电力二次系统信息网络安全防护体系整改的探讨

Study on Security Defending Architecture Improvement of Electric Power Secondary System Information Network

为了防范黑客及恶意代码等对电力二次系统(包括电力监控系统、电力通信及数据网络等)的攻击侵害,按照安全分区、网络专用、横向隔离、纵向认证的原则规范建立电力二次系统的安全防护体系,保障生产控制大区安全,及电力系统安全稳定运行。文章具体分析国电青山热电有限公司的网络现状及存在的不安全隐患,引入物理隔离新兴技术进行整改。

In order to prevent the electric power secondary systems, including power supervision systems, power communication and data networks, etc. , from being attacked and invaded by hackers and malicious codes, a defending architecture is built up to safeguard the security of production control area and power system operation based on such principles as safety area partition, exclusive networ- king, horizontal isolation and vertical certification. The current status and insecurity factors of infor- mation network in Qingshan Co-generation Co. Ltd are analyzed in detail, and an improved scheme a- dopting latest physical isolation techniques is suggested in this paper.