工业控制系统信息安全新趋势

doi:10.3969/j.issn.1671-1122.2015.01.002

信息网络安全 ›› 2015, Vol. 15 ›› Issue (1): 6-11.doi: 10.3969/j.issn.1671-1122.2015.01.002

工业控制系统信息安全新趋势

王小山^1,², 杨安^1,², 石志强¹(), 孙利民¹

1.中国科学院信息工程研究所,北京100093
2.中国科学院大学,北京 100049

收稿日期:2014-10-10 出版日期:2015-01-10 发布日期:2015-07-05
作者简介:
作者简介：王小山（1986-）,男,山西,博士研究生,主要研究方向：工业控制系统信息安全、物理层安全;杨安（1988-）,男,河北,博士研究生,主要研究方向：工业控制系统信息安全;石志强（1970-）,男,重庆,博士,正研级高工,主要研究方向：工业控制系统安全、网络与系统安全;孙利民（1966-）,男,河南,博士,研究员,主要研究方向：物联网及其安全。
基金资助:
国家自然科学基金面上项目[61402475];中国科学院国防科技创新基金项目重点基金[CXJJ-14-Z68];中国科学院信息工程研究所前瞻项目[Y4Z0033102]

New Trend of Information Security in Industrial Control Systems

Xiao-shan WANG^1,², An YANG^1,², Zhi-qiang SHI¹(), Li-min SUN¹

1. Institute of Information Engineering, CAS, Beijing 100093, China
2.University of Chinese Academy of Sciences, Beijing 100049, China

Received:2014-10-10 Online:2015-01-10 Published:2015-07-05

摘要/Abstract

摘要：

随着科学技术的高速发展,工业化与信息化的不断融合,工业控制系统越来越多采用标准、通用的通信协议和软硬件系统,并且以各种方式接入互联网,从而打破了这些系统原有的封闭性和专用性,造成病毒、木马等安全威胁向工控领域迅速扩散。工业控制系统所面临的信息安全问题日益严重,而且呈现出诸多与传统IT系统不同的特点。为了简要介绍目前工控安全研究领域的新趋势和新成果,文章首先从工业控制系统的定义和三层结构出发,引出了工控系统的安全问题,利用详实的数据阐述了该安全问题的分布特点和发展趋势。接下来,文章从学术研究的角度,重点介绍了工业控制系统信息安全领域的专门国际会议ICS-CSR。通过比较已经举办过的两届ICS-CSR会议所收录的论文,就攻击者与攻击途径、网络攻击的检测与响应、系统安全建模与脆弱性分析,以及工控安全的社会-技术性等多个重要问题进行了详细的讨论,总结了工控安全研究中的主要问题、思路、方法和结论,阐述了该领域的当前态势和未来方向。最后,文章提出了纵深防御的安全理念,并以此为指导,构建了由边界系统、防御系统、防危系统等三部分组成的综合防御体系,旨在为工业控制系统提供全方位、多层次、完整生命周期的保护。

关键词: 工业控制系统, 信息安全, 访问控制, 社会-技术性, 纵深防御

Abstract:

With the rapid development of science and technology and the continuous fusion of industrialization and informatization, industrial control systems (ICSs) are more and more adopting standard, universal communication protocols and software/hardware systems, and being connected to the Internet in various manners. It breaks the original closure and exclusiveness of these systems, and causes security threats (such as viruses and trojans) to spread promptly into the field of industrial control. ICSs are encountered with increasingly serious information security threats that show different features from those of traditional IT systems. To briefly introduce the new trends and achievements in the field of ICS security research today, this paper presents the definition and 3-level architecture of ICSs, brings in the problem of ICS security, and elaborates the distribution and tendency of the security problem by detailed data. After that, this paper focuses on introducing the international conference ICS-CSR that is dedicated to the field of ICS information security from the viewpoint of academic research. By comparing the papers collected in the first and second ICS-CSR conferences, this paper investigates in detail on the issues of attackers and attack vectors, detection and response of cyber attacks, security modeling and vulnerability analysis of systems, and the socio-technical nature of ICSs, summarizes the main problems, ideas, approaches and conclusions in the research of ICS security, and presents the current situation and future direction of this field. Finally, this paper proposes the security concept of defense-in-depth, according to which a comprehensive defending system composed of boundary system, protection system and safety system is established aiming to provide ICSs with omni-directional, multi-layered and whole life-circle protection.

Key words: industrial control system, information security, access control, socio-technical, defense-in-deep

中图分类号:

TP309

王小山, 杨安, 石志强, 孙利民. 工业控制系统信息安全新趋势[J]. 信息网络安全, 2015, 15(1): 6-11.

Xiao-shan WANG, An YANG, Zhi-qiang SHI, Li-min SUN. New Trend of Information Security in Industrial Control Systems[J]. Netinfo Security, 2015, 15(1): 6-11.

