CN112738063A - Industrial control system network safety monitoring platform - Google Patents
Industrial control system network safety monitoring platform Download PDFInfo
- Publication number
- CN112738063A CN112738063A CN202011559277.XA CN202011559277A CN112738063A CN 112738063 A CN112738063 A CN 112738063A CN 202011559277 A CN202011559277 A CN 202011559277A CN 112738063 A CN112738063 A CN 112738063A
- Authority
- CN
- China
- Prior art keywords
- network
- industrial control
- module
- control
- control system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/069—Management of faults, events, alarms or notifications using logs of notifications; Post-processing of notifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention discloses a network security monitoring platform of an industrial control system, which comprises: a controller protection module; a host protection module; a border, area protection module; a comprehensive early warning and auditing module; a situation awareness module; a remote maintenance module; and an authority control module. The industrial control system network security monitoring platform realizes real-time unified monitoring on the whole security condition of the steel industry internet, accurately and timely discovers potential safety hazards such as existing security holes and the like, gives an alarm to important security incidents in real time, and can display the security trend of a steel group on a highly visual graphical interface.
Description
Technical Field
The invention relates to a network security detection platform, in particular to an industrial control system network security monitoring platform.
Background
In the early development of the automation industry, the industrial control system network of a factory is relatively closed, and the industrial control system is considered to be absolutely independent once and cannot be attacked by an external network. However, in recent years, in order to realize real-time data acquisition and production control and meet the requirement of 'two-way integration' and the convenience of management, an industrial control system and an enterprise management system can directly communicate through a logic isolation mode, and the enterprise management system is generally directly connected with the internet.
Disclosure of Invention
The invention aims to provide an industrial control system network security monitoring platform, which can realize real-time unified monitoring on the whole security condition of the steel industry internet, accurately and timely discover potential safety hazards such as existing security holes and the like, give an alarm to important security events in real time, and display the security trend of a steel group on a highly visual graphical interface.
The technical scheme adopted by the invention for solving the technical problems is as follows: an industrial control system network security monitoring platform, comprising:
(1) the controller protection module: safety equipment is added in the industrial control network system, and the communication and control legality between the HMI and the field control equipment is ensured through deep analysis of an industrial protocol; threats such as network viruses, illegal intrusion, malicious control and the like are effectively prevented through a protection mechanism combining black lists and white lists;
(2) host computer protection module: access control, video monitoring and special person on duty physical safety protection measures are taken for areas where important engineer stations, databases and server core industrial control software and hardware are located;
(3) boundary, zone guard module: an MES network is independent into an area, and a traditional security gateway is arranged between the MES network and other enterprise networks for isolation; setting a network protection area, and isolating the network protection area and the MES network by adopting an industrial control security gateway; each iron front, hot rolling and cold rolling independent control network is respectively provided with an industrial gateway for regional protection; through communication and protection strategies, communication connection and data transmission are controllable to a certain extent, and data protection is carried out on each area;
(4) synthesize early warning and audit module: an industrial control monitoring and auditing terminal is deployed at the L2 layer, the operation process of a process control system and an HMI (human machine interface) to the field control equipment is recorded in detail, and the real-time monitoring and safety auditing to the key parameter configuration and the timely early warning response are realized; the safety configuration of an industrial control network, an industrial host and industrial control equipment is well done, an industrial control system configuration list is established, and configuration audit is carried out regularly; making a change plan for major configuration change, analyzing the influence, and carrying out strict safety test before implementing the configuration change;
(5) situation awareness module: the situation perception module records, analyzes and models assets such as control equipment, application or system and the like through abundant network flow of an industrial control system, a log server and threat information, performs behavior portrayal on assets of the whole network, and disposes and defends threats through terminal defense software and existing network security equipment;
(6) a remote maintenance module: the method comprises the steps that a virtual private network remote access mode is adopted in an industrial control protection area, a safety operation and maintenance auditing device is logged in after the virtual private network is dialed in to carry out operation and maintenance, a remote access relevant access log of an industrial control system is reserved, and safety audit is carried out on an operation process;
(7) the authority control module: the authority control comprises two aspects, namely, the functions of the operation nodes are strictly distributed, and each operation node is only configured with the required functions; on the other hand, different accounts are respectively allocated to different people, and each account is only allocated with the authority of the corresponding role; through the two aspects, the authority is clear, and different roles can only operate within respective authorities.
Further, the host protection module in the step 2 also comprises an industrial control security guard deployed on an HMI and a server of a field control layer and on an engineer station and a server in a production control network, and through a white list strategy of an application program, a network and USB mobile storage, illegal operation and misoperation of a user are prevented, abuse of an unknown program, a mobile storage medium and network communication is prevented, and comprehensive immunity capability of the industrial control network is effectively improved.
