- Latest articles
- Review: EKF Equipment
- Scada client-server (comparison)
- MODBUS TCP- ANYBUS – MODBUS RTU
- Communication between Falcon radar and Siemens controller
- iRidium Mobile iPad (authorization)
- Software implementation of a ramp function
- Fastwel + SNMP
- Formation LLC (OSNO)
- The main essence of the technical task
We are trying to close the open Modbus protocol
It is known that it is easy to get into the open Modbus protocol and control any devices. This seems to be true if you have a register map and understand what values of command words should be sent to the slave device.
The solution to this problem may be some software complication of data exchange, when in exchange between devices we “mix” the authorization variable into a cyclic survey. This will allow each network device with control functions to understand from which master the telegrams come.
If you have a set of signatures (authorization variables) that change cyclically and are verified with the same set at the other end there is a question of synchronization of the master and the slave (for example, one package got lost or broke somewhere along the way). Since the sequence should not change, the mechanism for restoring the lost authorization is started in the slave device, that is, it makes an offset in the cycle and checks again, with two unsuccessful attempts, an alarm is triggered.
It is necessary to agree with the fact that the set of signatures is not infinite, and with a great desire and time for monitoring, analysis, you can create your own dictionary and bypass protection.
There are no locks that cannot be opened. The castle has two tasks:
1. Change the article of the incoming from penetration by negligence – to hacking
2. Increasing the time for unauthorized entry
#modbus, #modbustcp, #Modbushowtoclose