首页|期刊导航|工矿自动化|基于边界隔离与系统防护的矿井网络安全系统研究

基于边界隔离与系统防护的矿井网络安全系统研究

贺胤杰李晨鑫魏春贤

工矿自动化2024，Vol.50Issue(3)：14-21,8.

工矿自动化2024，Vol.50Issue(3)：14-21,8.DOI:10.13272/j.issn.1671-251x.2023100008

基于边界隔离与系统防护的矿井网络安全系统研究

Research on mine network security system based on boundary isolation and system protection

贺胤杰 ¹李晨鑫 ¹魏春贤¹

作者信息

1. 煤炭科学技术研究院有限公司,北京 100013||煤炭智能开采与岩层控制全国重点实验室,北京 100013||煤矿应急避险技术装备工程研究中心,北京 100013||北京市煤矿安全工程技术研究中心,北京 100013
折叠

摘要

Abstract

With the continuous construction and promotion of intelligent mining information infrastructure,the switching of mine terminal equipment between private and public networks has introduced information security risks to the mine network.It is necessary to study the isolation boundaries of the mine network and build system protection measures.The study analyzes the main risks faced by the mine network,and points out that the key to dealing with risks is to define isolation boundaries,strengthen system protection measures,and develop specific underground equipments.In response to the needs of mine network security protection,three major isolation boundaries have been defined:business management network and industrial control network,transmission network and server area,and underground industrial control network and industrial control network on the ground.A mine network security system protection architecture based on boundary isolation and system protection is proposed.A mine network security system based on network,host,application,and data subsystems protection is designed,along with corresponding security transmission processes and protection ideas.In response to the current situation where mine network security protection mainly focuses on networks on the ground and lacks underground network security protection measures,a mine explosion-proof and intrinsically safety network interface has been developed as underground network security protection equipment.Corresponding protection rules have been formulated for industrial protocols commonly used in underground terminals such as Modbus,Profibus,IEC 61850,RTSP,etc.The test results show that the average recognition rate of the interface device against network attacks is 98.8％,the average protection rate is 98.0％,and the throughput of the gigabit interface is not less than 95％of the line speed.It achieves underground information security protection function and ensures data transmission performance.

关键词

矿井信息安全/矿井网络安全防护/网络隔离边界/经营管理网络/工业控制网络/网络接口

Key words

mine information security/mine network security protection/network isolation boundary/business management network/industrial control network/network interface

分类

矿山工程

引用本文复制引用

贺胤杰,李晨鑫,魏春贤..基于边界隔离与系统防护的矿井网络安全系统研究[J].工矿自动化,2024,50(3):14-21,8.

基金项目

天地科技股份有限公司科技创新创业资金专项(2023-TD-ZD005-001,2022-TD-ZD001,2022-2-TD-ZD001). （2023-TD-ZD005-001,2022-TD-ZD001,2022-2-TD-ZD001）

工矿自动化

OACSTPCD

ISSN：1671-251X

访问量0

下载量0

段落导航