Further, the host protection module in step 2 further includes installing a control program in an operation station of a workstation below the L3.5 layer, which only allows software of the control system to run, and has low possibility of configuration modification and program change in the later period.
The invention has the following beneficial effects: the invention discloses an industrial control system network safety monitoring platform based on a steel network industrial control language special reading technology. The industrial control system for iron and steel production is completed by adopting various industrial control special protocols, and is a special 'language' for industrial control network systems. The method specifically reads the specific industrial control language of the steel scene, and realizes a customized protocol deep analysis technology. For example, the Modbus protocol supports conventional RS-232, RS-422, RS-485, and Ethernet devices. Most of PLC, DCS, intelligent instruments and the like in the steel production network use a Modbus protocol as a communication standard among the PLC, DCS, intelligent instruments and the like. The deep analysis is carried out on the Modbus communication protocol, and the analysis of all protocol variables of the Modbus communication protocol is completed, so that the steel production network service behavior applying the Modbus communication protocol can be described and detected.
The technology for combing the operational data of the industrial control network service of the steel and the technology for monitoring the abnormality. The technology can collect and comb the service operation data in the steel industrial control network and summarize the service white list of the user industrial control network. And (4) making a customized abnormal detection rule according to the business white list of the steel production network, and further effectively monitoring the abnormal operation of the business in the steel production network. The production network detection protection technology with the user characteristics is realized.
The method is based on the technology of detecting the attack of the forged messages of the steel production network. Industrial control service messages in the industrial control network system in the steel scene are strictly defined and are not easy to utilize. As the industrial control protocols in the steel production network are all carried on the TCP/IP protocol, the method for maliciously forging the TCP/IP messages to penetrate the industrial control network to achieve intrusion attack is also a common intrusion means. Various detection based on violation in a steel scene is typically carried out on network TCP/IP protocol stack messages, and abnormal malformed messages which are maliciously forged are found in time to form a specific defense feature library of the steel scene.
The open platform architecture of the steel industry internet is researched, innovative collaborative integration of production, energy environmental protection, equipment, security and the like is realized through the platform, and visual management and control of the whole steel production process is realized. The method can monitor intrusion behaviors and virus propagation in real time in the whole network of the industrial internet in the steel scene, timely report events such as network intrusion behaviors and virus propagation which are exploded in a large scale, and analyze and early warn potential security risks and malicious attack behaviors of the network. The method realizes real-time unified monitoring on the whole safety condition of the steel industry internet, accurately and timely discovers potential safety hazards such as existing safety holes and the like, gives an alarm to important safety events in real time, and can display the safety trend of the steel group on a highly visual graphical interface.
Drawings
FIG. 1 is a schematic diagram of a network security monitoring platform of an industrial control system according to the present invention;
FIG. 2 is a flow diagram of the structure of a border, zone guard module;
FIG. 3 is a flow diagram of the structure of the situational awareness module.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The Shandong steel sunshine limited company (hereinafter referred to as "Shangang Steel sunshine company") has a relatively large scale, the industrial production of the Shandong steel sunshine limited company is divided into a front iron group, a steel making group, a steel rolling group, a furnace coil group, a wide and thick plate and an energy metering group, each group carries out a unique production process system flow and a unique control system, the dependence of industrial safety business on the production system is stronger and stronger, the industrial control network of each production process and the MES network communication of an office intranet adopt a plurality of network cards, and the defects are that:
1) the industrial control network of the mountain steel sunshine company has no safety protection measures and faces higher network safety risks.
2) The MES system is used as a core service of a third-level production control network and is not safely isolated from a fourth-level network.
3) The field network structure is complex, and the secondary field control network such as pre-iron and steel rolling does not adopt a safety isolation means.
4) The field controllers DCS and PLC mostly adopt OPC and Modbus general protocols, and the protocols lack security authentication, so that data information is easy to steal and tamper.
5) Real-time databases such as INSQL, PI and IH used on site have high requirements on data integrity. The data communication has high requirements on network configuration, and communication interruption and data loss are not allowed to occur
6) The field controller PLC and the DCS are integrated with an open information technology, so that the safety of the system is reduced, the system is easy to be attacked by malicious codes, ARP, flood, fragments, malicious scanning and the like from an information network, and serious consequences can be caused.
7) The internal management and remote operation and maintenance have no security access means, and simultaneously lack necessary security audit measures.
8) The industrial control host and the OPC server adopt double network cards without safety protection measures, and virus infection possibility exists.
