CN106899553A - A kind of industrial control system safety protecting method based on private clound - Google Patents
A kind of industrial control system safety protecting method based on private clound Download PDFInfo
- Publication number
- CN106899553A CN106899553A CN201510961948.8A CN201510961948A CN106899553A CN 106899553 A CN106899553 A CN 106899553A CN 201510961948 A CN201510961948 A CN 201510961948A CN 106899553 A CN106899553 A CN 106899553A
- Authority
- CN
- China
- Prior art keywords
- industrial control
- private clound
- control system
- security
- management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 47
- 238000007726 management method Methods 0.000 claims abstract description 49
- 238000003860 storage Methods 0.000 claims abstract description 17
- 230000002787 reinforcement Effects 0.000 claims abstract description 14
- 238000000638 solvent extraction Methods 0.000 claims abstract description 13
- 238000012550 audit Methods 0.000 claims abstract description 11
- 238000011156 evaluation Methods 0.000 claims abstract description 11
- 230000008569 process Effects 0.000 claims abstract description 11
- 238000012360 testing method Methods 0.000 claims abstract description 11
- 238000004891 communication Methods 0.000 claims description 8
- 238000005192 partition Methods 0.000 claims description 4
- 238000001514 detection method Methods 0.000 claims description 3
- 230000006855 networking Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 239000000203 mixture Substances 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000000151 deposition Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000018109 developmental process Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000009472 formulation Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000012552 review Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000033772 system development Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B19/00—Programme-control systems
- G05B19/02—Programme-control systems electric
- G05B19/418—Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM]
- G05B19/4185—Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM] characterised by the network communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/02—Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Virology (AREA)
- Manufacturing & Machinery (AREA)
- Quality & Reliability (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Automation & Control Theory (AREA)
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present invention is that a kind of industrial control system safety protecting method based on private clound is related to technical field of industrial control, particularly belongs to field of industrial control safety, it is proposed that a kind of industrial control system safety protecting method based on private clound.The module of present invention application includes access rights management, security partitioning management, network firewall configuration, industry control firewall configuration, system reinforcement and patch reparation, private clound;Wherein, private clound includes that security strategy definition is reviewed with management, system mend storage, Malware and code knowledge base, security log and audit, system robustness evaluation and test, historical events and product process again.By the cooperating of these modules, the present invention is realized and carries out effective security protection to the industrial control system under networked environment.
Description
Technical field
The present invention is a kind of industrial control system safety protecting method based on private clound, is related to work
Industry control technology field, particularly belongs to field of industrial control safety.
Background technology
Industrial control system typically potentially includes following three layers:Enterprise management level, industrial control system layer,
Scene equipment level.Enterprise management level includes management computer (hereinafter referred to as supervisor), monitoring
The equipment such as computer (hereinafter referred to as monitoring equipment), application server, printer;Industrial control system layer
Include the equipment such as engineer station, operator station, opc server;Scene equipment level then includes
Various field control equipment and live execution equipment, general field control equipment include
Single-chip microcomputer, PLC, industrial control computer, DCS etc., and the execution equipment at scene then basis
Different industries have very big difference.Because different industrial control systems layout may be included above
One layer or two layers, therefore, it can be divided into the composition of industrial control system:Management is calculated
Machine, control computer, industry control server, field controller, live execution equipment.
Because traditional industrial control system is very high for the requirement of security and real-time, because
This, traditional industrial control system be it is isolated, later, the demand for managing for convenience, portion
Technical of industrial control system development is divided to form corporate intranet, then, with industry 4.0 and Internet of Things
The popularization of net, more industrial control systems may further access internet.Face so
Huge challenge, it is eager the need for set up the safety protecting method of a set of industrial control system, with
Ensure the overall security of industrial control system while technological progress is met.
The security risk of industrial control system is mainly included following aspects:
(1) industrial control system does not account for risk of networking at the beginning of research, therefore,
Most of existing industrial control equipment generally existing software version is relatively low, system vulnerability is not repaiied
Multiple the problems such as;
(2) existing industrial control system is typically no carries out good partition management, only
According to physical boundary subregion, some dangerous high equipment may be dispersed in different factories
Fang Zhong;
(3) do not conduct interviews control to industrial control equipment, some computers, server
Name in an account book password may be used in conjunction to be not provided with, and some live controllers and control device may
Also direct networking operation etc.;
(4) mass data that existing industrial control system is produced does not carry out necessary depositing generally
Storage.
