面向电力系统的信息安全事件和攻击, 近年来越来越多地被报道披露.在震网病毒利用西门子工控软件漏洞破坏伊朗核设施事件之后, 全球独立安全监测机构NSSLasbs又爆出西门子SCADA新的安全漏洞, 黑客可以利用漏洞编写恶意软件进行攻击.近年来, 针对能源电力行业工控系统进行攻击的恶意程序Havex (最新发现其变种多达近百种), 对全球一千多家能源企业进行了攻击.除了以上针对电力行业工控安全的事件外, 2015年12月乌克兰大量变电站被攻击, 造成上百万用户停电, 造成了严重的社会影响和巨大的经济损失.笔者对风场工控系统安全进行漏洞检测技术研究, 形成技术成果, 以响应国家政策指导以及应对工业网络安全新形势, 达到保护电力传输系统安全的目的.%In recent years, more and more information security incidents and attacks for power systems have been reported and disclosed. After the seismogram virus exploited Siemens industrial control software vulnerabilities to destroy Iranian nuclear facilities, NSSLasbs, an independent global security monitoring agency, exploded a new security vulnerability in Siemens SCADA. Hackers can use vulnerabilities to write malicious software to attack. In recent years, Havex, a malicious program that attacks industrial control systems in the energy and power industry, has attacked more than 1, 000 energy companies worldwide. In addition to the aforementioned industrial control security incidents in the power industry, a large number of substations in Ukraine were attacked in December 2015, resulting in power outages for millions of users, causing serious social impact and huge economic losses. In order to protect the security of power transmission system, the author conducts research on vulnerability detection technology of industrial control system communication protocol security of wind booster station, and forms technical achievements to respond to the guidance of national policy and the new situation of industrial network security.
展开▼
