CN113225313A - Information safety protection system for DCS system - Google Patents
Information safety protection system for DCS system Download PDFInfo
- Publication number
- CN113225313A CN113225313A CN202110327546.8A CN202110327546A CN113225313A CN 113225313 A CN113225313 A CN 113225313A CN 202110327546 A CN202110327546 A CN 202110327546A CN 113225313 A CN113225313 A CN 113225313A
- Authority
- CN
- China
- Prior art keywords
- dcs
- network
- industrial
- deployed
- information security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000001514 detection method Methods 0.000 claims abstract description 14
- 230000005540 biological transmission Effects 0.000 claims abstract description 9
- 238000002955 isolation Methods 0.000 claims abstract description 8
- 238000012544 monitoring process Methods 0.000 claims abstract description 5
- 241000700605 Viruses Species 0.000 claims description 17
- 238000004458 analytical method Methods 0.000 claims description 5
- 230000002155 anti-virotic effect Effects 0.000 claims description 5
- 230000008595 infiltration Effects 0.000 claims description 5
- 238000001764 infiltration Methods 0.000 claims description 5
- 238000000926 separation method Methods 0.000 claims description 3
- 230000010365 information processing Effects 0.000 claims description 2
- 238000012550 audit Methods 0.000 description 7
- 230000006399 behavior Effects 0.000 description 6
- 238000004519 manufacturing process Methods 0.000 description 5
- 238000000034 method Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 4
- 238000007726 management method Methods 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 238000013461 design Methods 0.000 description 3
- 238000011161 development Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000003014 reinforcing effect Effects 0.000 description 2
- 238000007596 consolidation process Methods 0.000 description 1
- 238000013480 data collection Methods 0.000 description 1
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 1
- 230000009545 invasion Effects 0.000 description 1
- 238000010248 power generation Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000002787 reinforcement Effects 0.000 description 1
- 230000009385 viral infection Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0631—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention relates to an information safety protection system for a DCS, which comprises: the industrial safety isolation network gate is deployed at the boundary of the DCS network and the SIS system and is used for isolating the DCS system from the SIS system and protecting the safety of the network boundary of the DCS system; the industrial network auditing system is deployed in a main switch bypass of the DCS and is used for network full-flow auditing, alarming and analyzing; the industrial log auditing system is deployed in the DCS and is used for collecting, classifying and analyzing log data of each safety device, each network device, each host system and each database; the industrial intrusion detection system is deployed in a bypass of an SIS three-layer core switch and used for monitoring industrial network transmission data in real time and carrying out intrusion detection and alarm on network data flow. The invention can ensure the safe and stable operation of the DCS system information network.
Description
Technical Field
The invention belongs to the technical field of thermal power generation, and particularly relates to an information safety protection system for a DCS (distributed control system).
Background
DCS (distributed Control System) is a short for a decentralized Control system, and is a new generation of instrument Control system which is based on a microprocessor and adopts a design principle of decentralized Control function, centralized display operation and consideration of division, autonomy and comprehensive coordination.
With the modern informatization development of enterprises, the future development of the DCS technology is bound to move to the informatization field, traditional production data are provided for front-line employees, and meanwhile various information platforms for uploading the production data are also required. In this respect, the DCS system not only needs to collect and process the necessary production real-time data services of the whole plant, but also provides a good interface and an external open function to meet the data requirements of enterprise data informatization, so that the DCS production control network and the enterprise information network are interconnected, and even a wider connection with INTERNET is possible. There are two main aspects of unsafe factors affecting the DCS system network: unsafe factors of things and people. For the DCS network, the insecurity factors of the objects are mainly insecurity of the physical layer of the network and insecurity of the data layer, and the insecurity factors of the people are mainly lack of management, vulnerabilities and non-normative, uncertain and arbitrary behaviors of the people.
The DCS system is gradually converted to be open, the system structure is simpler, and data acquisition is more conveniently realized. The DCS system is directly and indirectly connected with the external Internet, so that external bad invasion and virus infection can damage the DCS network.
