GB/T 40218-2021 Industrial communication networks—Network and system security—Security technologies for industrial automation and control system

Scope

This standard provides an evaluation of various current network information security tools, mitigation measures, and technologies. These technologies can be effectively used in modern electronic-based IACS to adjust and monitor a large number of industrial and critical infrastructure. This standard describes several types of control system-centered network information security technologies, the product categories available in these categories, the advantages and disadvantages of using these products in automated IACS environments, and, more importantly, initial recommendations and guidelines for using these network information security technology products and/or countermeasures.
The IACS network security concept applied in this standard is to cover as many components, factories, facilities, and systems in all industries and critical infrastructures as possible. IACS includes but is not limited to:
● Hardware (such as historical data servers) and software systems (such as operating platforms, configurations, applications), such as distributed control systems (DCS), programmable logic controllers (PLCs), supervisory control and data acquisition (SCADA) systems, networked electronic sensing systems, and monitoring, diagnostic, and evaluation systems. This range of hardware and software includes important industrial networks and any connected or related critical information technology (IT) devices and links to the successful operation of the entire control system. In this regard, this range also includes but is not limited to: firewalls, servers, routers, switches, gateways, fieldbus systems, intrusion detection systems, intelligent electronic/terminal devices, remote terminal units (RTUs), and wired and wireless remote modems.
● Internal, personnel, network, or machine interfaces used for continuous, batch, decentralized, or combined processes to provide control, data recording, diagnosis, (functional) safety, monitoring, maintenance, quality assuranc

Development Information

Adopt standards

Related Standards