18 resultados para MODBUS
Resumo:
The Modicon Communication Bus (Modbus) protocol is one of the most commonly used protocols in industrial control systems. Modbus was not designed to provide security. This paper confirms that the Modbus protocol is vulnerable to flooding attacks. These attacks involve injection of commands that result in disrupting the normal operation of the control system. This paper describes a set of experiments that shows that an anomaly-based change detection algorithm and signature-based Snort threshold module are capable of detecting Modbus flooding attacks. In comparing these intrusion detection techniques, we find that the signature-based detection requires a carefully selected threshold value, and that the anomaly-based change detection algorithm may have a short delay before detecting the attacks depending on the parameters used. In addition, we also generate a network traffic dataset of flooding attacks on the Modbus control system protocol.
Resumo:
本文首先介绍了WIA技术和Modbus协议的基本原理和结构,然后详细介绍了互联过程中使用的两种方式:透明传输方式和协议转换方式。分析了两种方式的适用范围和改造难度,并给出了实现案例。
Resumo:
L’objecte del projecte és el de crear una xarxa de comunicacions Modbus. La xarxa unirà els autòmats del laboratori de regulació Telemecanique TSX Micro (els 9 autòmats TSX 3705 i l’autòmat de nova adquisició TSX 3722). Com a complement de la xarxa, es prepararan dues experiències i un qüestionari. La primera experiència servirà als alumnes com a exemple de comunicació Modbus, i la segona, l’hauran de realitzar els alumnes. Aquesta segona experiència només és introductòria, no serà de gran dificultat i l’alumne no adquirirà grans coneixements, simplement agafarà nocions del funcionament d’una comunicació entre autòmats en el cas concret d’una xarxa Modbus. El qüestionari permetrà avaluar els coneixements adquirits sobre la comunicació Modbus abans de que l’alumne realitzi les experiències
Resumo:
Práctica 3. Comunicación con RS-485 y MODBUS.
Resumo:
Given there is currently a migration trend from traditional electrical supervisory control and data acquisition (SCADA) systems towards a smart grid based approach to critical infrastructure management. This project provides an evaluation of existing and proposed implementations for both traditional electrical SCADA and smart grid based architectures, and proposals a set of reference requirements which test bed implementations should implement. A high-level design for smart grid test beds is proposed and initial implementation performed, based on the proposed design, using open source and freely available software tools. The project examines the move towards smart grid based critical infrastructure management and illustrates the increased security requirements. The implemented test bed provides a basic framework for testing network requirements in a smart grid environment, as well as a platform for further research and development. Particularly to develop, implement and test network security related disturbances such as intrusion detection and network forensics. The project undertaken proposes and develops an architecture of the emulation of some smart grid functionality. The Common Open Research Emulator (CORE) platform was used to emulate the communication network of the smart grid. Specifically CORE was used to virtualise and emulate the TCP/IP networking stack. This is intended to be used for further evaluation and analysis, for example the analysis of application protocol messages, etc. As a proof of concept, software libraries were designed, developed and documented to enable and support the design and development of further smart grid emulated components, such as reclosers, switches, smart meters, etc. As part of the testing and evaluation a Modbus based smart meter emulator was developed to provide basic functionality of a smart meter. Further code was developed to send Modbus request messages to the emulated smart meter and receive Modbus responses from it. Although the functionality of the emulated components were limited, it does provide a starting point for further research and development. The design is extensible to enable the design and implementation of additional SCADA protocols. The project also defines an evaluation criteria for the evaluation of the implemented test bed, and experiments are designed to evaluate the test bed according to the defined criteria. The results of the experiments are collated and presented, and conclusions drawn from the results to facilitate discussion on the test bed implementation. The discussion undertaken also present possible future work.
Resumo:
The complexity of modern SCADA networks and their associated cyber-attacks requires an expressive but flexible manner for representing both domain knowledge and collected intrusion alerts with the ability to integrate them for enhanced analytical capabilities and better understanding of attacks. This paper proposes an ontology-based approach for contextualized intrusion alerts in SCADA networks. In this approach, three security ontologies were developed to represent and store information on intrusion alerts, Modbus communications, and Modbus attack descriptions. This information is correlated into enriched intrusion alerts using simple ontology logic rules written in Semantic Query-Enhanced Web Rules (SQWRL). The contextualized alerts give analysts the means to better understand evolving attacks and to uncover the semantic relationships between sequences of individual attack events. The proposed system is illustrated by two use case scenarios.
