智能电网与网络安保(一)

Smart Grid and Cyber Security

本文概述了智能电网安保实施的原则和建议。实施的细节可以根据不同的对象,查找相关的安保标准而进行。随着部署信息通信技术能力的提高,随之而来的网络安保挑战也相应增加,本文就是针对安保方面的总体思考。本文所述的网络安保是针对在通信网络传输或存储于计算机系统中的数据而言的。智能电网安保要比网络安保宽泛得多,它包括了物理安保。物理安保是指设备保护和设备访问,包括数据中心。策略也要实施全面安保和访问控制。比如,防止通过漏洞对网络进行访问(网络安保攻击),由非授权人员对数据访问(物理访问控制失效)或非授权的数据拷贝(违反安保策略)。

The paper provides an overview of the breadth of practices and components in a comprehensive Smart Grid security implementation.The details of implementation alternatives associated with the various topics can be found in other security standards.While increased deployment of ICT capabilities are generally associated with increased cyber security challenges,this overview provides an introduction to a broader set of security considerations.The paper refers to cyber security as protection of data being transmitted over a communications network or stored on computer systems.Smart Grid security is broader than cyber security alone in that it includes physical security.Physical security refers to the protection of equipment and access to equipment,including data centers.Policies also are a component of comprehensive security and privacy controls.For example,a privacy breach could occur by access via a network(cyber security attack,by an unauthorized person gaining access to data(failure of physical access controls or the unauthorized copying of data(security policy violations.