Abstract
Under the background of industrial intelligence, OPC UA PubSub mode is strongly supported by Industry 4.0 as a protocol designed to meet the communication requirements of industrial control level. With the gradual opening of industrial control network, the PubSub security model in OPC UA protocol alone cannot meet the new security requirements under the background of OT and IT integration. According to the specification, we analyze the possible threats, impacts and countermeasures that PubSub may face in OPC UA deployment environment, and emphasized that PubSub security model is difficult to protect resource-constrained industrial field equipment from the harm caused by DoS and other attacks. In view of the limited resources of industrial control network, this paper proposes that OTG gateway provides protection for PubSub service. Compared with traditional security gateway, OTG gateway can greatly reduce the consumption of industrial control network resources by network attacks. In addition, according to the characteristics of PubSub protocol, a DoS detection algorithm for this architecture is proposed. Compared with the traditional DoS detection algorithm, it has better applicability to PubSub protocol and can detect DoS attacks more accurately to reduce the impact on device performance. Experiments show that the DoS detection algorithm has 100% accuracy and 0.13% false positive rate, and can detect DoS attacks faster than the traditional detection algorithm.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.