Abstract: With the deepening of information construction and the emergence and development of information technology such as big data and Internet of things, Chinas industrial enterprises are facing the more complex situation in the field of cyber security than before, and new information security issues are emerging. There are not only endless intrusions and attacks from outside enterprises and organizations, but also violations and information leakage from inside enterprises and organizations. In order to promote the level of active defense of industrial control system security, it is very important to build an allweather and allround security situation awareness platform. Based on the experience of railway heavy haul truck enterprises, this paper give the design construction of industrial control cyber security situation awareness management platform, as well as four function modules of situation analysis, including asset situation, vulnerability situation, risk situation and attack situation.

Key words: industrial control network, cyber security, situation awareness, asset situation, vulnerability situation, risk situation, attack situation

摘要： 随着信息化建设的深化和大数据、物联网等信息化技术的出现和发展，我国工业企业在网络安全领域面临比以往更为复杂的局面，新的信息安全问题不断浮出水面.其中既有来自于企业和组织外部的层出不穷的入侵和攻击，也有来自于企业和组织内部的违规和信息泄露.为促进工业控制系统安全积极防御水平的提升、构建“全天候全方位”安全态势感知平台至关重要.结合铁路重载货车企业的经验，提出了工控网络安全态势感知管理平台的设计方案，以及资产态势、漏洞态势、风险态势和攻击态势4个态势分析功能模块.

关键词: 工控网络, 网络安全, 态势感知, 资产态势, 漏洞态势, 风险态势, 攻击态势