GB/T 37934-2019 English PDFUS$359.00 · In stock
Delivery: <= 4 days. True-PDF full-copy in English will be manually translated and delivered via email. GB/T 37934-2019: Information security technology - Security technical requirements of industrial control system security isolation and information ferry system Status: Valid
Basic dataStandard ID: GB/T 37934-2019 (GB/T37934-2019)Description (Translated English): Information security technology - Security technical requirements of industrial control system security isolation and information ferry system Sector / Industry: National Standard (Recommended) Classification of Chinese Standard: L80 Classification of International Standard: 35.040 Word Count Estimation: 18,187 Date of Issue: 2019-08-30 Date of Implementation: 2020-03-01 Issuing agency(ies): State Administration for Market Regulation, China National Standardization Administration GB/T 37934-2019: Information security technology - Security technical requirements of industrial control system security isolation and information ferry system---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order. Information security technology - Security technical requirements of industrial control system security isolation and information ferry system ICS 35.040 L80 National Standards of People's Republic of China Information Security Technology Industrial Control Network Security Security technical requirements for isolation and information exchange systems 2019-08-30 released 2020-03-01 Implementation State Administration for Market Regulation Issued by China National Standardization Administration Table of contentsForeword Ⅰ Introduction Ⅱ 1 Scope 1 2 Normative references 1 3 Terms and definitions 1 4 Abbreviations 2 5 Product description 2 6 Safety technical requirements 2 6.1 Basic level safety technical requirements 2 6.1.1 Safety function requirements 2 6.1.2 Own safety requirements 3 6.1.3 Safety assurance requirements 5 6.2 Enhanced safety technical requirements 7 6.2.1 Safety function requirements 7 6.2.2 Own safety requirements 8 6.2.3 Safety assurance requirements 11ForewordThis standard was drafted in accordance with the rules given in GB/T 1.1-2009. Please note that certain contents of this document may involve patents. The issuing agency of this document is not responsible for identifying these patents. This standard was proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260). Drafting organizations of this standard. The Third Research Institute of the Ministry of Public Security, the Cyber Security Bureau of the Ministry of Public Security, and Beijing Shenzhou NSFOCUS Information Security Technology Co., Ltd. Co., Ltd., Zhuhai Hongrui Software Technology Co., Ltd., China Electronics Technology Network Information Security Co., Ltd., China Information Security Research Institute Co., Ltd., Beijing Tianrongxin Network Security Technology Co., Ltd., Jinan Huahan Electric Technology Co., Ltd., Beijing Kuangen Network Technology Co., Ltd. The company, Beijing Likong Huakang Technology Co., Ltd., and China Electronics Standardization Institute. The main drafters of this standard. Zou Chunming, Lu Zhen, Tian Yuan, Shen Qinghong, Fan Chunling, Lu Lei, Yu You, Liu Rui, Gu Jian, Liu Zhiyong, Chen Minchao, Lan Kun, Yang Chen, Zhang Dajiang, Gong Lianghua, Lei Xiaofeng, Ye Xiaohu, Wang Xiaopeng, Zhou Wenqi, Fan Kefeng, Yao Xiangzhen, Li Lin, Zhou Ruikang.IntroductionWith the deep integration of industrialization and informatization, security threats from information networks are gradually causing great security to industrial control systems. All threats, the general network security isolation and information exchange system is incapable of facing the security protection of industrial control systems, so it needs A network security isolation and information exchange system that can be applied to an industrial control environment protects the industrial control system. The main differences between the network security isolation and information exchange system applied to the industrial control environment and the general network security isolation and information exchange system are reflected in. ---In addition to basic five-tuple filtering, the general network security isolation and information exchange system also needs to have certain applications Layer filter protection ability. The network security isolation and information exchange system used in the industrial control environment has in addition to general network security In addition to the filtering capability of the application layer of some common protocols of the isolation and information exchange system, the filtering capability of the application layer of the industrial control protocol is also required. ---Combined with the current level of information security protection technology in the industrial control environment, and information security protection must not affect system functions In normal operation, the mandatory access control requirements required by the general network security isolation and information exchange system cannot be adapted to the industrial control environment. ---The network security isolation and information exchange system under the industrial control environment has more advantages than the general network security isolation and information exchange system. High availability, reliability, stability and other requirements. Information Security Technology Industrial Control Network Security Security technical requirements for isolation and information exchange systems1 ScopeThis standard specifies the security function requirements, own security requirements and security guarantees of industrial control network security isolation and information exchange systems Claim. This standard applies to the design, development and testing of industrial control network security isolation and information exchange systems.2 Normative referencesThe following documents are indispensable for the application of this document. For dated reference documents, only the dated version applies to this article Pieces. For undated references, the latest version (including all amendments) applies to this document. GB/T 20279-2015 Information security technology network and terminal isolation product security technical requirements GB/T 20438.3-2017 Functional safety of electrical/electronic/programmable electronic safety-related systems Part 3.Software requirements GB/T 20438.4-2017 Functional safety of electrical/electronic/programmable electronic safety-related systems Part 4.Definitions and abbreviations GB/T 25069-2010 Information Security Technical Terms3 Terms and definitionsThe following terms and definitions defined in GB/T 20279-2015, GB/T 20438.4-2017 and GB/T 25069-2010 apply to this document. 