计算机科学 ›› 2018, Vol. 45 ›› Issue (4): 25-33.doi: 10.11896/j.issn.1002-137X.2018.04.004

• 综述 • 上一篇    下一篇

工业控制系统的安全技术与应用研究综述

锁延锋,王少杰,秦宇,李秋香,丰大军,李京春   

  1. 北京科技大学计算机与通信工程学院 北京100083;国家信息技术安全研究中心 北京100084,国家信息技术安全研究中心 北京100084,中国科学院软件研究所 北京100083,公安部第一研究所 北京100083,中国电子信息产业集团有限公司第六研究所 北京100083,国家信息技术安全研究中心 北京100084
  • 出版日期:2018-04-15 发布日期:2018-05-11
  • 基金资助:
    本文受国家863计划项目:漏洞验证评估与综合服务平台研究(2012AA012901)资助

Summary of Security Technology and Application in Industrial Control System

SUO Yan-feng, WANG Shao-jie, QIN Yu, LI Qiu-xiang, FENG Da-jun and LI Jing-chun   

  • Online:2018-04-15 Published:2018-05-11

摘要: 为应对控制系统与互联网技术深度融合引发的安全新挑战,抵御震网病毒、火焰病毒、BlackEnergy等靶向攻击,针对工业控制系统漏洞挖掘、修复与控制等技术滞后,以及工业控制安全面临的“难发现、难监测、难防护”等问题,通过对工业控制系统的理论模型、关键技术、装备研制及测试评估进行研究,以漏洞挖掘与利用研究为主线,以理论与体系架构研究和安全技术测试验证平台的建设为基础,以动态监测防护和主动防御为目标,以测试样例集的攻防验证与典型示范为应用,提出了包含工业控制系统漏洞挖掘、深度检测、动态防护、主动防御等的整体安全技术解决方案,设计并构建了集漏洞挖掘、验证评估、动态防护、主动防御于一体的工业控制系统安全技术体系。

关键词: 工业控制系统,漏洞挖掘,验证评估,动态防护,主动防御

Abstract: In order to face the new challenges caused by the deep integration of control system and Internet technology and resist the target attack,such as shock virus,flame virus and BlackEnergy,aiming at the technical lag of industrial control system vulnerability mining,repair and control,and the problems of “difficult to detect,difficult to monitor,difficult to protect”,this paper researched the theoretical model,key technology,equipment development and test evaluation of industrial control system.Besides,through taking the research of vulnerability mining and utilization as the main line,taking theoretical system architecture research and test verification platform construction as the basis,taking dynamically monitoring protection and active defense as the goal,taking test example set attack and defense verification and typical demonstration as the applicationl,this paper proposed security technology solutions including industrial control system vulnerability mining,depth detection,dynamic protection,active defense,and designed the integrated security technology system including vulnerability mining,verification and evaluation,dynamic protection and active defense.

Key words: Industrial control system,Vulnerability mining,Validation evaluation,Dynamic protection,Active defense

