CN111262862A - Industrial control system data processing system and method based on independent networking and data encryption - Google Patents
Industrial control system data processing system and method based on independent networking and data encryption Download PDFInfo
- Publication number
- CN111262862A CN111262862A CN202010048868.4A CN202010048868A CN111262862A CN 111262862 A CN111262862 A CN 111262862A CN 202010048868 A CN202010048868 A CN 202010048868A CN 111262862 A CN111262862 A CN 111262862A
- Authority
- CN
- China
- Prior art keywords
- control area
- data
- area
- station side
- information management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Testing And Monitoring For Control Systems (AREA)
Abstract
The invention discloses an industrial control system data processing system and method based on independent networking and data encryption.A station side platform is constructed outside an original system at a station side, and a control area of the station side platform is provided with an acquisition server for acquiring data of the original control area and transmitting the data to the outside after being encrypted by a first private key; the non-control area of the plant station side platform is provided with an acquisition server which is used for acquiring original non-control area data, decrypting the original non-control area data through a first public key to obtain control area data, encrypting the control area data through a second private key and then transmitting the control area data to the outside; the information management area of the station side platform is provided with a collection server which is used for collecting original information management large area data, decrypting the original information management large area data through a second public key to obtain control area data and non-control area data, and transmitting the control area data and the non-control area data after encrypting the control area data and the non-control area data through a third private key; and a comprehensive analysis server is arranged in a newly-built safety area of the plant station side platform and is used for decrypting through a third public key to obtain control area data, non-control area data and information management large area data and carrying out comprehensive correlation analysis.
Description
Technical Field
The invention relates to the technical field of electric power industrial control systems, in particular to an industrial control system data processing system and method based on independent networking and data encryption.
Background
The industrial control system is an information system related to international civilian life and is an infrastructure of key information; the safety subarea is a structural foundation of a safety protection system of an industrial control system such as electric power and the like, an electric power enterprise divides the industrial control system into a production control area and a management information area in principle, and the production control area is divided into a control area and a non-control area; and determining the safety level and the protection level of different safety regions according to the safety protection requirements of the different safety regions, wherein the safety level of the production control region is higher than that of the management information region, and the safety regions with different strengths are isolated by adopting safety equipment. In the protection of industrial control systems, the realization of all-dimensional situation perception is the key point of safety protection.
In a situation awareness system, data generated by various network devices in a control area, a non-control area and an information management area of a production environment needs to be collected. The data generated by different security areas belong to different security levels, and the flow of the data is limited by the security levels. However, the current security monitoring means often needs to perform comprehensive correlation analysis on data of each area to discover security risks and threats. Therefore, how to realize the cross-regional flow of the safety data and the comprehensive association analysis becomes the key point of research on the premise of complying with the important safety principle of the safety partition and not influencing the normal production.
The method finds out through searching domestic and foreign papers, academic conferences, scientific and technical documents, patents and other databases: the network security data acquisition and analysis of the industrial control production environment at the present stage are still in a starting stage: firstly, the comprehensive acquisition method and application of production and management data are less; secondly, the research on how to comprehensively analyze the acquired safety data is less; thirdly, the encryption means is applied to data flow, and the research on cross-region data flow is less; and fourthly, the cross-regional flow of the safety data is realized, so that the data circulation of the production environment is not influenced while the comprehensive correlation analysis of the safety big data is realized, and the data is still in an exploration stage.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides an industrial control system data processing system and method based on independent networking and data encryption.
The invention discloses an industrial control system data processing system based on independent networking and data encryption,
a station side platform is constructed outside an original system on a station side, the station side platform comprises a production control large area and an information management large area, the production control large area comprises a control area and a non-control area, and the information management large area comprises an information management area and a newly-built safety area;
the control area of the station side platform is provided with an acquisition server which is used for acquiring control area data of an original system of the station side, encrypting the control area data through a first private key and then transmitting the control area data to the outside through a forward security isolation device;
the non-control area of the platform at the factory station side is provided with an acquisition server which is used for acquiring non-control area data of an original system at the factory station side and decrypting the non-control area data through a first public key to obtain control area data, and the control area data and the non-control area data are encrypted through a second private key and then transmitted to the outside through a forward security isolation device;
the information management area of the station side platform is provided with an acquisition server which is used for acquiring information management large area data of an original system of the station side and decrypting the information management large area data through a second public key to obtain control area data and non-control area data, and the control area data, the non-control area data and the information management large area data are encrypted through a third private key and then transmitted to the outside through a forward security isolation device;
and the newly-built safety area of the plant station side platform is provided with a comprehensive analysis server which is used for decrypting through a third public key to obtain the control area data, the non-control area data and the information management large area data and carrying out comprehensive correlation analysis.
