摘要
为指导我国工业企业持续开展工业控制系统信息安全(以下简称:工控安全)领域综合防护能力提升,科学评价其安全防护能力水平,中国电子技术标准化研究院联合产学研用共41家组织机构,历时多年研制发布《信息安全技术工业控制系统信息安全防护能力成熟度模型》(GB/T 41400-2022,以下简称:《成熟度模型》),从技术手段、管理制度、组织建设、人员能力等方面构建5级成熟度模型,支撑国家工控安全保障体系建设。
In order to guide China’s industrial enterprises to continue to carry out the comprehensive protection capability improvement in the field of industrial control system information security(hereinafter referred to as industrial control security)and scientifically evaluate the level of their security protection capabilities,led by the China Electronics Technology Standardization Institute,joint industry,education and research and other 41 organizations,which lasted for many years,drawing on advanced experience at home and abroad,developed and released the"Information Security Technology Industrial Control System Information Security Protection Capability Maturity Model"(GB/T 41400-2022,hereinafter referred to as the maturity model).From the aspects of technical means,management system,organization construction,and personnel capabilities,a 5-level maturity model is constructed to support the construction of the national industrial control information security protection system.
出处
《自动化博览》
2022年第7期48-52,共5页
Automation Panorama1
关键词
工业控制系统
信息安全
成熟度模型
Industrial control system
Information security
Capability maturity model
