Formal Security Evaluation and Improvement of Industrial Ethernet EtherCAT Protocol

doi:10.7544/issn1000-1239.2020.20200399

IR > 计算机与通信学院

	Formal Security Evaluation and Improvement of Industrial Ethernet EtherCAT Protocol
	Feng, Tao; Wang, Shuaishuai; Gong, Xiang; Fang, Junli
	2020-11-01
发表期刊	Jisuanji Yanjiu yu Fazhan/Computer Research and Development
ISSN	10001239
卷号	57 期号:11 页码:2312-2327
摘要	The EtherCAT protocol is widely used due to its high real-time performance and strong performance. However, with the rapid development and openness of the Industrial Ethernet protocol, industrial control systems are subject to huge network attack risks. There are many studies on the security and improvement of industrial Ethernet protocols, but these studies lack formal modeling and security evaluation of the protocol, and only focus on the realization of the security function of the protocol itself, which has certain limitations. In order to solve the current situation of industrial Ethernet being attacked, we take EtherCAT protocol which is widely used at present as the research object, and propose a model checking method based on colored Petri net theory and Dolev-Yao attack method, and evaluate and improve the security of the protocol. First, we verify the security mechanism of the protocol FSoE based on Petri net theory and CPN Tools model tools; then introduce the Dolev-Yao attack model to evaluate the security of the original model of the protocol. It is found that there are 3 types of man-in-the-middle attack vulnerabilities in the protocol, including tampering, replay, and deception. Finally, a new solution is proposed for the vulnerabilities in the protocol. A key distribution center and a Hash function are added to the original protocol. The security verification of the new scheme is carried out again using the CPN model detection tool. Through verification, it can be found that the new scheme can effectively prevent 3 types of man-in-the-middle attacks and improve the security of the protocol. © 2020, Science Press. All right reserved.
关键词	Ethernet Function evaluation Hash functions Industrial research Man machine systems Model checking Petri netsIndustrial control systems Industrial Ethernets Key distribution centers Man in the middle attacks Real time performance Security evaluation Security functions Security verification
DOI	10.7544/issn1000-1239.2020.20200399
收录类别	EI
语种	中文
出版者	Science Press
EI入藏号	20204709522287
EI主题词	Network security
EI分类号	721.1 Computer Theory, Includes Formal Logic, Automata Theory, Switching Theory, Programming Theory - 722.3 Data Communication, Equipment and Techniques - 723 Computer Software, Data Handling and Applications - 901.3 Engineering Research - 921.4 Combinatorial Mathematics, Includes Graph Theory, Set Theory - 921.6 Numerical Methods
来源库	Compendex
分类代码	721.1 Computer Theory, Includes Formal Logic, Automata Theory, Switching Theory, Programming Theory - 722.3 Data Communication, Equipment and Techniques - 723 Computer Software, Data Handling and Applications - 901.3 Engineering Research - 921.4 Combinatorial Mathematics, Includes Graph Theory, Set Theory - 921.6 Numerical Methods
引用统计	无
文献类型	期刊论文
条目标识符	https://ir.lut.edu.cn/handle/2XXMBERH/132378
专题	计算机与通信学院
作者单位	Department of Computer and Communication, Lanzhou University of Technology, Lanzhou; 730000, China
第一作者单位	兰州理工大学
第一作者的第一单位	兰州理工大学
推荐引用方式 GB/T 7714	Feng, Tao,Wang, Shuaishuai,Gong, Xiang,et al. Formal Security Evaluation and Improvement of Industrial Ethernet EtherCAT Protocol[J]. Jisuanji Yanjiu yu Fazhan/Computer Research and Development,2020,57(11):2312-2327.
APA	Feng, Tao,Wang, Shuaishuai,Gong, Xiang,&Fang, Junli.(2020).Formal Security Evaluation and Improvement of Industrial Ethernet EtherCAT Protocol.Jisuanji Yanjiu yu Fazhan/Computer Research and Development,57(11),2312-2327.
MLA	Feng, Tao,et al."Formal Security Evaluation and Improvement of Industrial Ethernet EtherCAT Protocol".Jisuanji Yanjiu yu Fazhan/Computer Research and Development 57.11(2020):2312-2327.