發(fā)布時間：2018-06-24 14:57

  本文選題：PROFIBUS-DP + Internet　； 參考：《吉林大學》2014年碩士論文

【摘要】：PROFIBUS現場總線是當前業(yè)界應用最成功、最廣泛的現場總線技術，它將企業(yè)現場控制系統與底層設備相連，構成企業(yè)的控制層網絡。傳統的企業(yè)控制層網絡和企業(yè)信息網絡相對孤立封閉，企業(yè)的管理層和技術人員只有親臨現場或者通過定期的上報文件來了解現場生產狀況。在信息瞬息萬變的時代，企業(yè)的生存與發(fā)展很大程度上依賴于對現場設備運行狀況的了解并且做出正確、及時的決策。如何將現場總線網絡接入Internet網絡實現對設備的遠程實時監(jiān)控是工業(yè)自動化的熱點研究問題之一，同時安全問題也是現場總線網絡接入Internet網絡不容忽視的重要問題。本文針對兩種異構網絡的互聯接入問題和接入時的安全問題，提出了采用嵌入式安全Web網關的方法實現通過Internet網對PROFIBUS-DP總線上設備的實時、快捷直觀、安全的監(jiān)控。 本項研究在對PROFIBUS-DP現場總線網絡和Internet網絡兩種異構網絡網絡結構和網絡協議深入研究和分析的基礎上，，提出了采用嵌入式網關的方法使兩種異構網絡互聯通信，并設計了具體的協議轉換模型和協議轉換方法，進而達到通過Internet對PROFIBUS-DP現場總線上設備遠程監(jiān)控的目的。 根據兩種異構網絡的通信模型，設計了網關軟、硬件系統架構。在硬件系統架構上，該網關采用了高性能的S3C2440微處理器、高速以太網控制器DM9000、以及大容量的SDRAM和FLASH存儲器，同時具備PROFIBUS和Internet接口。在軟件系統架構上，采用了網絡性能優(yōu)良的嵌入式Linux操作系統，并引入了具有優(yōu)秀網絡友好交互能力的嵌入式Web技術和對數據信息進行管理的嵌入式數據庫技術。 在系統安全方面，本項研究詳細分析了PROFIBUS-DP工控網絡通過嵌入式Web網關接入Internet互聯網的安全威脅，在研究現有通用的安全方法的基礎上，提出了適合本項研究應用場景的安全機制。在本嵌入式Web網關上同時采用強制訪問控制思想進行用戶身份訪問控制、SSL套接層協議對數據進行加密安全傳輸、分類系統日志對系統提供不可抵賴性服務這三種措施來對系統進行安全保護。 利用動態(tài)網頁技術-CGI編程實現用戶與設備交互、用戶強制訪問控制、分類系統日志記錄，并對設計的嵌入式安全Web網關進行了模擬驗證與測試。測試結果表明：本項研究設計的嵌入式安全Web網關方案能實現通過Internet網對PROFIBUS-DP總線上的設備進行方便快捷、實時地遠程監(jiān)控，同時設計的安全機制能對系統提供較高的安全性保障。
[Abstract]:PROFIBUS field bus is the most successful and widely used field bus technology in the industry at present. It connects the enterprise field control system with the underlying equipment and constitutes the control layer network of the enterprise. The traditional enterprise control layer network and enterprise information network are relatively isolated and closed. The management and technical personnel of the enterprise only come to the scene in person or through regular reporting documents to understand the production situation on the spot. In the era of rapid change of information, the survival and development of enterprises depend largely on the understanding of the operation status of field equipment and making correct and timely decisions. How to connect the fieldbus network to the Internet network to realize the remote real-time monitoring of the equipment is one of the hot research issues in industrial automation. At the same time, the security problem is also an important issue that can not be ignored when the fieldbus network is connected to the Internet network. In this paper, aiming at the problem of interconnection and security of two heterogeneous networks, an embedded secure Web gateway is proposed to monitor the devices on PROFIBUS-DP bus in real time, fast, and safely through the Internet. Based on the deep research and analysis of two kinds of heterogeneous network structures and protocols of PROFIBUS-DP fieldbus network and Internet network, an embedded gateway method is proposed to make the two heterogeneous networks communicate with each other. The specific protocol conversion model and protocol conversion method are designed to achieve the purpose of remote monitoring of PROFIBUS-DP devices through the Internet. According to the communication model of two heterogeneous networks, the software and hardware architecture of gateway is designed. In the hardware system architecture, the gateway adopts high performance S3C2440 microprocessor, high speed Ethernet controller DM9000, large capacity SDRAM and flash memory, and also has PROFIBUS and Internet interface. In the software system architecture, the embedded Linux operating system with excellent network performance is adopted, and the embedded Web technology with excellent network friendly interaction ability and the embedded database technology which manages the data information are introduced. In the aspect of system security, the security threat of PROFIBUS-DP industrial control network accessing Internet through embedded Web gateway is analyzed in detail. A security mechanism suitable for the application scenario of this study is proposed. In the embedded Web gateway, the mandatory access control idea is also adopted to encrypt the data through SSL socket layer protocol. Classification system logs provide nonrepudiation services to the system to protect the system. Dynamic web page technology -CGI programming is used to realize user / device interaction, user mandatory access control, classification system logging, and the embedded secure Web gateway is simulated and tested. The test results show that the embedded secure Web gateway scheme can be used to monitor the PROFIBUS-DP bus conveniently and remotely in real time. At the same time, the designed security mechanism can provide a high level of security for the system.
【學位授予單位】：吉林大學
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TP393.05

【參考文獻】

相關期刊論文 前6條

1 馮朔;;基于SPC3的嵌入式PROFIBUS-DP智能從站接口的設計及測試[J];電腦知識與技術;2010年10期

2 趙曉焱;謝自梅;祁艷;;面向遠程監(jiān)控系統的嵌入式web服務器研究與實現[J];河南師范大學學報(自然科學版);2008年06期

3 周若谷;丁峰;魯力;;視頻監(jiān)控系統中嵌入式Web服務器的設計與實現[J];計算機科學;2011年05期

4 趙躍華,杜云海,包明國;基于身份認證的嵌入式Web網關安全機制的實現[J];計算機工程;2004年23期

5 沈勇;朱超;;基于SSL的嵌入式Web服務器安全設計與實現[J];計算機與現代化;2012年07期

6 郭孟;錢江;;一種工業(yè)以太網的控制網絡安全模型設計[J];微計算機信息;2008年33期

本文編號：2061905