CN106899419B - Method, device and request terminal for realizing exception handling - Google Patents

Abstract

The invention discloses a method and a device for realizing exception handling, which comprises the following steps: and respectively carrying out corresponding exception processing on each determined illegal message. The method of the invention avoids the problem caused by only discarding the illegal message by carrying out exception processing on the illegal message; furthermore, the abnormal reply information is sent, so that the corresponding message can be processed relatively, and the performance of the industrial automation network is improved; and a transmission control protocol _ reset connection (TCP _ RST) report is sent, so that the waste of network resources caused by repeated sending is avoided.

Description

Method, device and request terminal for realizing exception handling

Technical Field

The present invention relates to the field of industrial automation, and in particular, to a method, an apparatus, and a request end for implementing exception handling.

Background

The EtherNet industrial protocol (EtherNet/IP) is a protocol system suitable for industrial environment application, and is a new member jointly introduced by two major industrial network organizations, namely, the Open Device Net hosts Association (ODVA) and the Control network International (Control Net International). The EtherNet/IP is a network specially aiming at industrial automation application, is widely applied to the industrial control fields of tobacco, electric power, automobiles and the like, and can support the connection of a large number of field devices in a wide area. Unlike the source/destination communication mode, the EtherNet/IP adopts a production/consumption mode, which allows nodes on the network to access data of the same source at the same time; in the production/consumption mode, data is assigned with a unique identifier, each data source sends the data to the network once, and other nodes selectively read the data, so that the communication efficiency of the system is improved. Because the EtherNet/IP protocol supports Ethernet and a network communication protocol (TCP/IP) protocol family at the same time, almost all network equipment supporting the Ethernet and the network communication protocol (TCP/IP) can acquire data in the network by forging illegal messages of industrial control instructions, so that information leakage is caused, even industrial equipment is damaged, and industrial production is influenced.

In order to avoid information leakage and guarantee industrial production, an industrial firewall is used as a filtering device, and the messages determined to be illegal by analysis are discarded by supporting deep analysis of an EtherNet/IP protocol; common industrial firewall processes include: stripping the message and analyzing whether the message format is in compliance, whether the message format is correct, and the like; when the format or the length of the message and the like have errors, the message is judged to be an illegal message, and discarding processing is carried out; when the format, the length and the like of the message are correct, the Ethernet/IP and Common Industrial Protocol (CIP) instructions of the message are extracted, whether the message is legal or not is further determined according to the judgment rules of the white list or the black list, and then the message judged to be legal is processed through processing, and the message judged to be illegal is discarded. The safety performance of the industrial automation network is improved through the processing of the industrial firewall.

The industrial firewall discards the message determined to be illegal, so that the safety of the industrial automation network can be improved; when the message which does not meet the requirements of format, length and the like is discarded, the request end continuously retransmits the message under the condition that the message is determined to be illegal, and the connection is stopped after the timeout; the request end cannot correct the format, the length and the like of the message in time; if the illegal message is in order to carry out malicious attack, the industrial firewall only carries out a discarding processing mode, and connection interruption processing is not carried out in time, so that the condition of a large number of connection denial of service in a short time is caused, and the performance of the industrial automation network is influenced.

Disclosure of Invention

In order to solve the technical problem, the invention provides a method, a device and a request end for realizing exception handling, which can improve the network performance by processing illegal messages while ensuring the safety of an industrial automation network.

In order to achieve the purpose of the invention, the invention provides a method for realizing exception handling, which comprises the following steps:

and respectively carrying out corresponding exception processing on each determined illegal message.

Optionally, the performing exception handling includes:

respectively generating abnormal reply information corresponding to each determined illegal message, and sending each abnormal reply information to a request end for sending the illegal message; and/or the presence of a gas in the gas,

and respectively sending a transmission control protocol _ reset connection TCP _ RST message to a request end for sending the illegal message for each determined illegal message so as to disconnect the request end.

Optionally, the generating of the exception reply message specifically includes: for each of the illegal messages, the message is sent,

copying an Ethernet industrial protocol/IP message header of the illegal message, and adding the Ethernet industrial protocol/IP message header to a TCP (Transmission control protocol) header of the abnormal reply message;

determining the abnormal type code of the illegal message according to preset abnormal mapping coding information, and modifying the state field of a TCP (transmission control protocol) header of a response message into the determined abnormal type code;

and filling other parts of the abnormal reply message according to the industrial equipment response format.

