Journal of Information Security Research ›› 2018, Vol. 4 ›› Issue (10): 904-913.
Previous Articles Next Articles
Received:
Online:
Published:
魏晓雷1,刘龙涛2
通讯作者:
作者简介:
Abstract: This paper briefly analyzed the information security threats faced by the industrial control system in the power industry. The main safety problems of industrial control system in electric power industry are listed. We also built an information security risk assessment and management model for industrial control systems, proposed methods and processes for information security risk assessment of industrial control systems. Hence, we summed up a set of information security risk assessment solutions for industrial control systems. Some new understandings about risk assessment and industrial control system network security are also discussed. The vulnerability of industrial control system network security is further analyzed. Therefore, the relevant units and relevant competent departments should further clarify and standardize the management of information security risk assessment of industrial control systems. Strengthen research on evaluation standards and technology. Increasing technical training for professional evaluation organizations and user units. Promoting the development of information risk assessment for industrial control systems in China.
Key words: power industry, industrial control system, information security, risk assessment, vulnerability
摘要: 摘要简要地分析了电力行业工业控制系统面临的信息安全威胁,列出了电力行业工业控制系统主要的安全问题,并在此基础上建立了工业控制系统信息安全风险评估与管理模型,提出了工业控制系统信息安全风险评估的方法和流程,总结出了一套针对工业控制系统的信息安全风险评估解决方案,并阐述了关于风险评估和工业控制系统网络安全工作的一些新认识,进一步分析了工业控制系统网络安全脆弱性,借此提请有关单位和有关主管部门应进一步明确和规范工业控制系统信息安全风险评估工作的管理,加强有关评估标准、技术的研究,增加面向专业测评机构和用户单位的技术培训,推动我国工业控制系统信息风险评估工作的发展.
关键词: 电力行业, 工业控制系统, 信息安全, 风险评估, 脆弱性
魏晓雷 刘龙涛. 电力行业工业控制系统信息安全风险评估研究[J]. 信息安全研究, 2018, 4(10): 904-913.
0 / / Recommend
Add to citation manager EndNote|Ris|BibTeX
URL: http://www.sicris.cn/EN/
http://www.sicris.cn/EN/Y2018/V4/I10/904