Industrial control system terminal safety protection method

Abstract

The invention belongs to the technical field of industrial control system terminal safety protection, and particularly relates to an industrial control system terminal safety protection method. The method is implemented based on an industrial control system terminal safety protection system, and the system comprises terminal safety protection equipment and a terminal safety centralized managementsystem. According to the scheme, a series of technical means of strong identity authentication, dual access control, an interface protection strategy, file deep analysis, security audit and equipmentcentralized management are comprehensively applied; malicious behaviors such as network attack and illegal access in operation of industrial control system equipment are effectively blocked, and centralized configuration and management of security protection strategies of a plurality of industrial control system equipment terminals of the same type or different types are realized at the same time.The scheme has the advantages that the safety protection level of the industrial control equipment terminal is high, centralized and unified management of multiple pieces of equipment is supported, and the centralized management platform is suitable for multiple application environments and multiple industrial protocols, good in compatibility, flexible in protection strategy configuration, efficient in alarm reporting and equipment management and the like.

Description

technical field [0001] The invention belongs to the technical field of security protection of industrial control system terminals, and in particular relates to a method for security protection of industrial control system terminals. Background technique [0002] Industrial control systems are widely used in important fields involving national security, such as electric power, petrochemicals, transportation, municipal administration, and new intelligent manufacturing. Once a security problem occurs, it will not only affect the economic loss of the enterprise, but even endanger national security and the interests of the public. Its importance is self-evident. Since the "Stuxnet" incident in 2010, countries around the world have raised their attention to the security of industrial control systems to an unprecedented level. Countries around the world are stepping up the formulation of policies, standards, technologies and protection solutions, among which terminal security of in...

AI Technical Summary

Problems solved by technology

However, the above two types of industrial control system terminal security protection products mainly have the following problems: First, due to the complexity of the software and hardware platform environment in the industrial control network, many CNC, PLC, DCS, SCADA and other systems mainly rely on foreign software and hardware manufacturers. It is unavoidable that there are design backdoors, inapplicable interfaces, or inconsistent application scenarios. Second, industrial control systems generally use embedded or streamlined operating systems. These systems generally cannot update operating system patches, install anti-virus software, and information security products. As a necessary security protection measure for a network terminal device, there are serious security risks in the industrial control system; third, malicious network attacks are easy to use the loopholes exposed in the industrial control system on the network to steal super-user privileges, wanton damage to the system or steal secrets Data; Fourth, the industrial control system equipment itself generally does not use double strong identity authentication methods to achieve access control, and the data stored in the industrial control equipment and various interfaces (serial ports, network ports, USB interfaces, etc.) on the equipment have illegal access by

Images