|
US$329.00 · In stock
Delivery: <= 3 days. True-PDF full-copy in English will be manually translated and delivered via email.
GA/T 1560-2019: Information security technology - Security technical requirements for security protecting and audit monitoring products for industrial control system host
Status: Valid
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GA/T 1560-2019 | English | 329 |
Add to Cart
|
3 days [Need to translate]
|
Information security technology - Security technical requirements for security protecting and audit monitoring products for industrial control system host
| Valid |
GA/T 1560-2019
|
PDF similar to GA/T 1560-2019
Basic data | Standard ID | GA/T 1560-2019 (GA/T1560-2019) | | Description (Translated English) | Information security technology - Security technical requirements for security protecting and audit monitoring products for industrial control system host | | Sector / Industry | Public Security (Police) Industry Standard (Recommended) | | Classification of Chinese Standard | A90 | | Classification of International Standard | 35.240 | | Word Count Estimation | 14,159 | | Date of Issue | 2019 | | Date of Implementation | 2019-04-16 | | Issuing agency(ies) | Ministry of Public Security | GA/T 1560-2019: Information security technology - Security technical requirements for security protecting and audit monitoring products for industrial control system host
---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security technology-Security technical requirements for security protecting and audit monitoring products for industrial control system host
ICS 35.240
A.90
GA
People's Republic of China Public Safety Industry Standard
Information Security Technology Industrial Control System Host Security Protection
And audit monitoring product safety technical requirements
Information security technology Security technical requirements for security
protecting and audit monitoring products for industrial control system host
Published by the Ministry of Public Security of the People's Republic of China
Contents
Foreword ... II
1 Scope ... 1
2 Normative references ... 1
3 Terms and definitions ... 1
4 Industrial control system host security protection and audit monitoring product description ... 2
5 Safety function requirements ... 2
5.1 Access Control ... 2
5.2 Audit and monitoring of operational behavior ... 2
5.3 Data security exchange ... 3
5.4 Information display and data analysis ... 3
5.5 Time synchronization ... 3
5.6 User ID ... 3
5.7 Identification ... 4
5.8 Security audit ... 4
5.9 Security management functions ... 5
5.10 Hardware Failure Handling ... 5
5.11 Network performance requirements ... 5
6 Security requirements ... 5
6.1 Development ... 5
6.2 Guidance documents ... 6
6.3 Life cycle support ... 6
6.4 Testing ... 7
6.5 Vulnerability assessment ... 7
7 Classification of Security Levels and Requirements ... 8
7.1 Classification ... 8
7.2 Safety function requirements ... 8
7.3 Security requirements ... 9
Foreword
This standard was drafted in accordance with the rules given in GB/T 1.1-2009.
This standard was proposed by the Cyber Security Bureau of the Ministry of Public Security.
This standard is under the jurisdiction of the Information System Security Standardization Technical Committee of the Ministry of Public Security.
This standard was drafted. Computer Information System Security Product Quality Supervision and Inspection Center of the Ministry of Public Security, and the Third Research Institute of the Ministry of Public Security.
The main drafters of this standard. Tian Xiaopeng, Shen Qinghong, Zou Chunming, Gu Jian, Zhang Yan, Zhao Ting.
Information Security Technology Industrial Control System Host Security Protection and Audit Monitoring Product Security Technology
Technical requirements
1 Scope
This standard specifies the security function requirements, security guarantee requirements, and rating plans for industrial control system mainframe security protection and audit monitoring products.
This standard applies to the design, development, and testing of industrial control system mainframe security protection and audit monitoring products.
2 Normative references
The following documents are essential for the application of this document. For dated references, only the dated version applies to this document.
For undated references, the latest version (including all amendments) applies to this document.
GB/T 18336.3-2015 Information technology security technology Information technology security assessment guidelines Part 3. Security assurance components
GB/T 25069-2010 Information Security Technology Terminology
GB/T 32919-2016 Information Security Technology Industrial Control System Security Control Application Guide
3 terms and definitions
The terms and definitions defined in GB/T 18336.3-2015, GB/T 25069-2010, and GB/T 32919-2016, as well as the following terms, apply to this document
Pieces.
