关键词: 工业控制安全, 工业控制系统, APT攻击, 工业控制网络防护模型, 工业控制网络防护

Abstract: Industrial control System (ICS) is the core of all kinds of infrastructure, industrial control systems are composed of automation control components and realtime data acquisition and monitoring process control components together, which can ensure that the Industrial infrastructure to run automatically, process control and monitoring of business process. Applications or system in industrial network failure will result in casualties and serious economic losses, destroying infrastructure, endangering public life and national security, environmental disasters and other serious consequences. Information security protection concept has experienced a series of the development process, meanwhile a new generation of APT attacks represented named Havex make protective measure from the simple isolation by means of terminal security protection and defense in depth of the border security, to the intrinsic safety in industrial control system as the main characteristics of the sustainability of the defense system stage, not only requires covering different defense levels, together using a variety of technology, but also holds the ability to find hidden trouble, manage threats, predict threat, and take the initiative to repair. Focus on the difficulties of the industrial control system security protection, adopt a kind of security model of 4+1, and puts forward a control system for industrial technology related to an entire network system protection.

Key words: security protection for industrial control system, industrial control system, advanced persistent threat, security model in industrial control network system, security defending for industrial control system