Resumo:
Dissertação apresentada na Faculdade de Ciências e Tecnologia da Universidade Nova de Lisboa para obtenção do grau de Mestre em Engenharia Electrotécnica e de Computadores
Resumo:
O veículo guiado automaticamente (AGV) adquirido pelo Departamento de Engenharia Mecânica (DEM) tem vindo a ficar obsoleto devido ao hardware, que nos dias de hoje começa a dar sinais de falhas bem como falta de peças de substituição, e ao software, sendo o PLC (Programmable Logic Controller) usado muito limitado quanto às suas funções de controlo, ficando as principais tarefas de controlo do AGV a cargo de placas eletrónicas de controlo. Para promover o controlo autónomo do AGV, foi decidido retirar toda a parte de hardware que detinha o controlo do mesmo e passou a ser um novo PLC, com maior capacidade de processamento, a executar todo o tipo de controlo necessário ao funcionamento do mesmo. O hardware considerado apenas incluí, de forma resumida, os motores responsáveis pelo movimento e direção, placa de controlo de potência dos motores, placa de interface entre as saídas digitais do PLC e as entradas da placa de controlo de potência dos motores e os demais sensores necessários à deteção de obstáculos, fins de curso da direção, sensores dos postos de trabalho e avisadores de emergência. Todo o controlo de movimento e direção bem como a seleção das ações a executar passou a ficar a cargo do software programado no PLC assim como a interação entre o sistema de supervisão instalado num posto de controlo e o PLC através de comunicação via rádio. O uso do PLC permitiu a flexibilidade de mudar facilmente a forma como as saídas digitais são usadas, ao contrário de um circuito eletrónico que necessita de uma completa remodelação, tempo de testes e implementação para efetuar a mesma função. O uso de um microcontrolador seria igualmente viável para a aplicação em causa, no entanto o uso do PLC tem a vantagem de ser robusto, mais rápido na velocidade de processamento, existência de software de interface de programação bastante intuitivo e de livre acesso, facilidade de alterar a programação localmente ou remotamente, via rádio, acesso a vários protocolos de comunicação robustos como Modbus, Canbus, Profinet, Modnet, etc., e acesso integrado de uma consola gráfica totalmente programável. iv É ainda possível a sua expansão com adição de módulos de entradas e saídas digitais e/ou analógicas permitindo expandir largamente o uso do AGV para outros fins. A solução está a ser amplamente testada e validada no Laboratório de Automação (LabA) do Departamento de Engenharia Mecânica do ISEP (Instituto Superior de Engenharia do Porto), permitindo a otimização dos sistemas de controlo de direção bem como a interatividade entre o PLC e o programa de interface/supervisão do posto de trabalho.