As a further improvement of the present invention,
the first private key is distributed to a collection server in a control area by the comprehensive analysis server;
the first public key and the second private key are distributed to a collection server in a non-control area by the comprehensive analysis server;
the second public key and the third private key are distributed to an acquisition server of an information management area by the comprehensive analysis server;
and the third public key is reserved in the comprehensive analysis server.
As a further improvement of the present invention,
the data acquisition and analysis of the plant side platform are independent of the original system of the plant side;
the forward safety isolation equipment is arranged at the boundary of a control area and a non-control area, the boundary of the non-control area and an information management area or the boundary of the information management area and a newly-built safety area of the station side platform.
As a further improvement of the present invention,
the comprehensive correlation analysis comprises:
and matching the detection rule issued by the superior center with the received full-flow data to generate a threat information log.
Further, in the case of a liquid crystal display,
the comprehensive analysis server is further configured to:
and uploading and communicating the result of the comprehensive correlation analysis to a superior center through a longitudinal encryption authentication device.
The invention also discloses an industrial control system data processing method based on independent networking and data encryption, which comprises the following steps:
a station side platform is constructed outside an original system on a station side, the station side platform comprises a production control large area and an information management large area, the production control large area comprises a control area and a non-control area, and the information management large area comprises an information management area;
a safety zone is newly established in an information management large area of the station side platform;
deploying acquisition servers in a control area, a non-control area and an information management area of the plant-side platform, and deploying a comprehensive analysis server in a newly-built safety area of the plant-side platform; the comprehensive analysis server and each acquisition server are independently networked through forward safety isolation equipment;
the method comprises the steps that an acquisition server of a control area of a station side platform acquires control area data of an original system of the station side, encrypts the control area data through a first private key and transmits the encrypted control area data to the outside through a forward security isolation device;
the method comprises the steps that a collection server of a non-control area of a platform on the plant station side collects data of the non-control area of an original system on the plant station side and obtains control area data through decryption of a first public key, and the control area data and the non-control area data are encrypted through a second private key and then transmitted to the outside through a forward security isolation device;
the acquisition server of the information management area of the factory station side platform acquires information management large area data of an original system of the factory station side and obtains control area data and non-control area data through decryption of a second public key, and the control area data, the non-control area data and the information management large area data are encrypted through a third private key and then transmitted to the outside through the forward security isolation device;
and the comprehensive analysis server of the newly-built safety area of the station side platform decrypts through a third public key to obtain the control area data, the non-control area data and the information management large area data, and performs comprehensive correlation analysis.
As a further improvement of the present invention,
the first private key is distributed to a collection server in a control area by the comprehensive analysis server;
the first public key and the second private key are distributed to a collection server in a non-control area by the comprehensive analysis server;
the second public key and the third private key are distributed to an acquisition server of an information management area by the comprehensive analysis server;
and the third public key is reserved in the comprehensive analysis server.
As a further improvement of the present invention,
the data acquisition and analysis of the plant side platform are independent of the original system of the plant side;
the forward safety isolation equipment is arranged at the boundary of a control area and a non-control area, the boundary of the non-control area and an information management area or the boundary of the information management area and a newly-built safety area of the station side platform.
As a further improvement of the present invention,
the comprehensive correlation analysis comprises:
and matching the detection rule issued by the superior center with the received full-flow data to generate a threat information log.
Further, in the case of a liquid crystal display,
further comprising:
and uploading and communicating the result of the comprehensive correlation analysis to a superior center through a longitudinal encryption authentication device.
