工控系统服务安全运行技术研究被引量：1

Research on Safe Operation Technology of Industrial Control System Service

下载PDF

导出

摘要针对工控系统信息安全风险日益增加的问题,给出基于CNN-Focal入侵检测模型和状态监测防火墙的可行性解决问题方法,实现对工控系统的服务安全正常运行。试验表明:状态监测防火墙流量数据包丢包率低至16.6%,受攻击状态下工控系统吞吐量与正常情况下几乎相同;与支持向量机方法相比,基于CNN-Focal入侵检测模型的损失函数综合指标更好。 Aiming at the problem of increasing information security risks of industrial control systems,a feasible solution method based on the CNN-Focal intrusion detection model and state monitoring firewall was given to realize the safe and normal operation of the services of the industrial control system.The experiments show that the packet loss rate of traffic data in a condition monitoring firewall is as low as 16.6%,and the throughput of the industrial control system under attack is almost the same as that under normal conditions;compared with the support vector machine method,the comprehensive index of loss function based on the CNN-Focal intrusion detection model is better.

作者吴金宇陶文伟吴昊陈刚 Wu Jinyu;Tao Wenwei;Wu Hao;Chen Gang(China Southern Power Grid Co., Ltd., Guangzhou Guangdong 510623,China;China Southern Power Grid Digital Grid Research Institute Co., Ltd. ,Guangzhou Guangdong 510555, China)

机构地区中国南方电网有限责任公司中国南方电网数字电网研究院有限公司

出处《电气自动化》 2021年第3期92-95,共4页 Electrical Automation

关键词工业控制系统电网工控系统安全运行可信网络深度学习 industrial control system power grid industrial control system safe operation trusted network deep learning

分类号 TP393.08 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献4

1高冉馨,陈乐然,李敏.“互联网+能源”模式下电力工控系统的可靠性分析[J].电信科学,2017,33(S1):102-107. 被引量：1
2应欢,刘松华,韩丽芳,缪思薇,周亮.电力工业控制系统安全技术综述[J].电力信息与通信技术,2018,16(3):56-63. 被引量：21
3邵诚,钟梁高.一种基于可信计算的工业控制系统信息安全解决方案[J].信息与控制,2015,44(5):628-633. 被引量：23
4周慎学,范渊,夏克晁,尹峰,胡伯勇,杜永春.台二电厂工控系统信息安全防护体系的建设[J].中国电力,2017,50(8):53-57. 被引量：13

二级参考文献41

1陈华.网格的访问控制模型[J].微机发展,2004,14(8):27-29. 被引量：5
2廖建容,段斌,谭步学,孙璐.基于口令的变电站数据与通信安全认证[J].电力系统自动化,2007,31(10):71-75. 被引量：26
3NSFOCUS Information Technology Co., Ltd. NSFOCUS industrial control system security situation report in 2014 [ EB/OL 1. (2014 -09 - 18 ) [ 2015 - 03 - 27 ]. http : //www. nsfoeus, com. en/report/NSFOCUS ICS Security_Report_20140918. pdf.
4Morris T, Vaughn R, Dandass Y, et al. A retrofit network intrusion detection system for modbus RTU and ASCII industrial control systems [ C ]//45th Hawaii International Conference on System Sciences. Piscataway, NJ, USA: IEEE, 2012 : 2338 - 2345.
5Siemens China. Defense in depth-multiple level protection[ EB/OL]. (2014 -08 -26) [ 2015 -04 -271. http: //www. industry, siemens com. cn/topics/cn/zh/industrial-security/concept/Pages/defense-in-depth, aspx? IsMobile = false.
6Ralstona P A S, Grahamb J H, Hieb J L. Cyber security risk assessment for SCADA and DCS networks[J].ISA Transactions, 2007,46 (4) 583 - 594.
7Knowles W, Prince D, Hutchison D, et al. A survey of cyber security management in industrial control systems[J]. International Journal ot Critical Infrastructure Protection, 2015 (9) : 52 - 80.
8Symantec. Butterfly : Corporate spies out for financial gain, symantec security response[ EB/OL]. (2015 - 07 - 09). http : //www. symantec. co~r/zh/cn/security _response/publications/whitepapers. jsp.
9Kallath D. Trust in trusted computing - the end of security as we know it[ J]. Computer Fraud & Security, 2005, 2005 (12) : 4 - 7.
10Okhravi H, Nicol D M. Application of trusted network technology to industrial control networks[J]. International Journal of Critical Infrastruc- ture Protection, 2009, 2 (3) : 84 -94.