针对SCADA系统中标准DNP3.0总线协议不具有安全防护能力,容易被非法入侵者攻击的缺点,从中间人攻击、拒绝服务攻击、窃听三个方面对标准DNP3.0总线协议进行了安全性分析和测试,并针对性地提出了安全应对策略,在模拟仿真环境下对采用了安全应对策略的DNP3.0总线协议进行测试,验证了安全防护效果。实验结果表明,本文提出的安全应对策略能够在一定程度上抵御入侵者的攻击行为,但在现场环境下仍然需要根据系统特点采取有针对性的安全策略,才能有效提高SCADA系统的安全防护能力。%Based on the disadvantage of standard DNP 3.0 protocol in SCADA system with no ability of security protection and vulnerable to the intruder, analyze and test the security of DNP 3.0 protocol from three aspects which are man-in-the-middle attack, denial of service attack, and eavesdropping attack, then, propose some correlative security strategies. Finally, the security strategiesare examined through the testing in the emulation testbed. The results show that the security strategies proposed in this paper are effective to protect SCADA system from the intruder’s attack, and more specific security strategies are also necessary to improve the security of SCADA system effectively.
展开▼
