Table of Content

    15 August 2019, Volume 5 Issue 8
    Research on Maintenance and Security of Industrial Control Networks of One Electric Power Group Company
    2019, 5(8):  650-655. 
    Asbtract ( )   PDF (2382KB) ( )  
    References | Related Articles | Metrics
    Internet has worked in all aspects of work and life. In energy and power industries, business informatization and networking have been fully constructed. Production, operation, organization and management are inseparable from the Internet network. However, the construction and control of Internet exports still lack a unified management, which brings potential security risks. This paper introduces the present situation and existing problems of the information extranet of a power group company, designs and plans the unified convergence of the Internet entrance and exit, and elaborates the scheme in detail from the unified export management and network security.
    Safety Status and Solution of Coal Mine Industrial Control System
    2019, 5(8):  656-662. 
    Asbtract ( )   PDF (4047KB) ( )  
    References | Related Articles | Metrics
    AbstractWith the rapid development of automation and informatization in coal industry, the development speed of network security in coal industry is far behind the speed of informatization. Through the indepth analysis of the business structure and main control systems of the coal industry, the paper identifies 14 impacts of the current industrial control system of the coal industry, such as lack of overall information security planning, lack of border protection, abuse of mobile peripherals, lack of vulnerability patch updating, imperfect security strategy configuration, lack of or unreasonable security management system, etc. Aiming at the safety problems of industrial control and according to the design ideas of “network dedication, security zoning, white list baseline, defense in depth, comprehensive audit”, the paper proposed the design and solution of the security architecture applicable to coal mine industrial control system from the aspects of border protection, terminal security, configuration security, operation and maintenance security, flow audit, safety management, etc.
    Research and Analysis on Security Operation and Maintenance of Industrial Internet
    2019, 5(8):  663-667. 
    Asbtract ( )   PDF (1340KB) ( )  
    References | Related Articles | Metrics
    With the continuous penetration and integration of IT and OT technologies, the continuous innovation and development of the Industrial Internet has brought many security problems. Increasing security problems have seriously affected the healthy development of the industrial Internet, and also put forward higher requirements for the safe operation and maintenance of the industrial Internet. Firstly, it introduces the concept and characteristics of Industrial Internet, then briefly introduces the severe security situation faced by Industrial Internet, and studies the industrial control from the aspects of operation and maintenance object, technical system, management system and operation and maintenance team of industrial Internet security. The network security operation and maintenance architecture focuses on the analysis and discussion of the security operation and maintenance technology of the industrial Internet. It is mainly divided into five types of technologies: access control and isolation protection technology, security encryption technology, unified security monitoring tools, and deploy security monitoring and auditing systems, as well as deploying intrusion detection and prevention systems.
    Research on Safety Protection Strategy of Industrial Control System Based on Flow Analysis
    2019, 5(8):  668-672. 
    Asbtract ( )   PDF (2677KB) ( )  
    References | Related Articles | Metrics
    In recent years, with the continuous promotion of the national information and industrialization deep integration strategy and the application of new technologies such as the Internet of things in the industrial field, the security of industrial control system has also attracted the attention of the enterprises. In order to ensure the security of key information infrastructure, the state has issued the Peoples Republic of China Cyber Security Law and the critical information infrastructure security protection regulations (solicitation draft) successively. At the same time, a large number of industrial software and hardware equipment security vulnerabilities have been exposed. Undoubtedly, it increases the risk for industrial control systems, and then affects the normal production order. For oil companies, with the construction of intelligent oil and gas production Internet of things, its industrial control system is also facing greater information security risks. This paper analyzes the safety status and risks of oil field industrial control system in detail. Taking a working area in North China oil field as an example, a safety protection strategy based on flow analysis is put forward, and the overall structure of industrial control system is strengthened and strengthened to ensure the normal operation of oil and gas production.
    Research on Security Situation Awareness Platform of Industrial Control Network for Railway Heavy-Haul Truck Overhaul
    2019, 5(8):  673-678. 
    Asbtract ( )   PDF (2837KB) ( )  
    References | Related Articles | Metrics
    With the deepening of information construction and the emergence and development of information technology such as big data and Internet of things, Chinas industrial enterprises are facing the more complex situation in the field of cyber security than before, and new information security issues are emerging. There are not only endless intrusions and attacks from outside enterprises and organizations, but also violations and information leakage from inside enterprises and organizations. In order to promote the level of active defense of industrial control system security, it is very important to build an allweather and allround security situation awareness platform. Based on the experience of railway heavy haul truck enterprises, this paper give the design construction of industrial control cyber security situation awareness management platform, as well as four function modules of situation analysis, including asset situation, vulnerability situation, risk situation and attack situation.
