CN
Volume 44 Issue 5
Oct.  2015
Turn off MathJax
Article Contents
Abstract
References
Related Articles
SHAO Cheng, ZHONG Lianggao. An Information Security Solution Scheme of Industrial Control System Based on Trusted Computing[J]. INFORMATION AND CONTROL, 2015, 44(5): 628-633,640. DOI: 10.13976/j.cnki.xk.2015.0628
Citation: SHAO Cheng, ZHONG Lianggao. An Information Security Solution Scheme of Industrial Control System Based on Trusted Computing[J]. INFORMATION AND CONTROL, 2015, 44(5): 628-633,640. DOI: 10.13976/j.cnki.xk.2015.0628
shu

An Information Security Solution Scheme of Industrial Control System Based on Trusted Computing

  • College of Control Science and Engineering, Dalian University of Technology, Dalian 116024, China

More Information
  • Received Date: April 06, 2015
  • Revised Date: June 29, 2015
  • Published Date: October 19, 2015
    Graphical Abstract
    • Abstract
  • An information security solution scheme of industrial control system based on trusted computing is proposed by taking into account the characteristics of information security of industrial control system and the technical features of existing defensive measures. By using the proposed linkage mechanism between the inside firewall of industrial control systems, the intrusion detection system and the trusted connection server, information interaction of network security devices is realized, which improves the overall defense capability of industrial control systems. Because of the protection pattern of trusted platform module based on hardware encryption, storage and control, the proposed solution overcomes the common shortcoming of the traditional pure software that is easily cracked, and this greatly increases security capacity of industrial control system. Finally, the trusted computing based information security solution for industrial control system is discussed by applying to the SCADA (supervisory control and data acquisition) system.
    • FullText(HTML)
    • References (13)
  • [1]
    彭勇, 江常青, 谢丰, 等. 工业控制系统信息安全研究进展[J]. 清华大学学报:自然科学版, 2012, 52(10):1396-1408. Peng Y, Jiang C Q, Xie F, et al. Industrial control system cybersecurity research[J]. Journal of Tsinghua University:Science and Technology, 2012, 52(10):1396-1408.
    [2]
    NSFOCUS Information Technology Co., Ltd. NSFOCUS industrial control system security situation report in 2014[EB/OL]. (2014-09-18)[2015-03-27]. http://www.nsfocus.com.cn/report/NSFOCUS_ICS_Security_Report_20140918.pdf.
    [3]
    杨建民, 杨凡. 基于Tofino防火墙技术实现工业网络隔离[J]. 计算机与网络, 2013(5):70-73. Yang J M, Yang F. Industrial control network isolation based on Tofino firewall[J]. Computer and Network, 2013(5):70-73.
    [4]
    Morris T, Vaughn R, Dandass Y, et al. A retrofit network intrusion detection system for modbus RTU and ASCII industrial control systems[C]//45th Hawaii International Conference on System Sciences. Piscataway, NJ, USA:IEEE, 2012:2338-2345.
    [5]
    于立业, 薛向荣, 张云贵, 等. 工业控制系统信息安全解决方案[J]. 冶金自动化, 2013, 37(1):5-11. Yu L Y, Xue X R, Zhang Y G, et al. Solutions of industrial control systems security[J]. Metallurgical Industry Automation, 2013, 37(1):5-11.
    [6]
    Siemens China. Defense in depth-multiple level protection[EB/OL]. (2014-08-26)[2015-04-27]. http://www.industry.siemens.com.cn/topics/cn/zh/industrial-security/concept/Pages/defense-in-depth.aspx?IsMobile=false.
    [7]
    Ralstona P A S, Grahamb J H, Hieb J L. Cyber security risk assessment for SCADA and DCS networks[J]. ISA Transactions, 2007, 46(4):583-594.
    [8]
    Knowles W, Prince D, Hutchison D, et al. A survey of cyber security management in industrial control systems[J]. International Journal of Critical Infrastructure Protection, 2015(9):52-80.
    [9]
    Symantec. Butterfly:Corporate spies out for financial gain, symantec security response[EB/OL]. (2015-07-09). http://www.symantec.com/zh/cn/security_response/publications/whitepapers.jsp.
    [10]
    Kallath D. Trust in trusted computing-the end of security as we know it[J]. Computer Fraud & Security, 2005, 2005(12):4-7.
    [11]
    Okhravi H, Nicol D M. Application of trusted network technology to industrial control networks[J]. International Journal of Critical Infrastructure Protection, 2009, 2(3):84-94.
    [12]
    Abdelmajid L, Ghizlane O, El Said H. Contextual security with IF-MAP[J]. International Journal of Security and Its Applications, 2014, 8(5):427-438.
    [13]
    Lee J, Bagheri B, Kao H. A cyber-physical systems architecture for industry 4.0-based manufacturing systems[J]. Manufacturing Letters, 2015, 2015(3):18-23.
    • Related Articles

