|
US$1799.00 ยท In stock
Delivery: <= 7 days. True-PDF full-copy in English will be manually translated and delivered via email.
GA/T 1390.5-2017: Information security technology--General requirements for classified protection of cyber security--Part 5: Special security requirements for industrial control system
Status: Valid
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GA/T 1390.5-2017 | English | 1799 |
Add to Cart
|
7 days [Need to translate]
|
Information security technology--General requirements for classified protection of cyber security--Part 5: Special security requirements for industrial control system
| Valid |
GA/T 1390.5-2017
|
PDF similar to GA/T 1390.5-2017
Basic data | Standard ID | GA/T 1390.5-2017 (GA/T1390.5-2017) | | Description (Translated English) | Information security technology--General requirements for classified protection of cyber security--Part 5: Special security requirements for industrial control system | | Sector / Industry | Public Security (Police) Industry Standard (Recommended) | | Classification of Chinese Standard | L80 | | Classification of International Standard | 35.040 | | Word Count Estimation | 78,789 | | Date of Issue | 2017-05-08 | | Date of Implementation | 2017-05-08 | | Issuing agency(ies) | Ministry of Public Security | GA/T 1390.5-2017: Information security technology--General requirements for classified protection of cyber security--Part 5: Special security requirements for industrial control system
---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security technology--General requirements for classified protection of cyber security--Part 5. Special security requirements for industrial control system
ICS 35.040
L80
Public Safety Industry Standard of the People's Republic of China
Information Security Technology Network Security Level Protection Basics
Requirements Section 5. Industrial Control System Security
Extension requirements
protectionofcybersecurity-Part 5.Specialsecurityrequirementsfor
Published on.2017-05-08
2017-05-08 Implementation
The Ministry of Public Security
Directory
Preface III
Introduction IV
1 Scope 1
2 Normative references 1
3 Terms, definitions and abbreviations 1
3.1 Terms and Definitions 1
3.2 Abbreviations 2
4 Overview 2
4.1 General requirements for safety 2
4.2 Overview of Industrial Control Systems Summary 3
4.2.1 General 3
4.2.2 Hierarchical Model 3
4.2.3 Regional Model 5
4.2.4 Security Domain Division Principle 6
4.3 Industrial Control System Level Protection Principles and Requirements 6
4.3.1 General 6
4.3.2 Security Domain Protection Principles 6
4.3.3 Implementation Instructions for the Protection of the Security Domain 7
4.3.4 Technical Requirements and Management Requirements 7
4.4 Industrial Control System Rating 8
4.5 Industrial Control System Level Protection General Constraints 8
4.5.1 Overview 8
4.5.2 Basic Function Support 8
4.5.3 Compensation measures 9
5 The first level of basic requirements 9
5.1 Technical Requirements 9
5.1.1 Physical Security 9
5.1.2 Border Protection 10
5.1.3 Production Management Security Requirements 10
5.1.4 Process Monitoring Layer Security Requirements 12
5.1.5 Field Control Layer Security Requirements 15
5.1.6 Field Device Layer Security Requirements 16
5.2 Management Requirements 16
5.2.1 Safety Management Organizations and Personnel 16
5.2.2 Security Operations Maintenance Vulnerability and Risk Management 16
6 Second-level basic requirements 17
6.1 Technical Requirements 17
6.1.1 Physical and Environmental Security 17
6.1.2 Border Protection 18
6.1.3 Safety Requirements for Production Management 18
6.1.4 Process Monitoring Layer Security Requirements 21
6.1.5 Field Control Layer Security Requirements 25
6.1.6 Field Device Layer Security Requirements 27
6.2 Management Requirements 28
6.2.1 Safety Management Organizations and Personnel 28
6.2.2 Security Operations Management Vulnerability and Risk Management 28
7 Level 3 Basic Requirements 28
7.1 Technical Requirements 28
7.1.1 Physical and Environmental Security 28
7.1.2 Border Protection 29
7.1.3 Centralized Control 30
7.1.4 Production Management Security Requirements 30
7.1.5 Process Monitoring Layer Security Requirements 33
7.1.6 Field Control Layer Security Requirements 39
7.1.7 Field Device Layer Security Requirements 42
7.2 Management Requirements 42
7.2.1 Security Policy and Management System 42
7.2.2 Security Administration and Staff 42
7.2.3 Security Construction Management Outsourcing Software Development 43
7.2.4 Security Operations Maintenance Vulnerability and Risk Management 43
8 Level 4 Basic Requirements 43
8.1 Technical Requirements 43
8.1.1 Physical and Environmental Security 43
8.1.2 Border Protection 44
8.1.3 Centralized Control 45
8.1.4 Safety Requirements for Production Management 45
8.1.5 Process Monitoring Layer Security Requirements 49
8.1.6 Field Control Layer Security Requirements 54
8.1.7 Field Device Layer Security Requirements 57
8.2 Management Requirements 58
8.2.1 Security Policy and Management System Security Policy 58
8.2.2 Security Administration and Staff 58
8.2.3 Security Management Construction Outsource Software Development 58
8.2.4 Security Operations Maintenance Vulnerability and Risk Management 59
Appendix A (Informative) Industrial Control System Overview 60
Appendix B (Informative) Examples of Security Domain Division 65
Appendix C (Informative) Protection of Industrial Control System Security Levels Based on Trusted Computing Technology 67
References 71
Foreword
GA/T 1390 "Basic Requirements for Information Security Technology Network Security Level Protection" has or plans to issue the following parts.
