|
US$659.00 ยท In stock
Delivery: <= 5 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 41260-2022: Security requirements for digital factory
Status: Valid
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GB/T 41260-2022 | English | 659 |
Add to Cart
|
5 days [Need to translate]
|
Security requirements for digital factory
| Valid |
GB/T 41260-2022
|
PDF similar to GB/T 41260-2022
Basic data | Standard ID | GB/T 41260-2022 (GB/T41260-2022) | | Description (Translated English) | Security requirements for digital factory | | Sector / Industry | National Standard (Recommended) | | Classification of Chinese Standard | N10 | | Word Count Estimation | 33,394 | | Issuing agency(ies) | State Administration for Market Regulation, China National Standardization Administration | GB/T 41260-2022: Security requirements for digital factory---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Security requirements for digital factory
ICS 25.040
CCSN10
National Standards of People's Republic of China
Digital workshop information security requirements
Published on 2022-03-09
2022-10-01 Implementation
State Administration for Market Regulation
Released by the National Standardization Administration
directory
Preface III
Introduction IV
1 Scope 1
2 Normative references 1
3 Terms and Definitions, Abbreviations 1
3.1 Terms and Definitions 1
3.2 Abbreviations 4
4 General Principles of Information Security in Digital Workshop 4
4.1 Scope of Digital Workshop Information Security 4
4.2 Basic requirements for digital workshop information security 5
4.3 Digital Workshop Information Security Analysis Process 6
5 Digital workshop information security management requirements7
5.1 Overview 7
5.2 Information Security Management System 7
5.3 Information Security Management Positions and Responsibilities 7
5.4 People Management 8
5.5 Risk Management 8
5.6 Physical Access Control Management 9
5.7 Operation and maintenance security management 9
5.8 Monitoring and reviewing the effectiveness of information security management9
5.9 Maintain and improve 10
6 Digital workshop information security technical requirements 10
6.1 Overview 10
6.2 Zoning and Boundary Protection 11
6.3 Identification and Authentication 12
6.4 Using the controls 12
6.5 Resource Control 13
6.6 Data Security 15
6.7 Security Audit 15
Appendix A (Informative) Common Threat Sources for Digital Workshop Information Security 17
Appendix B (Informative) Example of Information Security of Digital Workshop in Typical Machinery Manufacturing Industry 18
B.1 Overview 18
B.2 Determining the Objects and Objectives of Protection 19
B.3 Risk Analysis and Handling 19
B.4 Security protection requirements and security strategies 20
B.5 Security Validation and Evaluation 21
B.6 Operation and Maintenance 22
Appendix C (normative) Digital Workshop Information Security Enhancement Requirements 23
C.1 Overview 23
C.2 Zoning and Boundary Protection 23
C.3 Identification and Authentication 24
C.4 Using Control 24
C.5 Resource Control 25
C.6 Data Security 25
C.7 Security Audit 26
Reference 28
Figure 1 Scope of digital workshop information security (solid line) 5
Figure 2 Digital workshop information security analysis process7
Figure B.1 Typical Architecture of Machinery Manufacturing Industry 18
Figure B.2 Typical Engineering/Digital Workshop Safety Architecture 19
foreword
This document is in accordance with the provisions of GB/T 1.1-2020 "Guidelines for Standardization Work Part 1.Structure and Drafting Rules of Standardization Documents"
drafted.
Please note that some content of this document may be patented. The issuing agency of this document assumes no responsibility for identifying patents.
This document is proposed by China Machinery Industry Federation.
This document is under the jurisdiction of the National Technical Committee on Standardization of Industrial Process Measurement Control and Automation (SAC/TC124).
This document is drafted by. Machinery Industry Instrumentation Comprehensive Technology and Economic Research Institute, China National Petroleum Corporation Safety and Environmental Protection Technology Research Institute Co., Ltd.
Company, Chongqing Xin'an Network Security Rating Evaluation Co., Ltd., Zhejiang Zhongkong Technology Co., Ltd., Guoneng Zhishen Control Technology Co., Ltd.,
Shenzhen Biaoli Technology Development Co., Ltd., Ningbo Hollyshi Information Security Research Institute Co., Ltd., Shenyang Institute of Automation, Chinese Academy of Sciences,
China Electric Power Engineering Consulting Group North China Electric Power Design Institute Co., Ltd., Beijing Institute of Labor Protection Science, Ministry of Industry and Information Technology
and Microelectronics Development Research Center (China Software Evaluation Center), Shanghai Industrial Automation Instrumentation Research Institute Co., Ltd., Siemens (China) Co., Ltd.
