摘要
钢铁企业工控系统网络安全的目标是实现持续的工控系统安全风险管理,建立一种能够随着时间变化不断改进的安全架构和技术支撑体系。结合首钢股份公司2160热轧生产线工控系统网络的实际情况,从工业主机安全防护、安全域划分及隔离、工控系统网络监测和统一威胁管理4个方面提出防护方案,以提高工控系统网络的防护能力,打造一个安全的生产环境,确保钢铁企业工控系统网络的平稳运行。
The target of network security of industrial control system in iron and steel enterprises is to achieve continuous risk management of industrial control system security,and to establish a security architecture and technical support system that can be continuously improved over time.Combining the actual situation of the industrial control system network of the 2160 hot rolling production line of Shougang Co.,Ltd.,a protection scheme was proposed from four aspects:industrial host security protection,security domain division and isolation,industrial control system network monitoring,and unified threat management,so as to improve the protection ability of industrial control system network,create a safe production environment,and ensure the smooth operation of industrial control system network of steel enterprises.
作者
于新乐
YU Xin-le(Equipment Department,Beijing Shougang Co.,Ltd.,Qian'an 064404,Hebei,China)
出处
《中国冶金》
CAS
北大核心
2021年第11期39-43,共5页
China Metallurgy
关键词
工控系统
网络安全
安全模型
等级保护
架构建设
industrial control system
network security
security model
grade protection
framework construction