[1] SADEGHI A R,WACHSMANN C,WAIDNER M.Security and privacy challenges in industrial internet of things[C]∥Procee-dings of the 52nd Annual Design Automation Conference.ACM,2015:54.
[2] THABET A.Stuxnet_Malware_Analysis_Paper[J].Freelancer MMware Reseafcher,2010:3-28.
[3] 安天实验室.对flame病毒攻击事件的分析报告[R].哈尔滨:安全实验室,2012.
[4] RAVAL S.BlackEnergy a threat to Industrial Control Systems network security[J].International Journal of Advance Research in Engineering,Science &Technology(IJAREST),2015,2(12):31-34.
[5] LAI Y X,LIU Z H,CAI X T,et al.Research on intrusion detection of industrial control system[J].Journal on Communications,2017,38(2):143-156.(in Chinese) 赖英旭,刘增辉,蔡晓田,等.工业控制系统入侵检测研究综述[J].通信学报,2017,8(2):143-156.
[6] SUN Y A,JING K,WANG Y Z.A Network Security Protection Research for Industrial Control System[J].Journal of Information Securyity Research,2017,3(2):171-176.(in Chinese) 孙易安,井柯,汪义舟.工业控制系统安全网络防护研究[J].信息安全研究,2017,3(2):171-176.
[7] YI S W,ZHANG C B,XIE F,et al.Security analysis of indus-trial control network protocols based on Peach [J].Journal of Tsinghua University(Science & Technology),2017,7(1):50-54.(in Chinese) 伊胜伟,张翀斌,谢丰,等.基于Peach的工业控制网络协议安全分析[J].清华大学学报(自然科学版),2017,7(1):50-54.
[8] ZHANG Y F,HONG Z,WU L F,et al.State based Fuzzing method for industrial control protocols[J].Computer Science,2017,4(5):132-140.(in Chinese) 张亚丰,洪征,吴礼发,等.基于状态的工业控制协议Fuzzing测试技术[J].计算机科学,2017,4(5):132-140.
[9] YU C Q.The Study of Industry Control System Device Vulnerability Discovery[D].Beijing:Beijing University of Posts and Telecommunications,2015.(in Chinese) 于长奇.工业控制设备漏洞挖掘技术研究[D].北京:北京邮电大学,2015.
[10] JIA C Q,FENG D Q.Security assessment for industrial control systems based on fuzzy analytic hierarchy process[J].Journal of Zhejiang University(Engineering Science),2016,50(4):759-765.(in Chinese) 贾驰千,冯冬芹.基于模糊层次分析法的工业控制系统安全评估[J].浙江大学学报(工学版),2016,0(4):759-765.
[11] GONG S D,WANG L.Cyber Security Risk Assessment for Industrial Control System Based on AHP and Information Entropy[J].Industrial Control Computer,2017,0(4):11-12,15.(in Chinese) 龚斯谛,王磊.基于AHP与信息熵的工业控制系统信息安全风险评估研究[J].工业控制计算机,2017,0(4):11-12,15.
[12] ZHONG L G.Research of Information Security Solutions of Industrial Control System Based on Trusted Computing [D].Dalian:Dalian University of Technolngy,2015.(in Chinese) 钟梁高.基于可信计算的工业控制系统信息安全解决方案研究[D].大连:大连理工大学,2015.
[13] WU H.Research on Industrial Control Environment Computing Node Security Protection Technology[D].Beijing:Beijing University of Technolngy,2016.(in Chinese) 吴欢.工业控制环境计算节点安全防护技术研究[D].北京:北京工业大学,2016.
[14] LIU N,YU X H,ZHANG J H.Coordinated Cyber-attack:Infe-rence and Thinking of Incident on Ukrainian Power Grid[J].Automation of Electric Power Systems,2016,40(6):144-147.(in Chinese) 刘念,余星火,张建华.网络协同攻击:乌克兰停电事件的推演与启示[J].电力系统自动化,2016,40(6):144-147.
[15] ASGHARI H,CIERE M,VAN EETEN M J G.Post-mortem of a zombie:conficker cleanup after six years[C]∥Usenix Con-ference on Security Symposium.2015:1-16.
[16] ISA.Security for Industrial Automation and Control Systems:ANSI/ISA-99.00.01-2007[S].
[17] IEC.Industrial communication networks-Network and system security IEC:62433[S].Geneva:IEC,2009.
[18] Department of Energy Federal Energy Regulatory Commis- sion:Mandatory Reliability Standards for Critical Infrastructure Protection.https://www.gao.gov/products/GAO-08-493R.
[19] The Smart Grid Interoperability Panel Cyber Security Working Group.Introduction to NISTIR 7628 Guidelines for Smart Grid Cyber Security.https://www.smartgrid.gov/files/nistir_7628_.pdf.
[20] Regulatory Guide 5.71.Cyber security programs for nuclear facilities[M].U.S.Nuclear Regulatory Commission,2010.
[21] SCHNEIER B.Attack trees[J].Doctor Dobbs Journal,1999,24(12):21-29.
[22] PITRE-CAMBACDS L,BOUISSOU M.Beyond attacktrees:dynamic security modeling with Boolean logic Driven Markov Processes(BDMP)[C]∥Dependable Computing Conference(EDCC).IEEE,2010:199-208.
[23] KUIPERS D,FABRO M.Control systems cyber security:Defense in depth strategies[C]∥Conference:2007 ISA Expo.
[24] HADZIOSMANOVIC D,BOLZONI D,ETALLE S,et al.Challenges and opportunities in securing industrial control systems[C]∥Complexity in Engineering(COMPENG).IEEE,2012:1-6.
[25] ETALLE S,GREGORY C,BOLZONI D,et al.Monitoring Industrial Control Systems to improve operations and security[R].Security Matters,2013.
[26] 全国工业过程测量控制和自动化标准化技术委员会.工业控制系统信息安全:GB/T30976-2014[S].
[27] KONSTANTINOU C,MANIATAKOS M.Impact of firmware modification attacks on power systems field devices[C]∥IEEE International Conference on Smart Grid Communications.IEEE,2015:283-288.
[28] National Institute of Standards and Technology.MeasurementChallenges and Opportunitie s for Developing Smart Grid Testbeds Workshop 2014.http://www.nist.gov/smartgrid/upload/SG-Testbed-Workshop-Report-FINAL-1-2-8-2014.pdf.
[29] Idaho National Laboratory.National SCADA Test Bed(NSTB) Program.https://www.inl.gov.

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
[1] 编辑部. 新网站开通,欢迎大家订阅![J]. 计算机科学, 2018, 1(1): 1 .
[2] 雷丽晖,王静. 可能性测度下的LTL模型检测并行化研究[J]. 计算机科学, 2018, 45(4): 71 -75 .
[3] 孙启,金燕,何琨,徐凌轩. 用于求解混合车辆路径问题的混合进化算法[J]. 计算机科学, 2018, 45(4): 76 -82 .
[4] 张佳男,肖鸣宇. 带权混合支配问题的近似算法研究[J]. 计算机科学, 2018, 45(4): 83 -88 .
[5] 伍建辉,黄中祥,李武,吴健辉,彭鑫,张生. 城市道路建设时序决策的鲁棒优化[J]. 计算机科学, 2018, 45(4): 89 -93 .
[6] 史雯隽,武继刚,罗裕春. 针对移动云计算任务迁移的快速高效调度算法[J]. 计算机科学, 2018, 45(4): 94 -99 .
[7] 周燕萍,业巧林. 基于L1-范数距离的最小二乘对支持向量机[J]. 计算机科学, 2018, 45(4): 100 -105 .
[8] 刘博艺,唐湘滟,程杰仁. 基于多生长时期模板匹配的玉米螟识别方法[J]. 计算机科学, 2018, 45(4): 106 -111 .
[9] 耿海军,施新刚,王之梁,尹霞,尹少平. 基于有向无环图的互联网域内节能路由算法[J]. 计算机科学, 2018, 45(4): 112 -116 .
[10] 崔琼,李建华,王宏,南明莉. 基于节点修复的网络化指挥信息系统弹性分析模型[J]. 计算机科学, 2018, 45(4): 117 -121 .