CN116800511B - A network security protection capability inspection and evaluation system for industrial control systems - Google Patents
A network security protection capability inspection and evaluation system for industrial control systems Download PDFInfo
- Publication number
- CN116800511B CN116800511B CN202310825226.4A CN202310825226A CN116800511B CN 116800511 B CN116800511 B CN 116800511B CN 202310825226 A CN202310825226 A CN 202310825226A CN 116800511 B CN116800511 B CN 116800511B
- Authority
- CN
- China
- Prior art keywords
- industrial control
- control system
- network
- maintenance
- security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0654—Management of faults, events, alarms or notifications using network fault recovery
- H04L41/0663—Performing the actions predefined by failover planning, e.g. switching to standby network elements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
- H04L67/125—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention discloses an industrial control system network security protection capability checking and evaluating system, which relates to the technical field of network security protection and comprises an industrial control system monitoring unit, a risk shielding unit, a risk protection unit, a twins industrial control system, a security protection sub-platform, a background operation and maintenance platform, a vulnerability repairing unit and a network security evaluating unit; the twin industrial control system is two identical industrial control systems, wherein one industrial control system is connected with the background operation and maintenance platform; the risk protection unit is used for constructing a safety firewall for the network safety of the operation and maintenance industrial control system; the industrial control system monitoring unit is used for carrying out safety protection monitoring on the operation and maintenance industrial control system. The invention can know the safety protection state of the operation and maintenance industrial control system in real time, and carry out timely strengthening maintenance, and the capability of network attack can be strengthened along with the development progress of the times, so the safety protection capability of the operation and maintenance industrial control system also needs to be strengthened and defended.
Description
Technical Field
The invention relates to the technical field of network safety protection, in particular to an industrial control system network safety protection capability checking and evaluating system.
Background
With the development of computer technology, communication technology and control technology, the traditional control field is undergoing an unprecedented revolution, and starts to develop towards networking, wherein the implementation of network security is also introduced in industrial control systems.
The prior art has the following defects: if the part is damaged by the network in the running process of the industrial control system, the part is difficult to replace, the normal running and use of the industrial control system are affected, the good standby performance is not achieved, the network attack is also more vigorous and stronger along with the development of the age, and the technical maintenance and reinforcement of the security defense system are difficult to carry out according to the data.
Disclosure of Invention
The invention aims to provide an industrial control system network security protection capability checking and evaluating system for solving the defects in the background technology.
In order to achieve the above object, the present invention provides the following technical solutions: the system comprises an industrial control system monitoring unit, a risk shielding unit, a risk protection unit, a twins industrial control system, a safety protection sub-platform, a background operation and maintenance platform, a vulnerability repairing unit and a network safety evaluation unit;
the twins industrial control system is two identical industrial control systems, wherein one industrial control system is connected with the background operation and maintenance platform and is used as an operation and maintenance industrial control system; the other industrial control system is used as a standby, and is used as a standby industrial control system, and the operation and maintenance industrial control system transmits and backs up information to the standby industrial control system in real time;
the risk protection unit is used for constructing a safety firewall for the network safety of the operation and maintenance industrial control system to form a safety protection item;
the industrial control system monitoring unit is used for carrying out safety protection monitoring on the operation and maintenance industrial control system to form an operation and maintenance industrial control system management item;
the risk shielding unit is used for carrying out network security risk monitoring on the operation and maintenance industrial control system, forming a risk grade, and selecting to carry out risk shielding on the operation and maintenance industrial control system according to the risk grade;
the vulnerability repairing unit is used for carrying out network patrol on the network security of the operation and maintenance industrial control system, and searching for network security vulnerabilities to repair;
the network security assessment unit is used for collecting and assessing information of security protection feasibility of the operation and maintenance industrial control system;
the safety protection sub-platform is in data connection with the background operation and maintenance platform, and after the operation and maintenance industrial control system performs risk shielding, the safety protection sub-platform is connected with a network site in the operation and maintenance industrial control system, and risk is relieved for the network site.
