摘要近年来针对工业控制系统的网络攻击越来越多,工业控制系统信息安全问题已然成为热点话题,对于涉及工业、能源、交通、水利等工业控制系统来说,其安全问题更是值得关注。本课题从工业控制网络体系入手,分析其可能存在的安全威胁,总结了一些通用的安全防护技术;介绍工业控制系统中实际运用的安全技术,SCADA安全服务框架和多芬诺工业系统信息安全解决方案;重点分析了工业控制系统常用的VxWorks嵌入式操作系统的漏洞,利用VMware虚拟机软件,搭建了VxWorks靶机实验平台,并基于开源渗透测试工具Metasploit对VxWorks的已爆出漏洞进行了渗透测试。65236
毕业论文关键词 工业控制系统 信息安全 VxWorks 漏洞 VMware
毕业设计说明书(论文)外文摘要
Title Studies on security of industrial control network and its embedded devices
Abstract
In recent years, there are more cyber attacks against industrial control systems (ICS).The information security of ICS has become a hot topic.For ICS involving industry,energy, transportation, water conservancy, its security proplems deserve more concerns. This thesis starts from the architecture of ICS, its potential security threats are analyzed, some common security technologies are summarized, those practical applications of ICS security technologies,and the SCADA security services framework are introduced .Following these,one typical commercial security solution for ICS,Tofino system is introduced in detail.
The latter part of the thesis begins with the analysis of the vulnerabilities in the widely-used VxWorks embedded operating system.With the help of the virtual machine software VMware,the experimental platform of target VxWorks is built up.The penetration tests to the known vulnerabilities are lauched with the open-source tool Metasploit.
Keywords ICS information security VxWorks vulnerabilities VMware
目次
1 引言 1
1.1 工业控制网络安全现状 1
1.2 工业控制网络安全保护的迫切性 3
1.3 本文的主要研究问题和结构 4
2 工业控制网络体系结构及其安全性分析 5
2.1 工业控制网络组成 5
2.2 典型工业以太网络体系结构 6
2.3 典型SCADA系统的体系结构 7
2.4 安全威胁分析 8
2.5 通用网络安全防护技术 9
2.6 典型工业控制系统信息安全解决方案 11
2.7 本章小结 17
3 嵌入式操作系统安全性 18
3.1 嵌入式操作系统概述 18
3.2 VxWorks系统及其已知漏洞介绍 18
3.3 本章小结 25
4 针对VxWorks WDB漏洞的渗透攻击 26
4.1 渗透攻击平台 26
4.2 攻击环境搭建 27