基于VxWorks的開放式安全通信協(xié)議的研究與實現(xiàn)
發(fā)布時間:2019-06-02 14:18
【摘要】:我國的鐵路事業(yè)發(fā)展迅速,列車的運行速度和行車密度不斷提高。行車安全必須要綜合車、地多個系統(tǒng)來保障,系統(tǒng)之間的通信由封閉式網(wǎng)絡轉向開放式網(wǎng)絡,通信安全性也就變的尤為重要。CTCS-3作為目前我國客運專線技術等級最高的列控系統(tǒng),其各子系統(tǒng)間的信息交互過程已轉變?yōu)殚_放式傳輸系統(tǒng)的范疇,必須針對開放式網(wǎng)絡研究設計安全通信協(xié)議才能保證系統(tǒng)數(shù)據(jù)傳輸?shù)目煽啃院桶踩裕@是提高當前鐵路信號控制安全性和信息化程度的必然要求。 鐵路計算機聯(lián)鎖系統(tǒng)作為一種實時的安全苛求系統(tǒng),對實現(xiàn)鐵路的安全高效運行發(fā)揮著至關重要的作用。本課題的主要工作是在分析EN50159標準規(guī)范所提出的開放式傳輸系統(tǒng)信息安全可靠傳輸可能存在的威脅的基礎上,對我國原鐵道部科技司制定的鐵路信號安全通信協(xié)議進行了重點研究。以計算機聯(lián)鎖系統(tǒng)與其他設備的通信接口為研究對象,對其通信安全性進行了功能安全分析和應用方面的研究,并在VxWorks操作系統(tǒng)上利用MUX層接口函數(shù)完成該安全協(xié)議與底層驅動程序的綁定,在Tornado環(huán)境下仿真出安全通信協(xié)議的安全功能。 本文完成的工作主要有以下幾個方面: (1)基于EN50159標準中開放式的傳輸系統(tǒng)安全威脅相關的內容,對計算機的聯(lián)鎖系統(tǒng)的通信安全性進行了評估與分析,了解了其潛在的各種安全威脅,并提出相應的應對措施,包括采用序列號防護、TTS/EC計數(shù)防護以及安全碼和加密技術防護。 (2)分析RSSP-II協(xié)議的安全通信系統(tǒng)結構,重點研究兩個通信實體如何通過安全層的服務模型、服務原語建立安全連接,完成消息完整性與對等實體認證。 (3)深入分析DES算法原理,完成DES算法模塊的編程,在此基礎上利用DES算法模塊加密、解密過程的組合實現(xiàn)消息完整性與對等實體認證過程中消息認證密碼(MAC)的計算,在此過程中采用的是改進DES的三重DES算法。 (4)VxWorks是一種安全性非常高的實時嵌入式操作系統(tǒng),廣泛用作各種安全相關計算機系統(tǒng)的操作系統(tǒng),,尤其在計算機聯(lián)鎖系統(tǒng)中應用尤為廣泛,本文利用VxWorks作為基礎平臺,利用MUX層接口實現(xiàn)安全通信協(xié)議的綁定,系統(tǒng)通過標準的socket接口實現(xiàn)安全通信協(xié)議的應用。 在分析、設計以及實現(xiàn)安全通信協(xié)議的基礎上,測試數(shù)據(jù)表明,RSSP-II安全通信協(xié)議能有效防御常見的網(wǎng)絡通信威脅,尤其是論文中3DES加密算法與三重時間戳相結合的方法,極大的提高了通信系統(tǒng)的安全性等級和實用性。
[Abstract]:With the rapid development of railway in China, the running speed and density of trains are increasing. Traffic safety must be guaranteed by integrated vehicles and multiple systems, and the communication between the systems has changed from a closed network to an open network. The communication security has become particularly important. CTCs-3, as the train control system with the highest technical level of passenger dedicated line in our country, the information interaction process among its subsystems has changed into the category of open transmission system. In order to ensure the reliability and security of system data transmission, it is necessary to study and design a secure communication protocol for open network, which is an inevitable requirement to improve the security and informatization of railway signal control at present. As a real-time safety demanding system, railway computer interlocking system plays an important role in realizing the safe and efficient operation of railway. The main work of this paper is to analyze the possible threats of secure and reliable transmission of information in open transmission system proposed by EN50159 standard specification. This paper focuses on the railway signal security communication protocol formulated by the Science and Technology Department of the Ministry of Railways in China. Taking the communication interface between computer interlocking system and other devices as the research object, the communication security of computer interlocking system is analyzed and applied. The MUX layer interface function is used to bind the security protocol to the underlying driver on VxWorks operating system, and the security function of the secure communication protocol is simulated in Tornado environment. The main work of this paper is as follows: (1) based on the security threat of open transmission system in EN50159 standard, the communication security of computer interlocking system is evaluated and analyzed. The potential security threats are understood, and the corresponding countermeasures are put forward, including serial number protection, TTS/EC counting protection, security code and encryption technology protection. (2) the secure communication system structure of RSSP-II protocol is analyzed, and how to establish secure connection between the two communication entities through the service model of security layer is studied, and the message integrity and peer entity authentication are completed. (3) the principle of DES algorithm is deeply analyzed, and the programming of DES algorithm module is completed. On this basis, the encryption and decryption process of DES algorithm module are used to realize the calculation of message integrity and message authentication password (MAC) in the process of peer entity authentication. In this process, the improved DES triple DES algorithm is used. (4) VxWorks is a very secure real-time embedded operating system, which is widely used as the operating system of various security-related computer systems, especially in computer interlocking system. In this paper, VxWorks is used as the basic platform. The MUX layer interface is used to bind the secure communication protocol, and the system realizes the application of the secure communication protocol through the standard socket interface. Based on the analysis, design and implementation of secure communication protocol, the test data show that RSSP-II secure communication protocol can effectively defend against common network communication threats, especially the combination of 3DES encryption algorithm and triple timestamp in this paper. The security level and practicability of the communication system are greatly improved.