In a preferred embodiment, the relationship establishment mode of the twins industrial control system is as follows:
the industrial control system is provided with a plurality of network stations, and the network stations in the operation and maintenance industrial control system and the standby industrial control system are in parallel relation;
setting the synchronous frequency of data between the network stations in the operation and maintenance industrial control system and the standby industrial control system, and correspondingly storing the network station data in the operation and maintenance industrial control system into the network station of the standby industrial control system according to the set synchronous evaluation rate;
the data synchronization is carried out according to the set frequency, so that the situation that the data of the standby network station is lost after the network station is shielded by network attack can be reduced, and smooth replacement can be carried out between the standby industrial control system and the operation and maintenance industrial control system.
In a preferred embodiment, the firewall is established by:
acquiring information of a coverage area of an operation and maintenance industrial control system and information of a network site, and constructing a first-level security firewall in the coverage area of the operation and maintenance industrial control system;
meanwhile, a secondary security firewall is correspondingly built one by one aiming at network sites in the operation and maintenance industrial control system, meanwhile, the area corresponding relation between the primary security firewall and the secondary security firewall is built, and the primary security firewall and the secondary security firewall are associated according to the position of network attack.
In a preferred embodiment, the operation and maintenance industrial control system management item is formed in the following manner:
acquiring the working state of a network station in the operation and maintenance industrial control system, and carrying out safety monitoring on a single network station;
and acquiring the network running state in the operation and maintenance industrial control system in real time, when network attack occurs in the primary security firewall, enabling the secondary security firewall corresponding to the network station, carrying out security prevention and control alarm prompt aiming at the network station receiving the attack, and forming an operation and maintenance industrial control system management item by combining the network attack received by the primary firewall.
In a preferred embodiment, the division of the network attack strengths is:
acquiring management item information of an operation and maintenance industrial control system, grading the network attack degree, and grading according to the intensity of a first-level security firewall and a second-level security firewall of the network attack, wherein the intensity of the network attack is respectively as follows:
a general intensity level;
a step intensity level;
severe intensity rating;
when the network attack intensity is the general intensity level, the standby industrial control system is not started; monitoring the defending progress of the network attack in real time when the intensity level is advanced, and starting an auxiliary industrial control system when the intensity level is advanced to a serious intensity level;
and automatically switching the network station under network attack to the network station in the standby industrial control system according to the network station under network attack in the operation and maintenance industrial control system, and simultaneously automatically connecting the network station under network attack to the safety protection sub-platform.
In a preferred embodiment, the network patrol is performed by:
and carrying out network security inspection on the operation and maintenance industrial control system in real time, marking dangerous network information, acquiring network attack characteristics, forming a network attack characteristic library, forming protective measures according to the data of the network attack characteristic library, carrying out inspection on the operation and maintenance industrial control system according to the protective measures, and carrying out vulnerability repair.
In a preferred embodiment, the safety protection feasibility evaluation mode of the operation and maintenance industrial control system is as follows:
the method comprises the steps of obtaining the times of attacks of a primary security firewall and a secondary security firewall of an industrial control system, the strength of network attacks and the occurrence position of the network attacks, further evaluating the security protection performance of the operation and maintenance industrial control system to obtain a security evaluation coefficient of the operation and maintenance industrial control system, wherein the calculation formula is as follows:
;
wherein,for the safety evaluation coefficient of the operation and maintenance industrial control system, < >>For the weight factor of the network attack between the primary security firewall and the secondary security firewall +.>To weight factors for network attacks outside the primary security firewall,for the number of times a general intensity level of network attacks occurs, +.>The number of occurrences of the advanced intensity level for a network attack, +.>The number of times that the serious intensity level of the network attack appears;、And->The network attack evaluation indexes are respectively a general intensity level, a progressive intensity level and a serious intensity level.
In a preferred embodiment, wherein,And when the safety evaluation coefficient of the operation and maintenance industrial control system is smaller than the set safety threshold, the maintenance of the primary safety firewall and the secondary safety firewall is enhanced.