  • Related Articles

    [1]LIN Yuyang, LI Zhongshen. Group Consensus Analysis on Second-order Multi-agent Systems Based on the Connected Bipartite Graph[J]. INFORMATION AND CONTROL, 2017, 46(1): 7-12. DOI: 10.13976/j.cnki.xk.2017.0007
    [2]WEI Yong, XU Tingxue, YU Renbo, GU Junyuan, CHEN Haijian. Credit in Supportability Qualitative Indexes Evaluation Based on Fuzzy Petri Net[J]. INFORMATION AND CONTROL, 2011, 40(1): 50-54,60.
    [3]ZHANG Guanglei. Distributed Parallel Filtering for Spatially Interconnected Systems[J]. INFORMATION AND CONTROL, 2010, 39(1): 36-41.
    [4]BIAN Yong-zhao, YU hai-bin, ZENG peng. A Heuristic Minimum Connected Dominating Set Algorithm for Wireless Sensor Network[J]. INFORMATION AND CONTROL, 2009, 38(3): 355-359,364.
    [5]LI Ping, WU Jia-ying, XUE Jing-ming. On Pairwise Key Establishment Protocol between Sensor Nodes Based on Trust Field Authentication[J]. INFORMATION AND CONTROL, 2008, 37(5): 513-518.
    [6]LIU Yong-min, JIANG Xin-hua. The Trustworthiness of Next Generation Internet[J]. INFORMATION AND CONTROL, 2008, 37(3): 352-357.
    [7]LIN Jian-ning, WU Hui-zhong. Research on a Trust Model Based on QoS Constraints[J]. INFORMATION AND CONTROL, 2007, 36(4): 427-433.
    [8]LIN Jian-ning, WU Hui-zhong. On Data-intensive Task Scheduling Algorithm in the Grid Environment Based on Trust Model[J]. INFORMATION AND CONTROL, 2006, 35(5): 667-672.
    [9]LI Yingtan. RESEARCH ON TRUSTWORTHINESS AND TRUSTWORTHY ALGORITHM OF AI[J]. INFORMATION AND CONTROL, 1999, 28(2): 86-92,97.
    [10]ZHOU Guanxiong, HE Zuozhi. AN ALGORITHM FOR CONNECTED COMPONENT LABELING BASED ON LINEAR QUADTREES[J]. INFORMATION AND CONTROL, 1988, 17(6): 19-25.

Catalog

    Get Citation
    PDF
    XML
    Article views (930) PDF downloads (979) Cited by()
    Related
    Links

    Copyright © Shenyang Institute of Automation, Chinese Academy of Sciences

    Address: No. 114, Nanta Street, Shenyang (110016)

    Tel:024-23970049

    E-mail: xk@sia.cn

    About Journal
    Journal Introduction
    Editorial Board
    Journals Included
    Journal Online
    Online First
    Current Issue
    Excellent Review
    Archive
    Top View
    Top Download
    Top Cited
    Author Center
    Author Submission
    Submission Guide
    Q&A
    Paper Template
    Download Center
    Academic Ethics
    Contact Us
    二维码

    Supported by: Beijing Renhe Information Technology Co., Ltd. Baidu Analytics

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return