Compared with the prior art, the invention has the beneficial effects that:
according to the invention, a station side platform is constructed, a safety zone is newly built, the safety data acquisition of a control zone, a non-control zone and an information management large zone in an original system of the station side is realized through an acquisition server, and the acquired data are sequentially transmitted to a comprehensive analysis server in the newly built safety zone through a forward safety isolation device to be subjected to comprehensive analysis processing; meanwhile, a public key encryption system is adopted to carry out signature verification on data acquired by different safe regions, the data signatures are used as labels and transmitted to a higher-level safe region together with the acquired data through a forward safety isolation device, so that the safe data acquisition and cross-region flow of an original system on a plant station side are realized, and the safe production of the original system on the plant station side is not influenced while the comprehensive analysis is carried out.
Drawings
FIG. 1 is a block diagram of a data processing system of an industrial control system based on independent networking and data encryption according to an embodiment of the present invention;
fig. 2 is a flowchart of an industrial control system data processing method based on independent networking and data encryption according to an embodiment of the present invention.
In the figure:
1. an acquisition server; 2. a forward security isolation device; 3. and a comprehensive analysis server.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be obtained by a person skilled in the art without any inventive step based on the embodiments of the present invention, are within the scope of the present invention.
The invention is described in further detail below with reference to the attached drawing figures:
the invention provides a data processing system and method of an industrial control system based on independent networking and data encryption, and aims to solve the problems that in the prior art, a system and method for acquiring safety data and performing comprehensive cross-regional flow in an industrial control environment are lacked, and a system and method for realizing comprehensive correlation analysis of the safety data and not influencing safety production are lacked.
As shown in fig. 1, the present invention provides an industrial control system data processing system based on independent networking and data encryption, which adds a station side platform, a newly-built security zone, an acquisition server 1, a forward security isolation device 2 and a comprehensive analysis server 3 on the basis of an original system of the station side; wherein:
the original system on the plant side comprises a production control area and a management information area, wherein the production control area comprises a control area and a non-control area; a logic isolation is arranged between the control area and the non-control area, and a forward safety isolation device and a reverse safety isolation device are arranged between the production control area and the management information area; the original system of the station side of the invention realizes normal safe production according to the existing subareas and the network equipment in each subarea.
Because the data generated by different safety regions of the original system at the plant station side belong to different safety levels, the flow of the data is limited by the safety level; therefore, a plant side platform independent of the original system of the plant side is constructed outside the original system of the plant side, and independent networking for collecting data of each device in the original system of the plant side is carried out based on the plant side platform. Specifically, the newly-built station side platform is correspondingly designed with the partition of the original system of the station side, namely, the newly-built station side platform comprises a production control area and an information management area, the production control area comprises a control area and a non-control area, and the information management area comprises an information management area; the control area, the non-control area and the information management area of the station side platform realize the acquisition of equipment data in the corresponding area of the original system of the station side; meanwhile, in order to realize the comprehensive analysis of the acquired data, the invention also newly builds a newly-built safety zone independent of the control zone, the non-control zone and the information management zone in the information management large zone of the station side platform.
In order to realize the acquisition of data of each device which does not influence the normal production of the original system at the plant station side; the invention is provided with an acquisition server 1 in a control area of a station side platform, wherein the acquisition server is used for acquiring control area data of an original system of a station side and transmitting the data to the outside through a forward safety isolation device 3; the invention is provided with an acquisition server 1 in a non-control area of a platform at a station side, wherein the acquisition server is used for acquiring non-control area data of an original system at the station side and receiving control area data sent by the acquisition server at the control area, and transmitting the data outwards through a forward safety isolation device 3; the invention is provided with an acquisition server 1 in an information management area of a platform at a station side, wherein the acquisition server is used for acquiring information management large area data of an original system at the station side, receiving control area data and non-control area data sent by a non-control area acquisition server and transmitting the data to the outside through a forward safety isolation device 3. The data acquisition and analysis of the plant station side platform are independent of the original system of the plant station side; and the forward safety isolation equipment is arranged at the boundary of a control area and a non-control area, the non-control area and an information management area or the information management area and a newly-built safety area of the station side platform.
