摘要
关键基础设施(critical infrastructure,CI)是现代社会服务的主要提供者,其提供的服务一旦中断,很可能会给社会造成灾难性后果。近年来,随着智能化的控制设备在关键基础设施领域的大规模应用,在带来智能控制的同时也引入了信息安全问题。"震网"、"Duqu"以及"Flame"等蠕虫病毒攻击事件的先后发生,拉响了关键基础设施信息安全的警钟。文章首先从关键基础设施及其信息安全特点的角度对其安全性进行了分析,并针对关键基础设施典型入侵攻击及防护进行了论述,然后从关键基础设施信息安全防护框架和安全测试平台两个方面开展对关键基础设施防护的研究工作,最后对我国关键基础设施的信息安全防护工作作出了展望。
Critical infrastructures(CI) are the main provider of modern social services, and it' s likely to cause serious disaster to society if the services are interrupted. In recent years, intelligent control devices are used in a large scale in the field of CI, it brings intelligent control as well as introduces cyber security problems in CI. The attacks which were brought about by "Stuxnet" virus, "E)uqu" virus and "Flame" virus happened one after another, and alterted the alarm of CI cyber security,The paper analyzes the security of CI from the perspective of CI and its information security features firstly,and expouds typical CI intrusion attacks and protection, then carried out the research of CI protection from CI cyber security protective framework and testbed.Finaly it make a outlook of the protection of CI of the country.
出处
《智慧工厂》
2016年第3期45-49,共5页
Smart Factory
基金
容忍入侵的工业控制系统信息安全防护的基础理论与关键技术
国家自然科学基金重点项目(61433006)
容忍入侵的信息物理融合系统安全策略优化与实时控制方法
国家自然科学基金面上项目(61272204)
关键词
信息安全
关键基础设施
防护框架
测试平台
cyber security critical infrastructure protective framework testbed
