T. Honda, Yuki Shimazawa, T. Hamaguchi, Y. Hashimoto
{"title":"基于OPC UA的加密数据监控系统的开发","authors":"T. Honda, Yuki Shimazawa, T. Hamaguchi, Y. Hashimoto","doi":"10.1109/iiai-aai53430.2021.00129","DOIUrl":null,"url":null,"abstract":"Cyber-attacks on critical infrastructure have been on the rise. Therefore, cyber-security has become very important for Industrial Control Systems (ICS). For communication protocol in ICS networks, the Open Platform Communications Unified Architecture (OPC UA) communication protocol, which enables secure and platform-independent communications, is expected to be widely used. Beginning from OPC UA v1.04, which was released in 2021, Pub/Sub mode has been supported in addition to Client/Server. Because it can easily support much more communications than usual, it can support all use cases in the industrial sector. An important property of OPC UA is encryption. It is effective in protecting communication data from tampering and eavesdropping but also makes it impossible to monitor communications. In ICS, ill commands to controllers can cause dangerous situations. Even a secure communication protocol cannot guarantee that the data being communicated are safe. There are many types of machines, such as operating support systems and engineering workstations, that can send commands to controllers. They are implemented in common operating systems and may fall victim to a cyber-attack. Therefore, the commands to controllers should be monitored. We propose a monitoring system for encrypted data by OPC UA.","PeriodicalId":414070,"journal":{"name":"2021 10th International Congress on Advanced Applied Informatics (IIAI-AAI)","volume":"25 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Development of a monitoring system for encrypted data by OPC UA\",\"authors\":\"T. Honda, Yuki Shimazawa, T. Hamaguchi, Y. Hashimoto\",\"doi\":\"10.1109/iiai-aai53430.2021.00129\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cyber-attacks on critical infrastructure have been on the rise. Therefore, cyber-security has become very important for Industrial Control Systems (ICS). For communication protocol in ICS networks, the Open Platform Communications Unified Architecture (OPC UA) communication protocol, which enables secure and platform-independent communications, is expected to be widely used. Beginning from OPC UA v1.04, which was released in 2021, Pub/Sub mode has been supported in addition to Client/Server. Because it can easily support much more communications than usual, it can support all use cases in the industrial sector. An important property of OPC UA is encryption. It is effective in protecting communication data from tampering and eavesdropping but also makes it impossible to monitor communications. In ICS, ill commands to controllers can cause dangerous situations. Even a secure communication protocol cannot guarantee that the data being communicated are safe. There are many types of machines, such as operating support systems and engineering workstations, that can send commands to controllers. They are implemented in common operating systems and may fall victim to a cyber-attack. Therefore, the commands to controllers should be monitored. We propose a monitoring system for encrypted data by OPC UA.\",\"PeriodicalId\":414070,\"journal\":{\"name\":\"2021 10th International Congress on Advanced Applied Informatics (IIAI-AAI)\",\"volume\":\"25 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 10th International Congress on Advanced Applied Informatics (IIAI-AAI)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/iiai-aai53430.2021.00129\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 10th International Congress on Advanced Applied Informatics (IIAI-AAI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/iiai-aai53430.2021.00129","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
摘要
针对关键基础设施的网络攻击呈上升趋势。因此,网络安全对工业控制系统(ICS)来说变得非常重要。在ICS网络通信协议方面,开放平台通信统一架构(OPC UA)通信协议能够实现安全、独立于平台的通信,有望得到广泛应用。从2021年发布的OPC UA v1.04开始,除了客户端/服务器之外,还支持Pub/Sub模式。因为它可以轻松地支持比平常更多的通信,所以它可以支持工业部门中的所有用例。OPC UA的一个重要特性是加密。它可以有效地保护通信数据不被篡改和窃听,但也使通信监控变得不可能。在ICS中,对控制器的错误命令可能导致危险的情况。即使是安全的通信协议也不能保证所通信的数据是安全的。有许多类型的机器,例如操作支持系统和工程工作站,可以向控制器发送命令。它们在普通操作系统中实现,可能成为网络攻击的受害者。因此,应该监控发送到控制器的命令。提出了一种基于OPC UA的加密数据监控系统。
Development of a monitoring system for encrypted data by OPC UA
Cyber-attacks on critical infrastructure have been on the rise. Therefore, cyber-security has become very important for Industrial Control Systems (ICS). For communication protocol in ICS networks, the Open Platform Communications Unified Architecture (OPC UA) communication protocol, which enables secure and platform-independent communications, is expected to be widely used. Beginning from OPC UA v1.04, which was released in 2021, Pub/Sub mode has been supported in addition to Client/Server. Because it can easily support much more communications than usual, it can support all use cases in the industrial sector. An important property of OPC UA is encryption. It is effective in protecting communication data from tampering and eavesdropping but also makes it impossible to monitor communications. In ICS, ill commands to controllers can cause dangerous situations. Even a secure communication protocol cannot guarantee that the data being communicated are safe. There are many types of machines, such as operating support systems and engineering workstations, that can send commands to controllers. They are implemented in common operating systems and may fall victim to a cyber-attack. Therefore, the commands to controllers should be monitored. We propose a monitoring system for encrypted data by OPC UA.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
