摘要
针对控制系统功能安全和信息安全两类安全属性整合问题,提出了Safe-Sec网络模型。该模型利用纵深防御策略兼顾功能安全和信息安全,能有效对抗针对控制网络的蓄意攻击。针对经典功能安全方法无法对抗攻击的问题,提出了Safe-Sec安全通信方法。该方法在保障功能安全的前提下,大大提高了对抗蓄意攻击(如人为伪装攻击、重放攻击、数据篡改攻击等)的能力。最后对该方法的有效性和时间开销进行了分析。Safe-Sec通信方法满足了控制系统安全通信对功能安全和信息安全的需求。
Aiming at the integration issue for two types of security attributes of functional safety and information security,the Safe-Sec network model is proposed.By utilizing the strategy of defense in depth,the functional safety and information security are both taken into account by the system ; the deliberate attacks against to the control network can be effectively confronted.For the attacks that unable confronted by conventional functional safety methods,the Safe-Sec safety communication method is proposed.Under the premise of ensuring functional safety,the capability of fighting deliberate attacks,such as disguised attacks,replay attacks,and data tampering attacks,etc.,is greatly improved.The analysis on effectiveness and time overhead of this method is given.The Safe-Sec communication method satisfies the demands for functional safety and information security of safety communication of control systems.
出处
《自动化仪表》
CAS
北大核心
2013年第11期30-33,38,共5页
Process Automation Instrumentation
基金
国家863计划基金资助项目(编号:2013AA040301)
国家自然科学基金资助项目(编号:61004068)
关键词
功能安全
信息安全
安全通信
控制系统
工业以太网
Functional safety
Information security
Safety communication
Control system
Industrial Ethernet