As various types of communication networks, for example, since a host device and a plurality of control devices perform communication through local area network (LAN) ports, and various control devices and the like perform communication with each other, in power systems or industrial systems, a communication network is configured with a communication cable and a communication processing device (for example, a switch).
In this case, communication is performed according to the communication protocol that defines the terms related to communication on a communication network. Further, data to be communicated is not transmitted all at once, but rather the data is transmitted by being divided into units called packets. A header including a destination address and a source address is added to the packets, in addition to the data to be transmitted.
The communication processing device that connects the host device and the control device to the communication network includes a plurality of ports, checks the header of the received packet, selects a port for transmission to the destination address, and transmits a packet. A communication process is likely to be performed in combination with a central processing unit (CPU) and dedicated large scale integration (LSI). Examples of the dedicated LSI include an application specific integrated circuit (ASIC), a field programmable gate array (FPGA), and the like. Since the dedicated LSI is used, the speed of the communication process can be increased.
Among these, while the logic circuit in the ASIC is fixed, the FPGA is characterized in that the user can define or change the logic circuit. Although the FPGA has logic circuit information in a configuration random access memory (CRAM) in the inside, the FPGA in which the CRAM is formed with a static random access memory (SRAM) is referred to as an SRAM-type FPGA. The SRAM-type FPGA starts an operation after the logic circuit is configured by reading logic circuit information which is stored in the external flash memory after power is turned on, and writing the logic circuit information to a CRAM. Among the SRAM-type FPGAs, a dynamic partial reconfigurable FPGA can be referred to as a programmable logic device in which the logic circuit can be partially rewritten during an operation.
Meanwhile, recent power systems and industrial systems are configured such that an internet protocol (IP) communication network has been used for the communication network of the system. As a result, in the power systems and industrial systems, there is a concern about the threat of cyberattacks in the future, and thus it is considered that it is necessary to strengthen the security of the communication network.
As a countermeasure against such cyberattacks, in a case where a communication packet is determined to be due to cyberattacks, it is necessary to discard the packet and inform the host system of this fact. Since the above operations are performed by the communication protocol process, it is possible to prepare the processing function for threats which have been found in advance, but an additional function is required in the communication protocol process, with respect to new threats.
As a solution for the problem, PTL 1 describes a configuration method for a communication processing device which rewrites the control circuit of the FPGA depending on the communication contents at any time, and updates the control circuit dynamically without interrupting communication.