基于E2000D的工业物联数采安全终端研究与设计
2024,32(10):208-214
摘要:工业物联网的出现工业数据安全倍受关注。数据采集的安全直接关系到了工业互联网的数据安全。数据采集系统中,数据采集(南向)和云端通信(北向)协议及数据采集系统运行环境是数采终端最主要的安全攻击目标。在对工业物联数采安全终端主流北向MQTT协议和南向OPC UA协议的安全性及数采系统可信运行环境进行分析后,在国产处理器E2000D安全可信运行环境上基于OpenSSL库设计并实现了支持北向MQTT和南向OPC UA协议的工业数采安全终端。通过试验测试表明,该工业物联数采安全终端在安全认证、访问控制、数据完整性和数据机密性方面都有较高的安全性能。
关键词:工业物联网;E2000D;OPCUA;OpenSSL; 数采安全终端
Research and Design of Industrial IoT Data Acquisition Security Terminal Based on E2000D
Abstract:The emergence of Industrial Internet of Things Industrial data security has received much attention. The security of data collection is directly related to the data security of industrial Internet. In the data acquisition system, the data acquisition (southbound) and cloud communication (northbound) protocols and the operating environment of the data acquisition system are the most important security attack targets of data acquisition terminals. After analyzing the security of the mainstream northbound MQTT protocol and southbound OPC UA protocol of the industrial IoT data mining security terminal and the trusted operating environment of the data mining system, a data mining security terminal supporting northbound MQTT and southbound OPC UA protocol is designed and implemented based on OpenSSL library on the domestic independent processor E2000D secure operating environment. The test results show that the industrial IoT data acquisition security terminal has high security performance in security authentication, access control, data integrity and data confidentiality.
Key words:IIoT; E2000D; OPC UA; OpenSSL; Data Acquisition Security Terminal
收稿日期:2023-09-22
基金项目:湖南省创新型省份建设专项(高新技术产业科技创新引领计划)(项目编号:2021GK4012)
