上傳時(shi)間:2020-05-15| 作者:芯杰英電子
隨著(zhu)計算機技(ji)術(shu)網(wang)(wang)絡技(ji)術(shu)的(de)(de)(de)發(fa)展(zhan),特別(bie)是(shi)互(hu)聯(lian)網(wang)(wang)及社會(hui)(hui)公共(gong)網(wang)(wang)絡平臺的(de)(de)(de)快速發(fa)展(zhan),在(zai)(zai)“兩化(hua)”融合(he)的(de)(de)(de)行(xing)業發(fa)展(zhan)需求下,為了提高生產(chan)高效(xiao)運(yun)行(xing)、生產(chan)管(guan)理效(xiao)率,國內眾多行(xing)業大(da)力推進工(gong)(gong)(gong)控(kong)(kong)(kong)核(he)芯板工(gong)(gong)(gong)業控(kong)(kong)(kong)制(zhi)系(xi)(xi)(xi)統(tong)(tong)(tong)(tong)自(zi)身的(de)(de)(de)集成(cheng)化(hua),集中(zhong)化(hua)管(guan)理。系(xi)(xi)(xi)統(tong)(tong)(tong)(tong)的(de)(de)(de)互(hu)聯(lian)互(hu)通(tong)性逐步加(jia)強,與(yu)辦(ban)公網(wang)(wang)、互(hu)聯(lian)網(wang)(wang)也存在(zai)(zai)千絲萬縷(lv)的(de)(de)(de)聯(lian)系(xi)(xi)(xi)。但是(shi)工(gong)(gong)(gong)業控(kong)(kong)(kong)制(zhi)系(xi)(xi)(xi)統(tong)(tong)(tong)(tong)建(jian)設時更多的(de)(de)(de)是(shi)考(kao)慮各自(zi)系(xi)(xi)(xi)統(tong)(tong)(tong)(tong)的(de)(de)(de)可用(yong)性,并沒有考(kao)慮系(xi)(xi)(xi)統(tong)(tong)(tong)(tong)之間(jian)互(hu)聯(lian)互(hu)通(tong)的(de)(de)(de)安(an)(an)全風險和防護建(jian)設。使得國際國內針(zhen)對(dui)(dui)工(gong)(gong)(gong)業控(kong)(kong)(kong)制(zhi)系(xi)(xi)(xi)統(tong)(tong)(tong)(tong)的(de)(de)(de)攻擊事(shi)(shi)件(jian)(jian)層出不(bu)窮,“震網(wang)(wang)”病(bing)毒事(shi)(shi)件(jian)(jian)為全球工(gong)(gong)(gong)業控(kong)(kong)(kong)制(zhi)系(xi)(xi)(xi)統(tong)(tong)(tong)(tong)安(an)(an)全問題(ti)敲響(xiang)了警鐘,促使國家和社會(hui)(hui)逐漸重(zhong)視(shi)工(gong)(gong)(gong)業控(kong)(kong)(kong)制(zhi)系(xi)(xi)(xi)統(tong)(tong)(tong)(tong)的(de)(de)(de)信息(xi)安(an)(an)全問題(ti)。據權威工(gong)(gong)(gong)業安(an)(an)全事(shi)(shi)件(jian)(jian)信息(xi)庫RISI統(tong)(tong)(tong)(tong)計,截(jie)至(zhi)2013年(nian)10月,全球已(yi)發(fa)生300余起針(zhen)對(dui)(dui)工(gong)(gong)(gong)業控(kong)(kong)(kong)制(zhi)系(xi)(xi)(xi)統(tong)(tong)(tong)(tong)的(de)(de)(de)攻擊事(shi)(shi)件(jian)(jian)。