Resumo:
The transport of fluids through pipes is used in the oil industry, being the pipelines an important link in the logistics flow of fluids. However, the pipelines suffer deterioration in their walls caused by several factors which may cause loss of fluids to the environment, justifying the investment in techniques and methods of leak detection to minimize fluid loss and environmental damage. This work presents the development of a supervisory module in order to inform to the operator the leakage in the pipeline monitored in the shortest time possible, in order that the operator log procedure that entails the end of the leak. This module is a component of a system designed to detect leaks in oil pipelines using sonic technology, wavelets and neural networks. The plant used in the development and testing of the module presented here was the system of tanks of LAMP, and its LAN, as monitoring network. The proposal consists of, basically, two stages. Initially, assess the performance of the communication infrastructure of the supervisory module. Later, simulate leaks so that the DSP sends information to the supervisory performs the calculation of the location of leaks and indicate to which sensor the leak is closer, and using the system of tanks of LAMP, capture the pressure in the pipeline monitored by piezoresistive sensors, this information being processed by the DSP and sent to the supervisory to be presented to the user in real time
Resumo:
The Wireless Sensor Networks (WSN) methods applied to the lifting of oil present as an area with growing demand technical and scientific in view of the optimizations that can be carried forward with existing processes. This dissertation has as main objective to present the development of embedded systems dedicated to a wireless sensor network based on IEEE 802.15.4, which applies the ZigBee protocol, between sensors, actuators and the PLC (Programmable Logic Controller), aiming to solve the present problems in the deployment and maintenance of the physical communication of current elevation oil units based on the method Plunger-Lift. Embedded systems developed for this application will be responsible for acquiring information from sensors and control actuators of the devices present at the well, and also, using the Modbus protocol to make this network becomes transparent to the PLC responsible for controlling the production and delivery information for supervisory SISAL
Resumo:
This study developed software rotines, in a system made basically from a processor board producer of signs and supervisory, wich main function was correcting the information measured by a turbine gas meter. This correction is based on the use of an intelligent algorithm formed by an artificial neural net. The rotines were implemented in the habitat of the supervisory as well as in the habitat of the DSP and have three main itens: processing, communication and supervision
Resumo:
This work presents a packet manipulation tool developed to realize tests in industrial devices that implements TCP/IP-based communication protocols. The tool was developed in Python programming language, as a Scapy extension. This tool, named IndPM- Industrial Packet Manipulator, can realize vulnerability tests in devices of industrial networks, industrial protocol compliance tests, receive server replies and utilize the Python interpreter to build tests. The Modbus/TCP protocol was implemented as proof-of-concept. The DNP3 over TCP protocol was also implemented but tests could not be realized because of the lack of resources. The IndPM results with Modbus/TCP protocol show some implementation faults in a Programmable Logic Controller communication module frequently utilized in automation companies
Resumo:
Embedded systems are widely spread nowadays. An example is the Digital Signal Processor (DSP), which is a high processing power device. This work s contribution consist of exposing DSP implementation of the system logic for detecting leaks in real time. Among the various methods of leak detection available today this work uses a technique based on the pipe pressure analysis and usesWavelet Transform and Neural Networks. In this context, the DSP, in addition to do the pressure signal digital processing, also communicates to a Global Positioning System (GPS), which helps in situating the leak, and to a SCADA, sharing information. To ensure robustness and reliability in communication between DSP and SCADA the Modbus protocol is used. As it is a real time application, special attention is given to the response time of each of the tasks performed by the DSP. Tests and leak simulations were performed using the structure of Laboratory of Evaluation of Measurement in Oil (LAMP), at Federal University of Rio Grande do Norte (UFRN)
Resumo:
Technological evolution of industrial automation systems has been guided by the dillema between flexibilization and confiability on the integration between devices and control supervisory systems. However, there are few supervisory systems whose attributions can also comprehend the teaching of the communication process that happens behind this technological integration, where those which are available are little flexible about accessibility and reach of patterns. On this context, we present the first module of a didactic supervisory system, accessible through Web, applied on the teaching of the main fieldbus protocols. The application owns a module that automatically discovers the network topology being used and allows students and professionals of automation to obtain a more practical knowledgment by exchanging messages with a PLC, allowing those who are involved to know with more details the communication process of an automation supervisory system. By the fact of being available through Web, the system will allow a remote access to the PLC, comprehending a larger number of users. This first module is focused on the Modbus protocol (TCP and RTU/ASCII)
Resumo:
In the smart building control industry, creating a platform to integrate different communication protocols and ease the interaction between users and devices is becoming increasingly important. BATMP is a platform designed to achieve this goal. In this paper, the authors describe a novel mechanism for information exchange, which introduces a new concept, Parameter, and uses it as the common object among all the BATMP components: Gateway Manager, Technology Manager, Application Manager, Model Manager and Data Warehouse. Parameter is an object which represents a physical magnitude and contains the information about its presentation, available actions, access type, etc. Each component of BATMP has a copy of the parameters. In the Technology Manager, three drivers for different communication protocols, KNX, CoAP and Modbus, are implemented to convert devices into parameters. In the Gateway Manager, users can control the parameters directly or by defining a scenario. In the Application Manager, the applications can subscribe to parameters and decide the values of parameters by negotiating. Finally, a Negotiator is implemented in the Model Manager to notify other components about the changes taking place in any component. By applying this mechanism, BATMP ensures the simultaneous and concurrent communication among users, applications and devices.