GB/T 40218-2021 English PDFUS$1554.00 · In stock
Delivery: <= 9 days. True-PDF full-copy in English will be manually translated and delivered via email. GB/T 40218-2021: Industrial communication networks - Network and system security - Security technologies for industrial automation and control system Status: Valid
Basic dataStandard ID: GB/T 40218-2021 (GB/T40218-2021)Description (Translated English): Industrial communication networks - Network and system security - Security technologies for industrial automation and control system Sector / Industry: National Standard (Recommended) Classification of Chinese Standard: N10 Word Count Estimation: 82,868 Issuing agency(ies): State Administration for Market Regulation, China National Standardization Administration GB/T 40218-2021: Industrial communication networks - Network and system security - Security technologies for industrial automation and control system---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order. Industrial communication networks-Network and system security-Security technologies for industrial automation and control system ICS 25.040 N10 National Standards of People's Republic of China Industrial communication network network and system security Industrial Automation and Control System Information Security Technology (IEC /T R62443-3-1.2009,Industrialcommunicationnetworks- Released on 2021-05-21 2021-12-01 implementation State Administration of Market Supervision and Administration Issued by the National Standardization Management Committee ForewordThis standard was drafted in accordance with the rules given in GB/T 1.1-2009. The translation method used in this standard is equivalent to IEC /T R62443-3-1.2009 "Industrial Communication Network Network and System Security No. 3-1 Part. Information Security Technology of Industrial Automation and Control System. This standard has made the following editorial changes. ---Modified the standard name; ---Delete footnotes that are inconsistent with our country's situation. This standard was proposed by the China Machinery Industry Federation. This standard is under the jurisdiction of the National Industrial Process Measurement Control and Automation Standardization Technical Committee (SAC/TC124). Drafting organizations of this standard. Institute of Comprehensive Technology and Economics of Machinery Industry Instrumentation, Central Electric Power Planning Institute Co., Ltd., China Nuclear Power Engineering Co., Ltd., Hollysys Technology Group Co., Ltd., Beijing Water Supply Group Co., Ltd., Zhejiang University, Huazhong University of Science and Technology, Chongqing University of Posts and Telecommunications, Computer and Microelectronics Development Research Center of the Ministry of Industry and Information Technology (China Software Evaluation Center), Siemens (China) Co., Ltd. Division, Schneider Electric (China) Co., Ltd., Rockwell Automation (China) Co., Ltd., Shenyang Institute of Automation, Chinese Academy of Sciences, Beijing Venus Star Information Security Technology Co., Ltd., Beijing Guodian Zhishen Control Technology Co., Ltd., Shenzhen Wanxun Automation Control Co., Ltd., China The 30th Research Institute of Electronic Technology Group Corporation, the Fifth Research Institute of Electronics of the Ministry of Industry and Information Technology, Southwest University, China Dongfang Electric Group Co., Ltd. Company, Beijing Sifang Relay Automation Co., Ltd., National Industrial Information Security Development Research Center, Beijing Rail Transit Design and Research Institute Co., Ltd., Shanghai Automation Instrumentation Co., Ltd., Chongqing Xin'an Network Security Rating and Evaluation Co., Ltd., the Third Research Institute of the Ministry of Public Security, China Network Security Review Technology and Certification Center, Beijing Wangyu Nebula Information Technology Co., Ltd. The main drafters of this standard. Wang Yumin, Mei Ke, Zhang Jinbin, Wang Yanjun, Hua Rong, Sun Jing, Zhang Chenyan, Feng Dongqin, Zhou Chunjie, Li Rui, Chen Xiaocong, Zhu Jingling, Wei Min, Wang Hao, Wang Tao, Liu Jie, Cheng Jixun, Zhao Junkai, Lan Kun, Shang Wenli, Zhang Weiqun, Liu Feng, Liu Zhixiang, Yuan Xiaoshu, Shang Yujia, Guo Yongzhen, Du Zhenhua, Zhang Zheyu, Xiao Yan, Lu Mei, Ding Changfu, Xiao Xuyuan, Gao Jingmei, Yan Tao, Yuan Jing, Ren Weihong, Gan Jiefu, Song Wengang.IntroductionThe need to protect the computer environment of industrial automation and control systems (IACS) from malicious code has increased over the past decade. Having attention. More and more open systems, platforms and protocols are used in the IACS environment. With the increase in joint foreign investment activities, foreign The combination of ministry partners and external resources will bring more threats and more advanced computer attacks. With these threats and vulnerabilities The increase in the number of industrial communication networks will increase the risk of computer attacks on industrial communication networks. Therefore, there is a need for computer and network-based information sharing. And the analysis center also needs to be protected. In addition, with the development of smart devices and embedded systems, the interconnection of computers, network devices, and software has increased. Plus, enhanced external connections and the rapid growth of network intrusion incidents, more intelligent attackers and malicious and highly accessible software, all These all increase risks. Many electronic security technologies and computer intrusion prevention measures may be applicable to the IACS environment. This standard lists several types of computers Information security technology and precautions, and discuss the vulnerabilities dealt with, deployment recommendations, and known strengths and weaknesses for each category. point. In addition, it also provides guidelines for the use of various security technologies and preventive technologies to be taken against the risks mentioned above. This standard does not compare the above-mentioned safety technologies and preventive measures, but only provides suggestions and guidelines for the use of these technologies and methods, and Information to be considered in the development of on-site or enterprise-level information security policies, procedures, and procedures related to the IACS environment. The working group will periodically update the technical requirements to reflect new information, computer security technology, countermeasures and computer risk reduction methods. law. At the same time, readers are warned that when using the recommended guidelines in the standard, they do not ensure that their industrial automation or control system environment achieves the best design. Computer security status. However, this standard helps to identify and deal with vulnerabilities and reduce unexpected network