The content of the invention
It is an object of the invention to provide a kind of industrial control system security protection based on private clound
Method, corporate intranet, Internet of Things are accessed even in industrial control system to meet development need
In the case of internet, security protection is carried out to industrial control system.
In order to achieve the above object, present invention employs following technical scheme:
A kind of Industry Control safety protecting method based on private clound, including access rights management,
Security partitioning management, network firewall configuration, industry control firewall configuration, system reinforcement and patch
Reparation, private clound;Wherein, private clound includes that security strategy is defined and management, system mend again
Storage, Malware/code knowledge base, security log and audit, system robustness evaluation and test,
Historical events/product process is reviewed.Workflow is:Industry Control security protection platform passes through
Data acquisition obtains the data such as information, state of each component devices of industrial control system, and
In storing private clound, then to access rights management, security partitioning management, network firewall
Configuration, industry control firewall configuration, system reinforcement and patch reparation are configured, finally will protection
Rule (security strategy, system reinforcement, patch reparation etc.) returns to industrial control system and reaches
To the purpose of security protection.
Preferably, a kind of described Industry Control safety protecting method based on private clound, its
Access rights management to each access device in industrial control system conduct interviews control and
Account management, including it is the management computer of on-site, control computer, industry control server, existing
Field controller, live execution equipment etc..
Preferably, a kind of described Industry Control safety protecting method based on private clound, its
Security partitioning management to different class of safety protection in industrial control system, different danger classes,
The target of different security requirements carries out partition management, and strictly carries out corresponding border access control.
Preferably, a kind of described Industry Control safety protecting method based on private clound, its
Network firewall is configured, and legacy network communication that may be present in industrial control system (is based on
IP communications protocol) security protection is carried out, its malicious code/software data for being used for detection
From private clound.
Preferably, a kind of described Industry Control safety protecting method based on private clound, its
Industrial fireproof wall is configured, and the industrial control system equipment room communication to there is requirement of real-time uses white
List mode carries out security protection.
Preferably, a kind of described Industry Control safety protecting method based on private clound, its
System reinforcement and patch are repaired, and the equipment in industrial control system are reinforced and patch reparation,
Due to industrial control system for real-time and successional requirement, it is necessary to select to be tieed up in system
The system reinforcement and patch for repairing etc. (idle) when not influenceing actual production to carry out correlation are repaiied
Mend work.
Preferably, a kind of described Industry Control safety protecting method based on private clound, its
Security strategy definition in private clound is directed to safe plan defined in whole system with management storage
Omit, including access rights management strategy, security partitioning management strategy, network firewall configuration plan
Summary, industry control firewall configuration strategy, system mend are reinforced and correcting strategy (idle).
Preferably, a kind of described Industry Control safety protecting method based on private clound, its
In the system mend storage whole industrial control system of storage in private clound in institute's component devices
System mend, including management computer patch, control computer patch, industry control server patch,
Field controller patch and live execution equipment patch, every kind of different model different editions set
Next choice fourth is stored and managed respectively.
Preferably, a kind of described Industry Control safety protecting method based on private clound, its
Malware/code knowledge library storage in private clound can for industrial control system existing equipment
Malware/the code that can be attacked.
Preferably, a kind of described Industry Control safety protecting method based on private clound, its
Security log and audit in private clound, to each facility information, state by data acquisition
Data flow stored and analyzed, generate security log, and can be utilized for security audit.
Preferably, a kind of described Industry Control safety protecting method based on private clound, its
Data are divided by the system robustness evaluation and test in private clound in real time according to the prior index formulated
Analysis, and provide the evaluation and test data of system robustness.
Preferably, a kind of described Industry Control safety protecting method based on private clound, its
Historical events/product process in private clound is reviewed, according to a large amount of numbers of the storage in private clound
According to carrying out reviewing for historical events/product process.
The beneficial effects of the present invention are based on private clound, it is proposed that a kind of Industry Control
The safety protecting method of system, copes with the security threat that industrial control system networking brings.
The present invention proposes a kind of industrial control system safety protecting method based on privately owned cloud, utilizes
The mass data that privately owned cloud can be produced with each equipment of storage industry control system, the sea of acquisition
Amount data can be used to carry out security log and audit, system robustness evaluation and test, historical events/
Product process is reviewed;Industrial control system safety protecting method based on privately owned cloud, can be with
Set for existing industrial control system is connected or obtained by mobile memory medium with outer net
Standby system mend, Malware/malicious code data, and being stored, it is to avoid industry
The risk that control system is directly connected with outer net or directly plug mobile memory medium brings;Separately
Outward, the industrial control system safety method based on private clound, can set in cloud storage space
The security strategy of industrial control system, and setting is updated to system in the case of feasible.
