Computer Engineering and Applications ›› 2016, Vol. 52 ›› Issue (13): 8-18.

Previous Articles     Next Articles

Review of industrial control systems security

TAO Yaodong1,2, LI Ning1, ZENG Guangsheng1   

  1. 1.Shenyang Institute of Computing Technology, University of Chinese Academy of Sciences, Shenyang 110168, China
    2.Shenyang Institute of Computing Technology Co., Ltd., Chinese Academy of Sciences, Shenyang 110168, China
  • Online:2016-07-01 Published:2016-07-15

工业控制系统安全综述

陶耀东1,2,李  宁1,曾广圣1   

  1. 1.中国科学院大学 沈阳计算技术研究所,沈阳 110168
    2.中国科学院 沈阳计算技术研究所有限公司,沈阳 110168

Abstract: Industrial Control System(ICS) as the core of the national infrastructure control equipment, the security affects national economy and people’s livelihood. After the Stuxnet virus outbreak, it gradually attracts national, business and strategic security people attention. This paper analyzes the structure and assets, vulnerability, threats, security countermeasures and risk assessment five aspects of industrial control system. It provides a four-levels-function security management model which imitates the immune system, and then elaborates the defense in depth, firewall, abnormal examination, Conpot, secure remote access and management strategy. The paper points out that ICS security will become the greatest opportunity and challenge to the smart city, smart manufacturing, industrial 4.0 and other emerging technologies. Finally, according to the domestic industrial security plan, it makes recommendations for industrial security and looks forward ICS security prospects.

Key words: Industrial Control System(ICS), Control Systems Honeypot(Conpot), security, defense-in-depth

摘要: 工业控制系统(ICS)作为国家基础设施的核心控制设备,其安全关系国计民生。震网(Stuxnet)病毒爆发以后,工控安全逐渐引起国家、企业、战略安全人士的高度重视。总结分析了工控系统的结构资产、脆弱性、存在的威胁、安全措施与风险评估等内容;提出了四层功能的仿免疫系统的安全管理模型,并重点分析其中的关键防御技术,例如深度防御、防火墙、异常检查、Conpot(Control Systems Honeypot)、安全远程访问以及管理策略;指出工控系统安全将会是智慧城市、智慧制造与工业4.0等新兴技术的发展契机与最大挑战;最后结合国内工控安全布局规划,给出工控安全建议,并展望未来的发展前景。

关键词: 工业控制系统(ICS), Conpot系统, 安全, 深度防御