Various operating systems (such as Windows) adopted by the DCS have bugs, and intruders use the bugs to attack the network, but at present, each DCS does not adopt anti-virus and Trojan horse measures.
Disclosure of Invention
The invention aims to provide an information security protection system for a DCS, which divides a production area into 3 security domains as a whole, wherein the 3 security domains are respectively a 1# security domain (public system), a 2# security domain (main control DCS system) and a 3# security domain (auxiliary control DCS system). The design is carried out from three aspects of network security, host security and application security, a security management platform, a security gateway, an intrusion detection system, a network audit system, a log audit system, industrial antivirus software, host reinforcement and related hardware and accessory equipment are added, and the safe and stable operation of the DCS information network is guaranteed.
The invention provides an information safety protection system for a DCS, which comprises:
the industrial safety isolation network gate is deployed at the boundary of the DCS network and the SIS system and is used for isolating the DCS system from the SIS system and protecting the safety of the network boundary of the DCS system;
the industrial network auditing system is deployed in a main switch bypass of the DCS and is used for network full-flow auditing, alarming and analyzing;
the industrial log auditing system is deployed in the DCS and is used for collecting, classifying and analyzing log data of each safety device, each network device, each host system and each database;
the industrial intrusion detection system is deployed in a bypass of an SIS three-layer core switch and used for monitoring industrial network transmission data in real time and carrying out intrusion detection and alarm on network data flow.
Furthermore, the system also comprises an industrial firewall which is deployed at the boundary of the DCS system and the auxiliary network DCS system and is used for logically isolating the DCS system and the auxiliary network DCS system.
Further, the system also comprises industrial antivirus software which is deployed on each workstation host.
Furthermore, the system also comprises an industrial safety management platform which is deployed in the DCS and used for collecting events and alarm information of each protected device and safety device in a centralized manner and processing and analyzing the centralized safety information.
Furthermore, the system also comprises an information security private network switch which is deployed in the DCS and used for connecting each security device to form an information security private network and realize the separation of the service data and the information security data transmission network.
Furthermore, the system also comprises information security equipment timing equipment which is deployed in the DCS and used for ensuring that the information security equipment is consistent with a clock of the DCS so as to improve the accuracy and reliability of data tracing.
Furthermore, the system also comprises an industrial personal computer which is used for cutting off the entrance of virus infiltration by closing various service ports which are easy to be utilized in the DCS system so as to reinforce the network.
Furthermore, the system also comprises a DCS system host computer which is provided with industrial white list software.
Borrow by above-mentioned scheme, through the information security protection system who is used for the DCS system, have following technological effect:
1) by the network audit and log audit functions, the DCS network data flow and the equipment state can be analyzed and detected, and various illegal behaviors, illegal equipment and viruses are prevented and alarmed through deep analysis of the message.
2) By installing and designing industrial white list software on a host computer, the DCS system is operated in an independent and safe local environment, and any service which wants to operate the DCS system needs to be subjected to safety detection and permission of a white list, so that virus isolation and controllability are realized.
3) By adding an intrusion detection system at the DCS network boundary, the intrusion of the virus can be detected and alarmed in advance, and further infiltration of the virus is cut off by adopting a manual method.
4) By reinforcing the host computer of each industrial personal computer on the data DCS field of the DCS, deleting useless and default route configuration and IP, closing field unnecessary service and closing unnecessary TCP and UDP ports (for example: 21/23, 135/137/445, etc.), isolating the entry of virus entry.
Drawings
FIG. 1 is a first deployment diagram of an information security protection system for a DCS according to the present invention;
FIG. 2 is a second deployment diagram of the information security protection system for DCS system according to the present invention.
Detailed Description
The following detailed description of embodiments of the present invention is provided in connection with the accompanying drawings and examples. The following examples are intended to illustrate the invention but are not intended to limit the scope of the invention.
Referring to fig. 1 and fig. 2, the present embodiment provides an information security system for a DCS system, including:
the industrial safety isolation network gate is arranged on the boundary of a DCS network and an SIS system and used for isolating the DCS system from the SIS system and protecting the safety of the network boundary of the DCS system.
