阅读说明：本技术 一种plc程序防盗取装置及防盗方法 (PLC program anti-theft device and anti-theft method ) 是由 陈媛芳 许建新 于 2021-06-23 设计创作，主要内容包括：本发明公开了一种PLC程序防盗取装置及防盗方法,括程序防盗模块,所述程序防盗模块包括树莓派和电源模块,所述树莓派作为核心处理器,用于执行PLC的数据读取擦除写入,所述电源模块与所述树莓派供电连接,所述程序防盗模块与PLC实现信息传递连接。本发明避免了PLC程序被盗取,提高了PLC程序的安全性,同时还实现了PLC程序的读取擦除写入,提高了程序恢复效率。(The invention discloses a PLC program anti-theft device and an anti-theft method, wherein the PLC program anti-theft device comprises a program anti-theft module, the program anti-theft module comprises a raspberry group and a power module, the raspberry group is used as a core processor and used for executing data reading, erasing and writing of a PLC, the power module is in power supply connection with the raspberry group, and the program anti-theft module is in information transfer connection with the PLC. The invention avoids the stealing of the PLC program, improves the safety of the PLC program, realizes the reading, erasing and writing of the PLC program and improves the program recovery efficiency.)

1. The utility model provides a PLC program anti-theft device, its characterized in that includes program anti-theft module, program anti-theft module includes raspberry group and power module, the raspberry group is as core processor for carry out PLC's data reading and erase write in, power module with raspberry group supplies power and connects, program anti-theft module realizes information transfer with PLC and is connected.

2. The PLC program anti-theft device according to claim 1, wherein the power module has a built-in rechargeable battery to supply power to the raspberry pi when power is off.

3. The PLC program anti-theft device according to claim 1 or 2, wherein the program anti-theft module further comprises a 4G networking module, and the raspberry pi communicates with the remote PC terminal and the mobile phone terminal through the 4G networking module respectively.

4. The PLC program anti-theft device according to claim 3, wherein the PLC is directly connected with the raspberry pi in the program anti-theft module through a twisted pair, the raspberry pi in the module is connected with the same local area network, and the PLC and the raspberry pi are located in the same network segment through configuration, so that information transmission is realized.

5. The PLC program anti-theft device according to claim 3, wherein the PLC is connected to the switch via a twisted pair so as to be connected to the LAN, and the raspberry pi in the program anti-theft module is directly connected to the LAN via a twisted pair so that the PLC and the raspberry pi are both located in the same LAN and are configured in the same network segment to realize information transmission.

6. The PLC program anti-theft device according to claim 4 or 5, wherein a connection line between the PLC and the program anti-theft module, a connection line between the PLC and the switch, and a connection line between the program anti-theft module and the switch are hermetically disposed in the metal space.

7. A PLC program theft prevention method for protecting a PLC from theft by using the PLC program theft prevention apparatus of claims 1 to 6, comprising the steps of:

s1: if the stop instruction is not received, the raspberry pie in the module starts to perform timing detection, whether the raspberry pie can be connected to the IP address is judged, if the raspberry pie cannot be connected to the IP address, an error instruction is transmitted to the mobile phone end and the PC end for prompting that the internal program of the PLC has the risk of being stolen and a person needs to be sent to check the internal program on site, if the raspberry pie can be connected to the IP address of the PLC, S2 is performed, and if the stop instruction is received, the detection is directly finished;

s2: the raspberry group reads program data in a program block, a data block and a system block in the PLC, compares the program data with the PLC program data read before a certain time, judges that the data are leaked if the difference rate of the two program data is greater than a set value, sends an error instruction to a PC end and a mobile phone end to prompt that the internal program of the PLC is possibly informed, and transfers to S3, if the difference rate is less than or equal to the set value, the data are normal, and waits for the next detection;

s3: and starting an erasing program in the PLC program anti-theft device to delete the program in the PLC, and reserving the reading program of the last timing detection for rewriting.

