摘要
论文对美国保险商试验所(Underwriter Laboratories Inc.,简称UL)2017年9月发布的《可联网产品的软件网络安全标准第1版,第2-2部分:工业控制系统的特殊要求》,即UL 2900-2-2网络安全标准进行解读,在分析其与UL 2900-1异同点的基础上,重点解读风险控制以及缺陷和漏洞部分。
This article aims to analyze the Standard for Software Cybersecurity for Network-Connectable-Products, Part 2-2: Particular Requirements for Industrial Control Systems (UL 2900-2-2) which was published by Underwriter Laboratories Inc.(UL) at September 2017. Based on the analysis of its similarities and differences with UL 2900-1, the article focuses on the part of Risk Controls and Vulnerability & Exploits.
作者
陈炎华
Chen Yanhua(Shenzhen Academy of Metrology & Quality Inspectio)
出处
《中国质量与标准导报》
2018年第11期42-45,共4页
China Quality and Standards Review
基金
2018年度深圳市打造深圳标准专项资金资助项目(2018SHZZ0226)
关键词
风险
漏洞
缺陷
访问控制
产品管理
risk
vulnerability
weakness
access control
product management