The industrial network auditing system is deployed in a main switch bypass of the DCS and is used for network full-flow auditing, alarming and analyzing. The network audit is based on the internet, by means of modern information technology, a special method is applied, and the development process, the compliance, the reliability and the validity of a network accounting information system of an audited unit and the authenticity and the validity of accounting information based on the network are remotely audited through man-machine combination. In the embodiment, the industrial network auditing equipment is arranged on site through the DCS, so that the network state and the like of each industrial personal computer are monitored, all network communication behaviors are recorded, and various network message data are analyzed.
The industrial log auditing system is deployed in the DCS and is used for collecting, classifying and analyzing log data of all safety equipment, network equipment, a host system and a database. Industrial log auditing equipment is arranged on site through the DCS system, and logs and data of all equipment in the DCS system are collected, classified and analyzed.
The industrial intrusion detection system is deployed in a bypass of an SIS three-layer core switch and used for monitoring industrial network transmission data in real time and carrying out intrusion detection and alarm on network data flow.
This an information security protection system for DCS system adopts reliable industry safety isolation network floodgate between electric power network I district, II district, can realize the physical isolation in electric power network I district, II district. The link layer connection between networks is cut off on a circuit by adopting special hardware, and the application data can be exchanged between the networks with moderate safety. The connection initiated by the outside is cut off to protect the internal network, and only one-way transmission is possible. Industrial network auditing equipment is arranged on the site of the DCS, and the monitoring of the CPU, the physical memory, the network state and the like of each industrial personal computer is realized through an SNMP protocol. The communication message can be deeply analyzed, network attacks of industrial protocols, user misoperation, user illegal operation, illegal equipment access and transmission of malicious software such as worms and viruses can be detected in real time, an alarm is given in real time, and all network communication behaviors are recorded in detail. Industrial log auditing equipment is arranged on site in the DCS, logs of all equipment in the DCS are uploaded to a log auditing system, and log data collection, classification and analysis are carried out on safety equipment, network equipment, a host system, a database and the like. An industrial intrusion detection system is arranged in a DCS, the most complete virus inventory is collected, a virus library is periodically updated, the intrusion of the virus is checked, and personnel and equipment are timely notified to carry out necessary protection.
In this embodiment, the system further includes an industrial firewall disposed at a boundary between the DCS system and the secondary DCS system and configured to logically isolate the DCS system and the secondary DCS system.
In this embodiment, the system further includes industrial antivirus software deployed on each workstation host.
In this embodiment, the system further includes an industrial security management platform deployed in the DCS system and configured to centrally collect events and alarm information of each protected device and security device, and perform centralized security information processing and analysis.
In this embodiment, the system further includes an information security private network switch deployed in the DCS system, and configured to connect to each security device, form an information security private network, and implement separation of service data and an information security data transmission network.
In this embodiment, the system further includes an information security device timing device deployed in the DCS system, and configured to ensure that the information security device is consistent with a clock of the DCS system, so as to improve accuracy and reliability of data tracing.
In this embodiment, the system further includes an industrial personal computer for network consolidation by closing various service ports that are easily available in the DCS system and cutting off the entry for virus infiltration.
In this embodiment, the system further includes a DCS system host computer installed with industrial white list software. By the white list design of the DCS system operation software, the DCS system is divided into independent, safe and isolated areas, all operation behaviors must be strictly detected, and the DCS system is ensured to be in a clean and safe environment.
This an information security protection system for DCS system has following technological effect:
1) by the network audit and log audit functions, the DCS network data flow and the equipment state can be analyzed and detected, and various illegal behaviors, illegal equipment and viruses are prevented and alarmed through deep analysis of the message.
2) By installing and designing industrial white list software on a host computer, the DCS system is operated in an independent and safe local environment, and any service which wants to operate the DCS system needs to be subjected to safety detection and permission of a white list, so that virus isolation and controllability are realized.
3) By adding an intrusion detection system at the DCS network boundary, the intrusion of the virus can be detected and alarmed in advance, and further infiltration of the virus is cut off by adopting a manual method.
