Industrial control system terminal safety protection system

Abstract

The invention belongs to the technical field of safety protection of industrial control system terminals and particularly relates to an industrial control system terminal safety protection system. Theindustrial control system terminal safety protection system comprises a terminal safety protection device and a terminal safety centralized management system. According to the scheme, a series of technological means of strong identity authentication, double access control, an interface protection strategy, file depth analysis, safety audit and equipment centralized management are comprehensivelyapplied, so that malicious behaviors such as network attack, illegal access and the like during operation of the industrial control system equipment are effectively blocked, and meanwhile, centralizedconfiguration and management on safety protection strategies of a plurality of industrial control system equipment terminals of the same type or different types can be realized. The scheme has the advantages that the safety protection level of the industrial control equipment terminal is high, the centralized and unified management of multiple equipment is supported, the centralized management platform is suitable for various application environments and multiple industrial protocols, the compatibility is good, adding and deleting of the equipment is simple, configuration of the protection strategies is flexible, alarm reporting and equipment management are efficient, and the like.

Description

technical field [0001] The invention belongs to the technical field of industrial control system terminal security protection, and in particular relates to an industrial control system terminal security protection system. Background technique [0002] Industrial control systems are widely used in important fields involving national security, such as electric power, petrochemicals, transportation, municipal administration, and new intelligent manufacturing. Once a security problem occurs, it will not only affect the economic loss of the enterprise, but even endanger national security and the interests of the public. Its importance is self-evident. Since the "Stuxnet" incident in 2010, countries around the world have raised their attention to the security of industrial control systems to an unprecedented level. Countries around the world are stepping up the formulation of policies, standards, technologies and protection solutions, among which terminal security of industrial co...

AI Technical Summary

Problems solved by technology

However, the above two types of industrial control system terminal security protection products mainly have the following problems: First, due to the complexity of the software and hardware platform environment in the industrial control network, many CNC, PLC, DCS, SCADA and other systems mainly rely on foreign software and hardware manufacturers. It is unavoidable that there are design backdoors, inapplicable interfaces, or inconsistent application scenarios. Second, industrial control systems generally use embedded or streamlined operating systems. These systems generally cannot update operating system patches, install anti-virus software, and information security products. As a necessary security protection measure for a network terminal device, there are serious security risks in the industrial control system; third, malicious network attacks are easy to use the loopholes exposed in the industrial control system on the network to steal super-user privileges, wanton damage to the system or steal secrets Data; Fourth, the industrial control system equipment itself generally does not use double strong identity authentication methods to achieve access control, and the data stored in the industrial control equipment and various interfaces (serial ports, network ports, USB interfaces, etc.) on the equipment have illegal access by unauthorized users. Fifth, if the operation and maintenance of the industrial control system needs to rely on external operation and maintenance personnel, there is a lack of technical means to supervise and trace the illegal operations of external operation and maintenance personnel

Sixth, there is a lack of a centralized and unified management platform that can configure and manage terminal security protection policies for multiple industrial control system equipment of the same type or different types at the same time

[0004] From the above analysis, it can be seen that the deficiencies in the terminal security protection of the industrial control system at this stage are mainly: the inability to comprehensively apply dual access control, strong identity authentication, interface protection strategy, file in-depth analysis, security audit and equipment to various interfaces on the industrial control system equipment. Centralized management of a series of technical means for comprehensive monitoring and protection; unable to effectively block malicious behaviors such as network attacks and illegal access during the operation of industrial control system equipment; unable to simultaneously realize the centralized and unified security protection of multiple industrial control system equipment of the same or different types manage

Images