Blockchain file release system
Industrial control network often need to send the logic configuration project file from the control center to the PLC, the file can be run after successful compilation. Actually the file often been tampered or replaced in the delivery process, lead to the compiled file can not run, merged malicious instructions seriously, the consequences be unbearable to contemplate.
Industrial control network is relatively closed, usually operating in the enterprise internal network, establish a small range of private block chain platform within the enterprise is more suitable. In order to ensure the correctness of the issued logic configuration project file, establish industrial network file release system for storing blockchain logic configuration project file, the system includes 2 layers, the bottom layer is constructed by blockchain database, upper layer is user oriented industrial control network blockchain platform. As shown in the following figure:
Figure 2: industrial control network blockchain file release system
The user apply for issue logic configuration project file to block chain platform administrator, after the administrator approval, the released abstract information of logical configuration project file compiled files can be stored into the blockchain. Abstract information includes the address of the A (control center) and the receiver B (PLC), the hash value of the release file etc, and each node of the block chain sign the time stamp. Abstract information can query through the released file number. After PLC download logic configuration project file, according to release file number, make comparison of compiled file hash value and block chain data, if they are different, indicating that the file has been tampered and it make alarm to the monitoring center.
Through the logic configuration project file blockchain release technology, realizing the logical configuration of industrial control files can not be tampered once released. Even if the attacker modify the configuration file in the PLC side, it can not run due to failed verify through the compiler to achieve the protection. The technology solves the problem that the traditional logic configuration engineering file is easily to be modified by the third party.