摘要
随着城市轨道交通列控系统信息化、网络化、自动化程度的不断提升,系统面临的信息安全风险也日益加剧。长期以来,列控系统信息安全领域研究较少,更少有针对列控系统的渗透测试研究,因此难以对列控系统信息安全程度作出合理分析。综合列控系统的功能特点,分析列控系统存在的信息安全隐患和风险,借鉴一般互联网、工业控制网络渗透测试领域的测试方法,提出适用于列控系统的测试方法,并给出测试案例验证。
The URT train control system is seeing rising information safety risks along with its improvement in informationization, networking and automation. The information safety of train control system has been ruled out from the study priority for a long time, let alone the penetration test dedicated for the system, and that’s why it’s hard to come up with an appropriate analysis on the information safety of train control system. The paper integrates the functional features of the system, analyzes potential hazards and risks regarding information safety, and puts forth a test method for train control system by learning experience from the internet and industrial control network for their penetration tests, and presents the test case validation.
作者
罗铭
张日新
李祥
步兵
LUO Ming;ZHANG Rixin;LI Xiang;BU Bing(Traffic Control Technology Co Ltd,Beijing 100070,China;National Engineering Laboratory for Urban Rail Train Communication and Operation Control,Beijing 100070,China;National Key Laboratory for Rail Transit Control and Safety,Beijing Jiaotong University,Beijing 100044,China)
出处
《中国铁路》
2019年第2期94-100,共7页
China Railway
基金
北京市自然科学基金资助项目(L161006
4164094)
国家自然科学基金资助项目(61603031)
轨道交通控制与安全国家重点实验室项目(RCS2017ZZ003)
北京交控创新基金项目(9907006607)
关键词
城轨交通
列控系统
信息安全
渗透测试
urban rail transit(URT)
train control system
information safety
penetration test