In the technical scheme, the invention has the technical effects and advantages that:
1. the invention has better shielding function, can replace the shielded network site in time, avoids affecting the normal use of an industrial control system, and can also better defend network attack;
2. the invention has better monitoring function of the safety protection of the industrial control system, can know the state of the safety protection of the operation and maintenance industrial control system in real time, and can carry out timely strengthening maintenance, and the capability of network attack can be strengthened along with the development progress of the times, so that the safety protection capability of the operation and maintenance industrial control system also needs to be strengthened.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings that are needed in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments described in the present invention, and other drawings may be obtained according to these drawings for a person having ordinary skill in the art.
Fig. 1 is a system block diagram of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
An embodiment 1, please refer to fig. 1, wherein the system for checking and evaluating the network security protection capability of the industrial control system according to the present embodiment includes an industrial control system monitoring unit, a risk shielding unit, a risk protection unit, a twins industrial control system, a security protection sub-platform, a background operation and maintenance platform, a vulnerability repairing unit, and a network security evaluation unit;
the twins industrial control system is two identical industrial control systems, wherein one industrial control system is connected with the background operation and maintenance platform and is used as an operation and maintenance industrial control system; the other industrial control system is used as a standby, and is used as a standby industrial control system, and the operation and maintenance industrial control system transmits and backs up information to the standby industrial control system in real time;
the industrial control system is provided with a plurality of network stations, and the network stations in the operation and maintenance industrial control system and the standby industrial control system are in parallel relation;
setting the synchronous frequency of data between the network stations in the operation and maintenance industrial control system and the standby industrial control system, and correspondingly storing the network station data in the operation and maintenance industrial control system into the network station of the standby industrial control system according to the set synchronous evaluation rate;
the data synchronization is carried out according to the set frequency, so that the situation that the data of the standby network station is lost after the network station is shielded by network attack can be reduced, and smooth replacement can be carried out between the standby industrial control system and the operation and maintenance industrial control system;
the risk protection unit is used for constructing a safety firewall for the network safety of the operation and maintenance industrial control system to form a safety protection item;
acquiring information of a coverage area of an operation and maintenance industrial control system and information of a network site (a main body of equipment for transmitting and receiving information), and constructing a first-level security firewall in the coverage area of the operation and maintenance industrial control system;
meanwhile, constructing secondary security firewalls one by one corresponding to network sites in the operation and maintenance industrial control system, and simultaneously establishing a regional corresponding relation between the primary security firewall and the secondary security firewall, and associating the primary security firewall with the secondary security firewall according to the network attack position, wherein the primary security firewall has the condition of being associated with a plurality of secondary security firewalls;
when the primary security firewall is not attacked by the network, the secondary security firewall is in a standby state;
when the primary security firewall is attacked by the network, correspondingly triggering the opening of the associated secondary security firewall according to the attacked position of the primary security firewall;
the safety protection effect on the industrial control system can be ensured, meanwhile, the operation pressure of a safety protection background operation and maintenance platform is reduced, the safety protection background operation and maintenance platform has a better targeted protection effect, and the operation efficiency of the system is greatly improved;
the industrial control system monitoring unit is used for carrying out safety protection monitoring on the operation and maintenance industrial control system to form an operation and maintenance industrial control system management item;
acquiring the working state of a network station in the operation and maintenance industrial control system, and carrying out safety monitoring on a single network station;
acquiring a network running state in the operation and maintenance industrial control system in real time, when network attack occurs in the primary security firewall, enabling a secondary security firewall corresponding to the network site, carrying out security prevention and control alarm prompt aiming at the network site receiving the attack, and forming an operation and maintenance industrial control system management item by combining the network attack received by the primary firewall;
the risk shielding unit is used for carrying out network security risk monitoring on the operation and maintenance industrial control system, forming a risk grade, and selecting to carry out risk shielding on the operation and maintenance industrial control system according to the risk grade;