8. The method as claimed in claim 7, wherein the erasing program command is manually inputted through the remote PC and the mobile phone, and transmitted to the program anti-theft module through the 4G networking module, and the program anti-theft module starts the erasing program to erase the program in the PLC, while the internal program of the PLC read by the previous detection is retained.

Technical Field

The invention relates to a PLC program anti-theft device and an anti-theft method, and belongs to the technical field of computers.

Background

In recent years, with the rise of Chinese manufacturing, industrial control systems have become the central importance of national infrastructure, and the safety problem of industrial control systems comes with the industrial control systems. The diversification of industrial control products has higher and higher requirements on safety problems. Among them, the PLC programmable controller has been widely used in the field of industrial control because of its advantages of high performance, simplicity and easiness in learning, convenience in use, strong anti-interference capability, reliability in operation, and the like. In the use process, important data and programs stored in each PLC are all intelligent crystals of each enterprise, so that the hard achievement needs to be prevented from being requested by others. Except for increasing the personal anti-theft consciousness and the man-made management intensity, how to more efficiently realize the PLC program anti-theft becomes a problem which needs to be solved urgently.

Disclosure of Invention

In order to solve the technical problems in the prior art, the invention provides a PLC program anti-theft device and an anti-theft method, aiming at preventing a PLC from being threatened by the outside, such as data leakage, data deletion and modification and the like, in the use process, and when the threat is detected, a reading program in the last detection is reserved, the existing data of the PLC is erased, and the data can be written again later.

The invention mainly adopts the technical scheme that:

the utility model provides a PLC program anti-theft device, its characterized in that includes program anti-theft module, program anti-theft module includes raspberry group and power module, the raspberry group is as core processor for carry out PLC's data reading and erase write in, power module with raspberry group supplies power and connects, program anti-theft module realizes information transfer with PLC and is connected.

Preferably, the power module is internally provided with a rechargeable battery, and the rechargeable battery supplies power to the raspberry group when the power is cut off.

Preferably, the program anti-theft module further comprises a 4G networking module, and the raspberry pi is respectively communicated with the remote PC end and the mobile phone end through the 4G networking module.

Preferably, the PLC is directly connected to the raspberry pie in the program anti-theft module through a twisted pair, the raspberry pie in the module is connected to a local area network, and the PLC and the raspberry pie are located in the same network segment through configuration, so that information transmission is achieved.

Preferably, the PLC is connected to the switch via a twisted pair so as to be connected to the lan, and the raspberry pi in the program anti-theft module is directly connected to the lan via a twisted pair, so that the PLC and the raspberry pi are located in the same lan and located in the same network segment by configuration, thereby implementing information transfer.

Preferably, the connecting line between the PLC and the program anti-theft module, the connecting line between the PLC and the switch and the connecting line between the program anti-theft module and the switch are hermetically arranged in the metal space.

A PLC program anti-theft method comprises the following steps:

s1: if the stop instruction is not received, the raspberry pie in the module starts to perform timing detection, whether the raspberry pie can be connected to the IP address is judged, if the raspberry pie cannot be connected to the IP address, an error instruction is transmitted to the mobile phone end and the PC end for prompting that the internal program of the PLC has the risk of being stolen and a person needs to be sent to check the internal program on site, if the raspberry pie can be connected to the IP address of the PLC, S2 is performed, and if the stop instruction is received, the detection is directly finished;

s2: the raspberry group reads program data in a program block, a data block and a system block in the PLC, compares the program data with the PLC program data read before a certain time, judges that the data are leaked if the difference rate of the two program data is greater than a set value, sends an error instruction to a PC end and a mobile phone end to prompt that the internal program of the PLC is possibly informed, and transfers to S3, if the difference rate is less than or equal to the set value, the data are normal, and waits for the next detection;

s3: and starting an erasing program in the PLC program anti-theft device to delete the program in the PLC, and reserving the reading program of the last timing detection for rewriting.

