上傳時間:2020-05-15| 作者:芯杰英電子
隨著計(ji)算機技(ji)(ji)術網(wang)(wang)(wang)絡(luo)技(ji)(ji)術的(de)(de)(de)(de)(de)發(fa)展(zhan),特別是互聯(lian)(lian)網(wang)(wang)(wang)及(ji)社會(hui)公共網(wang)(wang)(wang)絡(luo)平臺(tai)的(de)(de)(de)(de)(de)快速(su)發(fa)展(zhan),在“兩化(hua)”融合的(de)(de)(de)(de)(de)行業(ye)(ye)(ye)發(fa)展(zhan)需求下(xia),為了提高生(sheng)產(chan)高效運行、生(sheng)產(chan)管(guan)理(li)效率,國(guo)內(nei)眾(zhong)多(duo)(duo)行業(ye)(ye)(ye)大力推進工(gong)(gong)(gong)(gong)控(kong)核芯板工(gong)(gong)(gong)(gong)業(ye)(ye)(ye)控(kong)制(zhi)(zhi)系(xi)統(tong)(tong)(tong)(tong)自(zi)身的(de)(de)(de)(de)(de)集成化(hua),集中化(hua)管(guan)理(li)。系(xi)統(tong)(tong)(tong)(tong)的(de)(de)(de)(de)(de)互聯(lian)(lian)互通性逐步加強,與(yu)辦公網(wang)(wang)(wang)、互聯(lian)(lian)網(wang)(wang)(wang)也存在千絲(si)萬縷(lv)的(de)(de)(de)(de)(de)聯(lian)(lian)系(xi)。但是工(gong)(gong)(gong)(gong)業(ye)(ye)(ye)控(kong)制(zhi)(zhi)系(xi)統(tong)(tong)(tong)(tong)建(jian)設(she)時更多(duo)(duo)的(de)(de)(de)(de)(de)是考(kao)慮(lv)各(ge)自(zi)系(xi)統(tong)(tong)(tong)(tong)的(de)(de)(de)(de)(de)可用性,并沒有考(kao)慮(lv)系(xi)統(tong)(tong)(tong)(tong)之間互聯(lian)(lian)互通的(de)(de)(de)(de)(de)安全風險和防護建(jian)設(she)。使(shi)得國(guo)際(ji)國(guo)內(nei)針對(dui)工(gong)(gong)(gong)(gong)業(ye)(ye)(ye)控(kong)制(zhi)(zhi)系(xi)統(tong)(tong)(tong)(tong)的(de)(de)(de)(de)(de)攻(gong)擊事(shi)件層出不窮,“震網(wang)(wang)(wang)”病毒事(shi)件為全球(qiu)工(gong)(gong)(gong)(gong)業(ye)(ye)(ye)控(kong)制(zhi)(zhi)系(xi)統(tong)(tong)(tong)(tong)安全問題敲響了警鐘,促(cu)使(shi)國(guo)家(jia)和社會(hui)逐漸重(zhong)視工(gong)(gong)(gong)(gong)業(ye)(ye)(ye)控(kong)制(zhi)(zhi)系(xi)統(tong)(tong)(tong)(tong)的(de)(de)(de)(de)(de)信息(xi)安全問題。據權威工(gong)(gong)(gong)(gong)業(ye)(ye)(ye)安全事(shi)件信息(xi)庫RISI統(tong)(tong)(tong)(tong)計(ji),截至2013年10月,全球(qiu)已發(fa)生(sheng)300余起針對(dui)工(gong)(gong)(gong)(gong)業(ye)(ye)(ye)控(kong)制(zhi)(zhi)系(xi)統(tong)(tong)(tong)(tong)的(de)(de)(de)(de)(de)攻(gong)擊事(shi)件。2001年后(hou),隨著通用開發(fa)標準(zhun)與(yu)互聯(lian)(lian)網(wang)(wang)(wang)技(ji)(ji)術的(de)(de)(de)(de)(de)廣泛使(shi)用,針對(dui)工(gong)(gong)(gong)(gong)業(ye)(ye)(ye)控(kong)制(zhi)(zhi)系(xi)統(tong)(tong)(tong)(tong)(ICS)的(de)(de)(de)(de)(de)病毒、木馬等攻(gong)擊行為大幅(fu)度增長,直接導致工(gong)(gong)(gong)(gong)業(ye)(ye)(ye)控(kong)制(zhi)(zhi)系(xi)統(tong)(tong)(tong)(tong)的(de)(de)(de)(de)(de)故障次數明顯增多(duo)(duo),對(dui)人員、設(she)備和環境造成嚴重(zhong)后(hou)果(guo)。