The newly-built safety area of the platform at the plant station side is provided with the comprehensive analysis server 3, the comprehensive analysis server 3 receives control area data, non-control area data and information management large area data sent by the information management area acquisition server, performs comprehensive correlation analysis, and uploads and communicates the result of the comprehensive correlation analysis to a superior center through a longitudinal encryption authentication device, so that the comprehensive industrial control safety situation perception is realized; wherein, the comprehensive correlation analysis comprises the following steps: matching a detection rule issued by a superior center with the received full-flow data to generate a threat information log, so as to realize the first time discovery of the network attack threat; further, a security detection mode should be provided: suspicious domain name detection, suspicious IP detection, characteristic value detection and behavior model detection.
Further, in order to ensure the step-by-step safe transmission of data, a public key encryption system (such as RSA and a national secret SM3) is adopted to carry out signature verification on data acquired by different safe regions, and the data signature is used as a label and is transmitted to a higher-level safe region together with the acquired data through a forward safe isolation device; wherein the content of the first and second substances,
public key encryption system: public key, private key, encryption algorithm;
and a key negotiation stage: generating and distributing a private key and a public key to devices in different safe areas by using a general public key encryption system through a comprehensive analysis server, and presetting the private key and the public key into the devices; namely, the first private key is distributed to the acquisition server in the control area by the comprehensive analysis server; the first public key and the second private key are distributed to an acquisition server in a non-control area by the comprehensive analysis server; the second public key and the third private key are distributed to an acquisition server of the information management area by the comprehensive analysis server; the third public key is reserved in the comprehensive analysis server.
Digital signature: and generating safety data by the devices in different safety areas, carrying out private key encryption and labeling on the safety data, and transmitting the label data together with the safety data to the devices in the areas with higher safety levels through the isolation device.
Signature verification: the equipment in the higher security level area receives the data and verifies the data by using the public key, and the verification data comes from the equipment in the lower security level area to complete the verification process; and the generated data and the received data are signed by the private key of the user, and the signed data are sent to the equipment in the next higher security level area.
The specific data flow is as follows:
the control area of the station side platform is provided with an acquisition server which is used for acquiring control area data of an original system of the station side, encrypting the control area data through a first private key and then transmitting the control area data to the outside through a forward security isolation device;
the non-control area of the platform at the plant station side is provided with an acquisition server which is used for acquiring non-control area data of an original system at the plant station side and decrypting the non-control area data through a first public key to obtain control area data, and the control area data and the non-control area data are encrypted through a second private key and then transmitted to the outside through a forward security isolation device;
the information management area of the station side platform is provided with a collection server which is used for collecting information management area data of an original system of the station side and obtaining control area data and non-control area data through decryption of a second public key, and the control area data, the non-control area data and the information management area data are encrypted through a third private key and then transmitted to the outside through a forward security isolation device;
and a comprehensive analysis server is arranged in a newly-built safety area of the plant station side platform and is used for decrypting through a third public key to obtain control area data, non-control area data and information management large area data and carrying out comprehensive correlation analysis.
On the basis of the industrial control system data processing system based on the individual networking shown in fig. 1, as shown in fig. 2, the present invention further provides an industrial control system data processing method based on the individual networking and data encryption, including:
s1, building a station side platform outside the original system on the station side, wherein the station side platform comprises a production control area and an information management area, the production control area comprises a control area and a non-control area, and the information management area comprises an information management area;
s2, creating a security zone in the information management large area of the station side platform;
s3, deploying acquisition servers in a control area, a non-control area and an information management area of the plant side platform, and deploying a comprehensive analysis server in a newly-built safety area of the plant side platform; the comprehensive analysis server and each acquisition server are independently networked through forward safety isolation equipment;
s4, acquiring control area data of an original system of the plant station side by an acquisition server of a control area of the plant station side platform, encrypting the control area data by a first private key, and transmitting the encrypted control area data to the outside through a forward security isolation device;
s5, acquiring non-control area data of an original system of the plant station side by an acquisition server of the non-control area of the plant station side platform, decrypting the non-control area data by a first public key to obtain control area data, encrypting the control area data and the non-control area data by a second private key, and transmitting the control area data and the non-control area data to the outside by a forward security isolation device;
s6, collecting information management large area data of an original system of the plant station side by a collection server of an information management area of the plant station side platform, decrypting the data by a second public key to obtain control area data and non-control area data, encrypting the control area data, the non-control area data and the information management large area data by a third private key, and transmitting the encrypted data to the outside by a forward security isolation device;
s7, decrypting by the comprehensive analysis server of the newly-built safety area of the station side platform through a third public key to obtain control area data, non-control area data and information management large area data, and performing comprehensive correlation analysis; the comprehensive correlation analysis is to match a detection rule issued by a superior center with received full-flow data to generate a threat information log; and the result of the comprehensive correlation analysis is uploaded and communicated to a superior center through a longitudinal encryption authentication device.
