工业控制系统安全防护技术发展研究

Development of Security Protection Technologies for Industrial Control System

工业控制系统逐渐由封闭隔离走向开放互联,工业控制系统的安全问题进一步凸显;针对工业控制系统的网络威胁呈现出高隐蔽、强对抗、跨域等特点,一旦遭受网络攻击将直接影响工业生产,因而工业控制系统网络安全防护技术备受关注。本文聚焦工业控制系统安全防护问题,分析了工业控制系统安全防护的特殊性及面临的挑战,总结了工业控制系统的主要攻击技术,梳理了以边界防护、纵深防护为代表的“自卫模式”安全防护体系的发展现状。针对工业控制系统面临的安全挑战,从自主可控安全和新型工业控制安全防护体系两个方面提出了今后的重点任务和关键技术攻关路径,即建立自主可控的工业控制系统安全生态和基于“限制器”的底线确保防护机制、探索“自卫模式+护卫模式”的工业控制系统安全防护体系,以为工业控制系统安全防护研究和应用提供参考。

Industrial control system(ICS)is gradually transitioning from being closed and isolated to open and interconnected.The network threats to ICS are becoming highly hidden,strong-confrontation,and cross-domain in nature.Once subjected to cyberattacks,industrial production will be directly affected.Consequently,network attacks on ICS and corresponding security protection technologies have attracted significant attention.This study focuses on the security protection issues of ICS.First,we analyzed the specific characteristics of ICS security protection,as well as the unclear and uncontrollable security challenges of ICS.The network attacks on ICS are summarized and analyzed,and then the security protection systems with a self-defense mode,such as border protection and defense in depth,are discussed.In view of the security challenges,the development ideas are given from the aspects of security and controllability of ICS and a novel security protection system of ICS,and key tasks and key technology research paths are as follows:establishing an autonomous and controllable ICS security ecology and a security assurance mechanism of foreign devices based on limiters,and exploring the new security protection system of ICS based on a self-defense plus guard mode,such that the security protection ability of ICS can be better improved.