--- Part 1. General requirements for safety;
--- Part 2. Cloud computing security extension requirements;
--- Part 3. Mobile Internet Security Extension Requirements;
--- Part 4. IoT Security Extension Requirements;
--- Part 5. Industrial Control System Security Extension Requirements;
--- Part 6. Big Data Security Extension Requirements.
This section is Part 5 of GA/T 1390.
This section was drafted in accordance with the rules given in GB/T 1.1-2009.
This part is proposed and managed by the Information Systems Security Standardization Technical Committee of the Ministry of Public Security.
This section is responsible for drafting. Zhejiang University, Zhejiang Institute of Control Research Co., Ltd.
The Institute of Public Security, Third Institute, Hangzhou College of Science and Technology, Beijing Qixing Chen Information Security Technology Co., Ltd.
This section participated in the drafting unit. China Electric Power Engineering Consulting Group Southwest Electric Power Design Institute Co., Ltd., Beijing Guodian Zhishen Control Technology Co., Ltd.
Limited Company, Siemens (China) Co., Ltd., Schneider Electric (China) Co., Ltd., the Fifth Institute of Electronics, Ministry of Industry and Information Technology, and Beijing
Li Shi System Engineering Corporation, Dongfang Electric Central Research Institute, Beijing Rail Transit Design & Research Institute Co., Ltd., National Information Technology Security Research Institute
Center, China Software Evaluation Center, Sinopec Qilu Petrochemical Company, Shenyang Institute of Automation, Chinese Academy of Sciences, China Electronics Technology Group Corporation No.30
Research Institute, State Power Investment Corporation, China Electric Power Engineering Consulting Group, North China Electric Power Design Institute Co., Ltd., National Nuclear Automation System Project
Ltd., Beijing Water Group.
The main drafters of this section. Feng Dongqin, Liu Zhitao, Jia Chiqian, Lu Yihong, Gao Mengzhou, Liang Yao, Liu Dalong, Mei Yi, Wang Yumin, Zhao Yanling,
Ren Weihong, Yuan Jing, Yang Yuemei.
This section participated in the drafters. Zhang Jinbin, Zhu Jingling, Li Rui, Liang Jun, Liu Jie, Liu Taihong, Zhao Junkai, Yuan Xiaoshu, Mei Qi, Xiao Yan, Li Bing,
Pang Ning, Zhou Feng, Liu Limin, Chen Xiuli, Wang Aipeng, Meng Yahui, Fang Jinshe, Pu Zhijun, Zhang Chenyan, Wang Hao, Lan Kun, Wang Jing, Li Zhongsheng, Wang Yong,
Liu Zhixiang, Luo An, Shang Wenli, Ma Xinxin, He Yanjun.
Introduction
In order to adapt to new technologies and new applications such as mobile internet, cloud computing, big data, internet of things and industrial control, information security level protection
To carry out work, it is necessary to revise GB/T 22239-2008. The revised ideas and methods are for mobile internet, cloud computing, big data,
New technologies and new application areas such as the Internet of Things and industrial control propose expanded security requirements.
Information Security Technology Network Security Level Protection Basics
Requirements Section 5. Industrial Control System Security
Extension requirements
1 Scope
This part of GA/T 1390 specifies the safety extension requirements for industrial control systems with different levels of safety protection.
This section applies to batch control, continuous control, discrete control and other industrial control systems, for industrial control system network security level protection
Provide guidance on the design, implementation, testing and evaluation of measures.
2 Normative references
The following documents are indispensable for the application of this document. For dated references, only dated versions apply to this article
Pieces. For undated references, the latest version (including all amendments) applies to this document.
GB 17859-1999 Guidelines for the classification of security levels for computer information systems
GB/T 22239 Information Security Technology Information System Security Level Protection Basic Requirements
GB/T 25069-2010 Information Security Technical Terms
IEC 62443-1-1 Industrial communication network networks and system security. Part 1-1. Terms, concepts and models
IEC 62443-3-2 Industrial communications network networks and system security - Part 3-2. Area and channel security assurance levels
3 Terms, definitions and abbreviations
3.1 Terms and Definitions
The definitions of GB 17859-1999, GB/T 25069-2010 and IEC 62443-1-1 and the following terms and definitions apply to this document.
3.1.1
Industrial control system industrialcontrolsystem
A collection of people, hardware, and software that contribute to and influence the safety, security, and reliable operation of industrial processes.
Note. The system includes, but is not limited to.
1) Industrial Control System includes Distributed Control System (DCS), Programmable Logic Controller (PLC), Intelligent Electronic Device (IED), Surveillance Control and Number
According to the acquisition (SCADA) system, motion control (MC) system, network electronic sensing and control, monitoring and diagnostic systems [in this standard, regardless of
Separately or integratedly, the process control system (PCS) includes the basic process control system and the safety instrumented system (SIS);
2) Relevant information systems, such as advanced control or multivariable control, online optimizer, dedicated device monitor, graphical interface, process history, system
Manufacturing Execution System (MES);
3) Relevant department, personnel, network or machine interface to provide control, safety and manufacturing operations for continuous, batch, discrete and other processes
Features.
3.1.2
Area area
Physical, geographical, or logical grouping of resources within a site.
3.1.3
Security zone securityzone
A set of logical or physical assets that have the same security requirements.
Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GA/T 1390.5-2017_English be delivered?Answer: Upon your order, we will start to translate GA/T 1390.5-2017_English as soon as possible, and keep you informed of the progress. The lead time is typically 4 ~ 7 working days. The lengthier the document the longer the lead time. Question 2: Can I share the purchased PDF of GA/T 1390.5-2017_English with my colleagues?Answer: Yes. The purchased PDF of GA/T 1390.5-2017_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.
|