图/表 7

图1

图2

图3

表1

表2

图4

图5

参考文献 14

[1]	北京神州绿盟信息安全科技股份有限公司. 2013工业控制系统及其安全性研究报告[EB/OL]., 2014-10-10.
[2]	ICS-CERT. ICS-CERT Monitor October/November/December2012[EB/OL]., 2014-10-10.
[3]	ICS-CERT. ICS-CERT Monitor April/May/June2013[EB/OL]. , 2014-10-10.
[4]	Michael Robinson.The SCADA threat landscape[C]// Proceedings of 1st International Symposium for ICS &SCADA Cyber Security Research, 2013:33-41.
[5]	Yasakethu S.L.P., Jiang J. Intrusion detection via machine learning for SCADA system protection[C]// Proceedings of 1st International Symposium for ICS &SCADA Cyber Security Research, 2013:101-105.
[6]	Provos N.A virtual honeypot framework[C]// Proceedings of the 13th Conference on USENIX Security Symposium, 2004:1-14.
[7]	Paul Baecher, Markus Koetter, Thorsten Holz, et al.The Nepenthes platform: An efficient approach to collect malware[C]//Proceedings of 9th International Symposium on Recent Advances in Intrusion Detection (RAID 2006), 2006:165-184.
[8]	Nepenthes Development Team. Dionaea[EB/OL]. , 2011-05-15.
[9]	Kieran McLaughlin, Sakir Sezer, Paul Smith, et al. PRECYSE: Cyber-attack detection and response for industrial control systems[C]// Proceedings of the 2nd International Symposium for ICS &SCADA Cyber Security Research, 2014:67-71.
[10]	Laurens Lemaire, Jorn Lapon, Bart De Decker, et al.A SysML extension for security analysis of industrial control systems [C]//Proceedings of the 2nd International Symposium for ICS &SCADA Cyber Security Research, 2014: 1-9.
[11]	Robert Oates, Fran Thom, Graham Herries.Security-aware, model-based systems engineering with SysML[C]// Proceedings of the 1st International Symposium for ICS &SCADA Cyber Security Research, 2013:78-87.
[12]	Ivan Cibrario Bertolotti, Luca Durante, Tingting Hu, et al.A Model for the Analysis of Security Policies in Industrial Networks[C]// Proceedings of the 1st International Symposium for ICS &SCADA Cyber Security Research, 2013: 66-77.
[13]	Andrew John Charles Blyth. Role logic and its application to the analysis of process control systems from the Socio—Technical system perspective [C]//Proceedings of the 1st International Symposium for ICS &SCADA Cyber Security Research, 2013:42-47.
[14]	Benjamin Green, Daniel Prince, Utz Roedig, et al.Socio-Technical security analysis of industrial control systems (ICS)[C]//Proceedings of the 2nd International Symposium for ICS & SCADA Cyber Security Research, 2014:10-14.

[1]	杜义峰, 郭渊博. 一种基于信任值的雾计算动态访问控制方法[J]. 信息网络安全, 2020, 20(4): 65-72.
[2]	刘鹏, 何倩, 刘汪洋, 程序. 支持撤销属性和外包解密的CP-ABE方案[J]. 信息网络安全, 2020, 20(3): 90-97.
[3]	喻露, 罗森林. RBAC模式下数据库内部入侵检测方法研究[J]. 信息网络安全, 2020, 20(2): 83-90.
[4]	许盛伟, 王飞杰. 多机构授权下可追踪可隐藏的属性基加密方案[J]. 信息网络安全, 2020, 20(1): 33-39.
[5]	汪金苗, 王国威, 王梅, 朱瑞瑾. 面向雾计算的隐私保护与访问控制方法[J]. 信息网络安全, 2019, 19(9): 41-45.
[6]	周艺华, 吕竹青, 杨宇光, 侍伟敏. 基于区块链技术的数据存证管理系统[J]. 信息网络安全, 2019, 19(8): 8-14.
[7]	叶阿勇, 金俊林, 孟玲玉, 赵子文. 面向移动终端隐私保护的访问控制研究[J]. 信息网络安全, 2019, 19(8): 51-60.
[8]	尚文利, 尹隆, 刘贤达, 赵剑明. 工业控制系统安全可信环境构建技术及应用[J]. 信息网络安全, 2019, 19(6): 1-10.
[9]	秦中元, 韩尹, 张群芳, 朱雪金. 一种改进的多私钥生成中心云存储访问控制方案[J]. 信息网络安全, 2019, 19(6): 11-18.
[10]	尚文利, 张修乐, 刘贤达, 尹隆. 工控网络局域可信计算环境构建方法与验证[J]. 信息网络安全, 2019, 19(4): 1-10.
[11]	陈瑞滢, 陈泽茂, 王浩. 工业控制系统安全监控协议的设计与优化研究[J]. 信息网络安全, 2019, 19(2): 60-69.
[12]	蔡方博, 何泾沙, 朱娜斐, 韩松. 分布式访问控制模型中节点级联失效研究[J]. 信息网络安全, 2019, 19(12): 47-52.
[13]	吕宗平, 丁磊, 隋翯, 顾兆军. 基于时间自动机的工业控制系统网络安全风险分析[J]. 信息网络安全, 2019, 19(11): 71-81.
[14]	时向泉, 陶静, 赵宝康. 面向虚拟化环境的网络访问控制系统[J]. 信息网络安全, 2019, 19(10): 1-9.
[15]	黎琳, 张旭霞. zk-snark的双线性对的国密化方案[J]. 信息网络安全, 2019, 19(10): 10-15.

工业控制系统信息安全新趋势

New Trend of Information Security in Industrial Control Systems

RichHTML

可视化

摘要/Abstract

引用本文

使用本文

图/表 7

参考文献 14

相关文章 15

编辑推荐

Metrics

本文评价