摘要
为解决配电自动化终端由于自身的复杂性、设计缺陷以及病毒、木马等威胁导致的信息安全问题,从系统层、通信层、配置层分析配电终端可能存在的信息安全风险,提出包括配置核查、漏洞扫描、渗透测试、风险值计算等在内的一整套信息安全测评方法,及规范化的测评工作流程。通过抽象配电自动化系统网络与业务模型,给出搭建测试实验平台方法,为开展配电终端信息安全测评与漏洞检测提供实验环境。该方法已应用于实际工作中,能够有效解决配电终端存在的信息安全隐患。
In order to solve the information security attacks of distribution automation terminal caused by its own complexity,design flaws as well as viruses,Trojans and other threats,this paper analyzed the information security risk which may exist in distribution automation terminal from the system layer,communication layer and distribution layer,presented a set of distribution automation terminal information security evaluation methods,including configuration checking,vulnerability scanning,penetration testing,risk value calculating,and standardization work flow of evaluation.By distributing automation system network and business models,the paper put forward a method to build the test platform,which provided the experimental environment for developing information security evaluation and vulnerability detection of automation terminal. The method has been applied in practical work to solve the information security risks existing in distribution automation terminal.
出处
《自动化与仪表》
2015年第12期11-14,58,共5页
Automation & Instrumentation
关键词
配电自动化
信息安全
测评
实验平台
漏洞
distribution automation
information security
evaluation
experimental platform
vulnerability