The invention has the advantages that:
according to the invention, a station side platform is constructed, a safety zone is newly built, the safety data acquisition of a control zone, a non-control zone and an information management large zone in an original system of the station side is realized through an acquisition server, and the acquired data are sequentially transmitted to a comprehensive analysis server in the newly built safety zone through a forward safety isolation device to be subjected to comprehensive analysis processing; meanwhile, a public key encryption system (public key, private key and encryption algorithm) is adopted to carry out signature verification on data acquired by different safe regions, the data signature is used as a label and is transmitted to a higher-level safe region through a forward safety isolation device together with the acquired data, the safe data acquisition and cross-region flow of an original system on a plant station side are realized, and meanwhile, the safe production of the original system on the plant station side is not influenced while the comprehensive analysis is carried out.
The above is only a preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes will occur to those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. An industrial control system data processing system based on independent networking and data encryption is characterized in that,
a station side platform is constructed outside an original system on a station side, the station side platform comprises a production control large area and an information management large area, the production control large area comprises a control area and a non-control area, and the information management large area comprises an information management area and a newly-built safety area;
the control area of the station side platform is provided with an acquisition server which is used for acquiring control area data of an original system of the station side, encrypting the control area data through a first private key and then transmitting the control area data to the outside through a forward security isolation device;
the non-control area of the platform at the factory station side is provided with an acquisition server which is used for acquiring non-control area data of an original system at the factory station side and decrypting the non-control area data through a first public key to obtain control area data, and the control area data and the non-control area data are encrypted through a second private key and then transmitted to the outside through a forward security isolation device;
the information management area of the station side platform is provided with an acquisition server which is used for acquiring information management large area data of an original system of the station side and decrypting the information management large area data through a second public key to obtain control area data and non-control area data, and the control area data, the non-control area data and the information management large area data are encrypted through a third private key and then transmitted to the outside through a forward security isolation device;
and the newly-built safety area of the plant station side platform is provided with a comprehensive analysis server which is used for decrypting through a third public key to obtain the control area data, the non-control area data and the information management large area data and carrying out comprehensive correlation analysis.
2. The industrial control system data processing system of claim 1,
the first private key is distributed to a collection server in a control area by the comprehensive analysis server;
the first public key and the second private key are distributed to a collection server in a non-control area by the comprehensive analysis server;
the second public key and the third private key are distributed to an acquisition server of an information management area by the comprehensive analysis server;
and the third public key is reserved in the comprehensive analysis server.
3. The industrial control system data processing system of claim 1,
the data acquisition and analysis of the plant side platform are independent of the original system of the plant side;
the forward safety isolation equipment is arranged at the boundary of a control area and a non-control area, the boundary of the non-control area and an information management area or the boundary of the information management area and a newly-built safety area of the station side platform.
4. The industrial control system data processing system of claim 1,
the comprehensive correlation analysis comprises:
and matching the detection rule issued by the superior center with the received full-flow data to generate a threat information log.
5. The industrial control system data processing system of claim 4,
the comprehensive analysis server is further configured to:
and uploading and communicating the result of the comprehensive correlation analysis to a superior center through a longitudinal encryption authentication device.
