OTG: A Gateway for Cybersecurity in the Context of OPC UA PubSub Pattern

Abstract

Under the background of industrial intelligence, OPC UA PubSub mode is strongly supported by Industry 4.0 as a protocol designed to meet the communication requirements of industrial control level. With the gradual opening of industrial control network, the PubSub security model in OPC UA protocol alone cannot meet the new security requirements under the background of OT and IT integration. According to the specification, we analyze the possible threats, impacts and countermeasures that PubSub may face in OPC UA deployment environment, and emphasized that PubSub security model is difficult to protect resource-constrained industrial field equipment from the harm caused by DoS and other attacks. In view of the limited resources of industrial control network, this paper proposes that OTG gateway provides protection for PubSub service. Compared with traditional security gateway, OTG gateway can greatly reduce the consumption of industrial control network resources by network attacks. In addition, according to the characteristics of PubSub protocol, a DoS detection algorithm for this architecture is proposed. Compared with the traditional DoS detection algorithm, it has better applicability to PubSub protocol and can detect DoS attacks more accurately to reduce the impact on device performance. Experiments show that the DoS detection algorithm has 100% accuracy and 0.13% false positive rate, and can detect DoS attacks faster than the traditional detection algorithm.