4) By reinforcing the host computer of each industrial personal computer on the data DCS field of the DCS, deleting useless and default route configuration and IP, closing field unnecessary service and closing unnecessary TCP and UDP ports (for example: 21/23, 135/137/445, etc.), isolating the entry of virus entry.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, it should be noted that, for those skilled in the art, many modifications and variations can be made without departing from the technical principle of the present invention, and these modifications and variations should also be regarded as the protection scope of the present invention.
Claims (8)
1. An information security protection system for a DCS system, comprising:
the industrial safety isolation network gate is deployed at the boundary of the DCS network and the SIS system and is used for isolating the DCS system from the SIS system and protecting the safety of the network boundary of the DCS system;
the industrial network auditing system is deployed in a main switch bypass of the DCS and is used for network full-flow auditing, alarming and analyzing;
the industrial log auditing system is deployed in the DCS and is used for collecting, classifying and analyzing log data of each safety device, each network device, each host system and each database;
the industrial intrusion detection system is deployed in a bypass of an SIS three-layer core switch and used for monitoring industrial network transmission data in real time and carrying out intrusion detection and alarm on network data flow.
2. The information security protection system for DCS system of claim 1, further comprising an industrial firewall deployed at a boundary between the DCS system and the secondary DCS system for logically isolating the DCS system from the secondary DCS system.
3. The information security system for DCS system of claim 1, further comprising industrial antivirus software deployed at each workstation host.
4. The information security protection system for the DCS system of claim 1, further comprising an industrial security management platform deployed in the DCS system and configured to collect event and alarm information of each protected device and security device in a centralized manner, and perform centralized security information processing and analysis.
5. The information security protection system for the DCS system of claim 1, further comprising an information security private network switch disposed in the DCS system and configured to connect to each security device to form an information security private network, so as to implement separation of the service data from the information security data transmission network.
6. The information security protection system for the DCS system of claim 1, further comprising an information security device timing device deployed in the DCS system for ensuring the information security device is consistent with a clock of the DCS system, so as to improve data tracing accuracy and reliability.
7. The information security system of claim 1, further comprising an industrial personal computer for network ruggedization in the DCS system by shutting down various service ports that are accessible, and cutting off entry for virus infiltration.
8. The information security system for the DCS system of claim 1, further comprising a DCS system host computer installed with industrial white list software.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110327546.8A CN113225313A (en) | 2021-03-26 | 2021-03-26 | Information safety protection system for DCS system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110327546.8A CN113225313A (en) | 2021-03-26 | 2021-03-26 | Information safety protection system for DCS system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113225313A true CN113225313A (en) | 2021-08-06 |
Family
ID=77084196
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110327546.8A Pending CN113225313A (en) | 2021-03-26 | 2021-03-26 | Information safety protection system for DCS system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113225313A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113949539A (en) * | 2021-09-27 | 2022-01-18 | 广东核电合营有限公司 | Protection method for network security of KNS system of nuclear power plant and KNS system |
| CN114629676A (en) * | 2021-11-26 | 2022-06-14 | 中国大唐集团科学技术研究院有限公司火力发电技术研究院 | Safety protection system and method for thermal power generating unit fuel system |
