上傳時間:2020-05-15| 作者:芯杰英電子
隨(sui)著計(ji)算機技(ji)術網絡技(ji)術的(de)(de)(de)(de)發(fa)(fa)(fa)展,特(te)別是(shi)互聯(lian)網及社會(hui)(hui)公(gong)共(gong)網絡平臺的(de)(de)(de)(de)快速發(fa)(fa)(fa)展,在“兩(liang)化(hua)”融合(he)的(de)(de)(de)(de)行業(ye)(ye)發(fa)(fa)(fa)展需求下(xia),為了提(ti)高(gao)生產(chan)高(gao)效運行、生產(chan)管理效率,國內眾多行業(ye)(ye)大力(li)推(tui)進工(gong)(gong)控(kong)(kong)核芯(xin)板工(gong)(gong)業(ye)(ye)控(kong)(kong)制(zhi)(zhi)(zhi)系(xi)(xi)(xi)(xi)(xi)統(tong)(tong)(tong)(tong)(tong)自身的(de)(de)(de)(de)集成化(hua),集中化(hua)管理。系(xi)(xi)(xi)(xi)(xi)統(tong)(tong)(tong)(tong)(tong)的(de)(de)(de)(de)互聯(lian)互通性逐步(bu)加強,與(yu)(yu)辦公(gong)網、互聯(lian)網也存在千絲萬(wan)縷(lv)的(de)(de)(de)(de)聯(lian)系(xi)(xi)(xi)(xi)(xi)。但(dan)是(shi)工(gong)(gong)業(ye)(ye)控(kong)(kong)制(zhi)(zhi)(zhi)系(xi)(xi)(xi)(xi)(xi)統(tong)(tong)(tong)(tong)(tong)建設(she)時更多的(de)(de)(de)(de)是(shi)考慮各自系(xi)(xi)(xi)(xi)(xi)統(tong)(tong)(tong)(tong)(tong)的(de)(de)(de)(de)可用(yong)性,并沒(mei)有(you)考慮系(xi)(xi)(xi)(xi)(xi)統(tong)(tong)(tong)(tong)(tong)之間(jian)互聯(lian)互通的(de)(de)(de)(de)安(an)(an)全風險(xian)和(he)(he)防護建設(she)。使得國際國內針對(dui)(dui)工(gong)(gong)業(ye)(ye)控(kong)(kong)制(zhi)(zhi)(zhi)系(xi)(xi)(xi)(xi)(xi)統(tong)(tong)(tong)(tong)(tong)的(de)(de)(de)(de)攻擊(ji)(ji)事件(jian)層出不窮,“震網”病毒事件(jian)為全球(qiu)工(gong)(gong)業(ye)(ye)控(kong)(kong)制(zhi)(zhi)(zhi)系(xi)(xi)(xi)(xi)(xi)統(tong)(tong)(tong)(tong)(tong)安(an)(an)全問題敲響(xiang)了警鐘,促使國家和(he)(he)社會(hui)(hui)逐漸(jian)重(zhong)(zhong)視工(gong)(gong)業(ye)(ye)控(kong)(kong)制(zhi)(zhi)(zhi)系(xi)(xi)(xi)(xi)(xi)統(tong)(tong)(tong)(tong)(tong)的(de)(de)(de)(de)信息安(an)(an)全問題。據(ju)權(quan)威(wei)工(gong)(gong)業(ye)(ye)安(an)(an)全事件(jian)信息庫RISI統(tong)(tong)(tong)(tong)(tong)計(ji),截至2013年10月,全球(qiu)已發(fa)(fa)(fa)生300余起針對(dui)(dui)工(gong)(gong)業(ye)(ye)控(kong)(kong)制(zhi)(zhi)(zhi)系(xi)(xi)(xi)(xi)(xi)統(tong)(tong)(tong)(tong)(tong)的(de)(de)(de)(de)攻擊(ji)(ji)事件(jian)。