计算机集成制造系统 ›› 2022, Vol. 28 ›› Issue (9): 2909-2917.DOI: 10.13196/j.cims.2022.09.021

• • 上一篇    下一篇

基于区块链的工业控制系统数据完整性保护

孙彦棨1,张正道1,2+   

  1. 1.江南大学物联网工程学院
    2.江南大学教育部物联网技术应用工程中心
  • 出版日期:2022-09-30 发布日期:2022-10-11
  • 基金资助:
    国家重点研发计划资助项目(2018YFB1701903)。

Industrial control system data integrity protection based on blockchain

SUN Yanqi1,ZHANG Zhengdao1,2+   

  1. 1.College of Internet of Things Engineering,Jiangnan University
    2.Engineering Research Center of Internet of Things Applied Technology,Ministry of Education,Jiangnan University
  • Online:2022-09-30 Published:2022-10-11
  • Supported by:
    Project supported by the National Key Research and Development Program,China(No.2018YFB1701903).

摘要: 区块链具有去中心化、数据不可篡改等优势,在数据安全方面应用广泛。但是,工业控制系统中连接物理设备的现场总线系统计算资源受限、通信能力差导致现有区块链系统难以部署。为此,提出一种轻量化私有区块链方案,以实现现场总线层级的数据完整性保护。首先,设计了一种随机验证机制,随机选择部分节点参与共识过程。节省通信开销的同时增加了攻击的难度。其次,提出一种新型共识模型,其可根据共识节点的状态制定不同的共识策略以减少节点的计算与通信负担。安全分析证明拟议方案不仅可以抵御常见的数据完整性攻击,还能有一定概率抵御51%攻击。仿真表明,与同类方法相比,拟议方案在安全性能、时间成本和通信量成本方面具有显著的优势。

关键词: 区块链, 工业控制系统, 数据完整性, 随机验证机制, 共识策略

Abstract: Blockchain has the advantages such as decentralization and data immutability,its application in data security is very extensive.However,the fieldbus system that connected physical layer equipment had limited computing resources and poor communication capabilities in an industrial control system.It was difficult to deploy the blockchain on an industrial control system.For this reason,a lightweight private blockchain scheme was proposed to protect the data integrity at the fieldbus level.A random verification mechanism was designed,in which a part of nodes are randomly selected to participate in the consensus process.This mechanism not only saved communication cost,but also enhanced the security of the scheme.A new consensus model was proposed,which could adopt different consensus strategies according to the states of the consensus nodes to reduce the calculation and communication burden of the nodes.Security analysis proved that the proposed scheme had certain probability to against the 51% attack except for common data integrity attacks.Compared with existing schemes,simulation showed that the proposed scheme had significant advantages in terms of security performance,time and communication cost.

Key words: blockchain, industrial control system, data integrity, random verification mechanism, consensus strategies

中图分类号: