摘要
在1年之内,2015-12-23和2016-12-18,乌克兰电网系统遭受了两起由黑客入侵而引发的严重停电事故,其中,前一起被认为是世界上首起公开的针对电网基础设施的网络信息攻击事件。回顾了2015年停电事故的全过程,推演分析网络攻击的手法和效果,并归纳了网络攻击的通用框架。在2020年初步建设智能电网背景下,考虑到中国电网的信息安全系统也面临严峻的威胁和挑战,提出了包括从信息化战争视角提高对网络安全的思想重视水平、重审物理隔离、协同平衡系统安全与信息开放的几点思考,以及开展有效的安全演习、推进核心设备国产化等关于构建坚强的信息安全防御体系的几点建议。
On December 23, 2015 and December 16, 2016, the Ukrainian power grid suffered twice serious power outages originated from the malicious code. The first outage was considered as the first public cyber-attack against grid infrastructures in the world. The blackout process, techniques and effects of the 2015 cyber-attack accident are reproduced in the paper, and a general attack framework is then summarized. Considering the critical threats and challenges faced by the cyber information system of China power grid, this paper proposes some ponders and suggestions based on the overall objective of the preliminary construction of Chinese Smart Grid in 2020. The ponders include raising the attention level of eyber security from information war aspect, reassessing the physical isolation method and coordinating cyber security with information open. The suggestions on construction of a strong cyber information security defense system include conducting effective security exercises, promoting localization of core equipment system and others.
作者
李保杰
刘岩
李洪杰
何维晟
曾祥峰
陈硕
LI Baojie;LIU Yan;LI Hongjie;HE Weisheng;ZENG Xiangfeng;CHEN Shuo(State Key Lab.of Electrical Insulation for Power Equipment,Xi’an Jiaotong University;State Grid Urumqi Electric Power Supply Company,Urumqi 830011,China)
出处
《中国电力》
CSCD
北大核心
2017年第5期71-77,共7页
Electric Power
基金
国家自然科学基金资助项目(51577147)~~
