摘要
针对火电工控系统的网络安全问题进行了研究,对当前火电工控系统的网络架构、安全挑战、防护现状、风险来源等网络安全问题进行了分析总结,按照电力系统的安全防护总体原则及相关标准规范,针对电力生产网络的特点及安全要求,提出了以数据探针为组成单元的能够覆盖电厂工控网络各个层级并配置监测中心的安全防护架构,能够对多种工控协议进行深度解析,对已知和未知危险流量进行识别和学习,并将宏观网络态势以可视化的方式展示出来,实现了对电厂工控系统多层次、立体化、智能化的安全防护,能够深度有效的保护电厂生产网络系统。
The network security of thermal power industry control system is studied.The network architecture,security challenges,protection status and risk sources of thermal power industry control system are analyzed and summarized.According to the general principles and related standards of power system security protection,and in view of the characteristics and security requirements of power production network,the proposed security protection architecture is based on data probe component unit,covers all levels of the power plant industrial control network and is configured with a monitor center.It can deeply analyze various industrial control protocols,identify and learn known and unknown dangerous flows,and visualize the macro network situation.It realizes the multi-level,three-dimensional and intelligent security protection of the power plant industrial control system with deep and effective protection for power plant production network system.
作者
张大松
姜洪朝
吴云峰
Zhang Dasong;Jiang Hongchao;Wu Yunfeng(The 6th Research Institute of China Electronics Corporation,Beijing 100083,China)
出处
《信息技术与网络安全》
2020年第3期17-22,共6页
Information Technology and Network Security
基金
北京市科技计划项目(No.Z181100005118005)
关键词
电厂安全
工控安全
安全防护
流量识别
协议解析
power plant security
industrial control security
security protection
flow identification
protocol analysis
