An Active Defence Architecture for Industrial Control System based on Trusted Computing 3.0

The architecture of Trusted Computing 3.0 provides an excellent way to enhance the security of industrial control systems (ICS). However, the implementation of this architecture needs to solve some technical issues such as access control and trust quantification in the ICS scene. This paper proposes an active defense architecture for ICS based on trusted computing 3.0, which defines the active immune operation mechanism of the industrial control system, establishes an immune architecture based on trusted two-node, multi-level fine-grained access control strategy, and the quantification of the trusted behaviors and decisions. Taking the protection of critical data in DCS as an example, we design a deployment scheme of the coordinated protection for ICS. The proposed method will guide the security enhancement based on trusted computing in ICS.