Optionally, the exception map coding information includes:

the first abnormal type code corresponds to an illegal message which is invalid or unsupported by the packaging command;

the second abnormal type code corresponds to an illegal message which is not enough processed by the internal memory of the receiving end;

the third abnormal type codes correspond to illegal messages with data formats or data errors;

the fourth abnormal type code corresponds to an illegal message with invalid data speech handle or nonexistent data speech handle;

the fifth exception type code corresponds to an illegal message with an invalid message length.

Optionally, the method further includes:

and logging the abnormal type codes corresponding to the determined illegal messages.

In another aspect, the present application further provides a method for implementing exception handling, including:

the request end determines the type of the illegal message according to the received abnormal reply information;

and correcting the illegal message according to a preset repair instruction and the determined illegal message type, and retransmitting the corrected message.

Optionally, the preset repair instruction includes:

when the illegal message is a message with data error, if the data error is that the data interval is not in the normal interval, taking the intersection of the data interval and the normal interval as a corrected data interval; if the data error is a single-valued out-of-range error, deleting the single value;

when the illegal message is a message with an invalid data speech handle, correcting the invalid session handle into an effective session handle;

and when the illegal message is a message with invalid message length, if the data length in the Ethernet/IP message header is not matched with the actual data area of the message, modifying the data length in the Ethernet/IP message header into the actual data area length.

Optionally, the method further comprises:

and correcting the illegal message corresponding to the abnormal reply message through the received external instruction.

Optionally, the method further comprises:

and carrying out operation log recording on the corrected content of the illegal message.

In still another aspect, the present application further provides an apparatus for implementing exception handling, at least comprising a processing unit,

and the processing unit is used for respectively carrying out corresponding exception processing on each determined illegal message.

Optionally, the processing unit is specifically adapted to,

respectively generating abnormal reply information corresponding to each determined illegal message, and sending each abnormal reply information to a request end for sending the illegal message; and/or the presence of a gas in the gas,

and respectively sending a transmission control protocol _ reset connection TCP _ RST message to a request end for sending the illegal message for each determined illegal message so as to disconnect the request end.

Optionally, the processing unit is specifically adapted to,

copying the Ethernet/IP message head of the illegal message, and adding the Ethernet/IP message head to the response Transmission Control Protocol (TCP) head of the abnormal reply message; determining the abnormal type code of the illegal message according to preset abnormal mapping coding information, and modifying the state field of a TCP (transmission control protocol) header of a response message into the determined abnormal type code; filling other parts of the abnormal reply message according to the response format of the industrial equipment; sending abnormal reply information to a request end for sending the illegal message; and/or the presence of a gas in the gas,

and sending the TCP _ RST message to a request end for sending the illegal message so as to disconnect the request end from the request end for sending the illegal message.

Optionally, the apparatus further includes a log recording unit, configured to perform log recording on the abnormal category code corresponding to the determined illegal packet.

In another aspect, the present application further provides a request end for implementing exception handling, including: a determining unit and a correction retransmitting unit; wherein,

the determining unit is used for determining the type of the illegal message according to the received abnormal reply information;

and the correction retransmission unit is used for correcting the illegal message according to the preset repair instruction and the determined illegal message type and retransmitting the corrected message.

Optionally, the correction retransmission unit is further configured to correct the illegal message corresponding to the abnormal reply message through a received external instruction.

Optionally, the request end further includes an operation recording unit, configured to perform operation log recording on the modified content of the illegal packet.

Compared with the prior art, the technical scheme of the application comprises the following steps: and respectively carrying out corresponding exception processing on each determined illegal message. The method of the invention avoids the problem caused by only discarding the illegal message by carrying out exception processing on the illegal message; furthermore, the abnormal reply information is sent, so that the corresponding message can be processed relatively, and the performance of the industrial automation network is improved; and a transmission control protocol _ reset connection (TCP _ RST) report is sent, so that the waste of network resources caused by repeated sending is avoided.

Drawings

The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the invention without limiting the invention. In the drawings:

FIG. 1 is a flow chart of a method of implementing exception handling in accordance with the present invention;

FIG. 2 is a flow chart of another method for implementing exception handling according to the present invention;

FIG. 3 is a structural diagram of an apparatus for implementing exception handling according to the present invention;

FIG. 4 is a structural diagram of a request end for implementing exception handling according to the present invention.

