Research On Safety Class DCS Vulnerability Mining Technology Of Nuclear Power Plant Based On Fuzzing Test

With the rapid development of Internet technology and the continuous integration of industrialization and computerization,safety accidents of industrial control system,especially nuclear power plant control system are constantly occurring,which has aroused the high attention of governments and society all over the world,and information security construction in the field of nuclear power has also become a research hotspot.In nuclear power plants,running a large number of industrial control equipment,including as a nuclear reactor "central nervous system" of the nuclear power plant safety grade of the DCS system,when the working condition of reactor accidents and related system,will drive the corresponding security features to make the power plant security shut and maintained in a safe condition,ensure the accident cases,the safety of the reactor,personnel and environment.Due to the late start of the construction of the safety class DCS platform in China and the short time to realize the autonomous production,the realization of the system function is taken as the main development goal in the system application development,and the robustness test including information security has been carried out to some extent,but the depth of research needs to be further improved.At the same time,because the safety class DCS system uses a large number of communication networks,and there are many external connection points on the information transmission path,these factors provide the conditions for intruders to use,making the safety class DCS system of nuclear power plant has the information security risk.On the other hand,how to use advanced technical means to eliminate information security risks before illegal intruders invade the system has become an important topic in the field of industrial control security research.And vulnerability mining technology is one of the most important means to guarantee network security among many security technologies.Under the above background,this paper mainly studies the vulnerability mining technology for a safety class DCS platform of nuclear power plant,and establishes the actual operating environment to verify the relevant methods,which proves the effectiveness of the proposed method.The main work content and innovation points of this paper are as follows:(1)The information security vulnerability analysis of a safety class DCS platform in nuclear power plant is completed.On the basis of a comprehensive analysis of the unique transmission path of the DCS platform information,the paper systematically expounds and analyzes the existing information security problems,and comprehensively points out the risks and potential security risks faced by the safety class DCS platform.(2)Realized the improvement of Fuzzing test method.On the basis of analyzing the defects of fuzzy testing technology and existing testing tools,a personalized protocol capture module and a protocol parsing method of tree XML are designed.The fuzzy test framework of He-Peach is formed by using chaotic mapping algorithm to optimize the framework of Peach Fuzz.Finally,the fault detection scheme based on heartbeat mechanism is designed according to the characteristics of safety class DCS and the insufficient abnormal monitoring of Peach Fuzz.(3)Realized the improvement of Fuzzing test method.On the basis of analyzing the defects of fuzzy testing technology and existing testing tools,a personalized protocol capture module and a protocol parsing method based on hierarchical model are designed.In addition,chaos mapping algorithm is used to optimize the framework of Peach Fuzz to improve the coverage rate of vulnerability mining.Finally,the fault detection technology based on heartbeat mechanism is designed according to the characteristics of safety class DCS and the insufficient abnormal monitoring of Peach Fuzz.(4)In order to further test the security of the safety class DCS platform,in the upper computer level of the safety class DCS platform,the vulnerability mining method based on Fuzzing technology is used to study the file format vulnerability of the Windows operating system where the upper computer software is located.