An intelligent industrial control system with active defense capability
By constructing an intelligent industrial control system with heterogeneous redundancy and mimicry defense, the problems of insufficient active defense and limitations in the integration of heterogeneous devices in traditional systems are solved, achieving high reliability and high availability in complex environments and ensuring stable operation of the system when facing attacks or failures.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- HANGZHOU UWNTEK AUTOMATION SYSTEM CO LTD
- Filing Date
- 2025-06-25
- Publication Date
- 2026-06-19
AI Technical Summary
Traditional industrial control systems lack proactive defense capabilities, making it difficult to cope with complex and ever-changing security threats and faults. They also have limitations in integrating heterogeneous devices and dynamically scheduling resources.
By employing heterogeneous redundancy and mimicry defense mechanisms, combined with a multi-layered, multi-stage distributed large-number voting mechanism, an intrinsic security center cloud, a secure edge intelligent control platform, and a secure programmable logic controller are constructed to achieve proactive defense and rapid response against heterogeneous devices.
It significantly improves the system's resistance to attacks and operational stability, ensuring that the system can maintain efficient and stable operation when facing network attacks or failures, and reducing the risk of production interruption.
Smart Images

Figure CN120692077B_ABST
Abstract
Description
Technical Field
[0001] This application relates to the field of information security for industrial control systems, and in particular to an intelligent industrial control system with active defense capabilities. Background Technology
[0002] In recent years, with the continuous development of industrial automation, the requirements for security, reliability, and intelligence levels in industrial control systems have been constantly increasing. Traditional industrial control systems mostly rely on centralized control architectures, employing single control platforms or simple edge control devices. They lack sufficient redundancy verification methods and proactive defense capabilities, making it difficult to cope with complex and ever-changing security threats and sudden failures. At the same time, the industrial environment is characterized by diverse equipment, complex protocols, and strong system heterogeneity. Traditional control solutions have certain limitations in integrating heterogeneous equipment and achieving unified monitoring and management.
[0003] Current industrial control systems generally suffer from insufficient security protection capabilities, making it difficult to effectively cope with the impact of cyberattacks or failures. While some solutions introduce multi-layered protection measures, they still mainly rely on passive defense strategies, lacking active detection and rapid response capabilities. Furthermore, while existing control systems can support diverse applications, they lack effective mechanisms for managing application heterogeneity and dynamic resource scheduling, limiting the system's flexibility and security when facing complex application scenarios.
[0004] Therefore, how to build an intelligent industrial control system with active defense capabilities that can support heterogeneous devices and improve its security and anti-interference capabilities has become a technical problem that urgently needs to be solved in the field of industrial automation. Summary of the Invention
[0005] The purpose of this application is to provide an intelligent industrial control system with active defense capabilities to solve problems such as information silos, inflexible computing power scheduling, and insufficient active defense capabilities in traditional industrial control systems.
[0006] According to an embodiment of this application, an intelligent industrial control system with active defense capabilities is provided, comprising:
[0007] The intrinsic security center cloud consists of three heterogeneous servers, each running its own operating system and its container, with each container running functionally equivalent but heterogeneous application executors.
[0008] The secure edge intelligent control platform consists of three heterogeneous servers, integrating an industrial control programming module, an industrial control monitoring module, a data encryption / decryption module, and a secure data bus. The industrial control monitoring module contains more than three heterogeneous monitoring executors. The data encryption / decryption module encrypts data packets generated by the industrial control programming module and the industrial control monitoring module and decrypts data streams sent from the industrial security isolation access gateway. Data from each module is transmitted through the secure data bus.
[0009] The industrial security isolation access gateway includes a national cryptographic encryption / decryption module, a protocol identification and forwarding component, and a distribution and voting component. The national cryptographic encryption / decryption module decrypts the data packets sent down and encrypts the data packets sent up. After decryption, the data packets sent down enter the protocol identification and forwarding component, which identifies the industrial protocol and forwards them efficiently. Data packets from various heterogeneous execution entities of the industrial control monitoring module enter the distribution and voting component, where voting is conducted based on a majority voting mechanism, and outliers are recorded and fed back to the security edge intelligent control platform. For data sent up by the controller, the distribution and voting component distributes it to each running heterogeneous execution entity.