Brief description of the drawings
Fig. 1, it is flow chart of the present invention;
Fig. 2, it is implementation method schematic diagram.
Specific embodiment
Specific embodiment of the invention is further described below in conjunction with the accompanying drawings, but this hair
Bright implementation method not limited to this.
As shown in figure 1, of the invention, i.e., a kind of Industry Control security protection side based on private clound
Method, including access rights management, security partitioning management, network firewall configuration, industry control fire prevention
Wall configuration, system reinforcement and patch reparation (idle), private clound;Wherein, private clound includes again
Security strategy is defined and management, system mend storage, Malware/code knowledge base, safety
Daily record is reviewed with audit, system robustness evaluation and test, historical events/product process.Workflow
For:Industry Control security protection platform obtains industrial control system each group by data acquisition
The data such as information, the state of forming apparatus, and store in private clound, then to access rights pipe
Reason, security partitioning management, network firewall configuration, industry control firewall configuration, system reinforcement and
Patch repair (idle) configured, finally will protection rule (security strategy, system reinforcement,
Patch reparation etc.) return to industrial control system and reach the purpose of security protection.
Wherein, access rights are managed for entering to each access device in industrial control system
Row access control and account management, including on-site management computer, control computer, work
Control server, field controller, live execution equipment etc., as shown in Figure 1.
Security partitioning is managed for different class of safety protection, different danger in industrial control system
Dangerous grade, the target of different security requirements carry out partition management, and strictly carry out corresponding border
Access control and account management.Subregion has been carried out mainly for scene equipment level in the present embodiment,
As shown in Fig. 2 area principle is according to Different field control device subregion:Single-chip microcomputer, PLC,
DCS, industrial control computer.
As shown in Fig. 2 industrial control system specifically includes supervisor, prison in enterprise management level again
The equipment of the interconnections such as control machine, application server, printer is again specific in industrial control system layer
The equipment of interconnection such as including engineer station, operator station, opc server.Use network
Firewall configuration, it is (logical based on IP to legacy network communication that may be present in industrial control system
News agreement) security protection is carried out, its malicious code/software data for being used for detection is derived from
Private clound.In the present embodiment, network firewall configuration is in enterprise management level and industrial control system layer
Between communicate between, for carrying out security protection.
As shown in Fig. 2 configured using industrial fireproof wall, to the Industry Control for having requirement of real-time
Communicated between system equipment carries out security protection using white list mode.In the present embodiment, industry
Firewall configuration be arranged respectively at industrial control system layer with the communication line of scene equipment level on,
And in scene equipment level each live execution equipment signal input part.System reinforcement and patch
Repairing (idle), for being reinforced to the equipment in industrial control system and patch reparation,
Due to industrial control system for real-time and successional requirement, it is necessary to select to be tieed up in system
The system reinforcement and patch for repairing etc. (idle) when not influenceing actual production to carry out correlation are repaiied
Mend work.
As shown in Fig. 2 the security strategy in private clound is defined and managed for storing for whole
Security strategy defined in system, including access rights management strategy, security partitioning management strategy,
Plan is reinforced and repaired to network firewall configuration strategy, industry control firewall configuration strategy, system mend
Slightly (idle).During system mend in private clound is stored for storing whole industrial control system
System mend in institute's component devices, including management computer patch, control computer patch,
Industry control server patch, field controller patch and live execution equipment patch, every kind of difference
The equipment patch of model different editions is stored and managed respectively.Malware/generation in private clound
Code knowledge base is used to store the malice that may be attacked for industrial control system existing equipment
Software/code.Security log and audit in private clound, for by each of data acquisition
Individual facility information, the data flow of state are stored and analyzed, and generate security log, and can use
To carry out security audit.System robustness evaluation and test in private clound, for according to formulation in advance
Index is analyzed data in real time, and provides the evaluation and test data of system robustness.In private clound
Historical events/product process review, for according to mass data of the storage in private clound,
Carry out reviewing for historical events/product process.
The foregoing is only presently preferred embodiments of the present invention, be not intended to limit the invention, it is all
Within the spirit and principles in the present invention, any modification, equivalent substitution and improvements made etc.,
Should be included within protection scope of the present invention.