Detailed Description

In order to make the objects, technical solutions and advantages of the present invention more apparent, embodiments of the present invention will be described in detail below with reference to the accompanying drawings. It should be noted that the embodiments and features of the embodiments in the present application may be arbitrarily combined with each other without conflict.

FIG. 1 is a flow chart of a method of implementing exception handling in accordance with the present invention; as shown in fig. 1, includes:

step 100, respectively carrying out corresponding exception handling on each determined illegal message;

it should be noted that the illegal message of the present invention may be an illegal message determined by filtering by the filtering apparatus; for example, the type of the illegal message may be adjusted according to the related filtering definition, such as an illegal message determined by the filtering device that the data session does not exist, an illegal message that the memory of the receiving end is not enough to process, an illegal message with a data format or data error, an illegal message with an invalid data session, and an illegal message with an invalid or unsupported encapsulation command.

The exception handling includes:

respectively generating abnormal reply information corresponding to each determined illegal message, and sending each abnormal reply information to a request end for sending the illegal message; and/or the presence of a gas in the gas,

and respectively sending a transmission control protocol _ reset connection (TCP _ RST) message to a request end sending the illegal message for each determined illegal message so as to disconnect the request end.

It should be noted that the exception handling process of the illegal message in the present invention can be combined with the discarding process of the illegal message, and the creative work of the technicians in the field is not needed.

Preferably, the generating of the exception reply message specifically includes: for each of the illegal messages, the message is sent,

copying an Ethernet industrial protocol (Ethernet/IP) message header of the illegal message, and adding the message header to the back of a response Transmission Control Protocol (TCP) header of the abnormal reply message;

determining the abnormal type code of the illegal message according to preset abnormal mapping coding information, and modifying the state field of a TCP (transmission control protocol) header of the response message into the determined abnormal type code;

and filling other parts of the abnormal reply message according to the industrial equipment response format.

It should be noted that the Ethernet/IP packet is an Ethernet/IP packet header with 24 bytes and related data added behind the TCP header, and table 1 is the main structure of the Ethernet/IP packet, and when it is determined that the Ethernet/IP packet is an illegal packet, the state of the Ethernet/IP packet can be modified in the packet of the abnormal reply information, so that the packet carries a meaningful value. Filling in other parts of the abnormal reply message according to the industrial equipment reply format is a conventional technical means for those skilled in the art, for example, the reply message modifies the reply (ACK) default value to 1, the source address and the destination address are modified, and the like.

TABLE 1

Specifically, the exception mapping coding information includes:

the first abnormal type code corresponds to an illegal message which is invalid or unsupported by the packaging command;

the second abnormal type code corresponds to an illegal message which is not enough processed by the internal memory of the receiving end;

the third abnormal type codes correspond to illegal messages with data formats or data errors;

the fourth abnormal type code corresponds to an illegal message with invalid data speech handle or nonexistent data speech handle;

the fifth exception type code corresponds to an illegal message with an invalid message length.

It should be noted that the present invention may record the exception type encoding through a status field of four bytes, where the value ranges from 0x1 to 0xFFFF (0x0 may be used to indicate normal), and the length field of the exception reply information is changed to 0, which indicates that there is no data area. The value of 0x1 to 0xFFFF can facilitate the custom expansion of illegal message under different abnormal conditions. Table 2 shows the content of the partial abnormal mapping coding information, the processing of the abnormal type code, and the corresponding meaning of the abnormal type code, and table 2 also briefly introduces the usage scenarios of different abnormal type codes, which is convenient for classifying and understanding the illegal message types.

The method of the invention further comprises a step 101:

step 101, logging the abnormal type code corresponding to the determined illegal message.

It should be noted that, in view of the connection between the processing procedure of the present invention and the filtering apparatus, the logging can be performed through the firewall log.

TABLE 2

The method of the invention avoids the problem caused by only discarding the illegal message by carrying out exception processing on the illegal message; furthermore, the abnormal reply information is sent, so that the corresponding message can be processed relatively, and the performance of the industrial automation network is improved; and a transmission control protocol _ reset connection (TCP _ RST) report is sent, so that the waste of network resources caused by repeated sending is avoided.