9) The safety condition and the vulnerability condition of the industrial control network are not known, and a safety monitoring means is lacked.
The information system of the iron and steel enterprise is generally divided into four layers, L4 is an ERP system for the internal management and planning of the whole enterprise, L3 is an MES system for production and execution processes, L2 is a PCS (process control) system for production processes and control, and L1 is a production equipment control system. The invention discloses a network safety monitoring platform of an industrial control system, and aims to realize three-layer safety isolation, construct a set of network safety monitoring platform of the industrial control system and realize full-coverage safety monitoring and reinforcement "
As shown in fig. 1 to 3, an industrial control system network security monitoring platform includes:
(1) the controller protection module: safety equipment is added in the industrial control network system, and the communication and control legality between the HMI and the field control equipment is ensured through deep analysis of an industrial protocol; threats such as network viruses, illegal intrusion, malicious control and the like are effectively prevented through a protection mechanism combining black lists and white lists;
(2) host computer protection module: access control, video monitoring and special person on duty physical safety protection measures are taken for areas where important engineer stations, databases and server core industrial control software and hardware are located;
(3) boundary, zone guard module: an MES network is independent into an area, and a traditional security gateway is arranged between the MES network and other enterprise networks for isolation; setting a network protection area, and isolating the network protection area and the MES network by adopting an industrial control security gateway; each iron front, hot rolling and cold rolling independent control network is respectively provided with an industrial gateway for regional protection; through communication and protection strategies, communication connection and data transmission are controllable to a certain extent, and data protection is carried out on each area;
(4) synthesize early warning and audit module: an industrial control monitoring and auditing terminal is deployed at the L2 layer, the operation process of a process control system and an HMI (human machine interface) to the field control equipment is recorded in detail, and the real-time monitoring and safety auditing to the key parameter configuration and the timely early warning response are realized; the safety configuration of an industrial control network, an industrial host and industrial control equipment is well done, an industrial control system configuration list is established, and configuration audit is carried out regularly; making a change plan for major configuration change, analyzing the influence, and carrying out strict safety test before implementing the configuration change;
(5) situation awareness module: the situation perception module records, analyzes and models assets such as control equipment, application or system and the like through abundant network flow of an industrial control system, a log server and threat information, performs behavior portrayal on assets of the whole network, and disposes and defends threats through terminal defense software and existing network security equipment;
(6) a remote maintenance module: the method comprises the steps that a virtual private network remote access mode is adopted in an industrial control protection area, a safety operation and maintenance auditing device is logged in after the virtual private network is dialed in to carry out operation and maintenance, a remote access relevant access log of an industrial control system is reserved, and safety audit is carried out on an operation process;
(7) the authority control module: the authority control comprises two aspects, namely, the functions of the operation nodes are strictly distributed, and each operation node is only configured with the required functions; on the other hand, different accounts are respectively allocated to different people, and each account is only allocated with the authority of the corresponding role; through the two aspects, the authority is clear, and different roles can only operate within respective authorities.
The host protection module in the step 2 is also arranged on an HMI and a server of a field control layer, and an engineer station and an industrial control security guard are arranged on a server in a production control network, so that the illegal operation and misoperation of a user are prevented through a white list strategy of an application program, a network and USB mobile storage, the abuse of unknown programs, mobile storage media and network communication is prevented, and the comprehensive immunity capability of the industrial control network is effectively improved.