Claims (10)
1. a kind of industrial control system safety protecting method based on private clound, it is characterised in that including access rights management, security partitioning management, network firewall configuration, industry control firewall configuration, system reinforcement and patch reparation, private clound;Wherein, private clound includes that security strategy definition is reviewed with management, system mend storage, Malware/code knowledge base, security log and audit, system robustness evaluation and test, historical events/product process again;
Workflow is:Industrial control system security protection platform passes through data acquisition, to obtain the data such as information, state of each component devices of industrial control system, and store in private clound, then access rights management, security partitioning management, network firewall configuration, industry control firewall configuration, system reinforcement and patch reparation are configured, the protection rule such as security strategy, system reinforcement, patch reparation is finally returned into industrial control system and the purpose of security protection is reached.
2. a kind of industrial control system safety protecting method based on private clound according to claim 1, it is characterized in that, described access rights management, controls and account management being conducted interviews including each access device including the management computer of on-site, control computer, industry control server, field controller, live execution equipment etc. in industrial control system.
3. a kind of industrial control system safety protecting method based on private clound according to claim 1, it is characterized in that, described security partitioning management, different class of safety protection, different danger classes, the target of different security requirements in industrial control system are carried out by partition management, and strictly carry out corresponding border access control.
4. a kind of industrial control system safety protecting method based on private clound according to claim 1, it is characterized in that, described network firewall configuration, security protection is carried out to the legacy network communication based on IP communications protocol that may be present in industrial control system, the malicious code or software data that it is used for detection derive from private clound;Described industrial fireproof wall configuration, the industrial control system equipment room communication to there is requirement of real-time carries out security protection using white list mode.
5. a kind of industrial control system safety protecting method based on private clound according to claim 1, it is characterized in that, security strategy definition and management in described private clound, storage is directed to security strategy defined in whole system, including access rights management strategy, security partitioning management strategy, network firewall configuration strategy, industry control firewall configuration strategy, system mend are reinforced and correcting strategy.
6. a kind of industrial control system safety protecting method based on private clound according to claim 1, it is characterized in that, system mend storage in described private clound, store the system mend in institute's component devices in whole industrial control system, including management computer patch, control computer patch, industry control server patch, field controller patch, live execution equipment patch etc., the equipment patch of every kind of different model different editions is stored and managed respectively.
7. a kind of industrial control system safety protecting method based on private clound according to claim 1, it is characterized in that, Malware/code knowledge base in described private clound, storage may be directed to Malware/code that industrial control system existing equipment is attacked.
8. a kind of industrial control system safety protecting method based on private clound according to claim 1, it is characterized in that, security log and audit in described private clound, each facility information for being obtained by data acquisition, the data flow of state are stored and analyzed, generation security log, and can be utilized for security audit.
9. a kind of industrial control system safety protecting method based on private clound according to claim 1, it is characterized in that, data are analyzed, and provide the evaluation and test data of system robustness by the system robustness evaluation and test in described private clound in real time according to the prior index formulated.
10. a kind of industrial control system safety protecting method based on private clound according to claim 1, it is characterized in that, historical events/product process in described private clound is reviewed, and according to data of the storage in private clound, carries out reviewing for historical events/product process.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510961948.8A CN106899553A (en) | 2015-12-19 | 2015-12-19 | A kind of industrial control system safety protecting method based on private clound |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510961948.8A CN106899553A (en) | 2015-12-19 | 2015-12-19 | A kind of industrial control system safety protecting method based on private clound |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106899553A true CN106899553A (en) | 2017-06-27 |
Family
ID=59190449
