Abstract: In recent years, with the continuous promotion of the national information and industrialization deep integration strategy and the application of new technologies such as the Internet of things in the industrial field, the security of industrial control system has also attracted the attention of the enterprises. In order to ensure the security of key information infrastructure, the state has issued the Peoples Republic of China Cyber Security Law and the critical information infrastructure security protection regulations (solicitation draft) successively. At the same time, a large number of industrial software and hardware equipment security vulnerabilities have been exposed. Undoubtedly, it increases the risk for industrial control systems, and then affects the normal production order. For oil companies, with the construction of intelligent oil and gas production Internet of things, its industrial control system is also facing greater information security risks. This paper analyzes the safety status and risks of oil field industrial control system in detail. Taking a working area in North China oil field as an example, a safety protection strategy based on flow analysis is put forward, and the overall structure of industrial control system is strengthened and strengthened to ensure the normal operation of oil and gas production.

Key words: integration of industrialization and information, industrial control security, protection strategy, Internet of things, flow analysis, safety reinforcement

摘要： 近年来，随着国家两化深度融合战略的持续推进，以及物联网等新兴技术在工业领域的应用，工业控制系统安全也倍受企业关注.为保障关键信息基础设施安全，国家相继发布了《中华人民共和国网络安全法》和《关键信息基础设施安全保护条例(征求意见稿)》.同时，大量工业软硬件设备安全漏洞不断被暴露，无疑为工业控制系统增加了风险，进而影响正常的生产秩序.对石油企业来说，随着智慧油田油气生产物联网的建设，其工业控制系统同样面临较大的信息安全隐患.详细分析了油田工业控制系统安全现状以及面临的风险，以华北油田某作业区为例提出了基于流量分析的安全防护策略，对工控系统整体架构进行安全加固，保障企业油气生产工作正常进行.

关键词: 两化融合, 工控安全, 防护策略, 物联网, 流量分析, 安全加固