intrusions. These network intrusions may Stealing confidential information, even causing harm to personnel and the environment, or leading to industrial networks, control systems, and industries and infrastructure for monitoring and management The key assets of the facility are damaged or become invalid. This standard provides the evaluation and assessment of many types of current electronic computer security technologies, mitigation measures and tools, which are used to protect Protect the IACS environment to prevent unfavorable computer intrusions and attacks. This standard introduces various technologies, methods and tools, and provides Discussion of content development, implementation, operation, maintenance, project implementation/management and other services. This standard also provides Information security practitioners, facilities, and factories for business and end users to protect automation in terms of technology selection and countermeasures The IACS (and its related industrial networks) are protected from electronic (computer) attacks. The guidelines given in this standard cannot ensure that IACS has achieved the best computer information security. However, these guidelines help Identify and point out vulnerabilities, and can reduce the risk of unexpected intrusion to prevent the leakage of confidential information or cause the control system and its automatic Damage or failure of key assets under control. More concerned, when a computer leak occurs in the automation control system or its related industrial network, The use of these guidelines can help reduce the risk of damage to any personnel or the environment. The cybersecurity guidelines in this standard are general/general, depending on the application of personnel knowledge in industrial automation systems/and should According to the applicable and specific industrial automation system personnel knowledge, it is correctly applied to every control system and network. This guide identifies the In terms of providing network security control systems, typical and important activities. However, the above activities are not always related to the effectiveness of system functions. Compatible with operation or maintenance. The guidelines include applicable information security recommendations and recommendations for specific control systems. However, the selection and ministry It is the responsibility of the system owner to assign information security activities and practices specific to a given control system and its related industrial network. With the acquisition of control system vulnerability experience, the maturity of specific network information security implementation and the new control-based network information security This standard will gradually be revised and improved for the use of all technologies. In this way, while the main structure of this standard remains relatively stable, its application and The solution will also be gradually improved. Industrial communication network network and system security Industrial Automation and Control System Information Security Technology1 ScopeThis standard provides an assessment of various current network information security tools, mitigation countermeasures and technologies. These techniques can be used effectively In IACS based on modern electronics, a large number of industries and critical infrastructures can be adjusted and monitored. This standard describes several types The control system-centric network information security technology, the product categories available in these categories, the use of this in an automated IACS environment The pros and cons of these products, relative to the expected threats and known network vulnerabilities, and more importantly, the use of these network information security technologies Preliminary recommendations and guidelines for products and/or countermeasures. The IACS cyber security concept applied by this standard is to cover the components, factories, and equipment in all industries and critical infrastructure to the greatest extent possible. Implementation and system. IACS includes but is not limited to. ● Hardware (such as historical data server) and software systems (such as operating platforms, configurations, applications), such as distributed control systems (DCS), Programmable controller (PLC), monitoring control and data acquisition (SCADA) system, networked electronic sensor system, and monitoring, diagnosis and evaluation Assessment system. Containing this hardware and software range are important industrial networks and any connected or related key information technology (IT) equipment And the link to the successful operation of the entire control system. In this regard, this scope also includes but is not limited to. firewalls, servers, routers, Replacement, gateways, fieldbus systems, intrusion detection systems, smart electronics/terminal devices, remote terminal units (RTU), and wired and wireless Remote modem. ● Used for continuous, batch, decentralized or combined process related internal, personnel, network or machine interface, used to improve Provides control, data logging, diagnosis, (functional) safety, monitoring, maintenance, quality assurance, regulatory compliance, auditing and other types of operational functions. Similarly, the concepts of cyber information security technology and countermeasures are also widely used in this standard, and include but are not limited to the following technologies. ● Identification and authorization; ● Filtering, blocking and access control; ● Encryption; ● Data confirmation; ● Audit; ● Measurement; ● Monitoring and detection tools; ● Operating system. In addition, non-network information security technology, that is, physical security control, is essential for certain aspects of network information security. Requirement, and discussed in this standard. The purpose of this standard is to classify and define network information security technologies, countermeasures and currently available tools, and to provide a standard for subsequent standards. General basis. Each technology of this standard is discussed from the following aspects. ● Information security vulnerabilities targeted by technologies, tools and/or countermeasures; ● Typical deployment; ● Known problems and weaknesses; ● Evaluation used in the IACS environment; ● Future direction; ● Suggestions and guidelines; ......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 40218-2021_English be delivered?Answer: Upon your order, we will start to translate GB/T 40218-2021_English as soon as possible, and keep you informed of the progress. The lead time is typically 6 ~ 9 working days. The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of GB/T 40218-2021_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 40218-2021_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay. |