| CN116488949A (en) * | 2023-06-26 | 2023-07-25 | 中国电子信息产业集团有限公司第六研究所 | Industrial control system intrusion detection processing method, system, device and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130282641A1 (en) * | 2012-04-19 | 2013-10-24 | Invensys Systems, Inc. | Real time safety management system and method |
| EP2830593A1 (en) * | 2012-03-26 | 2015-02-04 | BioNTech AG | Rna formulation for immunotherapy |
| CN108646722A (en) * | 2018-07-18 | 2018-10-12 | 杭州安恒信息技术股份有限公司 | A kind of industrial control system information security simulation model and terminal |
| CN112003866A (en) * | 2020-08-26 | 2020-11-27 | 上海工业自动化仪表研究院有限公司 | Industrial control information safety system based on distributed numerical control |
-
2021
- 2021-03-26 CN CN202110327546.8A patent/CN113225313A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2830593A1 (en) * | 2012-03-26 | 2015-02-04 | BioNTech AG | Rna formulation for immunotherapy |
| US20130282641A1 (en) * | 2012-04-19 | 2013-10-24 | Invensys Systems, Inc. | Real time safety management system and method |
| CN108646722A (en) * | 2018-07-18 | 2018-10-12 | 杭州安恒信息技术股份有限公司 | A kind of industrial control system information security simulation model and terminal |
| CN112003866A (en) * | 2020-08-26 | 2020-11-27 | 上海工业自动化仪表研究院有限公司 | Industrial control information safety system based on distributed numerical control |
Non-Patent Citations (3)
| Title |
|---|
| 李仲博: "热力行业工控安全防护方案设计和实践", 《信息安全研究》 * |
| 陈荣: "安全防护在电厂DCS系统网络中的运用", 《2017年江西省电机工程学会年会论文集》 * |
| 黄达,张志鹏: "基于OVATION DCS控制系统的安全防护方案探讨", 《2020 年江西省电机工程学会年会论文集》 * |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113949539A (en) * | 2021-09-27 | 2022-01-18 | 广东核电合营有限公司 | Protection method for network security of KNS system of nuclear power plant and KNS system |
| CN114629676A (en) * | 2021-11-26 | 2022-06-14 | 中国大唐集团科学技术研究院有限公司火力发电技术研究院 | Safety protection system and method for thermal power generating unit fuel system |
| CN114629676B (en) * | 2021-11-26 | 2024-03-19 | 中国大唐集团科学技术研究院有限公司火力发电技术研究院 | Safety protection system and method for thermal power generating unit fuel system |
| CN116488949A (en) * | 2023-06-26 | 2023-07-25 | 中国电子信息产业集团有限公司第六研究所 | Industrial control system intrusion detection processing method, system, device and storage medium |
| CN116488949B (en) * | 2023-06-26 | 2023-09-01 | 中国电子信息产业集团有限公司第六研究所 | Industrial control system intrusion detection processing method, system, device and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113225313A (en) | Information safety protection system for DCS system | |
| CN107493265B (en) | A kind of network security monitoring method towards industrial control system | |
| CN104753936B (en) | OPC security gateway systems | |
| Fan et al. | Overview of cyber-security of industrial control system | |
| EP2721801B1 (en) | Security measures for the smart grid | |
| Cai et al. | SCADA system security: Complexity, history and new developments | |
| CN106209826A (en) | A kind of safety case investigation method of Network Security Device monitoring | |
| CN106886202A (en) | Control device, integrated manufacturing system (IMS) and its control method | |
| CN214306527U (en) | Gas pipe network scheduling monitoring network safety system | |
| KR20140035146A (en) | Apparatus and method for information security | |
| CN113407949A (en) | Information security monitoring system, method, equipment and storage medium | |
| CN1564530A (en) | Network safety guarded distributing invading detection and internal net monitoring system and method thereof | |
| CN115314286A (en) | Safety guarantee system | |
| Ten et al. | Cybersecurity for electric power control and automation systems | |
| Khodabakhsh et al. | Cyber-risk identification for a digital substation | |
| KR101871406B1 (en) | Method for securiting control system using whitelist and system for the same | |
| CN112003866A (en) | Industrial control information safety system based on distributed numerical control | |
| Marali et al. | Cyber security threats in industrial control systems and protection | |
| Carcano et al. | Scada malware, a proof of concept | |
| Adeyanju et al. | Digital industrial control systems: Vulnerabilities and security technologies | |
| Papa et al. | A transfer function based intrusion detection system for SCADA systems | |
| CN114374528A (en) | Data security detection method and device, electronic equipment and medium | |
| Luiijf | SCADA security good practices for the drinking water sector | |
| CN112417434A (en) | Program white list protection method combined with UEBA mechanism | |
| Ali et al. | Intrusion detection and prevention against cyber attacks for an energy management system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210806 |