[0010] The security-type programmable logic controller is used to receive instructions from the industrial security isolation access gateway. The three heterogeneous operating cores in the mimic MCU respond independently to the instructions and perform a two-out-of-three vote through their voting cores, outputting the voting results and executing the voting results.
[0011] The secure distributed controller is used to receive instructions from the industrial security isolation access gateway. The three main controllers of the quadruple heterogeneous system respond independently to the instructions. The other main controller serves as a backup and will start running again after any main controller fails or malfunctions. The outputs of the three running main controllers are used for a two-out-of-three vote through the base, and the vote result is output and executed.
[0012] From the intrinsic security center cloud and the secure edge intelligent control platform to the secure programmable logic controller and the secure distributed controller, all adopt heterogeneous redundancy and mimicry defense mechanisms.
[0013] The technical solutions provided by the embodiments of this application may include the following beneficial effects:
[0014] As can be seen from the above embodiments, this application extensively adopts heterogeneous redundancy (including heterogeneous servers, heterogeneous operating systems, application executors with heterogeneous functional equivalent code, heterogeneous monitoring executors, heterogeneous multi-core mimic MCUs, and quadruple heterogeneous redundancy architecture distributed controllers) and mimicry defense mechanisms, from the intrinsically secure central cloud and secure edge intelligent control platform to secure programmable logic controllers and secure distributed controllers. It also combines diverse compilers and various heterogeneous generation technologies, thus overcoming the inherent defects of traditional industrial control systems that are prone to large-scale failures due to the high homogeneity of internal components. This significantly improves the system's intrinsic immunity and attack resistance to zero-day vulnerabilities, unknown threats, and advanced persistent attacks, ensuring that even if some components are compromised, the system as a whole can still maintain normal operation.
[0015] This system introduces a multi-layered, multi-stage distributed large-number voting mechanism, including a distribution voting component in the industrial security isolation access gateway, a voter built into the secure programmable logic controller, and a secure distributed controller. This mechanism performs real-time comparison, adjudication, and outlier recording of outputs from heterogeneous executors or heterogeneous master controllers. Simultaneously, the intrinsic security center cloud provides the ability to diagnose, clean, and recover from pseudo-security threats, while the security edge intelligent control platform provides fault early warning and automated response components. Therefore, it addresses the shortcomings of existing industrial control systems, which are mostly reactive and lack proactive defense and automated recovery capabilities. This enables the system to identify, filter, and eliminate abnormal behaviors caused by attacks or faults in real time, achieving adaptive processing and self-healing recovery of malicious commands or abnormal data, significantly enhancing the system's security and operational stability.
[0016] This system ensures the inherent security of the industrial control system while deeply integrating security capabilities into core business processes such as industrial control programming, monitoring, and data transmission. For example, the industrial control programming module supports multiple industrial control languages, the industrial control monitoring module contains heterogeneous monitoring executors, and the data encryption / decryption module supports national cryptographic algorithms. Furthermore, data from each module is transmitted through a secure data bus. Therefore, it balances the stringent requirements of industrial control systems for both security and operational continuity, avoiding the negative impact of traditional security solutions on system performance and real-time performance. This ensures that the industrial control system can maintain efficient, stable, and reliable operation even in the face of network attacks or internal failures, effectively reducing the risk of production interruption due to security incidents.
[0017] Based on the above series of security technologies and equipment, this invention constructs an intelligent industrial control system with proactive defense capabilities, which can effectively ensure the platform's proactive tolerance of vulnerabilities, proactive avoidance of attacks, and proactive suppression of failures, ensuring the system's high reliability, trustworthiness, and high availability in complex environments, and supporting the long-term stable development of industrial control systems. Attached Figure Description
[0018] The accompanying drawings, which are incorporated in and form part of this specification, illustrate embodiments consistent with this application and, together with the description, serve to explain the principles of this application.
[0019] Figure 1 This is a schematic diagram illustrating the structure of an intelligent industrial control system with active defense capabilities according to an exemplary embodiment. Detailed Implementation
[0020] Exemplary embodiments will now be described in detail, examples of which are illustrated in the accompanying drawings. When the following description relates to the drawings, unless otherwise indicated, the same numbers in different drawings represent the same or similar elements. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with this application. Rather, they are merely examples of systems consistent with some aspects of this application.
[0021] This application provides an intelligent industrial control system with active defense capabilities, such as... Figure 1 As shown, the overall architecture is a "cloud-edge-device" collaborative architecture. The cloud is an endogenous central cloud that provides inherent security protection by utilizing mimicry cloud technology and a heterogeneous system situational management platform. The edge is an edge cloud, which is a secure edge intelligent control platform based on mimicry cloud. The platform integrates control programming, monitoring, and dynamic proactive defense functions to achieve intelligent response and secure orchestration of industrial control. The device is a control terminal, including a secure programmable logic controller and a secure distributed controller. Through multi-core heterogeneous redundancy and secure voting strategy design, the system's proactive defense capabilities are improved. The cloud-edge and edge-device communication channels are connected through an industrial security isolation access gateway for encryption / decryption, protocol identification, and heterogeneous execution entity distribution voting to ensure communication security and voting security.
[0022] The purpose of this application is to provide an intelligent industrial control system with active defense capabilities to meet the business needs of cloud-edge collaborative intelligent control and the technical challenges of information security protection in industrial control systems.
[0023] The technical solutions of the embodiments of this application will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of this application, and not all embodiments. Based on the embodiments of this application, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of this application.
[0024] See Figure 1 This is a schematic diagram of the structure of an intelligent industrial control system with active defense capabilities, provided in an embodiment of this application. Figure 1As shown in the figure, this application provides an intelligent industrial control system with active defense capabilities. This intelligent industrial control system mainly includes: an intrinsic security center cloud, a secure edge intelligent control platform, an industrial security isolation access gateway, a secure programmable logic controller, and a secure distributed controller, wherein:
[0025] The intrinsic security center cloud consists of three heterogeneous servers, each running its own operating system and its container. Each container runs application executables with equivalent functionality but heterogeneous code.
[0026] Specifically, the intrinsic security center cloud is built on a mimicry cloud management platform. It constructs a heterogeneous environment encompassing hardware, operating systems, middleware, and full-featured cloud application execution through three heterogeneous system-level situational management platforms (such as ARM servers and their corresponding management platform systems, Shenwei servers and their corresponding management platform systems, and X86 servers and their corresponding management platform systems). The intrinsic security center cloud integrates a distribution and voting module for voting on the distribution of issued instructions and the collection and uploading of data.
[0027] Furthermore, the intrinsic security center cloud provides automated deployment capabilities for heterogeneous execution entities of mimicry applications; pool management of application service heterogeneous execution entities and application service heterogeneous execution entity images based on heterogeneous feature rule classification; a global resource status view of execution entities, mimicry cloud containers, and mimicry virtual machines; runtime node management driven by command policy files; the ability to diagnose, clean up, and recover mimicry security threats, as well as status alerts; and a unified voting service framework for the distribution and voting needs of multiple concurrent application services, as well as dynamic scheduling of distribution and voting servers.
[0028] The secure edge intelligent control platform consists of three heterogeneous servers, integrating an industrial control programming module, an industrial control monitoring module, a data encryption / decryption module, and a secure data bus. The industrial control monitoring module contains more than three heterogeneous monitoring executors. The data encryption / decryption module encrypts data packets generated by the industrial control programming module and the industrial control monitoring module and decrypts data streams sent from the industrial security isolation access gateway. Data from each module is transmitted through the secure data bus.
[0029] Specifically, the edge intelligent control platform is also based on the mimicry cloud management platform. It constructs a heterogeneous environment encompassing hardware, operating systems, middleware, and full-function cloud application execution entities through three heterogeneous system-level situational management platforms (such as ARM servers and corresponding management platform systems, Shenwei servers and corresponding management platform systems, and X86 servers and corresponding management platform systems). Simultaneously, the platform integrates an industrial control programming module. This module enables programming using Function Block Diagrams (FBD), Structured Text (ST), Sequential Control Language (SFC), and Ladder Diagrams (LD) based on the IEC61131-3 standard. These programs can be distributed to terminal controllers for execution, supporting corresponding logic control or process control. The platform also integrates an industrial control monitoring module, which consists of multiple virtual machines. Each virtual machine independently runs heterogeneous monitoring execution entities with heterogeneous code but equivalent functionality. The executable program in the system can be based on a diverse intermediate language compiler. It can generate heterogeneous monitoring programs with equivalent code heterogeneous functions by combining control flow virtualization, instruction randomization, basic block expansion, basic block rearrangement, and string manipulation of the source code of a single monitoring program. Alternatively, it can be heterogeneous monitoring programs developed by different industrial control vendors. Each heterogeneous monitoring program runs in an independent virtual machine, forming a heterogeneous monitoring execution system. The data encryption and decryption module supports encryption and decryption based on the national cryptographic algorithms SM2, SM3, and SM4. It encrypts data packets generated by the industrial control programming module and the industrial control monitoring module and decrypts data streams sent from the industrial security isolation access gateway. The secure data bus achieves the required security integrity while ensuring the security functions of the protocol stack, reducing residual errors in the protocol stack and development implantation errors. It can be implemented based on deterministic communication methods and technologies of multimodal real-time networks.
[0030] The industrial security isolation access gateway includes a national cryptographic encryption / decryption module, a protocol identification and forwarding component, and a distribution and voting component. The national cryptographic encryption / decryption module decrypts the data packets sent down and encrypts the data packets sent up. After decryption, the data packets sent down enter the protocol identification and forwarding component, which identifies the industrial protocol and forwards them efficiently. Data packets from the heterogeneous execution entities of the industrial control monitoring module in the secure edge intelligent control platform enter the distribution and voting component, which votes based on a majority voting mechanism and records events for abnormal values. Typically, it is a two-out-of-three voting, that is, voting on the instructions from the three heterogeneous execution entities of the industrial control monitoring module, and outputting the voting results to the southbound terminal control. At the same time, when there is an abnormal voting result, that is, different results exist among the heterogeneous execution entities, the event is recorded and fed back to the secure edge intelligent control platform, which cleans and restores the execution entity until it is restored before it can be put back into use. During this period, other execution entities of the industrial control monitoring module are put into operation and join the two-out-of-three voting. For the data collected and sent up by the controller, the national cryptographic encryption / decryption module in the industrial security isolation access gateway first encrypts it, and then distributes it to each running heterogeneous monitoring execution entity through the distribution and voting component.
[0031] The security-oriented programmable logic controller is designed and implemented based on a heterogeneous multi-core mimic MCU. The scheduling, voting, and clear recovery mechanism of the mimic MCU enables the programmable logic controller to have inherent security. Specifically, when the security-oriented programmable logic controller receives an instruction from the industrial security isolation access gateway, the three heterogeneous operating cores in the mimic MCU respond to the instruction independently, and perform a two-out-of-three vote through the voting core built into the MCU chip, output the voting result, and execute the vote.
[0032] The secure distributed controller is designed based on a quadruple heterogeneous redundancy architecture, with each of the four master controllers having a different chip or operating system. Specifically, when the secure distributed controller receives an instruction from the industrial security isolation access gateway, the three master controllers in the quadruple heterogeneous architecture respond independently to the instruction, while the fourth master controller acts as a backup. When the voting process detects that any master controller has failed or malfunctioned, the backup master controller starts running. The outputs of the three running master controllers are used for a two-out-of-three vote through the base, and the voting results are output and executed. The faulty master controller becomes the backup master controller after being cleaned and restored.
[0033] When the intrinsic security central cloud issues monitoring commands to the security edge intelligent control platform, the central cloud distributes the monitoring commands to each heterogeneous monitoring executor in the industrial control monitoring module. Each heterogeneous monitoring executor responds to the command and encrypts the output through a data encryption / decryption module. The encrypted output enters the industrial security isolation access gateway for decryption and voting. The voting result is then sent to the terminal device's secure programmable logic controller or secure distributed controller. The heterogeneous MCU or heterogeneous master controller of the terminal device responds to the command again, performs a majority vote through its built-in voter, and outputs and executes the final voting result. Similarly, when collecting and uploading data from the terminal, the secure programmable logic controller or secure distributed controller collects and uploads the data to the industrial security isolation access gateway. The industrial security isolation access gateway distributes the data to each heterogeneous monitoring executor, and each heterogeneous monitoring executor then uploads the data to the intrinsic security central cloud. The central cloud outputs the voting results of the data collected by multiple heterogeneous monitoring executors through a majority vote.
[0034] As can be seen from the above embodiments, this application extensively adopts heterogeneous redundancy (including heterogeneous servers, heterogeneous operating systems, application executors with heterogeneous functional equivalent code, heterogeneous monitoring executors, heterogeneous multi-core mimic MCUs, and quadruple heterogeneous redundancy architecture distributed controllers) and mimicry defense mechanisms, from the intrinsically secure central cloud and secure edge intelligent control platform to secure programmable logic controllers and secure distributed controllers. It also combines diverse compilers and various heterogeneous generation technologies, thus overcoming the inherent defects of traditional industrial control systems that are prone to large-scale failures due to the high homogeneity of internal components. This significantly improves the system's intrinsic immunity and attack resistance to zero-day vulnerabilities, unknown threats, and advanced persistent attacks, ensuring that even if some components are compromised, the system as a whole can still maintain normal operation.
[0035] This system introduces a multi-layered, multi-stage distributed large-number voting mechanism, including a distribution voting component in the industrial security isolation access gateway, a voter built into the secure programmable logic controller, and a secure distributed controller. This mechanism performs real-time comparison, adjudication, and outlier recording of outputs from heterogeneous executors or heterogeneous master controllers. Simultaneously, the intrinsic security center cloud provides the ability to diagnose, clean, and recover from pseudo-security threats, while the security edge intelligent control platform provides fault early warning and automated response components. Therefore, it addresses the shortcomings of existing industrial control systems, which are mostly reactive and lack proactive defense and automated recovery capabilities. This enables the system to identify, filter, and eliminate abnormal behaviors caused by attacks or faults in real time, achieving adaptive processing and self-healing recovery of malicious commands or abnormal data, significantly enhancing the system's security and operational stability.
[0036] This system ensures the inherent security of the industrial control system while deeply integrating security capabilities into core business processes such as industrial control programming, monitoring, and data transmission. For example, the industrial control programming module supports multiple industrial control languages, the industrial control monitoring module contains heterogeneous monitoring executors, and the data encryption / decryption module supports national cryptographic algorithms. Furthermore, data from each module is transmitted through a secure data bus. Therefore, it balances the stringent requirements of industrial control systems for both security and operational continuity, avoiding the negative impact of traditional security solutions on system performance and real-time performance. This ensures that the industrial control system can maintain efficient, stable, and reliable operation even in the face of network attacks or internal failures, effectively reducing the risk of production interruption due to security incidents.
[0037] Based on the above series of security technologies and equipment, this invention constructs an intelligent industrial control system with proactive defense capabilities, which can effectively ensure the platform's proactive tolerance of vulnerabilities, proactive avoidance of attacks, and proactive suppression of failures, ensuring the system's high reliability, trustworthiness, and high availability in complex environments, and supporting the long-term stable development of industrial control systems.
[0038] Other embodiments of this application will readily occur to those skilled in the art upon consideration of the specification and practice of the disclosure herein. This application is intended to cover any variations, uses, or adaptations of this application that follow the general principles of this application and include common knowledge or customary techniques in the art not disclosed herein. The specification and embodiments are to be considered exemplary only, and the true scope and spirit of this application are indicated by the claims.
[0039] It should be understood that this application is not limited to the precise structure described above and shown in the accompanying drawings, and various modifications and changes can be made without departing from its scope. The scope of this application is limited only by the appended claims.
Claims
1. An intelligent industrial control system with active defense capability, characterized in that, include: The intrinsic security center cloud consists of three heterogeneous servers, each running its own operating system and its containers. Each container runs application executables with equivalent functionality but heterogeneous code. The secure edge intelligent control platform consists of three heterogeneous servers, integrating an industrial control programming module, an industrial control monitoring module, a data encryption / decryption module, and a secure data bus. The industrial control monitoring module contains more than three heterogeneous monitoring executors. The data encryption / decryption module encrypts the data packets generated by the industrial control programming module and the industrial control monitoring module, and decrypts the data stream sent from the industrial security isolation access gateway. Data from each module is transmitted via the secure data bus. The industrial security isolation access gateway includes a national cryptographic encryption / decryption module, a protocol identification and forwarding component, and a distribution and voting component. The national cryptographic encryption / decryption module decrypts the data packets sent down and encrypts the data packets sent up. After being decrypted, the data sent down enters the protocol identification and forwarding component, which identifies the industrial protocol and forwards it efficiently. Data packets from various heterogeneous actuators in the industrial control monitoring module enter the distribution and voting component, where voting is conducted based on a majority voting mechanism and outlier values are recorded as events, which are then fed back to the security edge intelligent control platform. For data sent by the controller, the distribution and voting component distributes it to each running heterogeneous actuator. The safety-type programmable logic controller is used to receive instructions from the industrial safety isolation access gateway. The three heterogeneous operating cores in the mimic MCU respond to the instructions independently, and perform a two-out-of-three vote through their voting cores, output the voting results and execute the voting results. The security-type distributed controller is used to receive instructions from the industrial security isolation access gateway. The three main controllers of the quadruple heterogeneous system respond independently to the instructions, and the other main controller serves as a backup, which will start running again after any main controller fails or malfunctions. The outputs of the three running main controllers are voted on by a two-out-of-three majority vote through the base, and the voting result is output and executed. From the intrinsic security center cloud and the secure edge intelligent control platform to the secure programmable logic controller and the secure distributed controller, all adopt heterogeneous redundancy and mimicry defense mechanisms.
2. The intelligent industrial control system with active defense capability according to claim 1, characterized in that, The intrinsic security center cloud provides automated deployment capabilities for heterogeneous execution entities of mimicry applications; and provides pool management of heterogeneous execution entities of application services and images of application service heterogeneous execution entities based on heterogeneous feature rule classification. Provides a global view of the resource status of the execution entity, mimicry cloud containers, and mimicry virtual machines; provides runtime node management driven by command policy files; and provides the ability to diagnose, clean up, and recover mimicry security threats, as well as status alerts. It provides a unified voting service framework for distributing voting needs of multiple concurrent application services, as well as dynamic scheduling of distribution and voting servers.
3. The intelligent industrial control system with active defense capability according to claim 1, characterized in that, The industrial control programming module supports logic control and process control algorithm programming based on four industrial control languages: FBD / ST / SFC / LD.
4. The intelligent industrial control system with active defense capability according to claim 1, characterized in that, The monitoring program of the heterogeneous monitoring executor is based on an intermediate language diversification compiler. It combines control flow virtualization, instruction randomization, basic block expansion, basic block rearrangement, and string generation of heterogeneous monitoring programs from the source code of a single monitoring program to generate heterogeneous functions equivalent to heterogeneous monitoring programs, or heterogeneous monitoring programs developed by different industrial control manufacturers. Each heterogeneous monitoring program runs in an independent virtual machine, thus forming a heterogeneous monitoring executor.
5. The intelligent industrial control system with active defense capability according to claim 1, characterized in that, The data encryption / decryption module supports encryption and decryption based on the Chinese national cryptographic algorithms SM2, SM3, and SM4.
6. The intelligent industrial control system with active defense capability according to claim 1, characterized in that, The security-oriented programmable logic controller is designed and implemented based on a heterogeneous multi-core mimic MCU. The scheduling voting clear recovery mechanism of the mimic MCU enables the programmable logic controller to have inherent security.
7. The intelligent industrial control system with active defense capability according to claim 1, characterized in that, The secure distributed controller is implemented based on a quadruple heterogeneous redundancy architecture design, with each of the four main controllers having a different chip or operating system. 8.The smart industrial control system with active defense capability of claim 1, wherein, When the intrinsic security central cloud issues monitoring commands to the security edge intelligent control platform, the central cloud distributes the monitoring commands to each heterogeneous monitoring executor in the industrial control monitoring module. Each heterogeneous monitoring executor responds to the command and encrypts the output through a data encryption / decryption module. The encrypted output enters the industrial security isolation access gateway for decryption and voting. The voting result is then sent to the terminal device's secure programmable logic controller or secure distributed controller. The heterogeneous MCU or heterogeneous master controller of the terminal device responds to the command again, performs a majority vote through its built-in voter, and outputs and executes the final voting result. Similarly, when collecting and uploading data from the terminal, the secure programmable logic controller or secure distributed controller collects and uploads the data to the industrial security isolation access gateway. The industrial security isolation access gateway distributes the data to each heterogeneous monitoring executor, and each heterogeneous monitoring executor then uploads the data to the intrinsic security central cloud. The central cloud outputs the voting results of the data collected by multiple heterogeneous monitoring executors through a majority vote.