中圖分類號: TP393.08 文獻標識碼: A DOI: 10.19358/j.issn.2096-5133.2022.03.005 引用格式: 李實,,萬睿,,周帥. 工控系統(tǒng)脆弱性分析研究[J].信息技術(shù)與網(wǎng)絡(luò)安全,2022,,41(3):26-31.
Research on vulnerability analysis of industrial control system
Li Shi1,,Wan Rui1,Zhou Shuai2
(1.Daya Bay Nuclear Power Operations and Management Co.,,Ltd.,,Shenzhen 518124,China,; 2.National Computer System Engineering Research Institute of China,,Beijing 100083,China)
Abstract: With the wide application of new industrial Internet technologies in the field of industrial control, the industrial control system has been transformed from the previous island model to an open system. Through the industrial control situation platform exposed on the Internet, it can be found that a large number of industrial control devices are exposed to the Internet, and the industrial control system is facing unprecedented security threat. Through the analysis of the security status and vulnerability of the industrial control system, this paper puts forward the attack threats faced by the industrial control system from the attacker′s point of view. Combined with the real nuclear power DCS system, the vulnerability of the system is summarized through safety tests, and the effectiveness and actual availability of the security protection strategy are comprehensively considered. It can make a protection plan by adding some safety equipment. Through the deployment and verification in the laboratory, the safety protection measures have reduced the vulnerability of the nuclear power DCS system and improved the security of the system.
Key words : industrial control system,;penetration test,;cyber security