Optimization And Evaluation Of Network Security Protection Capability For Industrial Control Systems In Company A

In recent years,with the continuous improvement of production automation and informatization level of domestic industrial enterprises and the promotion of development strategies such as "Made in China 2025" and "Industrial Internet" formulated by the state,iron and steel enterprises have realized automatic production through industrial control system(ICS),but network security attacks against industrial control systems have also gradually increased.The release of GB/T 22239-2019 Information Security Technology-Basic Requirements for Security Classification Protection of Information Systems(hereinafter referred to as protection2.0)has put forward new requirements for the security protection capabilities of industrial control systems in China.China is the world’s largest steel producer,and the stable operation of the industrial control system in steel enterprises is related to the interests of the people and social stability.With the implementation of Equal Protection 2.0,Chinese steel enterprises should also further enhance the network security protection capabilities of their industrial control systems based on their own situation and the requirements of Equal Protection 2.0.This article studies the expansion requirements related to industrial control systems in the protection 2.0 standard,and takes A Steel Company as an example to design a safety optimization transformation plan for industrial control systems.Within the budget range,an optimization selection model is used to determine the selection of safety equipment.At the same time,we have also developed a safety assessment model to verify the transformation results.The main objective of this article is to develop a safety protection renovation plan and safety evaluation model for industrial control systems that meet the requirements of the protection 2.0 standard and the characteristics of China’s steel industry.The specific research content is as follows:1.Summarized the major network security accidents of domestic and foreign industrial enterprises in recent years,as well as the industry standards and laws and regulations related to industrial control system security issued by domestic and foreign governments,analyzed the relevant research and shortcomings of industrial control system security protection and assessment at home and abroad,and discussed the development history and core ideas of Protection 2.0.2.This study takes Steel Company A as an example to analyze and study the steel process characteristics,current status of the steel industry,and network architecture of Company A.It also analyzes the network security risks faced by the industrial control systems in the steel industry today.On the basis of summarizing the problems existing in the industrial control system of Company A,this article has developed a safety requirement table for the industrial control system of Company A.This requirement table is based on the standard of equal protection 2.0,combined with the idea of "one center,three protections" and specific requirements for equal protection at three levels.According to the requirements table,a security plan for the industrial control system of Enterprise A was designed,and the network security defense technologies involved in the plan were studied.Through research,we have determined the device deployment topology diagram,device configuration strategy,and preliminary device selection list.Due to the limited budget,project risk and other factors,this paper established an optimization selection model based on the analytic hierarchy process and weighted linear programming.Through this model,the final equipment selection was determined,and implementation deployment was carried out according to the transformation scheme.3.After optimizing and improving the security protection capability of A enterprise’s industrial control system,this article carried out an evaluation study to assess the effectiveness of the optimization and improvement.The evaluation model used in this study combines the Analytic Hierarchy Process(AHP),the Delphi method,and the comprehensive evaluation method based on set-pair analysis.This model has many advantages such as fairness,objectivity,and quantifiability.The final evaluation results showed that the security protection capability of the A enterprise’s industrial control system was significantly improved after the transformation,and this result was verified by a third-party evaluation.This fully proves the effectiveness of the optimization plan for the security of A enterprise’s industrial control system proposed in this study,which not only meets the third-level standards of the "2.0 Security Protection Scheme for Critical Information Infrastructure",but also the evaluation model used in this study is stable,reliable,and has certain promotional significance.