火电企业燃料智能化信息安全等级保护建设  被引量：3

作　　者：常锐 吴宝杨 张立强 杨勇 曹阳曦 CHANG Rui;WU Baoyang;ZHANG Liqiang;YANG Yong;CAO Yangxi(Shanxi Lujin Wangqu Power Generation Corporation Ltd.,Changzhi 047500,China;Hunan Sundy Science and Technology Corporation Ltd.,Changsha 410205,China)

机构地区：[1]山西鲁晋王曲发电有限责任公司,山西长治047500 [2]湖南三德科技股份有限公司,湖南长沙410205

出　　处：《煤质技术》2023年第5期65-71,83,共8页Coal Quality Technology

基　　金：山西公司王曲电厂基于多煤种的燃料智能化技术研究与应用基金资助项目(GJNY-22-116)。

摘　　要：火电企业的燃料信息是电厂经营中保密程度高的绝密数据,其信息安全等级保护建设是智慧电厂信息化建设中的重要组成部分,可为火电企业信息安全建设提供基础支撑。针对火电企业等级保护建设的要求,从政策支撑、级别确定的角度出发,以总装机1000 MW为分界点,分别按照第2级、第3级进行安全保护等级的分类。依照“安全分区、网络专用、横向隔离、纵向认证”的总体防护原则,分析火电企业燃料信息安全所需的物理环境,对机房安全、供电安全,网络构架、区域边界与运维管理、系统综合防护等系统建设管理方面进行深度探讨,并提出软硬件建设要求及梳理等保测评的4个步骤,落实等级保护测评的周期要求,针对网络安全等级保护测评则确定2级定级的系统一般每2年开展1次,而3级定级的系统要求每年至少开展1次等保测评。通过等级保护的引入,将信息安全等级保护形成持续性的长期迭代工作,可对火电企业的信息安全建设提供指导作用。The fuel information is the top secret data with a high degree of confidentiality in the operation of thermal power enterprises,the information security classified protection construction is an important part of the informatization construction of smart power plants,which can provide basic support for the information security construction of thermal power enterprises.In view of the requirements for the hierarchy protection construction of thermal power enterprises,from the perspective of policy support and level determination,the capacity of 1000 MW is used as the dividing point,and the safety protection levels are classified according to Level 2 and Level 3 respectively.In accordance with the total protection principles of“security partition,network dedicated,horizontal isolation and vertical authentication”,the physical environment required for information security is analyzed,and the system construction management aspects such as computer room security,power supply security,network architecture,regional boundaries and operation and maintenance management,and comprehensive system protection are conducted in-depth discussions,and the requirements of software and hardware construction are proposed.Sort out the four steps of the level protection assessment and implement the cycle requirements of the level protection assessment.For the network security level protection assessment,it is determined that the level 2 system is generally carried out once every two years,while the level 3 system requires at least once every year.Through the introduction of level protection,information security level protection can be formed into a sustainable long-term iterative work,which can provide guidance for the information security construction of thermal power enterprises.

关 键 词：燃料智能化信息 安全等级保护 网络构架 纵向认证 区域边界 运维管理 系统建设管理 智慧电厂 

分 类 号：TM621.9[电气工程—电力系统及自动化] F426.61[经济管理—产业经济]