Abstract: In order to solve the safety problems faced by users of gas SCADA system, this paper gives a review of relevant literature of the current system security risks on the basis of the characteristics of SCADA system, and then carried out four aspects of security design which are, communication network, network boundary, computing environment, and unified supervision. Firstly, it can realize the compliance of SCADA system, meets the national legal requirements such as “The Peoples Republic of China Cyber Security Law”, and gradually meet the requirements of the “Guidelines for the Information Security Protection of Industrial Control Systems”; secondly, it meets the requirements for data transmission integrity and confidentiality of SCADA, and communication network monitoring needs, network boundary and core server access control to prevent intrusion needs, and at the same time enhance safety awareness of personnel through safety training for employees, systematically ensure the safety of SCADA system, and reduce the downtime and damage of SCADA system due to information security issues. The public interests and the probability of endangering public safety events effectively protect the operational safety of SCADA. The safety design of this program can be replicated and promoted in gas and other industries and has universal applicability.

Key words: ICS (industrial control system), SCADA systems, security protection systems, classified protection, information security

摘要： 为解决燃气SCADA系统用户面临的安全问题，根据SCADA系统特点，对当前系统存在的安全隐患进行了研究梳理，并从通信网络、网络边界、计算环境、统一监管4个方面，进行了安全设计.首先可实现SCADA系统合规性，满足《中华人民共和国网络安全法》等国家法律要求，逐步达到《工业控制系统信息安全防护指南》相关要求；其次满足SCADA的数据传输完整性机密性需求、通信网络监需求、网络边界及核心服务器访问控制防入侵需求，同时通过针对从业人员的安全培训，增强人员安全意识，系统性地保障了SCADA系统的安全性，降低SCADA系统因信息安全问题停机、损坏公共利益、危害公众安全事件的发生概率，有效保障SCADA的运行安全.该方案的安全设计可在燃气等行业内复制推广，具有普适性.

关键词: 工业控制系统, SCADA系统, 安全防护体系, 等级保护, 信息安全