Company, Phoenix (Nanjing) Intelligent Manufacturing Technology Engineering Co., Ltd., Changsha Nonferrous Metallurgy Design and Research Institute Co., Ltd., Rockwell Automation
Chemical (China) Co., Ltd., Quick Intelligent Equipment Co., Ltd.
The main drafters of this document. Meng Zouqing, Zhang Yabin, Wei Zhenqiang, Pan Dongbo, Qiu Kun, Tian Yucong, Ren Junmin, Xu Aidong, Ma Xinxin, Liu Ying,
Jin Jianghong, Guo Yongzhen, Dong Ying, Li Jia, Zhang Xiaojin, Peng Xiaobo, Zhang Zhanfeng, Wang Yumin, Zhao Yanling, Guo Miao, Xiong Wenze, Huang Huanpao, Niu Haiming,
Yan Feng, Zeng Xiangji, Qi Guoqiang, Luo Fangwei, Wang Rongzhen.
Introduction
Compared with traditional production workshops, digital workshops have the characteristics of digitization, networking, and intelligence, and interconnection and interoperability have become digital workshops.
Basic features of construction. The boundary of the production workshop is expanded, the threat of traditional information security will penetrate into the digital workshop, and the digital
At the beginning of the design of various equipment and systems in the workshop, it was mainly for usability rather than security, and the information security protection capability was generally low; digitalization
The systematic nature of the workshop also leads to a greater impact on information security, and a local impact may lead to the shutdown of the entire workshop; and
At the same time, the application of the Internet of Things and emerging network and communication technologies will also directly introduce external threats to the production site.
The construction of information security should fully consider the factors.
This document takes the digital workshop as the object, fully considers the characteristics of the digital workshop, and proposes information security from the aspects of management and technology.
Require.
Digital workshop information security requirements
1 Scope
This document specifies general rules, management requirements and technical requirements for digital workshop information security.
This document is applicable to information security in engineering design, equipment production, system integration, production operation and maintenance, and security assessment for digital workshops
Activity.
2 Normative references
The contents of the following documents constitute essential provisions of this document through normative references in the text. Among them, dated citations
documents, only the version corresponding to that date applies to this document; for undated references, the latest edition (including all amendments) applies to
this document.
GB/T 37413-2019 Digital Workshop Terms and Definitions
IEC 62443-1-1.2009 Industrial Communication Network Network and System Security Part 1-1.Terminology, Concepts and Models (Industrial
els)
3 Terms and Definitions, Abbreviations
3.1 Terms and Definitions
The terms and definitions defined in GB/T 37413-2019 and IEC 62443-1-1.2009 and the following terms and definitions apply to this document.
3.1.1
digital workshop digitalfactory; digitalworkshop
Based on the technology and equipment required by the production object, using information technology, automation, measurement and control technology, etc. as means to connect the workshop with data
Different units are the implementation units for planning, managing, diagnosing and optimizing the production operation process.
Note. In this document, the digital workshop only includes the production planning, production process, and production execution stages, excluding the stages of product design, service and support.
[Source. GB/T 37413-2019, 2.1]
3.1.2
asset
A physical or logical object owned or maintained by a digital workshop that has potential or actual value to the digital workshop.
NOTE. In the case of industrial automation and control systems, the physical asset with the greatest directly measurable value may be the controlled equipment.
[Source. IEC 62443-1-1.2009, 3.2.6, with modifications]
3.1.3
production system
A collection of hardware, software, and people required to complete digital shop floor production tasks.
Note. Digital workshop production systems include but are not limited to.
a) Programmable Logic Controller (PLC), Intelligent Electronic Equipment (IED), Distributed Control System (DCS), Emergency Shutdown System (ESD), Safety Instrumented System
system (SIS), supervisory control and data acquisition (SCADA) system, motion control (MC) system, numerical control system (CNC), flexible manufacturing system (FMS)
etc. system.
Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 41260-2022_English be delivered?Answer: Upon your order, we will start to translate GB/T 41260-2022_English as soon as possible, and keep you informed of the progress. The lead time is typically 3 ~ 5 working days. The lengthier the document the longer the lead time. Question 2: Can I share the purchased PDF of GB/T 41260-2022_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 41260-2022_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.
|