工业控制系统(Industrial Control Systems,ICS )是由各种自动化控制设备以及对实时数据进行采集、监测的过程控制装置共同构成的实现工业基础设施自动化运行、过程控制与监控的业务流程管理和控制系统IM、其层次结构如图1所示。随着工业自动化的发展，传统封闭式系统演变成开放式的网络系统，过程控制和企业信息系统集成，工控系统远程维护日渐普及，无线技术广泛应用以及全球信息大融合，这些特性使得工业控制系统也在不断地发展进步。目前，工业控制系统已广泛应用于炼油、化工、交通、电力、电网、核电、城市燃气供水等各工业领域，成为闰家关键基础设施的重要组成部分，其安全性将直接影响关键基础设施的正常运行。
工业控制系统安全防护体系建设离不开相关安全标准体系的支持，国外一些发达国家在工业控制系统信息安全防护领域的标准研究工作幵展较早，进展较快。同际上已建立一些工控系统信息安全方面的国际及国家技术组织标准，包括1SA-99(即1EC62443 )、NERC CIP、NIST:SP800-82、WIBM-2784、IEC 62351等等。
在检测认证工具集方面，闰际上是以ISA Secure认证作为工业控制系统领域专业的安全认证标准，它是基于IEC 62443标准系列发展安全认证流程的联盟。ISA Secure认证包含嵌入式设备安全认证(EDSA)、系统安全认证(SSA)和安全开发生命周期认证(SDLA)三个项目。目前，国际上已经获得ISA Secure认证认可的CRT测试工具有芬兰Codenomicon的Defensics、日本FFRI的Raven for ICS以及加拿大Wurldtech的Achilles,国内并没有成熟的检测认证工具产品。发展我国自主可控的检测认证工具集将有助于改变我国工控信息安全领域缺乏核心技术的现状，提高我同工控系统检测发现和探查能力，从而提升我国工控信息安全水平。
( 3 )安全防护：研发工控领域自主可控的专用信息安全防护产品；全方位、多层次地针对工业控制系统提出信息安全防护解决方案；最终实现工控领域安全防护产品全面国产化；逐步完善自主可控的安全防护解决方案体系。
Through the analysis of the status of information security system of China’s industrial control, put forward our country should perfect the industrial control system information security standards, the development of self controlled certification tool set, to advance the work of blood detection control system of information security training, the work of blood control system of information security service in these aspects, establish and improve China’s industrial control system information security system. To further enhance China’s information security protection level of industrial areas, to ensure the healthy development of the industrial industry safety critical national infrastructure.
1 vulnerability and hazard of industrial control systems
Industrial control system (Industrial Control Systems, ICS) is composed of a variety of automation control equipment and the real-time data collection, monitoring the process control device together to achieve industrial infrastructure operation automation, process control and monitoring of business process management and control system of IM and its structure as shown in figure 1. With the development of industrial automation, the traditional closed system evolved into a network open system, process control and integration of enterprise information system, control system of remote maintenance is the growing popularity of wireless technology and the wide application of global information integration, these features make the industrial control system is also progress. At present, the industrial control system has been widely used in oil refining, chemical, transportation, electricity, power, nuclear power, city gas and water supply industries, has become an important part of the socialist key infrastructure, the normal operation of its security will directly affect the critical infrastructure.
Since the 2010 earthquake network virus incident, security incidents frequent industrial areas, has been considered relatively closed, the relative professional and the relative safety of the industrial control system is faced with extreme individualism, hacker groups, economic crime, terrorism and national security threats, at the same time, there are strategies and processes of vulnerability, platform vulnerability, vulnerability issues such as China’s industrial control system at the present stage. As shown in figure 2. The vulnerability caused by security incidents will not only cause loss of control of industrial control system, decreased performance of the system reduces the availability of key control data tampering or loss, affect the production safety system, and causes serious economic losses, but also may lead to further casualties and environmental disaster, endangering public life and even national security . Therefore, the safe operation of industrial control system is an important foundation to ensure the normal operation of the national critical infrastructure, and is an important indicator of the whole life cycle of the system.
2 continue to improve China’s industrial control system information security standards
The construction of the industrial control system security protection system cannot do without the support of the relevant safety standards system, some developed countries in the standard research and development of industrial control system in information security field early, rapid progress. On the occasion of the establishment of a number of industrial control system information security international and national technical standards, including 1SA-99 (ie 1EC62443), NERC CIP, NIST:SP800-82, WIBM-2784, IEC 62351, etc..
In recent years, with China’s level of protection of information security policy to promote and implement efforts continue to increase the state of the industrial control system information security increasing importance degree, the industrial control system information security construction is the important industry of a country has made considerable progress, and gradually developed the deployment of the standard system of industrial control system of the corresponding initial establishment the Chinese classified protection standard system framework and information security standard system framework, in China in recent years, the industrial control system construction information security standards are shown in Table 1 .
But generally speaking, the construction of standard system for information security protection of China’s industrial is still lagging behind in the industrial control system, while the protection awareness and protection strategy, protection mechanism, regulations and standards etc. there are many problems. Therefore, the establishment of coverage, coverage of industrial applications in the field of industrial product life cycle and industrial control system covering the business level of industrial information security standard system is imminent, starting from the five aspects: (1) in support of the national policy guidance, combined with my information security problems and the status quo of industrial areas, the construction requirements of industrial control system of information security system to build a targeted industrial information security standard system framework. (2) carry out the development of key standards, and gradually enrich and improve the coverage of industrial applications and product life cycle information security standards system. (3) actively follow and participate in international standards related to intercalated formulation, implementation and international certification body recognition, reflects China’s industrial safety will. (4) speed up the formulation of relevant standards and standards, establish and improve the standard system. (5) accelerate the training of qualified personnel, according to the standards of the construction of information security testing and certification.