The host protection module in the step 2 further comprises installing a control program in an operation station of a workstation below the L3.5 layer, only software of the control system is allowed to run, and the possibility of configuration modification and program change in the later period is low.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (3)
1. An industrial control system network security monitoring platform, comprising:
(1) the controller protection module: safety equipment is added in the industrial control network system, and the communication and control legality between the HMI and the field control equipment is ensured through deep analysis of an industrial protocol; threats such as network viruses, illegal intrusion, malicious control and the like are effectively prevented through a protection mechanism combining black lists and white lists;
(2) host computer protection module: access control, video monitoring and special person on duty physical safety protection measures are taken for areas where important engineer stations, databases and server core industrial control software and hardware are located;
(3) boundary, zone guard module: an MES network is independent into an area, and a traditional security gateway is arranged between the MES network and other enterprise networks for isolation; setting a network protection area, and isolating the network protection area and the MES network by adopting an industrial control security gateway; each iron front, hot rolling and cold rolling independent control network is respectively provided with an industrial gateway for regional protection; through communication and protection strategies, communication connection and data transmission are controllable to a certain extent, and data protection is carried out on each area;
(4) synthesize early warning and audit module: an industrial control monitoring and auditing terminal is deployed at the L2 layer, the operation process of a process control system and an HMI (human machine interface) to the field control equipment is recorded in detail, and the real-time monitoring and safety auditing to the key parameter configuration and the timely early warning response are realized; the safety configuration of an industrial control network, an industrial host and industrial control equipment is well done, an industrial control system configuration list is established, and configuration audit is carried out regularly; making a change plan for major configuration change, analyzing the influence, and carrying out strict safety test before implementing the configuration change;
(5) situation awareness module: the situation perception module records, analyzes and models assets such as control equipment, application or system and the like through abundant network flow of an industrial control system, a log server and threat information, performs behavior portrayal on assets of the whole network, and disposes and defends threats through terminal defense software and existing network security equipment;
(6) a remote maintenance module: the method comprises the steps that a virtual private network remote access mode is adopted in an industrial control protection area, a safety operation and maintenance auditing device is logged in after the virtual private network is dialed in to carry out operation and maintenance, a remote access relevant access log of an industrial control system is reserved, and safety audit is carried out on an operation process;
(7) the authority control module: the authority control comprises two aspects, namely, the functions of the operation nodes are strictly distributed, and each operation node is only configured with the required functions; on the other hand, different accounts are respectively allocated to different people, and each account is only allocated with the authority of the corresponding role; through the two aspects, the authority is clear, and different roles can only operate within respective authorities.
2. The industrial control system network security monitoring platform of claim 1, wherein: the host protection module in the step 2 is also arranged on an HMI and a server of a field control layer, and an engineer station and an industrial control security guard are arranged on a server in a production control network, so that the illegal operation and misoperation of a user are prevented through a white list strategy of an application program, a network and USB mobile storage, the abuse of unknown programs, mobile storage media and network communication is prevented, and the comprehensive immunity capability of the industrial control network is effectively improved.
3. The industrial control system network security monitoring platform of claim 1, wherein: the host protection module in the step 2 further comprises installing a control program in an operation station of a workstation below the L3.5 layer, only software of the control system is allowed to run, and the possibility of configuration modification and program change in the later period is low.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011559277.XA CN112738063A (en) | 2020-12-25 | 2020-12-25 | Industrial control system network safety monitoring platform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011559277.XA CN112738063A (en) | 2020-12-25 | 2020-12-25 | Industrial control system network safety monitoring platform |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112738063A true CN112738063A (en) | 2021-04-30 |
Family
ID=75616005
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011559277.XA Pending CN112738063A (en) | 2020-12-25 | 2020-12-25 | Industrial control system network safety monitoring platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112738063A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113194027A (en) * | 2021-05-21 | 2021-07-30 | 上海振华重工(集团)股份有限公司 | Safety communication gateway system for industrial internet of automatic wharf |
| CN113254936A (en) * | 2021-07-12 | 2021-08-13 | 深圳市永达电子信息股份有限公司 | Terminal safety management and control platform based on brain-like calculation |