Preferably, a program erasing instruction can be manually input through a remote PC end and a mobile phone end and is transmitted to the program anti-theft module through the 4G networking module, the program anti-theft module starts an erasing program to erase the program in the PLC, and meanwhile, the last-time detection read PLC internal program is reserved.

Has the advantages that: the invention provides a PLC program anti-theft device and an anti-theft method, which can prevent a PLC program from being stolen in the use process of the PLC, improve the safety of the PLC program, realize the reading, erasing and writing of the PLC program and improve the program recovery efficiency.

Drawings

FIG. 1 illustrates a module connection scheme 1 according to the present invention;

FIG. 2 is a block diagram of the present invention, module connection 2;

fig. 3 is a flow chart of the anti-theft method of the present invention.

Detailed Description

In order to make those skilled in the art better understand the technical solutions in the present application, the technical solutions in the embodiments of the present application are clearly and completely described below, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.

Example 1:

the utility model provides a PLC program anti-theft device, includes program anti-theft module, program anti-theft module includes raspberry group and power module, the raspberry group is as core processor for carry out PLC's data reading and erase and write in, power module with raspberry group supplies power and connects, program anti-theft module realizes with PLC that information transfer is connected.

And a rechargeable battery is arranged in the power supply module and supplies power to the raspberry when the power supply module is powered off. The built-in rechargeable battery can prevent that the thief from through the outage, accomplishing the violence and demolish, directly obtain data from the PLC. In the invention, the built-in rechargeable battery is adopted, and only the charging port is exposed outside.

Still include 4G networking module, the raspberry group communicates with remote PC end and cell-phone end respectively through 4G networking module.

As shown in fig. 1, the PLC is directly connected to the raspberry pie in the program anti-theft module through a twisted pair, the raspberry pie in the module is connected to a local area network, and the PLC and the raspberry pie are located in the same network segment through configuration, so that information transfer is achieved.

Example 2:

a PLC program anti-theft device comprises a program anti-theft module, the structure of which is the same as that of embodiment 1, and the difference is that the program anti-theft module and a PLC realize information transmission connection in different modes. In this embodiment 2, as shown in fig. 2, the PLC is connected to the switch through a twisted pair so as to be connected to the lan, and the raspberry group in the program anti-theft module is directly connected to the lan through the twisted pair, so that the PLC and the raspberry group are located in the same lan and located in the same network segment through configuration, thereby implementing information transfer. The connection mode is suitable for one program anti-theft module to control a plurality of PLCs, and can also be one-to-one.

In embodiments 1 and 2, the connection line between the PLC and the program antitheft module, the connection line between the PLC and the switch, and the connection line between the program antitheft module and the switch are all hermetically disposed in the metal space.

A PLC program anti-theft method is shown in figure 3 and comprises the following steps:

s1: if the stop instruction is not received, the raspberry pie in the module starts to perform timing detection, whether the raspberry pie can be connected to the IP address is judged, if the raspberry pie cannot be connected to the IP address, an error instruction is transmitted to the mobile phone end and the PC end for prompting that the internal program of the PLC has the risk of being stolen and a person needs to be sent to check the internal program on site, if the raspberry pie can be connected to the IP address of the PLC, S2 is performed, and if the stop instruction is received, the detection is directly finished;

s2: the raspberry group reads program data in a program block, a data block and a system block in the PLC, compares the program data with the PLC program data read before a certain time, judges that the data are leaked if the difference rate of the two program data is greater than a set value, sends an error instruction to a PC end and a mobile phone end to prompt that the internal program of the PLC is possibly informed, and transfers to S3, if the difference rate is less than or equal to the set value, the data are normal, and waits for the next detection;

s3: and starting an erasing program in the PLC program anti-theft device to delete the program in the PLC, and reserving the reading program of the last timing detection for rewriting.

In the invention, a program erasing instruction can be manually input through the remote PC end and the mobile phone end and is transmitted to the program anti-theft module through the 4G networking module, the program anti-theft module starts an erasing program to erase the program in the PLC, and the last read PLC program is reserved.