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510961948.8A Pending CN106899553A (en) | 2015-12-19 | 2015-12-19 | A kind of industrial control system safety protecting method based on private clound |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106899553A (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107544470A (en) * | 2017-09-29 | 2018-01-05 | 杭州安恒信息技术有限公司 | A kind of controller guard technology based on white list |
CN108055261A (en) * | 2017-12-11 | 2018-05-18 | 中车青岛四方机车车辆股份有限公司 | Industrial network security system deployment method and security system |
CN108600232A (en) * | 2018-04-27 | 2018-09-28 | 北京网藤科技有限公司 | A kind of industry control safety auditing system and its auditing method |
CN111371746A (en) * | 2020-02-21 | 2020-07-03 | 北京京东尚科信息技术有限公司 | Operation and maintenance system and operation and maintenance method for batch private cloud |
CN113965402A (en) * | 2021-11-01 | 2022-01-21 | 安天科技集团股份有限公司 | Configuration method and device of firewall security policy and electronic equipment |
CN115174219A (en) * | 2022-07-06 | 2022-10-11 | 哈尔滨工业大学(威海) | Management system capable of adapting to multiple industrial firewalls |
CN117852027A (en) * | 2024-01-09 | 2024-04-09 | 北京建恒信安科技有限公司 | Industrial control system protection method, system and storage medium based on identity security |
-
2015
- 2015-12-19 CN CN201510961948.8A patent/CN106899553A/en active Pending
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107544470A (en) * | 2017-09-29 | 2018-01-05 | 杭州安恒信息技术有限公司 | A kind of controller guard technology based on white list |
CN108055261A (en) * | 2017-12-11 | 2018-05-18 | 中车青岛四方机车车辆股份有限公司 | Industrial network security system deployment method and security system |
CN108055261B (en) * | 2017-12-11 | 2020-11-06 | 中车青岛四方机车车辆股份有限公司 | Industrial network security system deployment method and security system |
CN108600232A (en) * | 2018-04-27 | 2018-09-28 | 北京网藤科技有限公司 | A kind of industry control safety auditing system and its auditing method |
CN108600232B (en) * | 2018-04-27 | 2021-11-16 | 北京网藤科技有限公司 | Industrial control safety audit system and audit method thereof |
CN111371746A (en) * | 2020-02-21 | 2020-07-03 | 北京京东尚科信息技术有限公司 | Operation and maintenance system and operation and maintenance method for batch private cloud |
CN113965402A (en) * | 2021-11-01 | 2022-01-21 | 安天科技集团股份有限公司 | Configuration method and device of firewall security policy and electronic equipment |
CN115174219A (en) * | 2022-07-06 | 2022-10-11 | 哈尔滨工业大学(威海) | Management system capable of adapting to multiple industrial firewalls |
CN115174219B (en) * | 2022-07-06 | 2024-04-19 | 哈尔滨工业大学(威海) | Management system capable of adapting to various industrial firewalls |
CN117852027A (en) * | 2024-01-09 | 2024-04-09 | 北京建恒信安科技有限公司 | Industrial control system protection method, system and storage medium based on identity security |
CN117852027B (en) * | 2024-01-09 | 2024-07-19 | 北京建恒信安科技有限公司 | Industrial control system protection method, system and storage medium based on identity security |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106899553A (en) | A kind of industrial control system safety protecting method based on private clound | |
CN107659543B (en) | Protection method for APT (android packet) attack of cloud platform | |
CN109583711B (en) | Safety risk assessment overall process management system | |
CN113660296B (en) | Method and device for detecting anti-attack performance of industrial control system and computer equipment | |
CN104683127A (en) | Method and system for centrally checking weak passwords of equipment | |
Lemaire et al. | A SysML extension for security analysis of industrial control systems | |
CN104850093A (en) | Method for monitoring security in an automation network, and automation network | |
CN112052607A (en) | Intelligent penetration testing method and device for power grid equipment and system | |
CN113301040B (en) | Firewall strategy optimization method, device, equipment and storage medium | |
CN112866262B (en) | Power plant safety I area situation perception platform based on neural network | |
CN110033174A (en) | A kind of industrial information efficient public security system building method | |
CN106920022B (en) | Safety vulnerability assessment method, system and equipment for cigarette industrial control system | |
Green et al. | Achieving ICS resilience and security through granular data flow management | |
Wang et al. | Cybersecurity risk assessment method of ICS based on attack-defense tree model | |
US20220405398A1 (en) | Cybersecurity hazard analysis tool | |
Yousiff et al. | Designing a blockchain approach to secure firefighting stations based Internet of things | |
CN104579784A (en) | Electric power industry control system network management method based on multi-dimensional virtual link | |
CN104125192A (en) | Virtual-machine safety protection system and method | |
CN110855654B (en) | Vulnerability risk quantitative management method and system based on flow mutual access relation | |
CN114465800B (en) | Industrial control network safety protection device and network safety protection method for tobacco industry | |
CN113311805B (en) | Zero trust network access control method for automatic port bridge crane operation system | |
CN100367230C (en) | Action control method based on LSM programme | |
Betancourt et al. | Linking intrusion detection system information and system model to redesign security architecture | |
CN106411816A (en) | Industrial control system, secure interconnection system and processing method thereof | |
CN201403103Y (en) | Network fixation safety management system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20170627 |
|
WD01 | Invention patent application deemed withdrawn after publication |