6. A data processing method of industrial control system based on independent networking and data encryption is characterized in that,
the method comprises the following steps:
a station side platform is constructed outside an original system on a station side, the station side platform comprises a production control large area and an information management large area, the production control large area comprises a control area and a non-control area, and the information management large area comprises an information management area;
a safety zone is newly established in an information management large area of the station side platform;
deploying acquisition servers in a control area, a non-control area and an information management area of the plant-side platform, and deploying a comprehensive analysis server in a newly-built safety area of the plant-side platform; the comprehensive analysis server and each acquisition server are independently networked through forward safety isolation equipment;
the method comprises the steps that an acquisition server of a control area of a station side platform acquires control area data of an original system of the station side, encrypts the control area data through a first private key and transmits the encrypted control area data to the outside through a forward security isolation device;
the method comprises the steps that a collection server of a non-control area of a platform on the plant station side collects data of the non-control area of an original system on the plant station side and obtains control area data through decryption of a first public key, and the control area data and the non-control area data are encrypted through a second private key and then transmitted to the outside through a forward security isolation device;
the acquisition server of the information management area of the factory station side platform acquires information management large area data of an original system of the factory station side and obtains control area data and non-control area data through decryption of a second public key, and the control area data, the non-control area data and the information management large area data are encrypted through a third private key and then transmitted to the outside through the forward security isolation device;
and the comprehensive analysis server of the newly-built safety area of the station side platform decrypts through a third public key to obtain the control area data, the non-control area data and the information management large area data, and performs comprehensive correlation analysis.
7. The industrial control system data processing method of claim 6,
the first private key is distributed to a collection server in a control area by the comprehensive analysis server;
the first public key and the second private key are distributed to a collection server in a non-control area by the comprehensive analysis server;
the second public key and the third private key are distributed to an acquisition server of an information management area by the comprehensive analysis server;
and the third public key is reserved in the comprehensive analysis server.
8. The industrial control system data processing method of claim 6,
the data acquisition and analysis of the plant side platform are independent of the original system of the plant side;
the forward safety isolation equipment is arranged at the boundary of a control area and a non-control area, the boundary of the non-control area and an information management area or the boundary of the information management area and a newly-built safety area of the station side platform.
9. The industrial control system data processing method of claim 6,
the comprehensive correlation analysis comprises:
and matching the detection rule issued by the superior center with the received full-flow data to generate a threat information log.
10. The industrial control system data processing system of claim 9,
further comprising:
and uploading and communicating the result of the comprehensive correlation analysis to a superior center through a longitudinal encryption authentication device.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010048868.4A CN111262862B (en) | 2020-01-16 | 2020-01-16 | Industrial control system data processing system and method based on independent networking and data encryption |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010048868.4A CN111262862B (en) | 2020-01-16 | 2020-01-16 | Industrial control system data processing system and method based on independent networking and data encryption |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111262862A true CN111262862A (en) | 2020-06-09 |
| CN111262862B CN111262862B (en) | 2021-11-23 |
Family
ID=70952179
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010048868.4A Active CN111262862B (en) | 2020-01-16 | 2020-01-16 | Industrial control system data processing system and method based on independent networking and data encryption |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111262862B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112672356A (en) * | 2020-11-27 | 2021-04-16 | 中国大唐集团科学技术研究院有限公司 | 5G technology-based thermal power plant industrial control system network security implementation method |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20010042046A1 (en) * | 2000-03-01 | 2001-11-15 | Yasuo Fukuda | Data management system, information processing apparatus, authentification management apparatus, method and storage medium |