The working mode of the program anti-theft module is to detect the invasion of a person, complete the deletion of a program and the later writing and restore the original state of the program, and the realization principle is to complete the communication with the PLC by a python-snap7 (an open source library based on the communication between Ethernet and Siemens S7 series PLC) of a python library and call the snap-full-1.42 (a python library based on a c-link library) at the same time, and to modify the library and complete the erasing and writing of the PLC by comparing a wireshake packet and software (step 7 Micro win smart) during the communication with the PLC. The above programs all belong to conventional technical means, and can be written by those skilled in the art according to actual requirements, so detailed descriptions are omitted.

The PLC faces the risk of data leakage and can be divided into two modes, namely remote acquisition and physical acquisition. The method comprises the following specific steps:

1. remote acquisition

Remote acquisition is mostly achieved by means of infrared cameras, scanners, routers, hard disks and the like, even because the frequency of data written into the memory of the device changes, signals are sent to nearby receivers, and an attacker can manipulate the frequency to leak data bit by bit. Besides, under the normal condition, in order to save time, the engineer all adopts remote debugging many times, remote control PLC, and PLC inserts 4G networking module, links into PLC, and the supporting networking module's of the remote module of C end software can let the PC end link PLC, and attacker's accessible changes networking IP address, gets into remote connection, and the modification of long-range data of carrying on is stolen.

2. Physical acquisition

A stealer adopts a power-down mode or directly pulls out a connecting line, independently picks up the PLC, and then directly reads the PLC to obtain the private data and the product program anti-theft small module.

In the face of the two situations, the invention designs two solutions:

1. and (6) automatic detection.

Before a stop instruction is not received, timing detection is started according to the design of a raspberry dispatching program in the module, whether an IP address can be connected or not is judged firstly, if the connection cannot be realized through error report, an error instruction is transmitted to a mobile phone end and a PC end, and the fact that a program in the PLC module is possibly acquired by other people is prompted. If the IP address of the PLC can be connected, performing a second step of detection, starting to read data in a program block, a data block, a system block and the like in the PLC, comparing a program before a certain time with the current program, if the difference rate is greater than a set value, judging that the data is leaked, transmitting an error instruction to a mobile phone end and a PC end to prompt that the internal program of the PLC is possibly acquired, directly and automatically starting a module internal deleting program, protecting the program, keeping the record of the last detection on the reading of the PLC program, and facilitating the subsequent rewriting.

2. Manual deletion

And manually inputting by using a mobile phone end or a remote PC end, reserving a result read during the last detection, and finishing an erasing procedure.

Two cases will fail to detect the situation as follows:

1. in the direct connection mode, the connection between the PLC and the program anti-theft module can be directly disconnected, and then the PLC is taken out.

2. In the non-direct mode, the connection between the PLC and the switch may be directly disconnected or the connection between the switch and the anti-theft module may be directly disconnected.

Therefore, the connecting lines among the switch, the anti-theft module and the PLC are required to be in a closed state, and if the connecting lines are placed in a metal closed space, the personnel management and the strength of the entity lock are also enhanced.

The installation and deployment environment is divided into the following two cases:

1. the PLC is separated from the module.

Most of the existing machine tools are separated from the PLC, the PLC is arranged in an independent cabinet, and the installation position of the program anti-theft module is arranged at the same position as the PLC as far as possible, preferably, the PLC and the program anti-theft module are embedded in the machine tool.

2. The PLC is integrated with the program anti-theft module.

The program anti-theft module and the PLC are integrated into a whole and cannot be separated, only a connecting wire interface and a module power supply charging port of the machine tool are exposed and are installed in a sealed space to be connected with the machine tool, so that a better protection effect is achieved, the machine tool is in a non-contact state in other periods, the connection mode is the same, the internal connecting wire is integrated into a direct connection mode, and therefore only other data interfaces are required to be connected with the machine tool.

The foregoing is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.