2001年后(hou)(hou),隨(sui)著通用(yong)開發(fa)(fa)(fa)標(biao)準與(yu)(yu)互聯(lian)網技(ji)術的(de)(de)(de)(de)廣(guang)泛使用(yong),針對(dui)(dui)工(gong)(gong)業(ye)(ye)控(kong)(kong)制(zhi)(zhi)(zhi)系(xi)(xi)(xi)(xi)(xi)統(tong)(tong)(tong)(tong)(tong)(ICS)的(de)(de)(de)(de)病毒、木(mu)馬等攻擊(ji)(ji)行為大幅度增長,直(zhi)接導致工(gong)(gong)業(ye)(ye)控(kong)(kong)制(zhi)(zhi)(zhi)系(xi)(xi)(xi)(xi)(xi)統(tong)(tong)(tong)(tong)(tong)的(de)(de)(de)(de)故障次數明顯增多,對(dui)(dui)人員、設(she)備和(he)(he)環(huan)境造成嚴重(zhong)(zhong)后(hou)(hou)果。
國(guo)家(jia)非常重視工(gong)控核芯板工(gong)業(ye)(ye)(ye)控制系(xi)統信息安(an)(an)全(quan)問(wen)題。工(gong)業(ye)(ye)(ye)和信息化部2011年9月(yue)發布《關(guan)于加強(qiang)工(gong)業(ye)(ye)(ye)控制系(xi)統信息安(an)(an)全(quan)管理(li)的(de)通知》(〔2011〕451號),通知明確了工(gong)業(ye)(ye)(ye)控制系(xi)統信息安(an)(an)全(quan)管理(li)的(de)組織領導(dao)、技術保障、規章制度等方面的(de)要求(qiu),并在工(gong)業(ye)(ye)(ye)控制系(xi)統的(de)連接(jie)、組網(wang)、配置、設備選擇與升級(ji)、數(shu)據、應(ying)急管理(li)等六個方面提出了明確的(de)具體要求(qiu)。
2012年,國務(wu)院頒布《關于大(da)力推(tui)進信息(xi)化發展和(he)切實保障信息(xi)安(an)全的若干意見(國發〔2012〕23號》,其(qi)中明確要求保障工業控制系(xi)統安(an)全,重(zhong)點保障對可能危及生命和(he)公(gong)共財產安(an)全的工業控制系(xi)統的安(an)全。
國家(jia)發改委從2011年開(kai)始開(kai)展工(gong)(gong)(gong)控(kong)(kong)核(he)芯板工(gong)(gong)(gong)業(ye)控(kong)(kong)制(zhi)系統信(xin)息安(an)全(quan)專項,涉(she)及面(mian)(mian)向(xiang)現場設(she)備環境的(de)邊界安(an)全(quan)專用(yong)(yong)網關產(chan)品(pin)(pin)、面(mian)(mian)向(xiang)集散控(kong)(kong)制(zhi)系統(DCS)的(de)異常(chang)監測產(chan)品(pin)(pin)、安(an)全(quan)采集遠程終端單元(RTU)產(chan)品(pin)(pin)、工(gong)(gong)(gong)業(ye)應用(yong)(yong)軟件(jian)漏(lou)洞(dong)掃描產(chan)品(pin)(pin)等(deng)產(chan)業(ye)化項目。在電力(li)電網、石(shi)油石(shi)化、先進制(zhi)造、軌道交通等(deng)領域,支持大(da)型重點骨干企業(ye),按照信(xin)息安(an)全(quan)等(deng)級保護相(xiang)關要求,開(kai)展工(gong)(gong)(gong)業(ye)控(kong)(kong)制(zhi)系統信(xin)息安(an)全(quan)建設(she)的(de)試點示范。
當(dang)前(qian),工控核芯板工業信(xin)息(xi)系統正(zheng)從單機走向互聯(lian),從封閉走向開(kai)放,安全(quan)漏(lou)(lou)洞和風(feng)險(xian)不斷涌現(xian)。2017年(nian)第一季度,國家信(xin)息(xi)安全(quan)漏(lou)(lou)洞共享(xiang)平臺爆出我國新增(zeng)工控系統行業漏(lou)(lou)洞30個,其中半數以(yi)上是高(gao)危漏(lou)(lou)洞。2017年(nian)6月(yue),在工信(xin)部的指導下,國家工業信(xin)息(xi)安全(quan)產業發展聯(lian)盟正(zheng)式(shi)成(cheng)立。
微信二維碼
手機網站