acquiring management item information of an operation and maintenance industrial control system, grading the network attack degree, and grading according to the intensity of a first-level security firewall and a second-level security firewall of the network attack, wherein the intensity of the network attack is respectively as follows:
the general intensity level (the defending intensity of the primary security firewall and the secondary security firewall is greater than the network attack intensity);
the advanced strength level (the defending strength of the primary security firewall and the secondary security firewall is equal to the network attack strength);
the serious strength grade (the defending strength of the primary security firewall and the secondary security firewall is smaller than the network attack strength);
when the network attack intensity is the general intensity level, the standby industrial control system is not started; monitoring the defending progress of the network attack in real time when the intensity level is advanced, and starting an auxiliary industrial control system when the intensity level is advanced to a serious intensity level; when the intensity is in a serious intensity level, starting an auxiliary industrial control system;
according to the network station under network attack in the operation and maintenance industrial control system, automatically switching to the network station in the standby industrial control system, and simultaneously automatically connecting the network station under network attack to the safety protection sub-platform;
the shielding function is better, the shielded network site can be replaced in time, the normal use of an industrial control system is prevented from being influenced, and meanwhile, the network attack can be well defended;
the vulnerability repairing unit is used for carrying out network patrol on the network security of the operation and maintenance industrial control system, and searching for network security vulnerabilities to repair;
carrying out network security inspection on the operation and maintenance industrial control system in real time, marking dangerous network information, acquiring network attack characteristics, forming a network attack characteristic library, and forming protective measures according to the data of the network attack characteristic library;
and carrying out inspection and maintenance on the operation and maintenance industrial control system according to the protective measures and carrying out bug repair.
In embodiment 2, referring to fig. 1, the network security assessment unit is configured to collect and assess information about security feasibility of an operation and maintenance industrial control system;
the method comprises the steps of obtaining the times of attacks of a primary security firewall and a secondary security firewall of an industrial control system, the strength of network attacks and the occurrence position of the network attacks, further evaluating the security protection performance of the operation and maintenance industrial control system to obtain a security evaluation coefficient of the operation and maintenance industrial control system, wherein the calculation formula is as follows:
;
wherein,for the safety evaluation coefficient of the operation and maintenance industrial control system, < >>For the weight factor of the network attack between the primary security firewall and the secondary security firewall +.>To weight factors for network attacks outside the primary security firewall,for the number of times a general intensity level of network attacks occurs, +.>The number of occurrences of the advanced intensity level for a network attack, +.>The number of times that the serious intensity level of the network attack appears;、And->Network attack evaluation indexes of a general intensity level, a progressive intensity level and a serious intensity level respectively; it should be noted that->、And->The greater the number of ++>The larger the value of (C) is, the worse the safety protection capability of the operation and maintenance industrial control system is, and +.>,When the safety evaluation coefficient of the operation and maintenance industrial control system is smaller than a set safety threshold, namely, the protection performance of the firewall is enhanced, and the safety evaluation coefficient of the operation and maintenance industrial control system is reduced;
the system has a good industrial control system safety protection monitoring function, can know the safety protection state of the operation and maintenance industrial control system in real time, and performs timely strengthening maintenance, and the network attack capacity is strengthened along with the development progress of the times, so that the safety protection capacity of the operation and maintenance industrial control system also needs to be strengthened;
the safety protection sub-platform is in data connection with the background operation and maintenance platform, and after the operation and maintenance industrial control system performs risk shielding, the safety protection sub-platform is connected with a network site in the operation and maintenance industrial control system, and risk is relieved for the network site;
the network station under network attack is connected through the safety protection sub-platform to eliminate network attack viruses, the network station is recovered to be the network station in the standby industrial control system after the health state is recovered, then the connection with the safety protection sub-platform is disconnected, further the next use is waited, the same network station is arranged in the operation and maintenance industrial control system and the standby industrial control system, and the same two network stations are mutually replaced.
