摘要
国产化可编程逻辑控制器(Programmable Logic Controller,PLC)系统的通信安全问题是保障工业数据安全采集与传输的关键,而OPC统一架构(OPC UA)在国产PLC系统中的应用十分广泛,其中的身份认证环节对于保证信息只被合法授权用户获取和访问起着重要作用,建立强有力的身份认证机制成为系统安全的核心问题。设计了一种基于双向身份认证的认证方式,对基本安全模型进行了优化,在国产化PLC系统中应用,加强了用户信息保密、防止重放攻击、防止冒充等安全性能,同时还可以提供详细的审计记录以备使用,提高了整个国产化PLC系统的安全性。
Communication security of domestic PLC system is the key to ensure the legal and accurate collection and transmission of industrial data.OPC UA is widely used in domestic PLC system.The authentication link plays an important role in ensuring that information is only accessed by legitimate authorized users.So establishing a strong identity authentication mechanism has become the core issue of system security.The paper designs an authentication method based on two8way identity authentication,optimizes the basic security model,and applies it in the localized PLC system,which strengthens the security of user information,prevents replay attacks,and prevents impersonation.At the same time,it can also provide detailed audit records for user,which improves the safety of the whole localized PLC system.
作者
赵悦琪
闵晓霜
Zhao Yueqi;Min Xiaoshuang(The 6th Research Institute of China Electronics Corporation,Beijing 102209,China)
出处
《信息技术与网络安全》
2018年第12期58-61,共4页
Information Technology and Network Security
基金
核高基重大专项(2017ZX01030-202)