3.1 Industrial Control System Industrial control system (ICS) is a general term that includes control systems used in a variety of industrial production, including monitoring and data acquisition Integrated system (SCADA), distributed control system (DCS) and other smaller control systems, such as programmable logic controller (PLC), are now widely used Widely used in industrial sectors and critical infrastructure. [GB/T 32919-2016, definition 3.1] 3.2 Industrial Control Protocol In the industrial control system, the communication protocol between the host computer and the control equipment, and between the control equipment and the control equipment. Note. It usually includes analog and digital read-write control. 3.3 Industrial control network security isolation and information exchange system Deployed between different security domains in the industrial control network, using protocol isolation technology to achieve access control and protocol between the two security domains Products with functions such as conversion, content filtering and information exchange.4 AbbreviationsThe following abbreviations apply to this document. MAC. Media Access Control OPC. Object linking and embedding for process control5 Product descriptionIndustrial control network security isolation and information exchange systems are usually deployed at the boundary of industrial control networks, and the protected assets are industrial control networks Or deployed between the production management layer and the process monitoring layer, the protected assets are the process monitoring layer network and the field control layer network. this In addition, the industrial control network security isolation and information exchange system itself and its internal important data are also protected assets. Industrial control network security isolation and information exchange systems are generally composed of two mainframes and dedicated isolation components, that is, internal processing Unit, external processing unit and dedicated isolation components. Among them, special isolation parts can be used to contain electronic switches and solidify information An isolated switch board composed of a dedicated isolation chip for the ferry control logic can also be a security-enhanced operation dedicated information transmission logic The host of the control program. The internal and external processing units in the industrial control network security isolation and information exchange system are connected through dedicated isolation components. The dedicated isolation component is the only trusted physical channel between the two security domains. This internal channel cuts out public network protocols such as TCP/IP. Discuss the stack, using private protocols to achieve public protocol isolation. There are usually two ways to implement dedicated isolation components. one is to use a private protocol to logically The method realizes protocol isolation and information transmission; the second is to use a group of mutually exclusive time-sharing electronic switches to realize the on-off control of the internal physical channel. The information ferry is completed by time-sharing switching connection, thereby forming an isolation zone without real-time physical connection between the two security domains. This standard divides industrial control network security isolation and information exchange system security technical requirements into security functions, own security requirements and security Full protection requires three major categories. Safety function requirements, self-safety requirements and safety assurance requirements are divided into basic level and enhanced level. In contrast, the content that has been increased or changed in the enhanced level is indicated by "in bold" in the text.6 Safety technical requirements6.1 Basic level safety technical requirements 6.1.1 Safety function requirements 6.1.1.1 Access control 6.1.1.1.1 Whitelist-based access control The product should adopt a whitelisted access control strategy, that is, access that is not explicitly allowed by the access control strategy, which needs to be prohibited by default. 6.1.1.1.2 Network layer access control The product should support access control based on source IP, source port, destination IP, destination port, transport layer protocol and other requirements. 6.1.1.1.3 Application layer access control The product should support access control at the application layer. a) Support the identification and access control of HTTP, FTP, TELNET and other applications; b) Support at least one type of industrial control protocol access control. 6.1.1.1.4 In-depth inspection of industrial control protocols The product should support in-depth analysis and access control of the industrial control protocol content. a) Check the protocol protocol of the supported industrial control protocol, and explicitly reject access that does not comply with the protocol protocol; b) It should support the access control of the operation type, operation object, operation range and other parameters of the industrial control protocol; c) If it supports the OPC protocol. it should support control based on the control point name, read and write operations and other elements; d) If the ModbusTCP protocol is supported. it should support device ID, function code type, read and write operations, register address, control value range Control the surrounding elements. 6.1.1.2 Protocol isolation All information flows sent and received between the subject and the object are stripped of the network layer protocol and restored to the application layer data. TCP/IP private protocol format transmission. 6.1.1.3 Residual information protection When allocating resources for all host connections on the internal or external network, the security function should ensure that the allocated resources are not provided Any information content generated in previous connection activities. 6.1.1.4 Not bypassable When security-related operations (such as modification of security attributes, internal network hosts transmitting information to external network hosts, etc.) are allowed to perform Before implementation, the safety function should ensure that it passes the check of the safety function strategy. 6.1.1.5 Anti-attack Products should be able to resist SYNFlood attacks, UDPFlood attacks, ICMPFlood attacks, Pingofdeath attacks and other typical rejections. Absolute service attack capability. 6.1.2 Own safety requirements 6.1.2.1 Identification and identification 6.1.2.1.1 Unique identification The product should ensure that any user has a unique identification. 6.1.2.1.2 Administrator attribute definition The product should specify the security attributes related to each administrator, such as administrator identification, authentication information, membership group, authority, etc., and provide A function to initialize the attributes of each administrator created with default values. 6.1.2.1.3 Basic authentication The product should ensure that any user must be authenticated before performing security functions. 6.1.2.1.4 Authentication failure handling The product should set an authentication attempt threshold for administrator login that can be modified by the authorized administrator. When the administrator's unsuccessful login attempt exceeds If the threshold is exceeded, the system should block the administrator’s further authentication request through technical means. 6.1.2.2 Security Management 6.1.2.2.1 Interface and management security Products should ensure the security of business interfaces, management interfaces, and management interfaces. a) Business interface and management interface adopt different network interfaces; b) The management interface and the management interface do not have medium to high risk security vulnerabilities. 6.1.2.2.2 Safety status monitoring The product should be able to monitor the status of the product itself and its components, including monitoring the usage status of the product's CPU, memory, storage space and other system resources. 6.1.2.3 Data integrity The security function should protect the authentication data and information transmission strategy stored in the device from unauthorized access, modification and destruction. 6.1.2.4 Time synchronization The product should support time synchronization with an external time server. 6.1.2.5 High availability 6.1.2.5.1 Fault tolerance The product should have certain fault tolerance. a) When important programs and files are damaged, the device can recover automatically after restarting; b) When important processes terminate abnormally, they can be started automatically. 6.1.2.5.2 Security Policy Update The application of access control security policies should not affect normal data communication. 6.1.2.6 Audit log 6.1.2.6.1 Business log generation The product should generate audit logs for the business functions it provides. a) Access requests that match the access control policy, including permitted and prohibited access requests; b) Identify and protect various types of attacks. 6.1.2.6.2 Business log content The content of the business log includes at least. a) Date, time, source and destination MAC, source and destination IP, source and destination port, protocol type; b) The operation type, operation object, operation value and other related parameters of the industrial control protocol; c) The type and description of the attack event. 6.1.2.6.3 System log generation The product shall generate audit logs for the following events related to its own security. a) Identity authentication, including success and failure; b) Measures taken to prohibit further attempts due to the number of authentication failures exceeding the threshold; c) Addition, deletion, and modification of access control policies; 6.1.2.6.4 System log content The content of the system log should at least include date, time, event subject, event object, event description, etc. 6.1.2.6.5 Audit log management Should support the log management function, the specific technical requirements are as follows. a) Only authorized administrators should be able to read, archive, export, delete, and empty the audit log; b) Tools to check logs should be provided; c) Audit events should be stored in non-volatile storage media after power failure, and at least the authorized auditor can be notified when the storage space reaches the threshold. 6.1.3 Safety assurance requirements 6.1.3.1 Development 6.1.3.1.1 Security Architecture The developer should provide a description of the security architecture of the product's security functions. The technical requirements are as follows. a) Consistent with the description of the safety function in the product design document; b) Describe the security domain consistent with the security function requirements; c) Describe the initialization process and safety measures of product safety functions; d) Verify that the product safety function can prevent damage; e) Confirm that the product safety function can prevent the safety strategy from being bypassed. 6.1.3.1.2 Functional specification The developer should provide a complete functional specification, and the technical requirements are as follows. a) Completely describe the safety function of the product; b) Describe the purpose and usage of all safety function interfaces; c) Identify and describe all parameters related to each safety function interface; d) Describe the safety function implementation behavior related to the safety function interface; e) Describe the direct error message caused by the implementation of the safety function; f) Verify that the safety function requires traceability to the safety function interface. 6.1.3.1.3 Product design The developer should provide product design documents, the technical requirements are as follows. a) Describe the product structure according to the subsystem, and identify and describe all the subsystems of the product safety function; b) Describe the interaction between all subsystems of the safety function; c) The provided mapping relationship can verify that all the behaviors described in the design can be mapped to the security function interface that calls it. 6.1.3.2 Guiding documents 6.1.3.2.1 Operation User Guide The developer should provide a clear and reasonable operating user guide, and the operating user guide should be consistent with all other documents provided for evaluation. To, the description requirements for each user role are as follows. a) Describe the functions and privileges that authorized users can access, including appropriate warning information; b) Describe how to use the interface provided by the product in a safe manner; c) Describe the available functions and interfaces, especially all the safety parameters controlled by the user, and specify the safety values when appropriate; d) Clearly state every security-related event related to the user-accessible function that needs to be performed, including changing the control of the security function The security features of the control entity; e) Identify all possible states of product operation (including failures or operational errors caused by operations), and their relationship with maintaining safety Causality and connection between operations; f) The security strategy that should be implemented to achieve the security purpose. 6.1.3.2.2 Preparation procedures The developer should prov......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 37934-2019_English be delivered?Answer: Upon your order, we will start to translate GB/T 37934-2019_English as soon as possible, and keep you informed of the progress. The lead time is typically 2 ~ 4 working days. The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of GB/T 37934-2019_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 37934-2019_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay. |