Fig. 2 is a flowchart of another method for implementing exception handling according to the present invention, as shown in fig. 2, including:

step 200, the request end determines the type of the illegal message according to the received abnormal reply information;

step 201, correcting the illegal message according to a preset repair instruction and the determined illegal message type, and retransmitting the corrected message.

In this step, the presetting of the repair instruction includes:

when the illegal message is a message with data error, if the data error is that the data interval is not in the normal interval, taking the intersection of the data interval and the normal interval as a corrected data interval; if the data error is a single-valued out-of-range error, deleting the single value;

when the illegal message is a message with an invalid data handle, correcting the invalid session handle into an effective session handle;

and when the illegal message is a message with invalid message length, if the data length in the Ethernet/IP message header is not matched with the actual data area of the message, modifying the data length in the Ethernet/IP message header into the actual data area length.

It should be noted that, modifying an invalid session handle into a valid session handle may be performed by a person skilled in the art according to the difference between the invalid session handle and the valid session handle.

The method of the invention also comprises the following steps:

and correcting the illegal message corresponding to the abnormal reply message through the received external instruction.

The method of the invention also comprises the following steps:

and carrying out operation log recording on the corrected content of the illegal message.

It should be noted that, since the modification process is performed at the request end, the operation log record may be added to the operation log at the request end.

Fig. 3 is a structural diagram of an apparatus for implementing exception handling according to the present invention, as shown in fig. 3, at least comprising a processing unit,

and the processing unit is used for respectively carrying out corresponding exception processing on each determined illegal message.

It should be noted that the device of the present invention can be disposed in the filtering device, or connected with the filtering device as an independent device, so as to implement connection with the processing of the industrial firewall; the specific arrangement does not require creative labor of those skilled in the art, and in addition, the device of the invention can be communicated with a request end to form a system for exception handling.

The processing unit is specifically configured to,

respectively generating abnormal reply information corresponding to each determined illegal message, and sending each abnormal reply information to a request end for sending the illegal message; and/or the presence of a gas in the gas,

and respectively sending a transmission control protocol _ reset connection TCP _ RST message to a request end for sending the illegal message for each determined illegal message so as to disconnect the request end.

The processing unit is specifically configured to,

copying an Ethernet/IP message header of the illegal message, and adding the Ethernet/IP message header to a response Transmission Control Protocol (TCP) header of the abnormal reply message; determining the abnormal type code of the illegal message according to preset abnormal mapping coding information, and modifying the state field of a TCP (transmission control protocol) header of the response message into the determined abnormal type code; filling other parts of the abnormal reply message according to the response format of the industrial equipment; sending abnormal reply information to a request end for sending an illegal message; and/or the presence of a gas in the gas,

and sending the TCP _ RST message to a request end for sending the illegal message so as to disconnect the request end from the request end for sending the illegal message.

The device also comprises a log recording unit which is used for recording the log of the abnormal type code corresponding to the determined illegal message.

Fig. 4 is a structural diagram of a request end for implementing exception handling according to the present invention, as shown in fig. 4, including: a determining unit and a correction retransmitting unit; wherein,

the determining unit is used for determining the type of the illegal message according to the received abnormal reply information;

and the correction retransmission unit is used for correcting the illegal message according to the preset repair instruction and the determined illegal message type and retransmitting the corrected message.

The correction retransmission unit is also used for correcting the illegal message corresponding to the abnormal reply message through the received external instruction.

The request end of the invention also comprises an operation recording unit which is used for carrying out operation log recording on the corrected content of the illegal message.

Although the embodiments of the present invention have been described above, the above description is only for the convenience of understanding the present invention, and is not intended to limit the present invention. It will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.

Claims (11)

1. A method for implementing exception handling, comprising:

respectively carrying out corresponding exception processing on each determined illegal message,

the performing exception handling comprises:

respectively generating abnormal reply information corresponding to each determined illegal message, and sending each abnormal reply information to a request end for sending the illegal message; and/or the presence of a gas in the gas,

for each determined illegal message, respectively sending a transmission control protocol _ reset connection TCP _ RST message to a request end sending the illegal message so as to disconnect the request end,

the generating of the abnormal reply message specifically includes: for each of the illegal messages, the message is sent,

copying an Ethernet industrial protocol/IP message header of the illegal message, and adding the Ethernet industrial protocol/IP message header to a TCP (Transmission control protocol) header of the abnormal reply message;

determining the abnormal type code of the illegal message according to preset abnormal mapping coding information, and modifying the state field of a TCP (transmission control protocol) header of a response message into the determined abnormal type code;

and filling other parts of the abnormal reply message according to the industrial equipment response format.

2. The method of claim 1, wherein the anomaly mapping coding information comprises:

the first abnormal type code corresponds to an illegal message which is invalid or unsupported by the packaging command;

the second abnormal type code corresponds to an illegal message which is not enough processed by the internal memory of the receiving end;

the third abnormal type codes correspond to illegal messages with data formats or data errors;

the fourth abnormal type code corresponds to an illegal message with invalid data speech handle or nonexistent data speech handle;

the fifth exception type code corresponds to an illegal message with an invalid message length.

3. The method according to claim 1 or 2, characterized in that the method further comprises:

and logging the abnormal type codes corresponding to the determined illegal messages.

4. A method for implementing exception handling, comprising:

the request end determines the type of the illegal message according to the received abnormal reply information;

correcting the illegal message according to a preset repair instruction and the determined illegal message type, and retransmitting the corrected message,

the preset repair instruction comprises:

when the illegal message is a message with data error, if the data error is that the data interval is not in the normal interval, taking the intersection of the data interval and the normal interval as a corrected data interval; if the data error is a single-valued out-of-range error, deleting the single value;

when the illegal message is a message with an invalid data speech handle, correcting the invalid session handle into an effective session handle;

and when the illegal message is a message with invalid message length, if the data length in the Ethernet/IP message header is not matched with the actual data area of the message, modifying the data length in the Ethernet/IP message header into the actual data area length.

5. The method of claim 4, further comprising:

and correcting the illegal message corresponding to the abnormal reply message through the received external instruction.

6. The method according to claim 4 or 5, characterized in that the method further comprises:

and carrying out operation log recording on the corrected content of the illegal message.

7. An apparatus for implementing exception handling, comprising at least a processing unit,

a processing unit for respectively carrying out corresponding exception processing on each determined illegal message,

the processing unit is specifically configured to,

respectively generating abnormal reply information corresponding to each determined illegal message, and sending each abnormal reply information to a request end for sending the illegal message; and/or the presence of a gas in the gas,

for each determined illegal message, respectively sending a transmission control protocol _ reset connection TCP _ RST message to a request end sending the illegal message so as to disconnect the request end,

the processing unit is specifically configured to,

copying the Ethernet/IP message head of the illegal message, and adding the Ethernet/IP message head to the response Transmission Control Protocol (TCP) head of the abnormal reply message; determining the abnormal type code of the illegal message according to preset abnormal mapping coding information, and modifying the state field of a TCP (transmission control protocol) header of a response message into the determined abnormal type code; filling other parts of the abnormal reply message according to the response format of the industrial equipment; sending abnormal reply information to a request end for sending the illegal message; and/or the presence of a gas in the gas,

and sending the TCP _ RST message to a request end for sending the illegal message so as to disconnect the request end from the request end for sending the illegal message.

8. The apparatus according to claim 7, further comprising a logging unit configured to log the abnormal type code corresponding to the determined illegal message.

9. A request side for implementing exception handling, comprising: a determining unit and a correction retransmitting unit; wherein,

the determining unit is used for determining the type of the illegal message according to the received abnormal reply information;

a correction retransmission unit for correcting the illegal message according to the preset repair instruction and the determined illegal message type and retransmitting the corrected message,

the preset repair instruction comprises:

when the illegal message is a message with data error, if the data error is that the data interval is not in the normal interval, taking the intersection of the data interval and the normal interval as a corrected data interval; if the data error is a single-valued out-of-range error, deleting the single value;

when the illegal message is a message with an invalid data speech handle, correcting the invalid session handle into an effective session handle;

and when the illegal message is a message with invalid message length, if the data length in the Ethernet/IP message header is not matched with the actual data area of the message, modifying the data length in the Ethernet/IP message header into the actual data area length.

10. The requesting end according to claim 9, wherein the correction resending unit is further configured to correct the illegal message corresponding to the abnormal reply message through a received external instruction.

11. The request end according to claim 9 or 10, characterized in that the request end further comprises an operation log unit, configured to log the operation on the corrected content of the illegal message.

Images