| CN114019946A (en) * | 2021-11-11 | 2022-02-08 | 辽宁石油化工大学 | Monitoring data processing method and device of industrial control terminal |
| CN114050942A (en) * | 2022-01-11 | 2022-02-15 | 浙江国利网安科技有限公司 | Security policy configuration method, device, network equipment and medium |
| CN114465799A (en) * | 2022-02-10 | 2022-05-10 | 北京神州慧安科技有限公司 | Industrial control network safety supervision and early warning platform of production control system of thermal power plant |
| CN115174155A (en) * | 2022-06-14 | 2022-10-11 | 中国南方电网有限责任公司超高压输电公司南宁监控中心 | Industrial host terminal safety protection method, storage medium and computer device |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108063753A (en) * | 2017-11-10 | 2018-05-22 | 全球能源互联网研究院有限公司 | A kind of information safety monitoring method and system |
| CN109600386A (en) * | 2018-12-29 | 2019-04-09 | 江苏博智软件科技股份有限公司 | A kind of industry control Situation Awareness active detection system |
| CN109922085A (en) * | 2019-04-11 | 2019-06-21 | 江苏亨通工控安全研究院有限公司 | A kind of security protection system and method based on CIP agreement in PLC |
| CN110740141A (en) * | 2019-11-15 | 2020-01-31 | 国网山东省电力公司信息通信公司 | integration network security situation perception method, device and computer equipment |
| CN111835680A (en) * | 2019-04-18 | 2020-10-27 | 四川卫鼎新科信息技术有限公司 | Safety protection system of industry automatic manufacturing |
-
2020
- 2020-12-25 CN CN202011559277.XA patent/CN112738063A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108063753A (en) * | 2017-11-10 | 2018-05-22 | 全球能源互联网研究院有限公司 | A kind of information safety monitoring method and system |
| CN109600386A (en) * | 2018-12-29 | 2019-04-09 | 江苏博智软件科技股份有限公司 | A kind of industry control Situation Awareness active detection system |
| CN109922085A (en) * | 2019-04-11 | 2019-06-21 | 江苏亨通工控安全研究院有限公司 | A kind of security protection system and method based on CIP agreement in PLC |
| CN111835680A (en) * | 2019-04-18 | 2020-10-27 | 四川卫鼎新科信息技术有限公司 | Safety protection system of industry automatic manufacturing |
| CN110740141A (en) * | 2019-11-15 | 2020-01-31 | 国网山东省电力公司信息通信公司 | integration network security situation perception method, device and computer equipment |
Non-Patent Citations (1)
| Title |
|---|
| 靖长续: "钢铁冶金行业工控安全的研究", 《山东冶金》 * |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113194027A (en) * | 2021-05-21 | 2021-07-30 | 上海振华重工(集团)股份有限公司 | Safety communication gateway system for industrial internet of automatic wharf |
| CN113254936A (en) * | 2021-07-12 | 2021-08-13 | 深圳市永达电子信息股份有限公司 | Terminal safety management and control platform based on brain-like calculation |
| CN114019946A (en) * | 2021-11-11 | 2022-02-08 | 辽宁石油化工大学 | Monitoring data processing method and device of industrial control terminal |
| CN114019946B (en) * | 2021-11-11 | 2023-08-29 | 辽宁石油化工大学 | Method and device for processing monitoring data of industrial control terminal |
| CN114050942A (en) * | 2022-01-11 | 2022-02-15 | 浙江国利网安科技有限公司 | Security policy configuration method, device, network equipment and medium |
| CN114050942B (en) * | 2022-01-11 | 2022-04-26 | 浙江国利网安科技有限公司 | Security policy configuration method, device, network equipment and medium |
| CN114465799A (en) * | 2022-02-10 | 2022-05-10 | 北京神州慧安科技有限公司 | Industrial control network safety supervision and early warning platform of production control system of thermal power plant |
| CN115174155A (en) * | 2022-06-14 | 2022-10-11 | 中国南方电网有限责任公司超高压输电公司南宁监控中心 | Industrial host terminal safety protection method, storage medium and computer device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112738063A (en) | Industrial control system network safety monitoring platform | |
| CN107241224B (en) | Network risk monitoring method and system for transformer substation | |
| Lin et al. | Cyber attack and defense on industry control systems | |
| Alcaraz et al. | Security aspects of SCADA and DCS environments | |
| Fovino et al. | Modbus/DNP3 state-based intrusion detection system | |
| Fan et al. | Overview of cyber-security of industrial control system | |
| Fovino et al. | Cyber security assessment of a power plant | |
| KR101375813B1 (en) | Active security sensing device and method for intrusion detection and audit of digital substation | |
| CN104796261A (en) | Secure access control system and method for network terminal nodes | |
| CN105139139A (en) | Data processing method, device and system for operation and maintenance audit | |
| CN102195991A (en) | Terminal security management and authentication method and system | |
| CN106302535A (en) | The attack emulation mode of power system, device and attack emulator | |
| CN105867347B (en) | Cross-space cascading fault detection method based on machine learning technology | |
| CN110324323A (en) | A kind of new energy plant stand relates to net end real-time, interactive process exception detection method and system | |
| CN109639756A (en) | A kind of terminal network incidence relation is shown and equipment accesses real-time monitoring system | |
| Kim et al. | STRIDE‐based threat modeling and DREAD evaluation for the distributed control system in the oil refinery | |
| CN114125083B (en) | Industrial network distributed data acquisition method and device, electronic equipment and medium | |
| CN110262420A (en) | A kind of distributed industrial control network security detection system | |
| KR20220121745A (en) | Smart factory system | |
| CN110266680A (en) | A kind of industrial communication method for detecting abnormality based on dual similarity measurement | |
| CN108833333A (en) | A kind of honey pot system based on DCS distributed AC servo system | |
| CN111565167B (en) | Generalized remote operation information safety device and safety operation and maintenance method for intelligent substation | |
| Menzel et al. | Securing SCADA networks for smart grids via a distributed evaluation of local sensor data | |
| WO2023039676A1 (en) | Methods and systems for assessing and enhancing cybersecurity of a network | |
| Zhang et al. | Research on security protection method of industrial control boundary network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210430 |