引用本文: |
-
刘圃卓,马叶桐,吕世超,方栋梁,朱红松,孙利民.工业控制系统功能安全和信息安全融合研究综述[J].信息安全学报,已采用 [点击复制]
- Liu Puzhuo,Ma Yetong,Lv Shichao,Fang Dongliang,Zhu Hongsong,Sun Limin.Survey on the Integration of Safety and Security in Industrial Control Systems[J].Journal of Cyber Security,Accept [点击复制]
|
|
摘要: |
在工业互联网快速发展的背景下,工业控制系统中信息安全和功能安全分离的防御方案已经不能应对当前的安全威胁,因此针对功能安全和信息安全的融合安全技术逐渐成为研究热点。二者在安全目标、安全需求方面存在较大的差异,且工业控制系统计算、通信和存储资源受限,这给融合安全研究带来了较大的挑战。本文从两个领域涉及的概念术语、缓解措施等方面分析融合安全研究的可能性以及必要性,再对学术界和工业界已有的安全方法和标准的融合研究进展进行总结,最后从不同角度分析融合安全研究中存在的挑战和机遇。 |
关键词: 功能安全和信息安全融合 工业控制系统 信息物理融合系统 |
DOI:10.19363/J.cnki.cn10-1380/tn.2023.06.15 |
投稿时间:2020-12-11修订日期:2021-03-08 |
基金项目:国家科技攻关计划,国家自然科学基金项目(面上项目,重点项目,重大项目) |
|
Survey on the Integration of Safety and Security in Industrial Control Systems |
Liu Puzhuo1, Ma Yetong1, Lv Shichao2, Fang Dongliang1, Zhu Hongsong1, Sun Limin1
|
(1.Institute of Information Engineering, Chinese Academy of Sciences. School of Cyber Security, University of Chinese Academy of Sciences.;2.Institute of Information Engineering, Chinese Academy of Sciences) |
Abstract: |
With the rapid development of industrial Internet, the traditional defense scheme of information security and function safety separation is no longer able to deal with the current threats in industrial control systems. Therefore, the integration of safety and security technology has gradually become a research hotspot. There are great differences in objectives and requirements, and the limited computing, communication and storage resources of the industrial control system bring greater challenges to the research of safety and security integration. This paper analyzes the possibility and necessity of integrating security research from the concepts, terms and mitigation measures involved in the two fields. Then, the research progress of the integration of existing methods and standards in academia and industry is summarized. Finally, the challenges and opportunities of safety and security integration research are analyzed from different perspectives. |
Key words: safety and security integration industrial control system cyber-physical system |