摘要
随着我国核能事业的快速发展,加强核设施网络安全建设已成为当务之急。当前国际主流实践是基于分级保护和纵深防御理念,建立核设施网络安全计划,以提高核设施的网络安全防护水平。其中核设施的网络安全定级,既要满足国家相关法律法规要求,又要契合核行业实际,因而也成为整个计划的难点之一。对比分析当前国内外核设施网络安全分级标准实践,根据我国等级保护标准有关要求,结合核行业特点,提出核设施遭受网络攻击后侵害程度的判别指标和分类判定规则,验证结果证明,该方法具有较好的科学性和实用性,对进一步做好我国核设施网络安全定级工作具有促进作用。
The cyber security of nuclear facilities is a hot issue at present.With the rapid development of China's nuclear energy industry,it has become imperative to strengthen the cyber security level of nuclear facilities.The current mainstream practice is to establish the cyber security plan of nuclear facilities based on the classification method and the defense-in-depth concept,so as to improve the cyber security protection level of nuclear facilities.The cyber security classification of nuclear facilities should not only meet the requirements of national laws and regulations,but also be suitable for the nuclear industry,so it has become one of the difficulties of the whole plan.This paper analyzes the current practice of cyber security classification at home and abroad,puts forward a cyber security classification method based on China's Classified Protection Standard,and the verification results show that the method is scientific and practical,which lays the foundation for further improving the cyber security level of nuclear facilities in China.
作者
杨安义
李旭凤
YANG Anyi;LI Xufeng(Nuclear and Radiation Safety Center,Beijing 100082,China;Shandong Nuclear and Radiation Safety Monitoring Cente,Jinan of Shandong Prov,250000,China)
出处
《核科学与工程》
CSCD
北大核心
2024年第6期1365-1371,共7页
Nuclear Science and Engineering
关键词
核设施
核安全
仪控系统
网络安全
等级保护标准
网络安全等级保护
Nuclear facility
Nuclear safety
I&C system
Cyber security
Classified protection standard
Classified protection of cybersecurity
作者简介
杨安义(1973-),男,山西闻喜人,高级工程师,硕士研究生,现主要从事核与辐射网络安全相关研究。
