- Book学术

发布求助

文献互助智能选刊最新文献

IF 9.4 1区工程技术 Q1 ENGINEERING, INDUSTRIAL

Reliability Engineering & System Safety Pub Date : 2025-03-12 DOI:10.1016/j.ress.2025.111013

Xiangzhen Peng , Chengliang Zheng , Yidi Wang , Xiaohui Cui , Zhidong Shen

{"title":"Double layer blockchain-assisted trusted data flow model for industrial control systems","authors":"Xiangzhen Peng , Chengliang Zheng , Yidi Wang , Xiaohui Cui , Zhidong Shen","doi":"10.1016/j.ress.2025.111013","DOIUrl":null,"url":null,"abstract":"<div><div>With the development of information technology (IT), the blurred network boundary between the Operational Technology (OT) network and the IT network poses a higher risk of cyber-attacks on the flow of data in Industrial Control System (ICS). Deep isolation of ICS, enhanced data access control in ICS, and proactive defense against cyber-attacks in ICS can help achieve the secure flow of highly sensitive data in ICS. This article proposes a dual-layer blockchain-assisted data flow protection framework for ICS, driven by blockchain, and conducts simulation and analysis. Firstly, OT-blockchain and IT-blockchain were designed to redefine the network boundary of ICS. Secondly, an identity-assisted authentication mechanism based on Bloom filters and trusted databases was designed to rapidly identify dishonest nodes. Then, an ICS-RBAC zero-trust access control mechanism based on RBAC was designed to ensure the security of the OT blockchain and achieve zero-trust data exchange between the IT-blockchain and ICS physical devices. And, an active defense mechanism for ICS was designed based on the principle of the heartbeat mechanism. Finally, model analysis and simulation verification are conducted. The results indicate that this study can achieve trusted data flow in ICS and fine-grained zero-trust access control, providing security guarantees.</div></div>","PeriodicalId":54500,"journal":{"name":"Reliability Engineering & System Safety","volume":"260 ","pages":"Article 111013"},"PeriodicalIF":9.4000,"publicationDate":"2025-03-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Reliability Engineering & System Safety","FirstCategoryId":"5","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0951832025002145","RegionNum":1,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, INDUSTRIAL","Score":null,"Total":0}

引用次数: 0

摘要

随着信息技术（IT）的发展，操作技术（OT）网络与 IT 网络之间的网络边界越来越模糊，这给工业控制系统（ICS）的数据流带来了更高的网络攻击风险。对 ICS 进行深度隔离、加强 ICS 中的数据访问控制、主动防御 ICS 中的网络攻击，有助于实现高敏感数据在 ICS 中的安全流动。本文提出了以区块链为驱动的ICS双层区块链辅助数据流保护框架，并进行了仿真分析。首先，设计了 OT 区块链和 IT 区块链，重新定义了 ICS 的网络边界。其次，设计了基于布鲁姆过滤器和可信数据库的身份辅助认证机制，以快速识别不诚实节点。然后，设计了基于 RBAC 的 ICS-RBAC 零信任访问控制机制，以确保 OT 区块链的安全，并实现 IT 区块链与 ICS 物理设备之间的零信任数据交换。同时，基于心跳机制原理设计了 ICS 的主动防御机制。最后，进行了模型分析和仿真验证。结果表明，该研究可以实现综合布线系统中的可信数据流和细粒度零信任访问控制，提供安全保障。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Double layer blockchain-assisted trusted data flow model for industrial control systems

With the development of information technology (IT), the blurred network boundary between the Operational Technology (OT) network and the IT network poses a higher risk of cyber-attacks on the flow of data in Industrial Control System (ICS). Deep isolation of ICS, enhanced data access control in ICS, and proactive defense against cyber-attacks in ICS can help achieve the secure flow of highly sensitive data in ICS. This article proposes a dual-layer blockchain-assisted data flow protection framework for ICS, driven by blockchain, and conducts simulation and analysis. Firstly, OT-blockchain and IT-blockchain were designed to redefine the network boundary of ICS. Secondly, an identity-assisted authentication mechanism based on Bloom filters and trusted databases was designed to rapidly identify dishonest nodes. Then, an ICS-RBAC zero-trust access control mechanism based on RBAC was designed to ensure the security of the OT blockchain and achieve zero-trust data exchange between the IT-blockchain and ICS physical devices. And, an active defense mechanism for ICS was designed based on the principle of the heartbeat mechanism. Finally, model analysis and simulation verification are conducted. The results indicate that this study can achieve trusted data flow in ICS and fine-grained zero-trust access control, providing security guarantees.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Reliability Engineering & System Safety 管理科学-工程：工业

CiteScore

15.20

自引率

39.50%

发文量

621

审稿时长

67 days

期刊介绍： Elsevier publishes Reliability Engineering & System Safety in association with the European Safety and Reliability Association and the Safety Engineering and Risk Analysis Division. The international journal is devoted to developing and applying methods to enhance the safety and reliability of complex technological systems, like nuclear power plants, chemical plants, hazardous waste facilities, space systems, offshore and maritime systems, transportation systems, constructed infrastructure, and manufacturing plants. The journal normally publishes only articles that involve the analysis of substantive problems related to the reliability of complex systems or present techniques and/or theoretical results that have a discernable relationship to the solution of such problems. An important aim is to balance academic material and practical applications.