SHENYANG INSTITUTE OF AUTOMATION, CHINESE ACADEMY OF SCIENCES
The present invention relates to a PLC security processing unit and a bus arbitration method thereof, for use to provide an active defense means for a PLC by constructing PLC hardware and software security layers. In a hardware security layer, some hardware processing mechanisms are added to support trusted measurement, an encryption algorithm, and a signature algorithm, and the virtualization isolation technology is used; in a software security layer, transparent encryption and decryption, integrity verification, backup recovery, and a virtualization isolation security mechanism are provided. Improvement is made on security processing to achieve the purpose of security and reliability. According to the present invention, a trusted environment of a PLC can be correctly created to ensure that the PLC is booted through a strictly verified path. A new STAR trust structure is designed, loss during information transfer is reduced, and the efficiency of information transfer is improved.