3.1
Industrial control system host
It is used in the field of industrial control systems, mainly for computers for monitoring and management, including the upper computer of industrial control systems.
3.2
Security protecting device
Device for monitoring keyboard input, mouse operation, copy of removable storage media, and monitor screen of a protected host.
3.3
Security protecting platform
A platform that receives audit and monitoring data uploaded by security protection devices, and performs data analysis and security policy configuration.
3.4
Data ferrying
A mechanism for implementing data exchange between the host computer of the industrial control system and the mobile storage medium by using a safety protection device, internal and external
The port cannot communicate with the security protection device on the physical link at the same time, and the information transmission is completed by the ferry mode.
4 Industrial control system host security protection and audit monitoring product description
Industrial control system mainframe security protection and audit monitoring products are mainly structured by components such as security protection devices, security protection platforms, etc.
It is mainly used for security protection and audit monitoring of the mainframe of the industrial control system.
Figure 1 shows the typical deployment environment of this product, in which the safety protection device is deployed in an armored manner, which is mainly used to connect the engineer station,
Various peripheral interfaces of the host of industrial control system such as operator station, such as. VGA interface, USB interface, PS/2 interface, etc.
Access control of the host system's peripheral interface of the control system; the security protection platform is connected to the security protection device through a network, and is mainly used to receive security
The audit and monitoring data uploaded by the protective device, and support for issuing security policies to achieve data ferry, data analysis and other functions. In addition, the property
The product provides a malicious code defense server, which provides functions such as malicious code detection and data encapsulation of ferry data.
Industrial control network
Engineer Station/Operator Station
Mouse and keyboard
Safety protection device safety protection platform
monitor
Peripheral interface
Malicious code defense
server
Removable storage media
Figure 1 Typical deployment environment of industrial control system host security protection and audit monitoring products
5 Safety function requirements
5.1 access control
The product shall be able to implement the following access control policies for the subject, object, and all operations between the subject and object.
a) Support the setting of access control policies according to the subject (such as. access users, etc.), objects (such as protected hosts, etc.) and access rights;
b) the information flow sent and received between the subject and the object is transmitted after being allowed by the security policy;
c) Subject access rights include at least. protected host management rights, audit data query, access control policies, etc.
5.2 Audit and monitoring of operational behavior
5.2.1 Operational behavior audit
The product shall record operational behavior, including but not limited to.
a) Provide graphical real-time monitoring function of industrial control system host;
b) Record the operation behavior of the industrial control system host through the keyboard and mouse;
c) recording the operation of the main body of the industrial control system for data exchange through the mobile storage exchange medium;
d) Record the operation behavior of the mainframe of the industrial control system for operation and maintenance management through the network.
5.2.2 Operation Behavior Response
The product shall respond to operations that violate access control policies, such as response policies such as log audits and dialog box alarms.
5.2.3 Traceback of operation events
The product shall support operational event traceback, including.
a) Supporting the traceback of the process of data exchange by users through mobile storage exchange media;
b) Supports the selection of designated nodes for backtracking operations, and can be checked by event occurrence time, audit event category, subject, object
Inquiry.
5.2.4 Real-time monitoring
Products should support real-time monitoring capabilities, including.
a) Real-time monitoring of the current login status of the protected host, which can be found in time when an access person logs in;
b) Real-time monitoring of safety protection devices, which can be found in time when disconnected in the event of a failure.
5.3 Data security exchange
5.3.1 Ferry data security exchange
The product shall support ferry data security exchange. When the subject performs data copy operations, it shall pass identity authentication and use mobile storage media.
Quality and safety protection devices for data ferry operations.
5.3.2 Data Encapsulation
The product shall support data encapsulation of data copied into removable storage media.
5.3.3 Malicious Code Defense
The product shall support the malicious code defense function, conduct malicious code killing of externally copied data, and support manual upgrade of the malicious code library.
