. In particular, our research results show that, by using the whitelist mode, the method can filter the malicious Modbus/TCP packets effectively, and can provide the security for the industry control devices.