The foregoing is merely specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily think about changes or substitutions within the technical scope of the present application, and the changes and substitutions are intended to be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (7)
1. An industrial control system network security protection ability inspection evaluation system which is characterized in that: the system comprises an industrial control system monitoring unit, a risk shielding unit, a risk protection unit, a twins industrial control system, a safety protection sub-platform, a background operation and maintenance platform, a vulnerability repairing unit and a network safety evaluation unit;
the twins industrial control system is two identical industrial control systems, wherein one industrial control system is connected with the background operation and maintenance platform and is used as an operation and maintenance industrial control system; the other industrial control system is used as a standby, and is used as a standby industrial control system, and the operation and maintenance industrial control system transmits and backs up information to the standby industrial control system in real time;
the risk protection unit is used for constructing a safety firewall for the network safety of the operation and maintenance industrial control system to form a safety protection item;
the industrial control system monitoring unit is used for carrying out safety protection monitoring on the operation and maintenance industrial control system to form an operation and maintenance industrial control system management item;
the risk shielding unit is used for carrying out network security risk monitoring on the operation and maintenance industrial control system, forming a risk grade, and selecting to carry out risk shielding on the operation and maintenance industrial control system according to the risk grade;
acquiring management item information of an operation and maintenance industrial control system, grading the network attack degree, and grading according to the intensity of a first-level security firewall and a second-level security firewall of the network attack, wherein the intensity of the network attack is respectively as follows:
a general intensity level;
a step intensity level;
severe intensity rating;
when the network attack intensity is the general intensity level, the standby industrial control system is not started; monitoring the defending progress of the network attack in real time when the intensity level is advanced, and starting an auxiliary industrial control system when the intensity level is advanced to a serious intensity level;
according to the network station under network attack in the operation and maintenance industrial control system, automatically switching to the network station in the standby industrial control system, and simultaneously automatically connecting the network station under network attack to the safety protection sub-platform;
the vulnerability repairing unit is used for carrying out network patrol on the network security of the operation and maintenance industrial control system, and searching for network security vulnerabilities to repair;
the network security assessment unit is used for collecting and assessing information of security protection feasibility of the operation and maintenance industrial control system;
the safety protection sub-platform is in data connection with the background operation and maintenance platform, and after the operation and maintenance industrial control system performs risk shielding, the safety protection sub-platform is connected with a network site in the operation and maintenance industrial control system, and risk is relieved for the network site.
2. The industrial control system network security capability inspection and assessment system according to claim 1, wherein: the relation establishment mode of the twins industrial control system is as follows:
the industrial control system is provided with a plurality of network stations, and the network stations in the operation and maintenance industrial control system and the standby industrial control system are in parallel relation;
setting the synchronous frequency of data between the network stations in the operation and maintenance industrial control system and the standby industrial control system, and correspondingly storing the network station data in the operation and maintenance industrial control system into the network station of the standby industrial control system according to the set synchronous evaluation rate;
and synchronizing the data according to the set frequency.
3. The industrial control system network security capability checking and evaluating system according to claim 2, wherein: the firewall is established in the following way:
acquiring information of a coverage area of an operation and maintenance industrial control system and information of a network site, and constructing a first-level security firewall in the coverage area of the operation and maintenance industrial control system;
meanwhile, a secondary security firewall is correspondingly built one by one aiming at network sites in the operation and maintenance industrial control system, meanwhile, the area corresponding relation between the primary security firewall and the secondary security firewall is built, and the primary security firewall and the secondary security firewall are associated according to the position of network attack.
4. The industrial control system network security capability checking and evaluating system according to claim 3, wherein: the management item forming mode of the operation and maintenance industrial control system is as follows:
acquiring the working state of a network station in the operation and maintenance industrial control system, and carrying out safety monitoring on a single network station;
and acquiring the network running state in the operation and maintenance industrial control system in real time, when network attack occurs in the primary security firewall, enabling the secondary security firewall corresponding to the network station, carrying out security prevention and control alarm prompt aiming at the network station receiving the attack, and forming an operation and maintenance industrial control system management item by combining the network attack received by the primary firewall.
5. The industrial control system network security capability inspection and assessment system according to claim 1, wherein: the network patrol mode is as follows:
and carrying out network security inspection on the operation and maintenance industrial control system in real time, marking dangerous network information, acquiring network attack characteristics, forming a network attack characteristic library, forming protective measures according to the data of the network attack characteristic library, carrying out inspection on the operation and maintenance industrial control system according to the protective measures, and carrying out vulnerability repair.