【學位授予單位】:蘭州交通大學
【學位級別】:碩士
【學位授予年份】:2014
【分類號】:TP393.08;TP393.04
本文編號:2491167
[Abstract]:With the rapid development of railway in China, the running speed and density of trains are increasing. Traffic safety must be guaranteed by integrated vehicles and multiple systems, and the communication between the systems has changed from a closed network to an open network. The communication security has become particularly important. CTCs-3, as the train control system with the highest technical level of passenger dedicated line in our country, the information interaction process among its subsystems has changed into the category of open transmission system. In order to ensure the reliability and security of system data transmission, it is necessary to study and design a secure communication protocol for open network, which is an inevitable requirement to improve the security and informatization of railway signal control at present. As a real-time safety demanding system, railway computer interlocking system plays an important role in realizing the safe and efficient operation of railway. The main work of this paper is to analyze the possible threats of secure and reliable transmission of information in open transmission system proposed by EN50159 standard specification. This paper focuses on the railway signal security communication protocol formulated by the Science and Technology Department of the Ministry of Railways in China. Taking the communication interface between computer interlocking system and other devices as the research object, the communication security of computer interlocking system is analyzed and applied. The MUX layer interface function is used to bind the security protocol to the underlying driver on VxWorks operating system, and the security function of the secure communication protocol is simulated in Tornado environment. The main work of this paper is as follows: (1) based on the security threat of open transmission system in EN50159 standard, the communication security of computer interlocking system is evaluated and analyzed. The potential security threats are understood, and the corresponding countermeasures are put forward, including serial number protection, TTS/EC counting protection, security code and encryption technology protection. (2) the secure communication system structure of RSSP-II protocol is analyzed, and how to establish secure connection between the two communication entities through the service model of security layer is studied, and the message integrity and peer entity authentication are completed. (3) the principle of DES algorithm is deeply analyzed, and the programming of DES algorithm module is completed. On this basis, the encryption and decryption process of DES algorithm module are used to realize the calculation of message integrity and message authentication password (MAC) in the process of peer entity authentication. In this process, the improved DES triple DES algorithm is used. (4) VxWorks is a very secure real-time embedded operating system, which is widely used as the operating system of various security-related computer systems, especially in computer interlocking system. In this paper, VxWorks is used as the basic platform. The MUX layer interface is used to bind the secure communication protocol, and the system realizes the application of the secure communication protocol through the standard socket interface. Based on the analysis, design and implementation of secure communication protocol, the test data show that RSSP-II secure communication protocol can effectively defend against common network communication threats, especially the combination of 3DES encryption algorithm and triple timestamp in this paper. The security level and practicability of the communication system are greatly improved.
【學位授予單位】:蘭州交通大學
【學位級別】:碩士
【學位授予年份】:2014
【分類號】:TP393.08;TP393.04
【參考文獻】
相關期刊論文 前10條
1 張曉華,李智濤,徐釗;VxWorks網(wǎng)絡協(xié)議棧的MUX接口[J];單片機與嵌入式系統(tǒng)應用;2002年05期
2 胡明;彭來獻;蘭明蛟;宋孝先;;基于VxWorks網(wǎng)絡協(xié)議棧的數(shù)據(jù)采集協(xié)議設計[J];測控技術;2007年12期
3 焦程波;;傳感器網(wǎng)絡中基于時鐘偏移的偽造節(jié)點攻擊檢測技術[J];計算機應用研究;2011年11期
4 戚文靜,張素,于承新,趙莉;幾種身份認證技術的比較及其發(fā)展方向[J];山東建筑工程學院學報;2004年02期
5 劉亞林,范平志;GSM-R雙向認證與端到端加密[J];鐵道通信信號;2005年04期
6 吳昊;史小華;范絮妍;鐘章隊;;CTCS-3級列控系統(tǒng)車-地無線通信端到端通信安全增強技術的研究[J];鐵道通信信號;2010年10期
7 陳鋒華;;列控系統(tǒng)安全通信研究[J];鐵路通信信號工程技術;2006年01期
8 傅世善;;計算機聯(lián)鎖進一步發(fā)展的探索[J];鐵路通信信號工程技術;2006年02期
9 楊霓霏;段武;盧佩玲;;鐵路信號系統(tǒng)安全相關通信標準與安全協(xié)議研究[J];中國鐵路;2008年06期
10 王海忠;;列控聯(lián)鎖一體化系統(tǒng)設計方案探討[J];鐵道通信信號;2009年01期
本文編號:2491167
本文鏈接:http://sikaile.net/guanlilunwen/ydhl/2491167.html
最近更新
教材專著
