摘要
根据新修订的GB/T 22239中对安全管理中心的技术要求,提出了在分布式控制系统(DCS)中增加网络安全管理设备的方案。介绍了设备的部署方法和安全收益。对比标准,进行了合规性分析,表明该方案在安全管理中心方面基本可以满足等保四级的要求。同时,提出了现有方案的改进方法,开发与其他品牌安全设备、网络设备、DCS二层人机界面之间的通信接口,增加与DCS相适应的冗余网络切换机制,以满足核电厂DCS网络安全的设计要求。该研究为网络安全产品的开发提出了新的需求,也为核电厂DCS的网络安全设计提供了借鉴和参考。
According to the technical requirements for the security management center in the newly revised GB/T 22239,the scheme for adding a network security management device to a distributed control system(DCS)is proposed.The deployment method and security benefits of the device are introduced.The compliance analysis is carried out in comparison with the standard,and the scheme can basically meet the requirements of Equivalent Security Level 4 in terms of the security management center.At the same time,improvement methods of the existing scheme are proposed to develop communication interfaces with other brands of safety devices,network devices,and DCS second-level human-machine interfaces,and to add redundant network switching mechanisms compatible with DCS to meet the design requirements of DCS network safety in nuclear power plants.The study puts forward new requirements for the development of network security products and provides reference and reference for the network security design of DCS in nuclear power plants.
作者
钟洋
曹迎锋
袁馨蕊
ZHONG Yang;CAO Yingfeng;YUAN Xinrui(China Nuclear Control System Engineering Co.,Ltd.,Beijing 100176,China)
出处
《自动化仪表》
CAS
2022年第5期87-89,101,共4页
Process Automation Instrumentation
关键词
网络安全
分布式控制系统
安全管理中心
集中管控
等级保护
人机接口
Cyber security
Distributed control system(DCS)
Security management center
Centralized control
Grade protection
Human-machine interface