6. The industrial control system network security capability inspection and assessment system according to claim 1, wherein: the safety protection feasibility evaluation mode for the operation and maintenance industrial control system is as follows:
the method comprises the steps of obtaining the times of attacks of a primary security firewall and a secondary security firewall of an industrial control system, the strength of network attacks and the occurrence position of the network attacks, further evaluating the security protection performance of the operation and maintenance industrial control system to obtain a security evaluation coefficient of the operation and maintenance industrial control system, wherein the calculation formula is as follows:
;
wherein,for the safety evaluation coefficient of the operation and maintenance industrial control system, < >>For the weight factor of the network attack between the primary security firewall and the secondary security firewall +.>Weight factor for network attack outside first-class security firewall>For the number of times a general intensity level of network attacks occurs, +.>The number of occurrences of the advanced intensity level for a network attack, +.>Serious for network attackThe number of times the intensity level appears;、And->The network attack evaluation indexes are respectively a general intensity level, a progressive intensity level and a serious intensity level.
7. The industrial control system network security capability inspection and assessment system according to claim 6, wherein: and when the security evaluation coefficient of the operation and maintenance industrial control system is smaller than a set security threshold value, the maintenance reinforcement of the primary security firewall and the secondary security firewall is carried out.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310825226.4A CN116800511B (en) | 2023-07-06 | 2023-07-06 | A network security protection capability inspection and evaluation system for industrial control systems |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310825226.4A CN116800511B (en) | 2023-07-06 | 2023-07-06 | A network security protection capability inspection and evaluation system for industrial control systems |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116800511A CN116800511A (en) | 2023-09-22 |
| CN116800511B true CN116800511B (en) | 2024-04-02 |
Family
ID=88041936
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310825226.4A Active CN116800511B (en) | 2023-07-06 | 2023-07-06 | A network security protection capability inspection and evaluation system for industrial control systems |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116800511B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109543301A (en) * | 2018-11-22 | 2019-03-29 | 苏州健雄职业技术学院 | A kind of network security attacks prototype modeling method based on Industry Control |
| CN111885094A (en) * | 2020-09-28 | 2020-11-03 | 浙江省能源集团有限公司 | Industrial control system network safety protection capability inspection and evaluation system |
| WO2021227465A1 (en) * | 2020-09-24 | 2021-11-18 | 中广核工程有限公司 | Security defense method and system for industrial control system network |
| CN114418263A (en) * | 2021-11-26 | 2022-04-29 | 内蒙古大唐国际托克托发电有限责任公司 | A defense system for power monitoring device of thermal power plant |
| CN114417328A (en) * | 2022-01-19 | 2022-04-29 | 湖南警察学院 | An abnormal attack behavior detection method for industrial control system |
| KR20220145580A (en) * | 2021-04-22 | 2022-10-31 | 명지대학교 산학협력단 | Security Managing Method For Industrial Control System To Detect DLL Injection |
| CN116318783A (en) * | 2022-12-05 | 2023-06-23 | 浙江大学 | Method and device for safety monitoring of network industrial control equipment based on safety index |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115004637B (en) * | 2020-01-22 | 2024-03-08 | 西门子工业公司 | Real-time and independent cyber attack monitoring and automated cyber attack response system |
-
2023
- 2023-07-06 CN CN202310825226.4A patent/CN116800511B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109543301A (en) * | 2018-11-22 | 2019-03-29 | 苏州健雄职业技术学院 | A kind of network security attacks prototype modeling method based on Industry Control |
| WO2021227465A1 (en) * | 2020-09-24 | 2021-11-18 | 中广核工程有限公司 | Security defense method and system for industrial control system network |
| CN111885094A (en) * | 2020-09-28 | 2020-11-03 | 浙江省能源集团有限公司 | Industrial control system network safety protection capability inspection and evaluation system |
