Abstract: As our country’s manufacturing industry is transforming and upgrading to digital, networked, and intelligent, cyber security threats are increasingly spreading to the industrial field. In addition, with the advancement of new infrastructure construction, the number of objects that industrial systems need to protect has increased significantly, the attack surface of industrial systems has continued to expand, and the requirements and difficulty of protection have also increased. These new challenges promote the acceleration of industrial Internet security technology products. TOPSEC took the lead in proposing advanced security concepts based on behavior analysis, whitelisting as the main means, and blacklisting as auxiliary verification methods. The innovative product industrial control intrusion detection and audit system released by it has five application values, such as industrial intrusion detection, industrial vulnerability attack detection,  industrial operational behavior audit, industrial traffic audit, and industrial asset discovery. The system help customers discover attacks and threats from inside and outside the production network, provide customers with intuitive and grounded security protection suggestions, and ensure the safe operation of industrial production networks.

Key words: industrial Internet security, industrial intrusion detection, behavior audit, industrial control assets, production network security

摘要： 随着我国制造业向数字化、网络化、智能化转型升级，网络安全威胁日益向工业领域蔓延.另外，随着新型基础设施建设的推进，工业系统需要防护对象的数量大幅增加，工业系统的受攻击面不断扩大，防护要求和难度也不断提高.这些新挑战推动工业互联网安全技术产品加速变革.天融信率先提出以行为分析为基础、白名单为主要手段、黑名单作为辅助验证方式的先进安全理念，并发布创新产品工控入侵检测与审计系统，以工业入侵检测、工业漏洞攻击检测、工业操作行为审计、工业流量审计和工业资产发现5大应用价值，帮助客户可发现来自生产网内外部攻击威胁，为客户提供直观、落地的安全防护建议，保障工业生产网络安全运行.

关键词: 工业互联网安全, 工业入侵检测, 行为审计, 工控资产, 生产网络安全