3 vigorously develop self controlled testing certification tool set
China’s industrial control system in the field of information security has long been the core technology limitations, the lack of professional certification tool detection and many other factors, resulting in important infrastructure in China is facing a serious security threat, therefore, the technical barriers to industrial breakthrough in the field of information security, testing and certification tools developed 0 main controlled set and with international standards is imperative.
In the testing and certification tool sets, as intercalated is based on ISA Secure authentication as the safety certification standard industrial control system in the field of professional, it is the standard of IEC 62443 series development safety certification process based on alliance. ISA Secure certification includes embedded device security certification (EDSA), system security certification (SSA) and security development life cycle certification (SDLA) three projects. At present, the international ISA has obtained Secure certification and accreditation CRT testing tools is Finland Codenomicon Defensics, Raven for and ICS Japan FFRI Achilles Wurldtech Canada, domestic and no mature product certification testing tools. Current situation of the development of China’s independent certification testing tool controlled set will help to change the industrial field of information security in our country lack of core technology, improve the detection ability I found with industrial control system and exploration, so as to enhance the level of China’s industrial security.
R & D certification testing tool set should be self controlled, safe and reliable technology as the guiding ideology, from the prospective investigation, research on security of international advanced technology, research field of industrial security protocol stack, a typical industrial control information model database, vulnerability database, computer of industrial production in the control system (PLC) server, network, information, assets such as FFL software, services, open ports, firewall, database audit content scan, provide vulnerability detection and risk assessment, vulnerability discovery, visualization and vulnerability repair suggestion function. Through the research and development of the self controlled testing tool set, we can completely solve the information security hidden trouble in the production control system, and ensure the safe production and safety management of industrial production. Self controlled testing tools such as authentication and development model shown in figure 3.
4 rapid industrial control system
Information security training safety training for the training of high-quality industrial control system information security related personnel, improve the professional and technical personnel and management capabilities to provide a standardized and scientific knowledge system. China’s industrial control status of the information security training system facing the training subject, has not formed the hybrid specification, training content, training guidance is not strong base is not perfect enough and the problem of reference to traditional information security, as the industrial control system information security system and the indispensable part of safety training is also important and perfect location.
(1) to standard construction training base: with the industrial control standard system of national standards in the field of information security industry and continuous improvement and development, need to actively lead and participate in various standards of supervision, establishment, work for the construction of industrial safety reasonable, efficient and safe development of the file environment then, to promote the construction of industrial information security training base.
(2) led to safety training testing and certification: Based on self controlled authentication detection tool set, combined with industrial safety assessment services, testing, certification of environmental construction of neutrality, to provide authoritative testing and certification services to the national level, at the same time to carry out training for business to provide basic conditions and effectiveness and more guidance.
The standard construction and self controlled authentication based detection tools, from the operational level, technical level, education level and occupation certification training and construction of industrial control system security training information system, improve China’s industrial information security personnel practice technical ability and safety skills, accelerate personnel training, improve user awareness of information security.
Fig. 4 the structure of the simulation platform for safety simulation of the control system
5 provide information security services for industrial control systems
In order to improve the overall service level of information security in the field of industrial control, constantly improve the relevant national standards and the development of self-control technology security system, the construction of industrial control system security simulation experiment platform service supporting environment, provide security assessment, security consulting, safety protection and other customized services for industry users. Platform structure as shown in figure 4.
(1) safety assessment process and methods for establishing safety assessment, construction safety evaluation system for complete; risk assessment in service system, put forward rectification and protection schemes and suggestions, provide safety assessment services for related enterprises and institutions, the construction safety specification for industrial control systems. Finally, it has a complete safety evaluation methodology, and provides professional safety assessment services for the industry in the field of industrial control.
(2) Security Advisory: process and methods for establishing security consulting, construction safety consulting system; design for product development, system integration, information security technology, to enhance the overall safety of the new industrial control system. Finally, we have a complete safety consulting system, provide professional security consulting services for all kinds of industrial control field, and gradually establish a safe industrial control system model library.
(3) safety protection: special information security product development industrial area of self-control; all levels of information security protection solutions for industrial control system; realize industrial area security products comprehensive localization; gradually improve the safety self controlled solution system.
Industrial control system is an important part of the national key infrastructure, the information security problem has long been ignored, resulting in insufficient information security protection, industrial security is increasingly grim. Therefore, it is urgent to adjust the overall strategy of industrial information security, and reconstruct and perfect the information security system of industrial control system. In the analysis, only to detect certification tool development research of self controlled industrial areas of information security standard system in our country, the set theory, I build with industrial control system in the field of information security support platform, and this platform offers safety training, safety consulting, safety assessment and safety protection of the overall plan, establish and improve China’s industrial the control system of information security system, to enhance the important field of industrial control system security protection level, to ensure the healthy development of industry, industrial relationship beneficial to the people’s livelihood of long period of stability.
The author of the article has set up the need to be able to leave a message
Sweep the concern of the public, WeChat