[Two Sessions]Consolidate the foundation for network security, and escort the integration of industrial production and industrialization

01

Network security risks highlighted in the process of integration of industrialization and industrialization

The continuous integration of a new generation of information technology and industrial production has strengthened the connection between the physical world and the information world. While enjoying the benefits of rapid industrial development brought by information technology, we are also facing severe cyber security challenges.

First of all, the integration of industrialization and industrialization inevitably breaks the originally closed network boundary of the industrial control system. Attackers can launch attacks from multiple levels such as management, production, and consumption, which increases the possibility of network attacks and transforms the information world. The introduction of cyber security threats to the physical world has aggravated the consequences of cyber attacks on industrial enterprises, ranging from the downtime of industrial production lines and causing economic losses, and on the other hand, production safety accidents, causing casualties, and even endangering national security.

Secondly, a large number of industrial intelligent devices are connected to the control network, which reduces the threshold for network attacks against industrial control systems. Industrial intelligent equipment based on open and standardized technical architecture will inevitably produce security vulnerabilities, and insufficient communication and computing resources limit its own network security functions. At the same time, industrial smart devices are usually widely distributed and mostly unattended, and cannot be discovered in time after being attacked.

Third, the cross-network integration and flow of industrial information makes the core data assets of industrial enterprises face the risk of being stolen, abused or destroyed. Industrial production data involves the intellectual property rights of enterprises, trade secrets, and even the economic security of the country. It is highly sensitive, and data security incidents can directly or indirectly cause major economic losses.

Industrial cyber security incidents emerge in endlessly around the world. Large-scale power outages caused by failures in the control systems of the electric power industry in Ukraine and Venezuela caused power outages for millions of residents. It can be seen that although cybersecurity incidents in industrial production have different forms, the harm they bring is no longer just a “soft attack” in the information world, but a “hard destruction” to the physical world, that is, to the people. Life stability, economic development, and social stability have caused serious damage. Therefore, the cyberspace faced by industrial enterprises in advancing the integration of industrialization and industrialization is more complex, and the cybersecurity problem is extremely serious.

02

Network security assurance system construction

Controllability of network boundaries

The extension and expansion of the industrial control network boundary has increased the types and quantities of objects participating in industrial production. However, thanks to the relative stability and predictability of the industrial production links, we can participate in the production operations according to the information system and industrial control system’s process and The scope is divided according to the manufacturing boundary and the value transfer boundary, so that targeted security prevention and control can be carried out when network security threat alarms occur, so as to avoid the expansion of the threat scope.

At the same time, based on multiple methods such as digital certificates, identification, biometrics, dynamic passwords, etc., technical isolation and fine-grained access control measures that meet the corresponding security requirements are set at the regional boundary, which can effectively identify every participant in each link of industrial production. “Who is” and “What can be done”, and form dynamic threat recognition capabilities to realize network boundary behavior recognition, confirmation, alarm, and security blocking.

[Two Sessions]Consolidate the foundation for network security, and escort the integration of industrial production and industrialization

Controllability of networked industrial intelligent equipment

(1) Equipment safety

Networked industrial intelligent equipment guarantees its own intrinsic safety by adopting safe, trusted, autonomous and controllable processors, storage, memory, operating systems, and applying cryptographic technology, security algorithms, and security protocols. When conditions are limited, security compensation measures can be adopted, and industrial smart devices can have certain network security protection capabilities through application-level security reinforcement.

(2) Access security

Industrial smart devices must adopt an access mechanism when connecting to the network. Only devices that have passed security verification are allowed to access the industrial control network. At the same time, they can actively identify the ports, protocols, services, etc. used by unknown access devices, and determine security risks and Take alarm, isolation and blocking measures to prevent unauthorized equipment from introducing malicious code into the industrial control network.

Data flow controllability

The information system and industrial control system of industrial production enterprises belong to the construction and use management of different departments. A large amount of industrial data is scattered everywhere, which invisibly creates breakpoints for the smooth flow of data, which affects work efficiency and the authenticity of knowledge data. In order to ensure the security of the “liberalization” of data flow and maximize the value of data, various protective measures such as labeling purposes, data encryption, access control, and data desensitization should be adopted for industrial production data, covering data collection and transmission. , Storage, processing and other aspects of the entire life cycle, to achieve data can not be obtained, incomprehensible, can not be changed, can not be lost.

  [Two Sessions]Consolidate the foundation for network security, and escort the integration of industrial production and industrialization

(1) Collection security

According to the attributes of industrial data, according to the classification of process data, equipment data, business data, and user personal data, and according to the three levels of general data, important data and sensitive data, the fragmented data scattered in the industrial production link is classified and collected.

(2) Transmission security

In the process of data transmission, relevant technical means are used to ensure the confidentiality, integrity and validity of the data in the communication process, and to prevent the data from being stolen or tampered with.

(3) Storage safety

According to the data category and security level, data storage security is ensured through security measures such as data encryption storage, data integrity protection, data leakage prevention, and access control.

(4) Processing safety

Data processing and application are the core links in the value creation of industrial data. Through continuous iteration of the process flow and optimization to find the shortest and most economical production path, the key technologies, processes, knowledge and processes of industrial production are accumulated and deposited to achieve high industrial quality. Development provides the most core support. In the process of high-value industrial data circulation, measures such as data leakage prevention, access control, and integrity protection are adopted to ensure the effective use of information and resources by legitimate users.

Controllability of network security status

Ensuring the network security of industrial control systems is the basis for advancing the integration of industrialization and industrialization. Obtain communication behavior information by detecting industrial network traffic, grasp the security status of industrial control networks with the help of deep packet filtering, terminal security detection, log auditing, etc., and form global security trends and threat warnings through aggregation and correlation analysis.

  

03

Concluding remarks

What the integration of industrialization and industrialization brings to industrial enterprises is the integration of boundaries and the integration of data. Informatization can help industrial enterprises quickly respond to market demands. While improving efficiency with the help of emerging technologies, it is the common expectation of automation and informatization to effectively ensure industrial network security. This year’s government work report pointed out that it will continue to promote the construction of “two new and one heavy”, implement a number of major engineering projects such as transportation, energy, water conservancy, build new infrastructure such as information networks, and develop a modern logistics system. Therefore, it is even more important for industrial enterprises to do a good job in network security. Only when the integration of the two industrializations and industrializations is deepened can the drive of data value be vigorous and powerful.

The Links:   LB064V02-B1 G156HTN020