工业控制系统安全网络防护研究  被引量：19

作　　者：孙易安 井柯 汪义舟 

机构地区：[1]北京匡恩网络科技有限责任公司,北京100191

出　　处：《信息安全研究》2017年第2期171-176,共6页Journal of Information Security Research

摘　　要：工业控制系统(industrial control system,ICS)是各类基础设施的核心,工业控制系统是由各种自动化控制组件和采集、监测实时数据的过程控制组件共同构成的,以确保工业基础设施自动运行、过程控制与监控的业务流程管控系统.工业网络中关键应用或系统的故障将会导致人员伤亡、严重的经济损失、基础设施被破坏、危及公众生活及国家安全、环境灾难等严重后果.工控信息安全防护理念已经历了一系列的发展演变过程,而以Havex为代表的新一代APT攻击使得防护手段从单纯隔离为手段的终端安全防护、以纵深防御为手段的边界安全防护,逐步发展到以工控系统内在安全为主要特征的持续性防御体系阶段,不仅要求涵盖不同防御层次、多种技术协同运用,更强调的是要拥有发现隐患、管理威胁、预知威胁和主动修复的能力.针对工业控制系统安全防护的难点,采用"4+1"的安全防护模型,最后提出了一种针对工业控制系统的全网防护的相关技术.Industrial control System （ICS） is the core of all kinds of infrastructure, industrial control systems are composed of automation control components and real-time data acquisition and monitoring process control components together, which can ensure that the Industrial infrastructure to run automatically, process control and monitoring of business process. Applications or system in industrial network failure will result in casualties and serious economic losses,destroying infrastructure,endangering public life and national security, environmental disasters and other serious consequences. Information security protection concept has experienced a series of the development process , meanwhile a new generation of APT attacks represented named Havex make protective measure from the simple isolation by means of terminal security protection and defense in depth of the border security, to the intrinsic safety in industrial control system as the main characteristics of the sustainability of the defense system stage, not only requires covering different defense levels, together using a variety of technology, but also holds the ability to find hidden trouble,manage threats,predict threat,and take the initiative to repair. Focus on the difficulties of the industrial control system security protection, adopt a kind of security model of 4＋1, and puts forward a control system for industrial technology related to an entire network system protection.

关 键 词：工业控制安全 工业控制系统 APT攻击 工业控制网络防护模型 工业控制网络防护 

分 类 号：TP399[自动化与计算机技术—计算机应用技术]