期刊文献+

军工企业工业控制系统网络安全防护研究 被引量:6

Research on Network Security Protection of Industrial Control System in Military Enterprises
下载PDF
导出
摘要 信息技术的全面发展有力推进军工企业工艺与科研生产效率、提高企业整体竞争力的同时,勒索病毒、高级可持续威胁攻击等传统安全威胁向军工企业生产网络加速渗透,军工企业工业控制系统安全稳定运行面临前所未有的挑战。本文结合军工企业工业控制系统业务应用场景及工作实践,总结梳理形成一套实用的网络安全风险评估工作流程及方法,同时基于工业控制系统“纵向分层、横向分区”网络架构模型,规划设计工控系统网络安全技术防护框架,围绕物理环境、通信网络、终端主机、应用系统、终端设备等工控系统运行环境,从身份鉴别、访问控制、内容安全、安全审计及备份恢复角度设计安全防护技术框架,构建工控系统纵深防御体系,对同类型军工生产制造企业工控系统网络安全防护建设具有参考和借鉴意义。 The comprehensive development of information technology promotes the technology,scientific research and production of military enterprises,and improves the overall competitiveness of enterprises.At the same time,traditional security threats such as ransomware,APT accelerate penetration into the OT network of military enterprises,and the industrial control systems are facing unprecedented challenges.Based on the business application scenarios and working practices of the industrial control system of military enterprises,this paper summarizes a set of practical network security risk assessment workflows and methods.Besides,refer to industrial control system“vertical layering,horizontal partitioning”network architecture mode,around the physical environment,communication network,terminal host,application system,terminal equipment and other industrial control system operating environment,from the perspective of identity authentication,access control,content security,security audit and backup and recovery design security protection technology framework to construct defense-in-depth system of industrial control system.The research has referenced significance for the construction of industrial control system network security protection of the same type of military manufacturing enterprises.
作者 王乐 刘顺志 韩正 Wang Le;Liu Shunzhi;Han Zheng(China National Nuclear Industry Corporation 404,Jiayuguan Gansu,735100;Computer Application Institute of Nuclear Industry,Beijing,100091)
出处 《工业信息安全》 2023年第1期61-67,共7页 Industry Information Security
关键词 军工企业 工业控制系统 风险评估 技术框架 纵深防御 Military Enterprises Industrial Control System Risk Assessment Technology Framework Defense-in-depth
  • 相关文献

参考文献10

二级参考文献155

  • 1陈星,贾卓生.工业控制网络的信息安全威胁与脆弱性分析与研究[J].计算机科学,2012,39(S2):188-190. 被引量:29
  • 2唐怀斌.工业控制系统的进展与趋势[J].自动化与仪器仪表,1996(2):1-6. 被引量:60
  • 3NIST SP800-82.Guide to Industrial Control Systems(ICS)Security[S].Gaithersburg,USA:National Institute of Standards and Technology(NIST),2011.
  • 4Simon H A.The architecture of complexity[C] //Proceedings of the American Philosophical Society.Philadelphia,USA:Batsford,1962:467-482.
  • 5Bishop M.Computer Security[M].Boston,USA:Addison Wesley,2003.
  • 6Department of Homeland Security(DHS).Cyber Security Assessments of Industrial Control System[S].Washington DC,USA:Department of Homeland Security(DHS),2010.
  • 7The European Network and Information Security Agency(ENISA).Protecting Industrial Control Systems,Recommendations for Europe and Member States[R].Heraklion,Greece:Recommendations for Europe and Member States,2011.
  • 8Byres E J,Kay J,Carter J.Myths and facts behind cyber security and industrial control(2003)[Z/OL].(2010-02-12),http://www.pimaweb.org/conference/april2003/pdfs/MythsAndFactsBehindCyberSecurity.pdf.
  • 9David A.Multiple Efforts to Secure Control Systems Are Under Way,but Challenges Remain,GAO-07-1036[R].Washington DC,USA:US Government Accountability Office(US GAO),2007.
  • 10IEC61508.Functional Safety of E/E/PE Safety-Related Systems[S].Geneva,Switzerland:International Electrotechnical Commission(IEC),2000.

共引文献262

同被引文献53

引证文献6

二级引证文献6

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部