5.4 Information display and data analysis
5.4.1 Front-end information display
The product should support real-time display of the login information of the current visitor, including login time, login user, operation behavior, etc.
5.4.2 Data analysis and evaluation
The product shall classify and statistic all kinds of data uploaded to the security protection platform and form an analysis report.
5.5 Time synchronization
The product should support time synchronization between various components, including manual and automatic synchronization.
5.6 User ID
5.6.1 Attribute Definition
The product should specify the security attributes associated with each administrator, including. management role identification, authentication information, membership groups, permissions, etc.
5.6.2 Property Initialization
The product should provide the ability to initialize the attributes of each management role created with default values.
5.6.3 Unique identification
The product shall ensure that any user has a unique identification, and the user identification is associated with the product's own audit and is in the life cycle
only.
5.7 Identity
5.7.1 Basic authentication
The product should authenticate the user before performing any administrator-related functions.
5.7.2 Multi-authentication
The product shall support two or more user identity combination authentication methods.
5.7.3 Authentication Data Initialization
The product shall provide the initialization function of authorized administrator authentication data according to the specified authentication mechanism, and ensure that only authorized administrators are allowed to use
Use these functions.
5.7.4 Authentication Failure Handling
When the administrator authentication attempt fails for a specified number of times in a row, the product shall prevent the administrator from further authentication requests and send relevant information
Generate audit events. The maximum number of failures is set only by an authorized administrator.
5.7.5 Authentication data protection
The authentication data shall be protected from unauthorized access and modification during transmission and storage.
5.8 Security audit
5.8.1 Self-audit data generation
The product shall generate an audit record of the following auditable events.
a) login and logout of the administrator;
b) changes to security policies;
c) Add, delete, and modify attributes to the administrator;
d) the session connection was terminated because the number of unsuccessful authentication attempts exceeded the set limit;
e) status logs of safety protection devices and safety protection platforms;
f) Modification (setting and updating) of other safety function configuration parameters, whether successful or not.
For each audit record, the product should record at least the following information. the date and time of the event, the type of event, the identity of the subject, and
Event results (success or failure), etc.
5.8.2 Audit record management
The product should allow authorized administrators to create, archive, delete, and empty audit records.
5.8.3 Understandable Format
The product should make all audit data stored in permanent audit records understandable.
5.8.4 Restricting Audit Record Access
Except for authorized administrators with clear access rights, the product should prohibit all other users from accessing the audit log.
5.9 Security management functions
If the product supports remote management, it should be able to protect the remote management session content from unauthorized access through encryption.
5.10 Hardware Failure Handling
Safety guards should provide hardware failure handling mechanisms, such as hardware bypass in the event of a power outage or insufficient system resources
Features.
5.11 Network performance requirements
After the product is connected to the industrial control system network, it cannot affect the original network equipment and host functions of the industrial control system, and
The network system has a noticeable effect.
6 Security requirements
6.1 Development
6.1.1 Security Architecture
The developer should provide a description of the security architecture of the product's security functions. The description of the security architecture should meet the following requirements.
a) Consistent with the level of abstract description of security functions implemented in the product design document;
b) describe the security domain of the product security function consistent with the requirements of the security function;
c) describe why the product safety function initialization process is safe;
d) confirm that product safety functions can be prevented from being compromised;
e) Verify that product safety functions prevent safety features from being bypassed.
6.1.2 Functional Specifications
Developers should provide complete functional specifications, which should meet the following requirements.
a) fully describe the safety functions of the product;
b) describe the purpose and use of all safety function interfaces;
c) identify and describe all parameters related to each safety function interface;
d) describe the safety function implementation behavior related to the safety function interface;
e) describe direct error messages caused by the behavioral processing of safety functions;
f) confirm that the safety function requires traceability to the safety function interface;
g) describe all actions related to the safety function interface during the implementation of the safety function;
h) Describe all direct error messages that may be caused by the call of the safety function interface.