    Research on Maintenance and Security of Industrial Control Networks in Electric Power Industry
    2019, 5(8):  679-684. 
    Asbtract ( )   PDF (2038KB) ( )  
    References | Related Articles | Metrics
    As an important part of national key infrastructure, the importance of operation and maintenance security of electric power industry control network is selfevident. Especially with the increasing security incidents of industrial control networks in the world in recent years, effective measures must be taken to protect the safe operation of industrial control networks, which also puts forward higher requirements for the operation, maintenance and safety protection of industrial control networks and industrial systems. Through indepth analysis of the characteristics of industrial control network in electric power industry, especially the key characteristics of the data type and network topology structure of the electric power network, effective operation and maintenance methods and security risk prevention methods are put forward. In operation and maintenance, the backup of system data and the state monitoring of the system itself are strengthened. Security measures, such as physical isolation, industrial control flow monitoring, fault recovery management and so on should be taken, and effective policies and behavioral norms should be provided. Finally, form safety protection measures suitable for electric power industry control network, to achieve the purpose of safe operation of the electric power industry control network.
    Research on Technologies of Industrial Control Security of Pharmaceutical Industry Based on MES and SCADA
    2019, 5(8):  685-690. 
    Asbtract ( )   PDF (1937KB) ( )  
    References | Related Articles | Metrics
    Pharmaceutical industry usually has complicated and strict technological process and advanced production equipment. Automation, networking and information technology are developing rapidly in pharmaceutical industry. MES, SCADA and other systems are widely used in pharmaceutical enterprises. The network system covering production control and information management has also been applied in all aspects of pharmaceutical enterprise affairs. As a result, the importance of network security and control security to pharmaceutical industry has become more and more prominent. Therefore, building a multilevel security architecture is an important guarantee for pharmaceutical enterprise network system. Aiming at the characteristics of MES and SCADA systems in pharmaceutical industry and combining with the key production processes and production processes of pharmaceutical enterprises, this paper analyzed the security protection problems of industrial control network faced by pharmaceutical enterprises, studied the security protection technologies and strategies suitable for industrial control network of pharmaceutical enterprises, and put forward the pertinent security protection technologies. The technical framework and detailed design are also given in it.
    Research on Security Protection of High RealTime Metro Integrated Supervisory and Control System
    2019, 5(8):  691-695. 
    Asbtract ( )   PDF (1098KB) ( )  
    References | Related Articles | Metrics
    Integrated Supervisory and Control System (ISCS) is one of the necessary automatic systems for efficient and safe operation of urban rail transit automation. The integrated monitoring system is a largescale integrated system with high integration of informationization and automation. The system integrates multiple automation and information subsystems in urban rail transit stations, tunnels, depots, parking lots, control centers, etc, and performs unified monitoring, control and management of subsystems on the same software platform, realizing the information sharing of each specialty system and the linkage control function between the systems. In this paper, the ISCS security protection solution for rail transit under the requirement of high realtime performance is studied, the typical security protection design concept is given, and the equal guarantee evaluation method is put forward.
    Study on Industrial Control Security Technology in Oil Production Area of an Oil Field
    2019, 5(8):  696-702. 
    Asbtract ( )   PDF (3198KB) ( )  
    References | Related Articles | Metrics
    In response to the development of the two integration and the implementation of “The Peoples Republic of China Cyber Security Law” actively implement the rectification and reform recommendations of the Ministry of Public Securitys network supervisors on the information security protection measures of enterprises, ensure the safe and stable operation of the system of a branch of an oil field, through the actual configuration relationship and state of the existing network communication equipment and industrial control system in the oil production area of a certain oil field, starting from the enterprise information risk to the information top security planning , this paper strengthens the network security protection construction of the office network, production network and subordinate units of a certain oil field branch, evaluates the existing security risks, and puts forward a set of detailed solutions to the information security of industrial control system according to the results of risk assessment. It is used for the technical research and implementation of information security of industrial control system in operation area.
    Application of White Environment Technology in Refining and Chemical Industry
    2019, 5(8):  703-707. 
