上傳時間:2020-05-15| 作者:芯杰英電子
隨著計算機技術網(wang)絡(luo)技術的(de)(de)(de)發(fa)展(zhan),特別是(shi)互(hu)(hu)(hu)聯網(wang)及社會公(gong)共網(wang)絡(luo)平臺的(de)(de)(de)快速發(fa)展(zhan),在(zai)(zai)“兩化”融合的(de)(de)(de)行業(ye)(ye)發(fa)展(zhan)需求(qiu)下,為了(le)提(ti)高生產高效運行、生產管理效率,國內眾多(duo)(duo)行業(ye)(ye)大力推進工控(kong)核芯(xin)板工業(ye)(ye)控(kong)制(zhi)(zhi)系(xi)(xi)(xi)(xi)(xi)(xi)統(tong)(tong)自(zi)(zi)身的(de)(de)(de)集(ji)成化,集(ji)中(zhong)化管理。系(xi)(xi)(xi)(xi)(xi)(xi)統(tong)(tong)的(de)(de)(de)互(hu)(hu)(hu)聯互(hu)(hu)(hu)通性逐步加(jia)強,與(yu)辦(ban)公(gong)網(wang)、互(hu)(hu)(hu)聯網(wang)也存在(zai)(zai)千絲萬縷(lv)的(de)(de)(de)聯系(xi)(xi)(xi)(xi)(xi)(xi)。但(dan)是(shi)工業(ye)(ye)控(kong)制(zhi)(zhi)系(xi)(xi)(xi)(xi)(xi)(xi)統(tong)(tong)建設時更(geng)多(duo)(duo)的(de)(de)(de)是(shi)考(kao)慮各自(zi)(zi)系(xi)(xi)(xi)(xi)(xi)(xi)統(tong)(tong)的(de)(de)(de)可用性,并(bing)沒(mei)有考(kao)慮系(xi)(xi)(xi)(xi)(xi)(xi)統(tong)(tong)之間互(hu)(hu)(hu)聯互(hu)(hu)(hu)通的(de)(de)(de)安(an)(an)全(quan)風險(xian)和防護(hu)建設。使得國際國內針對(dui)(dui)工業(ye)(ye)控(kong)制(zhi)(zhi)系(xi)(xi)(xi)(xi)(xi)(xi)統(tong)(tong)的(de)(de)(de)攻(gong)擊(ji)事(shi)件層(ceng)出不窮,“震(zhen)網(wang)”病(bing)毒事(shi)件為全(quan)球(qiu)工業(ye)(ye)控(kong)制(zhi)(zhi)系(xi)(xi)(xi)(xi)(xi)(xi)統(tong)(tong)安(an)(an)全(quan)問(wen)題(ti)敲響了(le)警鐘,促使國家和社會逐漸重視工業(ye)(ye)控(kong)制(zhi)(zhi)系(xi)(xi)(xi)(xi)(xi)(xi)統(tong)(tong)的(de)(de)(de)信(xin)息安(an)(an)全(quan)問(wen)題(ti)。據權威工業(ye)(ye)安(an)(an)全(quan)事(shi)件信(xin)息庫(ku)RISI統(tong)(tong)計,截至2013年(nian)10月,全(quan)球(qiu)已發(fa)生300余起針對(dui)(dui)工業(ye)(ye)控(kong)制(zhi)(zhi)系(xi)(xi)(xi)(xi)(xi)(xi)統(tong)(tong)的(de)(de)(de)攻(gong)擊(ji)事(shi)件。2001年(nian)后,隨著通用開發(fa)標(biao)準與(yu)互(hu)(hu)(hu)聯網(wang)技術的(de)(de)(de)廣泛使用,針對(dui)(dui)工業(ye)(ye)控(kong)制(zhi)(zhi)系(xi)(xi)(xi)(xi)(xi)(xi)統(tong)(tong)(ICS)的(de)(de)(de)病(bing)毒、木馬等攻(gong)擊(ji)行為大幅度增長(chang),直接導致(zhi)工業(ye)(ye)控(kong)制(zhi)(zhi)系(xi)(xi)(xi)(xi)(xi)(xi)統(tong)(tong)的(de)(de)(de)故障次數明顯(xian)增多(duo)(duo),對(dui)(dui)人員、設備和環境造成嚴重后果(guo)。
國(guo)家(jia)非常重視工(gong)控(kong)核芯板工(gong)業(ye)控(kong)制系(xi)統信息(xi)安(an)全問題。工(gong)業(ye)和信息(xi)化(hua)部2011年9月發布《關(guan)于加強工(gong)業(ye)控(kong)制系(xi)統信息(xi)安(an)全管(guan)理(li)的通(tong)知》(〔2011〕451號),通(tong)知明確了工(gong)業(ye)控(kong)制系(xi)統信息(xi)安(an)全管(guan)理(li)的組織領導、技術保障(zhang)、規章制度(du)等方面(mian)的要(yao)求,并(bing)在(zai)工(gong)業(ye)控(kong)制系(xi)統的連接、組網、配置、設備選擇與升級、數據、應急(ji)管(guan)理(li)等六(liu)個(ge)方面(mian)提出(chu)了明確的具體要(yao)求。
2012年,國(guo)務院(yuan)頒布《關于大力推進(jin)信息化發展和切實保(bao)(bao)障信息安全的(de)若(ruo)干意(yi)見(國(guo)發〔2012〕23號》,其中明(ming)確(que)要求保(bao)(bao)障工業控制系(xi)統安全,重點保(bao)(bao)障對可能危及生命和公(gong)共(gong)財產安全的(de)工業控制系(xi)統的(de)安全。
國家發(fa)改委從2011年(nian)開(kai)始開(kai)展工(gong)(gong)控核芯板工(gong)(gong)業(ye)控制系統(tong)(tong)信息(xi)安全(quan)專項,涉及面向現場設(she)備環境的(de)邊界(jie)安全(quan)專用(yong)網(wang)關(guan)產(chan)品(pin)、面向集散(san)控制系統(tong)(tong)(DCS)的(de)異常監(jian)測產(chan)品(pin)、安全(quan)采集遠程終端單元(RTU)產(chan)品(pin)、工(gong)(gong)業(ye)應用(yong)軟件漏洞(dong)掃描產(chan)品(pin)等(deng)產(chan)業(ye)化項目。在電力電網(wang)、石(shi)油石(shi)化、先進制造(zao)、軌道(dao)交(jiao)通等(deng)領域(yu),支持大型重點骨干企業(ye),按(an)照信息(xi)安全(quan)等(deng)級保護相關(guan)要(yao)求,開(kai)展工(gong)(gong)業(ye)控制系統(tong)(tong)信息(xi)安全(quan)建設(she)的(de)試點示范。
當前,工(gong)控核芯板工(gong)業(ye)(ye)信息系統(tong)正(zheng)從單機走向(xiang)互聯,從封閉走向(xiang)開放,安全漏洞(dong)(dong)和風(feng)險不斷涌現(xian)。2017年(nian)第一季度,國家信息安全漏洞(dong)(dong)共享(xiang)平臺爆出我國新增(zeng)工(gong)控系統(tong)行業(ye)(ye)漏洞(dong)(dong)30個,其中半(ban)數(shu)以上是高(gao)危漏洞(dong)(dong)。2017年(nian)6月(yue),在(zai)工(gong)信部的指導下(xia),國家工(gong)業(ye)(ye)信息安全產業(ye)(ye)發展聯盟正(zheng)式成(cheng)立(li)。
微信二維碼
手機網站
