3.2 External Problems. Security assessment is difficult. IS420ESWBH2A Safety assessment is the first step to establish a safety protection system, industrial control system information security assessment standards is the first issued by the state on the safety of industrial control system standards, the Ministry of Industry and Information Technology in 2011 notice clearly required to key areas of industrial control system safety assessment, However, in 2012, this work encountered difficulties such as the lack of industry-specific evaluation specifications, only for IT systems, and the inability to evaluate non-IT equipment.

Lack of a secure and effective solution for ICS. The existing deep defense architecture solution is only for the general ICS model, for the specific industry of industrial control systems, will need to be improved based on a lot of practice in the future.

IS420ESWBH2A It is not effective to deal with APT attacks. Judging from the past several ICS security accidents, targeted and persistent APT attacks pose the greatest threat. The defense of APT attacks has always been a difficult problem faced by the information security industry. Even Google and RSA, which have many specialized talents and large investment in information security, are not spared from APT attacks.

Four, industrial control system information security solution

4.1 Hardware Improvement. There are two different industrial control system information security solutions in the world: active isolation and passive detection

IS420ESWBH2A Active isolation solution: Devices with the same functions and security requirements are placed in the same area. There are special channels for inter-area communication. The channels are managed to prevent unauthorized intrusions and protect devices. For example, Tofino industrial control system information Security solution launched by Byres Security of Canada.

IS420ESWBH2A Passive detection solution: in addition to identity authentication, data encryption and other technologies, the use of virus detection, intrusion detection and other ways to determine illegal identity, multi-level deployment and detection to strengthen network information security. For example: Industrial Defender’s ICS security solution.

4.2 “Software” improvement: security management system. The safety management and protection system consists of five parts: safety management system, safety management organization, personnel safety management, system construction management and system operation and maintenance management. Industrial control system management system is a gradual process, and with the progress of The Times to update at any time, gradually improve the system, improve the management system, in order to achieve the real safety of the industrial control system.

Safety management system: establish and improve the safety management system of industrial control system, formulate the overall policy and strategy of safety work, industrial control system safety protection and information input into the daily work management system, safety management personnel or operators of important operations to establish a standard process; Form a safety management system composed of safety policies, management methods, operational procedures, etc.