| KR20220145580A (en) * | 2021-04-22 | 2022-10-31 | 명지대학교 산학협력단 | Security Managing Method For Industrial Control System To Detect DLL Injection |
| CN114418263A (en) * | 2021-11-26 | 2022-04-29 | 内蒙古大唐国际托克托发电有限责任公司 | A defense system for power monitoring device of thermal power plant |
| CN114417328A (en) * | 2022-01-19 | 2022-04-29 | 湖南警察学院 | An abnormal attack behavior detection method for industrial control system |
| CN116318783A (en) * | 2022-12-05 | 2023-06-23 | 浙江大学 | Method and device for safety monitoring of network industrial control equipment based on safety index |
Non-Patent Citations (2)
| Title |
|---|
| 工业控制系统信息安全浅析;李莉;;电子产品世界(第02期);全文 * |
| 论工业控制系统网络安全风险评估试点工作;尹肖栋;严丹;赵一凡;;软件(第09期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116800511A (en) | 2023-09-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Girdhar et al. | Hidden markov models-based anomaly correlations for the cyber-physical security of ev charging stations | |
| CN107819785B (en) | A Double-layer Defense Method for False Data Injection Attacks in Power Systems | |
| CN106100877B (en) | A kind of electric system reply network attack vulnerability assessment method | |
| Zhu et al. | Intrusion detection against MMS-based measurement attacks at digital substations | |
| Girdhar et al. | Machine learning-enabled cyber attack prediction and mitigation for ev charging stations | |
| CN117459328B (en) | Network path analysis system and method based on network security anomaly detection | |
| CN118137679B (en) | Intelligent security management and control integrated system for transformer substation | |
| CN116800511B (en) | A network security protection capability inspection and evaluation system for industrial control systems | |
| CN117521329B (en) | A reliability modeling and prediction method for equipment system based on generalized effective OODA loop | |
| Ding et al. | Cyber risks of PMU networks with observation errors: Assessment and mitigation | |
| CN115411722A (en) | Urban power grid key node identification method under condition of asymmetric grid structure information | |
| Sahu et al. | Score: A security-oriented cyber-physical optimal response engine | |
| Ni et al. | Design of a game theory based defense system for power system cyber security | |
| CN117155799B (en) | A Vulnerability Assessment Method for Substation Communication Networks Based on Complex Network Theory | |
| CN107277070A (en) | A kind of computer network instrument system of defense and intrusion prevention method | |
| Saad et al. | A review of various modern strategies for mitigation of cyber attacks in smart grids | |
| CN115017464B (en) | Risk assessment method, device and storage medium for power grid suffering from external attack | |
| CN117610796A (en) | A worst-case scenario resilience assessment approach for critical infrastructure systems | |
| Chen et al. | Analysis of the Impact Mechanism of Synergetic Cyber Attacks on Electric Cyber Physical System | |
| Ge et al. | Detecting data integrity attacks in smart grid | |
| CN117560212A (en) | Risk propagation path assessment method for coupling information space and physical systems of distribution network | |
| CN118233076A (en) | A multi-stage cyber-physical coordinated attack method for vulnerable power system lines | |
| CN116684345A (en) | A multi-point and multi-level data management method, system, medium and equipment | |
| CN111314911B (en) | A WiFi terminal anti-sniffing method | |
| Gao et al. | Network attacks identification method of relay protection devices communication system based on Fp-Growth algorithm |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20240123 Address after: Room 413, Unit 1, Building 1, Tian'an Digital City, No. 1 Huangjin Road, Nancheng Street, Dongguan City, Guangdong Province, 523000 Applicant after: Dongguan Minglu Information Technology Co.,Ltd. Country or region after: China Address before: Room 1001, unit 4, building 6, Tianan Digital City, No.1, Huangjin Road, Nancheng street, Dongguan City, Guangdong Province, 523000 Applicant before: GUANGDONG WANER TECHNOLOGY Co.,Ltd. Country or region before: China |
|
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20240308 Address after: Room 901, No. 2, Lane 288, Qianfan Road, Xinqiao Town, Songjiang District, Shanghai 201612 Applicant after: Shikong (Shanghai) brand planning Co.,Ltd. Country or region after: China Address before: Room 413, Unit 1, Building 1, Tian'an Digital City, No. 1 Huangjin Road, Nancheng Street, Dongguan City, Guangdong Province, 523000 Applicant before: Dongguan Minglu Information Technology Co.,Ltd. Country or region before: China |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |