摘要
国际标准IEC62443《工业过程测量、控制和自动化网络与系统信息安全》第三部分针对系统集成商提出了保护工业控制系统所需的技术安全要求,指导系统集成商采用安全技术措施保障工业控制系统的安全性和可靠性,并提高其抵御各种攻击的能力。本文对IEC62443标准内容和国家标准等同采用情况进行了梳理和介绍,对IEC62443-3-3标准内容进行研究,对基本要求FR相关的详细技术类控制系统要求SR、控制系统信息安全等级SL要求进行阐述,并着重对比分析了IEC62443-3-3与GB/T 22239-2019之间在安全等级方面的差异和在技术指标方面的关联关系,最后提出了一套基于IEC62443-3-3标准的工业信息安全防护框架和建设思路,为企业开展IEC62443标准研究和安全防护体系建设提供参考。
The third part of the international standard IEC62443“Information Security of Industrial Process Measurement,Control and Automation Network and System”puts forward the technical security requirements for system integrators to protect industrial control systems,and guides system integrators to adopt security technical measures to ensure the safety and reliability of industrial control systems and improve their ability to resist various attacks.In this paper,the equivalent adoption of IEC62443 standard and national standard is combed and introduced,and the contents of IEC62443-3-3 standard are studied,and the detailed technical control system requirements SR and control system information security level SL related to basic requirements FR are expounded.The differences between IEC62443-3-3 and GB/T 22239-2019 in terms of security levels and the correlation in terms of technical indicators are emphatically compared and analyzed.Finally,a set of industrial information security protection framework and construction ideas based on IEC62443-3-3 standard are put forward,which can provide reference for enterprises to carry out IEC62443 standard research and security protection system construction.
作者
白彦茹
Bai Yanru(Beijing Topsec Network Security Technology Co.,Ltd,Beijing,100193)
出处
《工业信息安全》
2024年第1期53-62,共10页
Industry Information Security
