摘要
田湾核电站应急指挥中心(以下简称ECC)系统数据库服务器、应用服务器通过交换机直接和一、二号机组TXP的XU01连接。ECC数据库服务器收到1/2号机组XU发送过来的实时数据后,还需通过防火墙接入互联网向场外上级机关发送数据。数据接收和发送过程客观上仅通过防火墙隔离了互联网和生产系统,防火墙是逻辑隔离设备,很容易被黑客、病毒等利用,进而影响机组运行安全。通过在ECC侧增设横向隔离装置,同时将原双向通信协议修改为单向通讯协议可以大大提高机组安全防范能力。
The database server and application server of TNPS ECC directly connect to the XU01 of Unitl&Unit2 TXP system by the switch.The database server connects to the internet by the firewall and sends the data to the organs at higher levels after it receives the data sent by the XUO1.The internet and the production system is only isolated by the firewall objectively when the data is sent and received.The firewall is logical isolation equipment and is easily exploited by the hacker and computer viruses,and influence the safety of nuclear power station.The in'formation safety of Unit's are extremely en hanced by adding isolation equipment at ECC sides and simultaneously changing the communication protocol from double to single protocol.
出处
《工业控制计算机》
2013年第6期4-5,8,共3页
Industrial Control Computer
关键词
横向隔离装置
安全防范
防火墙
应用服务器
horizontal isolation device
security defense
firewall
application server