6.1.3 Implementation Representation
Developers should provide implementation representations for all security functions. Implementation representations should meet the following requirements.
a) Provide a mapping between product design descriptions and implementation representation examples and prove their consistency;
b) Define product safety functions according to the level of detail, to a level of detail that can be generated without further design;
c) Provided in the form used by developers.
6.1.4 Product Design
Developers should provide product design documents, which should meet the following requirements.
a) describe the product structure in terms of subsystems;
b) identify and describe all subsystems of product safety functions;
c) describe the interaction between all subsystems of the safety function;
d) the mapping relationship provided can verify that all the behaviors described in the design can be mapped to the security function interface that calls it;
e) describe safety functions according to the module;
f) Provide the mapping relationship between the safety function subsystem and the module;
g) describe all safety function implementation modules, including their purpose and interaction with other modules;
h) Describe the relevant interfaces required by all modules to implement the security functions, return values from other interfaces, interactions with other modules, and
Called interface
i) Describe the supporting or related modules of all safety functions, including their purpose and interaction with other modules.
6.2 Guidance Documents
6.2.1 Operation User Guide
Developers should provide clear and reasonable operating user guides, which are kept in line with all other documents provided for evaluation
Sincerely, the description of each user role should meet the following requirements.
a) describe the functions and privileges accessible to users controlled in a secure processing environment, including appropriate alert information;
b) describe how to use the available interfaces provided by the product in a secure manner;
c) describe available functions and interfaces, especially all safety parameters controlled by the user, and indicate safety values where appropriate;
d) clearly state each security-related event related to the user-accessible function that needs to be performed, including changes to the control of the security function
Security features of the entity;
e) identify all possible states of operation of the product (including failures or operational errors caused by operations), and their relevance to maintaining safety
Causality and connection between operations;
f) Security policies that must be implemented to fully achieve security purposes.
6.2.2 Preparation procedures
The developer shall provide the product and its preparation procedures. The preparation procedure description shall meet the following requirements.
a) describe all steps necessary to securely receive the delivered product in accordance with the developer delivery process;
b) Describe all steps necessary to safely install the product and its operating environment.
6.3 Life cycle support
6.3.1 Configuration management capabilities
Developer configuration management capabilities should meet the following requirements.
a) provide unique identification for different versions of the product;
b) use a configuration management system to maintain all configuration items that make up the product and uniquely identify configuration items;
c) Provide configuration management documents, which describe the method used to uniquely identify configuration items;
d) The configuration management system provides an automatic way to support the generation of products, by which it is ensured that only the implementation of the products can be expressed
Authorized changes;
e) The configuration management document includes a configuration management plan, which describes how to develop products using a configuration management system. real
The implementation of the configuration management is consistent with the configuration management plan;
f) The configuration management plan describes the procedures used to accept modified or newly created configuration items as part of the product.
6.3.2 Configuration Management Scope
The developer should provide a list of product configuration items and describe the developer of the configuration item. The configuration item list should include the following.
a) Evaluation evidence of products, safety assurance requirements and components of products;
b) Implementation indication, security defect report and resolution status.
6.3.3 Delivery procedures
Developers should use a certain delivery procedure to deliver the product and document the delivery process. When delivering versions of the product to the user,
The delivery documentation should describe all procedures necessary to maintain security.
6.3.4 Development Security
Developers should provide development security documentation. The development security documentation should describe the design and implementation
All physical, procedural, personal and other security measures necessary for confidentiality and integrity.
6.3.5 Life Cycle Definition
The developer should establish a life cycle model to control the development and maintenance of the product, and provide a description of the life cycle definition document.
Describe the models used to develop and maintain products.
6.3.6 Tools and techniques
Developers should clearly define the tools used to develop the product, and provide development tool documentation to unambiguously define the meaning of each statement in the implementation
And the meaning of all implementation-dependent options.
6.4 Test
6.4.1 Test coverage
The developer should provide a test coverage document, and the test coverage description should meet the following requirements.
a) indicate the correspondence between the tests identified in the test documentation and the safety functions of the product described in the functional specification;
b) Show that the above correspondence is complete and confirm that all safety function interfaces in the functional specification have been tested.
