Abstract: The security threats of the early industrial control system are not obvious. The unified information security system lacks systematic considerations in the planning stages of the centralized control center, and there are structural innate security defects. With the development of industrial Internet technology, more and more industrial control systems have access to traditional Internet networks, and at the same time, which lead into the security risks for industrial control networks. Under this security threat, the centralized control center of the industrial control system has an urgent need for improving the security protection capability. Based on a comprehensive analysis of the characteristics and the existing security risks of industrial control systems, especially SCADA system of centralized control centers, the paper proposes a series of measures, including security protection of server clusters, network security detection, system host security protection, system operation and maintenance audit, and establishment of the safety management platform of industrial control, to form an overall security control plan for the centralized control center, to help improve the security protection capabilities of the centralized control center under the industrial control system, effectively resist network threats, and reduce damage to important infrastructure.

Key words: industrial control system, centralized control center, security protection, SCADA, security management platform

摘要： 早期工控系统的安全威胁并不明显，统一的信息安全体系在集控中心的各规划阶段缺乏系统性考虑，存在着结构性的先天安全缺陷.而随着工业互联网技术的发展，越来越多的工控系统接入了传统互联网网络，同时也为工控网络引入了安全风险.在这种安全威胁下，工控系统的集控中心对安全防护能力的提升有迫切的需求.在对工控系统尤其是集控中心SCADA系统的特点和存在的安全风险进行全面分析的基础上，提出了包括服务器集群的安全防护、网络安全检测、系统主机安全防护、系统运维审计、建立工控安全管理平台等一系列措施，以形成整体的集控中心安全防护方案，帮助工控系统下的集控中心安全防护能力的提升，有效抵御网络威胁，减少对重要基础设施的破坏.

关键词: 工控系统, 集控中心, 安全防护, SCADA, 安全管理平台