| The information security problem of industrial control system is attracting more and more attention,especially the information security problem of nuclear power industry.When threatened,it will affect industrial production and cause significant economic losses.The Stuxne "seismic network" virus detected in the nuclear facilities in Iran has made the information security of the nuclear power seriously valued.At present,researches on information security standards and technologies in terms of nuclear power digital instrument control system both at home and abroad are in the initial stage.Based on the information security demands of DSC system at the reactor security level,this research attempts to introduce the international standard of encryption algorithm to achieve the security of data transmission.While introducing the information security technology,this research ensures the instantaneity,certainty and reliability of the original system to achieve its improvement of security performance as well as to meet the designed technology requirements.First of all,this paper elaborats the research background of information security for safety-grade instrument control systems innuclear power plants,research significance,research purpose,and research status of the information security in the field of industry and the nuclear power.Then,it analyzes the information security demands and problems faced by the safety-grade instrument and control system in nuclear power plants,and outlines related technologies.The structure,function and communication composition of a certain security level DCS system platform in China are analyzed in detail,and the information transmission route is safely classified.From the perspective of information security,an in-depth analysis of the vulnerability of the system platform,including control stations,transmission stations,security display stations,gateway stations,and engineer stations,is made.Taking the field control station as an example,a vulnerability analysis method based on the attack tree is proposed to quantify it.According to the vulnerability analysis results of the system platform,a data transmission security mechanism based on the security component is designed.First,the cryptographic algorithm is tested by selecting AES algorithm and CMAC algorithm to implement the two functions of encryption and authentication of the security component module.Then the function and performance of the security component are tested on the actual system platform,and the applicability of the security component is verified from the aspects of execution time and resource occupation of the security component.Finally,simulate theman-in-the-middle attacking test.The test result proves that the security component can improve the security of data communication,improve the system’s information security prevention capability to a certain extent,and reduce the vulnerability of the system. |
PDF Full Text Request