國家非常重視工(gong)(gong)控(kong)核芯板工(gong)(gong)業(ye)控(kong)制系統(tong)(tong)信(xin)(xin)(xin)息安全(quan)問(wen)題。工(gong)(gong)業(ye)和信(xin)(xin)(xin)息化部(bu)2011年9月發布《關于加(jia)強工(gong)(gong)業(ye)控(kong)制系統(tong)(tong)信(xin)(xin)(xin)息安全(quan)管理(li)的(de)通(tong)知》(〔2011〕451號),通(tong)知明確(que)了工(gong)(gong)業(ye)控(kong)制系統(tong)(tong)信(xin)(xin)(xin)息安全(quan)管理(li)的(de)組(zu)織領導、技術保(bao)障、規章制度(du)等方(fang)面的(de)要(yao)求,并在工(gong)(gong)業(ye)控(kong)制系統(tong)(tong)的(de)連(lian)接(jie)、組(zu)網、配(pei)置、設備選擇與升級、數(shu)據、應急(ji)管理(li)等六(liu)個方(fang)面提出(chu)了明確(que)的(de)具體要(yao)求。
2012年,國(guo)務院頒布《關于(yu)大(da)力推(tui)進(jin)信息(xi)化發展和切實(shi)保(bao)障(zhang)信息(xi)安(an)全(quan)的若干意見(jian)(國(guo)發〔2012〕23號》,其(qi)中明(ming)確要求保(bao)障(zhang)工業控制(zhi)系(xi)(xi)統(tong)安(an)全(quan),重(zhong)點保(bao)障(zhang)對(dui)可能(neng)危及生命和公共財產(chan)安(an)全(quan)的工業控制(zhi)系(xi)(xi)統(tong)的安(an)全(quan)。
國家發改委從(cong)2011年開(kai)始開(kai)展(zhan)工(gong)控(kong)核芯板工(gong)業(ye)控(kong)制(zhi)(zhi)(zhi)系統(tong)(tong)信息安(an)全專(zhuan)項,涉及面(mian)向現場設(she)備環境的邊界安(an)全專(zhuan)用網關(guan)產(chan)品(pin)、面(mian)向集散控(kong)制(zhi)(zhi)(zhi)系統(tong)(tong)(DCS)的異(yi)常監測產(chan)品(pin)、安(an)全采集遠程終端單元(RTU)產(chan)品(pin)、工(gong)業(ye)應用軟件漏洞掃描產(chan)品(pin)等(deng)(deng)產(chan)業(ye)化項目。在電(dian)力電(dian)網、石(shi)油石(shi)化、先進(jin)制(zhi)(zhi)(zhi)造、軌道交(jiao)通等(deng)(deng)領域,支(zhi)持大(da)型重點骨(gu)干企業(ye),按照信息安(an)全等(deng)(deng)級保護相關(guan)要求,開(kai)展(zhan)工(gong)業(ye)控(kong)制(zhi)(zhi)(zhi)系統(tong)(tong)信息安(an)全建設(she)的試(shi)點示范。
當前,工(gong)控(kong)核(he)芯(xin)板工(gong)業信(xin)息(xi)系(xi)統正(zheng)從單機走向互(hu)聯,從封閉走向開放,安(an)全(quan)漏洞(dong)和風險不斷涌(yong)現。2017年第(di)一季度(du),國家信(xin)息(xi)安(an)全(quan)漏洞(dong)共享平(ping)臺爆(bao)出(chu)我國新增工(gong)控(kong)系(xi)統行業漏洞(dong)30個,其中半數(shu)以上是高危漏洞(dong)。2017年6月,在工(gong)信(xin)部的指(zhi)導下,國家工(gong)業信(xin)息(xi)安(an)全(quan)產業發展聯盟正(zheng)式成立。
微信二維碼
手機網站