    Asbtract ( )   PDF (988KB) ( )  
    References | Related Articles | Metrics
    his paper introduces the information security defense method of industrial control system based on white environment technology in refining industry. White environment technology can solve the security problems caused by traditional virus manslaughter or virus database upgrade difficulty, operating system repair vulnerabilities, and difficulty in upgrading patches. Apply white environment technology to intercept distrusted or illegal devices, software, instructions, and processes outside the industrial control network. Only trusted devices, software, and instructions that can be verified can run in the industrial network to ensure the safe use of the industrial network. The white environment technology application system consists of three parts, namely equipment white environment, network white environment and host white environment. It also introduces the risks and drawbacks of white environment management system, and provides technical application analysis for information security work for industrial control system of refining and chemical enterprises. White environment technology is a lowcost and efficient solution that deserves to be promoted.
    Security Protection Solution of Industrial Control System in Refining and Chemical Industry
    2019, 5(8):  708-714. 
    Asbtract ( )   PDF (2025KB) ( )  
    References | Related Articles | Metrics
    AbstractIn recent years, industrial control network security incidents have exploded in the world, involving many national basic industries such as electricity, petrochemicals, and nuclear facilities, causing a large amount of losses to the state and enterprises. The changes under the new concept of “twooriented integration” and “Made in China 2025” further aggravate the safety risks of industrial control systems. By exploring and analyzing the information security problems faced by industrial control systems used in the refining and chemical industry, this paper presents a security protection solution based on the network deployment structure in the industrial refinery industry.
    Design and Practice of Industrial Control System Security Protection in Thermal Industry
    2019, 5(8):  715-721. 
    Asbtract ( )   PDF (2454KB) ( )  
    References | Related Articles | Metrics
    The paper gives a brief description about the current situation of industrial control network in the thermal industry, and a brief analysis of the risk of industrial control system. In view of the characteristics of industrial control systems such as heat exchanger stations. This paper provides the overall design of the overall security protection design according to the characteristics of industrial control networks in the thermal industry, and gives the design ideas from three aspects: defense in depth system, core industrial control system and centralized situation awareness, as well as the construction practice measures of security protection.
    Design of Industrial Control Network Security Protection Solution for New Energy Chemical Enterprises
    2019, 5(8):  722-727. 
    Asbtract ( )   PDF (2829KB) ( )  
    References | Related Articles | Metrics
    A project which produces hundreds of thousands of tons of engineering plastics annually by a new energy chemical enterprise, including two sets of DCS, two sets of SCADA, and industrial control systems such as PLC and SIS, which constitute a fairly largescale industrial control network. Faced with the growing threat of industrial control network security, the enterprise has presented new requirements for strengthening industrial control security protection. Based on the analysis of the current industrial control system and network of enterprises, and theory of defense in depth, this paper designs the security protection solution of the overall industrial control network, and gives the concrete implementation measures.
    Security Situation and Threats Analysis of Industrial Internet in China and Abroad
    2019, 5(8):  728-733. 
    Asbtract ( )   PDF (1162KB) ( )  
    References | Related Articles | Metrics
    With the advancement of the new round of industrial revolution, IT and OT integration, the industrial Internet has become the trend of the ages, and it is also the core supporting intelligent manufacturing. The industrial Internet connects the industrial control system network and information system through the connection between the industrial system network and the Internet. Network convergence also breaks the relatively closed and credible production environment of traditional industries, bringing network security and industrial security risks into interweaving. Failure to respond effectively to these risks will pose serious risks to the smooth development of various industries, stable economic operations and the overall security situation of the country. Through the introduction of the domestic and international industrial Internet security status and the main threats faced by the industrial Internet, the industrial Internet security risks are analyzed. At the same time, the laws, regulations and standards related to industrial Internet security formulated by China are studied. Finally, the applications of the main industrial security technology are introduced from the four aspects of border control, access management, security monitoring audit and situation awareness.
    Beijing Gas Group Industrial Internet Security Operation Platform Construction and Practice
    2019, 5(8):  734-739. 
