[1]彭勇, 江常青, 谢丰, 等. 工业控制系统信息安全研究进展[J]. 清华大学学报: 自然科学版, 2012, 52(10): 13961408[2]NIST. SP80082. Guide to Industrial Control System (ICS) Security[S]. Gaithersburg, USA: National Institute of Standards and Technology (NIST), 2014[3]NIST. SP80053. Recommended Security Controls for Federal Information Systems and Organizations[S]. Gaithersburg, USA: National Institute of Standards and Technology (NIST), 2013[4]NIST. National Institute of Standards and Technology (NIST). Framework for Improving Critical Infrastructure Cybersecurity Version 1.0[R]. Gaithersburg, USA: National Institute of Standards and Technology (NIST), 2014[5]IEC. IEC TC 65 WG 10. IEC 62443 Security for Industrial Automation and Control Systems[S]. Geneva, Switzerland: International Electrotechnical Commission (IEC), 2014[6]IEC. IECTR 62210. Power System Control and Associated Communications—Data and Communication Security[S]. Geneva, Switzerland: International Electrotechnical Commission (IEC), 2003[7]IEC. IEC 62351. Data and Communication Security[S]. Geneva, Switzerland: International Electrotechnical Commission (IEC), 2005[8]DHS. Cyber Security Assessments of Industrial Control System[S]. Washington, USA: Department of Homeland Security (DHS), 2010[9]DHS. National Infrastructure Protection Plan[R]. Washington, USA: Department of Homeland Security, 2009[10]API. API Standard 1164. Pipeline SCADA Security Guideline[S]. New York, USA: American Petroleum Institute, 2009[11]AGA. AGA12. Cryptographic Protection of SCADA Communications General Recommendations[S]. Washington, USA: American Gas Association, 2004[12]NRC Regulatory Guide 5. 71. Cyber Security Programs for Nuclear Facilities, Guideline Regulatory[S]. Washington, USA: US Nuclear Regulatory Commission, 2010[13]BAL0010a. Reliability Standards for the Bulk Electric Systems in North America, Regulation[S]. Princeton, USA: North American Electric Reliability Council, 2011[14]高洋, 彭勇, 谢丰. 美国工控安全保障管理的启示[J]. 中国信息安全, 2012, 27(3): 4447[15]熊琦, 竟小伟, 詹峰. 美国石油天然气行业ICS系统信息安全工作综述及对我国的启示[J]. 中国信息安全, 2012, 27(3): 8083[16]ANSIISA99. Manufacturing and Control System Security, Standards and Guidelines[S]. Los Angeles, USA: American National Standards Institute (ANSI)USA International Standards Authority (ISA), 2009[17]Sommestad T, Ericsson G N, Nordlander J. SCADA system cyber securitys comparison of standards[C] Proc of 2010 IEEE on Power and Energy Society General Meeting. Minneapolis, USA: IEEE Power & Energy Society, 2010: 18[18]欧阳劲松. IEC 62443工控网络与系统信息安全标准综述[J]. 信息技术与标准化, 2012 (3): 2427[19]全国工业过程测量和控制标准化技术委员会(SACTC124)和全国信息安全标准化技术委员会(SACTC260). GBT 30976.1—2014工业控制系统信息安全 第1部分: 评估规范[S]. 北京: 中国标准出版社, 2014[20]全国工业过程测量和控制标准化技术委员会(SACTC124)和全国信息安全标准化技术委员会(SACTC260). GBT 30976.2—2014工业控制系统信息安全 第2部分: 验收规范[S]. 北京: 中国标准出版社, 2014[21]全国工业过程测量和控制标准化技术委员会(SACTC124). GBT 26333—2010工业控制网络安全风险评估规范[S]. 北京: 中国标准出版社, 2010[22]张敏, 张五一, 韩桂芬, 等. 国内外工业控制系统信息安全标准研究[C] 第十一届中国标准化论坛论文集. 北京: 中国标准化协会, 2014: 964968[23]梅恪. 中国工控信息安全技术标准体系[J]. 自动化博览, 2014 (11): 5255[24]李航. 建立健全我国工业控制系统信息安全体系[J]. 微型机与应用, 2015, 34(1): 1316[25]许东阳. 国内外工业控制系统信息安全标准及政策法规介绍[J]. 自动化博览, 2013 (1): 3131[26]WIB. Process control domainsecurity requirements for vendors[R]. Hague, Netherlands: WIB, 2006
|