| CN107911347A (en) * | 2017-10-31 | 2018-04-13 | 国电南瑞科技股份有限公司 | A kind of monitoring system of distribution network and information transferring method based on across security partitioning |
| CN207283594U (en) * | 2017-09-09 | 2018-04-27 | 广西电网有限责任公司电力科学研究院 | Power transmission and transformation equipment state monitoring system based on network security subregion |
| CN110049015A (en) * | 2019-03-19 | 2019-07-23 | 中国南方电网有限责任公司 | Network security situation sensing system |
| CN209233564U (en) * | 2019-06-11 | 2019-08-09 | 成都宽域信息安全技术有限公司 | Electric power monitoring system laminates office network Security Situation Awareness Systems |
| CN110350664A (en) * | 2019-07-29 | 2019-10-18 | 云南电网有限责任公司电力科学研究院 | A kind of electric power monitoring system main station simulation system |
| CN209607185U (en) * | 2018-12-05 | 2019-11-08 | 国网浙江省电力有限公司培训中心 | A kind of electric power monitoring system network safety prevention experience system |
-
2020
- 2020-01-16 CN CN202010048868.4A patent/CN111262862B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20010042046A1 (en) * | 2000-03-01 | 2001-11-15 | Yasuo Fukuda | Data management system, information processing apparatus, authentification management apparatus, method and storage medium |
| CN207283594U (en) * | 2017-09-09 | 2018-04-27 | 广西电网有限责任公司电力科学研究院 | Power transmission and transformation equipment state monitoring system based on network security subregion |
| CN107911347A (en) * | 2017-10-31 | 2018-04-13 | 国电南瑞科技股份有限公司 | A kind of monitoring system of distribution network and information transferring method based on across security partitioning |
| CN209607185U (en) * | 2018-12-05 | 2019-11-08 | 国网浙江省电力有限公司培训中心 | A kind of electric power monitoring system network safety prevention experience system |
| CN110049015A (en) * | 2019-03-19 | 2019-07-23 | 中国南方电网有限责任公司 | Network security situation sensing system |
| CN209233564U (en) * | 2019-06-11 | 2019-08-09 | 成都宽域信息安全技术有限公司 | Electric power monitoring system laminates office network Security Situation Awareness Systems |
| CN110350664A (en) * | 2019-07-29 | 2019-10-18 | 云南电网有限责任公司电力科学研究院 | A kind of electric power monitoring system main station simulation system |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112672356A (en) * | 2020-11-27 | 2021-04-16 | 中国大唐集团科学技术研究院有限公司 | 5G technology-based thermal power plant industrial control system network security implementation method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111262862B (en) | 2021-11-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Rezai et al. | Key management issue in SCADA networks: A review | |
| Puthal et al. | SEEN: A selective encryption method to ensure confidentiality for big sensing data streams | |
| CN109951513B (en) | Quantum-resistant computing smart home quantum cloud storage method and system based on quantum key card | |
| Vijayakumaran et al. | A reliable next generation cyber security architecture for industrial internet of things environment | |
| US20180115535A1 (en) | Blind En/decryption for Multiple Clients Using a Single Key Pair | |
| CN111208779B (en) | Industrial control system data processing system and method based on independent networking | |
| CN111447067A (en) | Encryption authentication method for power sensing equipment | |
| CN115549932B (en) | Security access system and access method for massive heterogeneous Internet of things terminals | |
| Ahmed et al. | G-TBSA: A generalized lightweight security algorithm for IoT | |
| CN104992100A (en) | Iris dynamic encryption and decryption system and method for electronic document flowing | |
| Puthal et al. | Decision tree based user-centric security solution for critical IoT infrastructure | |
| CN105049448B (en) | Single-sign-on device and method | |
| Shbair et al. | A survey of https traffic and services identification approaches | |
| Ramadan | Internet of things (iot) security vulnerabilities: A review | |
| CN111262862B (en) | Industrial control system data processing system and method based on independent networking and data encryption | |
| CN108076062A (en) | Internet of things equipment safe communication system, method, networked devices and server | |
| Kayode et al. | Analysis of iot traffic using http proxy | |
| Kaushik et al. | A pixel-based digital medical images protection using genetic algorithm | |
| CN116170143A (en) | Intelligent community data safe transmission, storage and fusion use system based on national encryption algorithm | |
| CN110300183B (en) | Intelligent edge Internet of things agent device | |
| CN107426176B (en) | Safe underwater transmission method supporting confusion and zero knowledge | |
| KR20200129625A (en) | Blockchain based data transmission method in internet of things | |
| CN113364803B (en) | Block chain-based security authentication method for power distribution Internet of things | |
| CN113922961A (en) | Data encryption and decryption transmission method in intelligent security community platform data issuing and gathering | |
| Yoon et al. | Encrypted Network Traffic Analysis Method via Secure Socket Layer Handshake Control |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |