期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种基于可信计算的工业控制系统信息安全解决方案 被引量:23

An Information Security Solution Scheme of Industrial Control System Based on Trusted Computing
原文传递
导出
摘要 根据工业控制系统信息安全的要求以及现有防御措施的技术特点,提出一种基于可信计算的工业控制系统信息安全解决方案,通过工业控制系统内部防火墙、入侵检测系统与可信连接服务器之间的联动验证机制,实现了多个网络安全设备的信息交互,提高了工业控制系统的综合防御能力,并且由于可信平台模块基于硬件加密、存储、控制的保护模式,克服了传统基于纯软件的修堵缝补技术导致易破解的通病,达到显著提升工业控制系统安全性的目的.结合SCADA(supervisory control and data acquisition)系统对所提出的基于可信计算的安全工业控制信息安全系统的工程实施进行了讨论. An information security solution scheme of industrial control system based on trusted computing is proposed by taking into account the characteristics of information security of industrial control system and the technical features of existing defensive measures. By using the proposed linkage mechanism between the inside firewall of industrial control systems, the intrusion detection system and the trusted connection server, inforumation interaction of network security devices is realized, which improves the overall defense capability of industrial control systems. Because of the protection pattern of trusted platform module based on hardware encryption, storage and control, the proposed solution overcomes the common shortcoming of the traditional pure software that is easily cracked, and this greatly increases security capacity of industrial control system. Finally, the trusted computing based information security solution for industrial control system is discussed by applying to the SCADA ( supervisory control and data acquisition) system.
作者 邵诚 钟梁高
机构地区 大连理工大学控制科学与工程学院
出处 《信息与控制》 CSCD 北大核心 2015年第5期628-633,640,共7页 Information and Control
基金 国家高技术研究发展计划资助项目(2014AA041802-2)
关键词 工业控制系统 信息安全 可信计算 可信连接 industry control system information security trusted computing trusted connection
分类号 TP18 [自动化与计算机技术—控制理论与控制工程]
  • 相关文献

参考文献13

  • 1彭勇,江常青,谢丰,戴忠华,熊琦,高洋.工业控制系统信息安全研究进展[J].清华大学学报(自然科学版),2012,52(10):1396-1408. 被引量:176
  • 2NSFOCUS Information Technology Co., Ltd. NSFOCUS industrial control system security situation report in 2014 [ EB/OL 1. (2014 -09 - 18 ) [ 2015 - 03 - 27 ]. http : //www. nsfoeus, com. en/report/NSFOCUS ICS Security_Report_20140918. pdf.
  • 3杨建民,杨凡.基于Tofino防火墙技术实现工业网络隔离[J].计算机与网络,2013,39(5):70-73. 被引量:5
  • 4Morris T, Vaughn R, Dandass Y, et al. A retrofit network intrusion detection system for modbus RTU and ASCII industrial control systems [ C ]//45th Hawaii International Conference on System Sciences. Piscataway, NJ, USA: IEEE, 2012 : 2338 - 2345.
  • 5于立业,薛向荣,张云贵,赵永丽,赵华,芦永明,张秀明.工业控制系统信息安全解决方案[J].冶金自动化,2013,37(1):5-11. 被引量:23
  • 6Siemens China. Defense in depth-multiple level protection[ EB/OL]. (2014 -08 -26) [ 2015 -04 -271. http: //www. industry, siemens com. cn/topics/cn/zh/industrial-security/concept/Pages/defense-in-depth, aspx? IsMobile = false.
  • 7Ralstona P A S, Grahamb J H, Hieb J L. Cyber security risk assessment for SCADA and DCS networks[J].ISA Transactions, 2007,46 (4) 583 - 594.
  • 8Knowles W, Prince D, Hutchison D, et al. A survey of cyber security management in industrial control systems[J]. International Journal ot Critical Infrastructure Protection, 2015 (9) : 52 - 80.
  • 9Symantec. Butterfly : Corporate spies out for financial gain, symantec security response[ EB/OL]. (2015 - 07 - 09). http : //www. symantec. co~r/zh/cn/security _response/publications/whitepapers. jsp.
  • 10Kallath D. Trust in trusted computing - the end of security as we know it[ J]. Computer Fraud & Security, 2005, 2005 (12) : 4 - 7.

二级参考文献119

  • 1彭杰,应启戛.工业控制网络安全问题分析[J].仪器仪表学报,2003,24(z2):338-339. 被引量:2
  • 2Peter Welander,陈廷炯.控制系统安全性的10大威胁[J].软件,2007,28(8):16-20. 被引量:2
  • 32011年中国互联网网络安全态势报告[EB/OL].http://www.cerl:.orgcn/pubhsh/mn/12/2012/20120330183919343905632/20120330183919343905632-.html,2012-08-29.
  • 4NIST SP800-82.Guide to Industrial Control Systems(ICS)Security[S].Gaithersburg,USA:National Institute of Standards and Technology(NIST),2011.
  • 5Simon H A.The architecture of complexity[C] //Proceedings of the American Philosophical Society.Philadelphia,USA:Batsford,1962:467-482.
  • 6Bishop M.Computer Security[M].Boston,USA:Addison Wesley,2003.
  • 7Department of Homeland Security(DHS).Cyber Security Assessments of Industrial Control System[S].Washington DC,USA:Department of Homeland Security(DHS),2010.
  • 8The European Network and Information Security Agency(ENISA).Protecting Industrial Control Systems,Recommendations for Europe and Member States[R].Heraklion,Greece:Recommendations for Europe and Member States,2011.
  • 9Byres E J,Kay J,Carter J.Myths and facts behind cyber security and industrial control(2003)[Z/OL].(2010-02-12),http://www.pimaweb.org/conference/april2003/pdfs/MythsAndFactsBehindCyberSecurity.pdf.
  • 10David A.Multiple Efforts to Secure Control Systems Are Under Way,but Challenges Remain,GAO-07-1036[R].Washington DC,USA:US Government Accountability Office(US GAO),2007.

共引文献198

同被引文献172

引证文献23

二级引证文献141

信息与控制
2015年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部