2001年(nian)后,隨著(zhu)通(tong)用(yong)開發(fa)標(biao)準與(yu)互(hu)聯(lian)網(wang)(wang)技(ji)術(shu)的(de)(de)(de)廣泛使用(yong),針(zhen)對(dui)(dui)工(gong)(gong)(gong)業控(kong)(kong)(kong)制(zhi)系(xi)(xi)(xi)統(tong)(tong)(tong)(tong)(ICS)的(de)(de)(de)病(bing)毒、木馬(ma)等攻擊行(xing)為大(da)幅度(du)增長,直接導(dao)致工(gong)(gong)(gong)業控(kong)(kong)(kong)制(zhi)系(xi)(xi)(xi)統(tong)(tong)(tong)(tong)的(de)(de)(de)故障次數(shu)明(ming)顯(xian)增多,對(dui)(dui)人員、設備和環(huan)境造成(cheng)嚴(yan)重(zhong)后果。
國家非(fei)常重視(shi)工控核芯(xin)板(ban)工業控制系統(tong)信(xin)(xin)息安全(quan)問題。工業和信(xin)(xin)息化(hua)部2011年9月發(fa)布《關(guan)于加強(qiang)工業控制系統(tong)信(xin)(xin)息安全(quan)管(guan)理的(de)(de)通知》(〔2011〕451號),通知明(ming)確了工業控制系統(tong)信(xin)(xin)息安全(quan)管(guan)理的(de)(de)組(zu)織領導、技術保(bao)障、規(gui)章制度等方面的(de)(de)要求,并在(zai)工業控制系統(tong)的(de)(de)連接、組(zu)網、配置、設備選擇(ze)與升級、數據、應急管(guan)理等六個(ge)方面提出了明(ming)確的(de)(de)具體要求。
2012年,國(guo)務院頒布《關于大力(li)推進(jin)信息化發(fa)展和切(qie)實保障信息安全的若干意見(國(guo)發(fa)〔2012〕23號》,其中明確要求(qiu)保障工業控(kong)制(zhi)系統(tong)安全,重點保障對可能危及(ji)生命(ming)和公(gong)共財產安全的工業控(kong)制(zhi)系統(tong)的安全。
國家發改委從2011年(nian)開始開展工(gong)控核芯板工(gong)業(ye)(ye)控制系統信(xin)息(xi)安(an)(an)(an)全(quan)(quan)(quan)專(zhuan)(zhuan)項,涉及面向(xiang)現場(chang)設備環(huan)境的(de)邊界安(an)(an)(an)全(quan)(quan)(quan)專(zhuan)(zhuan)用網關產(chan)品(pin)、面向(xiang)集散控制系統(DCS)的(de)異常監測產(chan)品(pin)、安(an)(an)(an)全(quan)(quan)(quan)采集遠(yuan)程終(zhong)端單元(RTU)產(chan)品(pin)、工(gong)業(ye)(ye)應用軟件漏洞掃描產(chan)品(pin)等(deng)(deng)產(chan)業(ye)(ye)化項目。在電(dian)力電(dian)網、石油石化、先進制造、軌道交通(tong)等(deng)(deng)領域,支(zhi)持(chi)大(da)型(xing)重點骨干企(qi)業(ye)(ye),按照信(xin)息(xi)安(an)(an)(an)全(quan)(quan)(quan)等(deng)(deng)級保護相關要求,開展工(gong)業(ye)(ye)控制系統信(xin)息(xi)安(an)(an)(an)全(quan)(quan)(quan)建(jian)設的(de)試(shi)點示范。
當前,工(gong)控核芯板(ban)工(gong)業信(xin)息(xi)系統正從單機走向互聯,從封閉走向開放(fang),安全(quan)(quan)漏(lou)(lou)洞(dong)和風險不(bu)斷(duan)涌現。2017年(nian)第一季度,國(guo)家(jia)信(xin)息(xi)安全(quan)(quan)漏(lou)(lou)洞(dong)共享(xiang)平臺爆出我(wo)國(guo)新增(zeng)工(gong)控系統行業漏(lou)(lou)洞(dong)30個,其(qi)中(zhong)半數以(yi)上是高危(wei)漏(lou)(lou)洞(dong)。2017年(nian)6月,在(zai)工(gong)信(xin)部的指導下,國(guo)家(jia)工(gong)業信(xin)息(xi)安全(quan)(quan)產業發展聯盟正式(shi)成立。
微信二維碼
手機網站