6.4.2 Test depth
Developers should provide test depth analysis. The test in-depth analysis description should meet the following requirements.
a) confirm the consistency between the tests in the test documentation and the safety function subsystem and implementation modules in the product design;
b) Verify that all safety function subsystems and implementation modules in the product design have been tested.
6.4.3 Functional test
Developers should test product security features, document results and provide test documentation. The test documentation should include the following.
a) A test plan that identifies the tests to be performed and describes the scenarios for each test, including those for other test results
Any order dependency;
b) the expected test results, indicating the expected output after a successful test;
c) Consistency of actual test results and expectations.
6.4.4 Independent testing
Developers should provide a set of resources equivalent to those used for self-testing security features for sample testing of security features.
6.5 Vulnerability assessment
Based on the identified potential vulnerabilities, the product is resistant to the following attacks.
a) attacks by attackers with basic attack potential;
b) Attacks by attackers with enhanced basic attack potential.
7 Security level division and requirements
7.1 Classification
The security level of the industrial control system host security protection and audit monitoring products is in accordance with its security function requirements and security guarantee requirements.
Degree is divided into basic level and enhanced level, in which the security requirements refer to GB/T 18336.3-2015.
7.2 Safety function requirements
The security function requirements of the mainframe security protection and audit monitoring products of industrial control systems with different security levels are shown in Table 1.
Table 1 Security function requirements of mainframe security protection and audit monitoring products for industrial control systems with different security levels
Security functions require basic level enhanced level
Access Control 5.1 5.1
Operational Behavior Audit
monitor
Operation behavior records 5.2.1 a) ~ c) 5.2.1
Operational Behavior Response-5.2.2
Operation event traceback 5.2.3 5.2.3
Real-time monitoring 5.2.4 5.2.4
Data security exchange
Ferry data security exchange 5.3.1 5.3.1
Data Encapsulation 5.3.2 5.3.2
Malicious code defense 5.3.3 5.3.3
Information display and data
analysis
Front-end information display 5.4.1 5.4.1
Data analysis and evaluation-5.4.2
Time synchronization 5.5 5.5
User ID
Attribute definition 5.6.1 5.6.1
Property initialization 5.6.2 5.6.2
Unique identification 5.6.3 5.6.3
Identity authentication
Basic identification 5.7.1 5.7.1
Multi-user authentication-5.7.2
Authentication data initialization 5.7.3 5.7.3
Authentication Failure Handling-5.7.4
Discrimination data protection 5.7.5 5.7.5
security audit
Generation of audit data 5.8.1 a) ~ c) 5.8.1
Audit record management 5.8.2 5.8.2
Understandable format 5.8.3 5.8.3
Table 1 (continued)
Security functions require basic level enhanced level
Security Audit Restricts Audit Record Access 5.8.4 5.8.4
Security Management Functions-5.9
Hardware Failure Handling-5.10
Network performance requirements 5.11 5.11
7.3 Security requirements
The security requirements for different security levels are shown in Table 2.
Table 2 Security protection requirements for mainframe security protection and audit monitoring products of industrial control systems with different security levels
Security Assurance Requirements Basic Level Enhanced Level
Develop
Security architecture 6.1.1 6.1.1
Functional specifications 6.1.2 a) to f) 6.1.2
Implementation representation-6.1.3
Product design 6.1.4 a) to d) 6.1.4
Guidance Document
Operation User Guide 6.2.1 6.2.1
Preparation proced...
Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GA/T 1560-2019_English be delivered?Answer: Upon your order, we will start to translate GA/T 1560-2019_English as soon as possible, and keep you informed of the progress. The lead time is typically 1 ~ 3 working days. The lengthier the document the longer the lead time. Question 2: Can I share the purchased PDF of GA/T 1560-2019_English with my colleagues?Answer: Yes. The purchased PDF of GA/T 1560-2019_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.
|