    Asbtract ( )   PDF (2386KB) ( )  
    References | Related Articles | Metrics
    With the promotion and implementation of “Made in China 2025”, the deep integration of the two modernizations, cloud computing, big data, mobile computing, Internet of Things, artificial intelligence and other advanced technologies have been widely used, IT and OT are also integrated, production data and business data are gradually interconnected, and Industrial Internet scenario is gradual extended, “Smart Pipeline Network” and “Smart Gas” have been gradually realized, effectively improving the operational efficiency of Beijing Gas. But at the same time, Beijing Gas Group is also facing the deterioration of the cybersecurity environment, the increasing pressure of cybersecurity supervision, the increasing workload of security operation, and the difficulty of matching security resources. Therefore, Beijing Gas Group combs the construction ideas of Industrial Internet security operation center in an all-round way . On the premise of security governance, risk control and safety compliance, through the planning and construction of Industrial Internet security operation center, and based on large data analysis technology, various security protection, monitoring and response tools are integrated to form an Industrial Internet security operation platform. This platform covering the whole value chain of Beijing Gas Group from production operation to operation and management. It effectively supports the Cyber security management of Beijing Gas Group.
    Research on Security Protection for Station Control System of LongDistance Natural Gas Transmission Pipeline
    2019, 5(8):  740-745. 
    Asbtract ( )   PDF (2688KB) ( )  
    References | Related Articles | Metrics
    The Gaizhou compressor station project is a key interconnection project of national natural gas infrastructure, and also a civil engineering project to alleviate gas shortage in Northeast China and Beijing-Tianjin-Hebei region in winter. As a pilot project, the domestic PLC software and the “one-key start-stop” technology are applied for the first time in domestic long-distance pipelines, filling the gap of the core domestic industrial control equipment. In recent years, with the deepening of IT&OT, the network security problems of industrial control systems have come one after another, which seriously threatens the security of enterprises and even the national security. In this paper, the safety protection of station control system in Gaizhou natural gas compressor station is studied, and the design scheme and deployment implementation are given.
    Research on Network Security Technology of Production Operation System in a National Port
    2019, 5(8):  746-751. 
    Asbtract ( )   PDF (2112KB) ( )  
    References | Related Articles | Metrics
    As one of the most important coal transportation hubs in China, a port has built a highly automated production operation system, realized unmanned operations such as turnover operation and dump operation, and established a production operation control and port information management network, which greatly improved the efficiency of coal dispatch management and port coal throughput. However, under the situation of increasing threats to network security, through the investigation and evaluation of the network security status of production business system, it is found that there are many problems in the security status of the port industrial control network, which makes the production operation system easy to expose to the risk of network attacks. In order to effectively protect the safe operation of the port production business system network, this paper analyses the security loopholes existing in the port production management and control network system according to the characteristics of the port production operation system network, designs the solutions to strengthen the security protection capability of the system, gives the implementation and effect evaluation methods, and summarizes the security protection strategy for production business of the port.
    Practical and Research on Industrial Control Security of Whole Process Cold Rolling Line
    2019, 5(8):  752-755. 
    Asbtract ( )   PDF (1013KB) ( )  
    References | Related Articles | Metrics
    To ensure the information security of industrial control system in iron and steel enterprises, it is necessary to know what important business, important data, impacts and hazards will be brought by system interruption in iron and steel enterprises, and how to protect and why to do so. The first problem is to understand the business situation of iron and steel enterprises, because the current information security work is ultimately to serve the business of enterprises. Only when we know what important business we should focus on, can we find important information assets in business processes and take appropriate measures to protect them. With the construction of automation and infor matization in iron and steel enterprises, higher requirements are put forward for the security protection of industrial control system. This paper evaluates the security of the industrial control system of the whole process cold rolling production line. According to the evaluation results, the design concept of security protection is put forward, and the practical work is carried out. Results have been achieved based on MES and SCADA related technical research of industrial control security in industry.
    Security Protection Solution of Industrial Control System Centralized Control Center
    2019, 5(8):  756-760. 
    Asbtract ( )   PDF (5459KB) ( )  
    References | Related Articles | Metrics
    The security threats of the early industrial control system are not obvious. The unified information security system lacks systematic considerations in the planning stages of the centralized control center, and there are structural innate security defects. With the development of industrial Internet technology, more and more industrial control systems have access to traditional Internet networks, and at the same time, which lead into the security risks for industrial control networks. Under this security threat, the centralized control center of the industrial control system has an urgent need for improving the security protection capability. Based on a comprehensive analysis of the characteristics and the existing security risks of industrial control systems, especially SCADA system of centralized control centers, the paper proposes a series of measures, including security protection of server clusters, network security detection, system host security protection, system operation and maintenance audit, and establishment of the safety management platform of industrial control, to form an overall security control plan for the centralized control center, to help improve the security protection capabilities of the centralized control center under the industrial control system, effectively resist network threats, and reduce damage to important infrastructure.