HOME Cart(0) Quotation About-Us Policy PDFs Standard-List
www.ChineseStandard.net Database: 189759 (19 Oct 2025)

GB/T 40813-2021 English PDF

US$1199.00 · In stock
Delivery: <= 8 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 40813-2021: Information security technology - Security protection technical requirements and testing evaluation methods of industrial control systems
Status: Valid

Standard ID	Contents [version]	USD	STEP2	[PDF] delivered in	Standard Title (Description)	Status	PDF
GB/T 40813-2021	English	1199	Add to Cart	8 days [Need to translate]	Information security technology - Security protection technical requirements and testing evaluation methods of industrial control systems	Valid	GB/T 40813-2021

PDF similar to GB/T 40813-2021

Standard similar to GB/T 40813-2021

GB/T 41479 GB/T 41388 GB 40050 GB/T 37027 GB/T 19713

Basic data

Standard ID	GB/T 40813-2021 (GB/T40813-2021)
Description (Translated English)	Information security technology - Security protection technical requirements and testing evaluation methods of industrial control systems
Sector / Industry	National Standard (Recommended)
Classification of Chinese Standard	L80
Word Count Estimation	66,611
Issuing agency(ies)	State Administration for Market Regulation, China National Standardization Administration

GB/T 40813-2021: Information security technology - Security protection technical requirements and testing evaluation methods of industrial control systems

---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security technology - Security protection technical requirements and testing evaluation methods of industrial control systems ICS 35.030 CCSL80 National Standards of People's Republic of China Information Security Technology Industrial Control System Safety protection technical requirements and test evaluation methods Released on 2021-10-11 2022-05-01 implementation State Administration for Market Regulation Issued by the National Standardization Management Committee

Foreword Ⅲ Introduction Ⅳ 1 Scope 1 2 Normative references 1 3 Terms and definitions 1 4 Abbreviations 2 5 Overview 3 5.1 The basic structure of ICS 3 5.2 Security Protection Objects and Purpose 3 5.3 Constraints of safety protection measures 4 6 Technical requirements for safety protection 4 6.1 Physical environment security protection 4 6.2 Network communication security protection 9 6.3 Network border security protection 12 6.4 Security Protection of Industrial Hosts 16 6.5 Safety protection of control equipment 22 6.6 Data Security Protection 24 6.7 Safety of protective products 27 6.8 System centralized management and control 28 7 Safety protection guarantee requirements 29 7.1 Software development security protection 29 7.2 System maintenance and safety protection 31 8 Test and evaluation methods 32 8.1 Physical environment security protection 32 8.2 Network communication security protection 35 8.3 Network border security protection 36 8.4 Security Protection of Industrial Host 38 8.5 Safety protection of control equipment 41 8.6 Data Security Protection 42 8.7 Protecting product safety 44 8.8 System centralized management and control 45 8.9 Software Development Security Protection 46 8.10 System maintenance and safety protection 46 Appendix A (Informative) Typical Application Reference Scenarios of Network Border Security Protection 48 A.1 Electricity 48 A.2 Automobile manufacturing 49 A.3 Oil extraction 50 A.4 Rail Transit 51 A.5 Chemical 52 A.6 Municipal 53 A.7 Water 54 Appendix B (informative) Data security protection objects 56 Appendix C (informative) Typical deployment method of centralized management and control of the system 57 Appendix D (informative) ICS security protection test evaluation process 58 Reference 61 Figure A.1 Typical deployment method for network boundary security protection of power monitoring system 49 Figure A.2 Typical deployment method of network boundary security protection for automobile manufacturers 49 Figure A.3 Typical deployment method of network boundary security protection of oil production plant 50 Figure A.4 Typical deployment method of rail transit network security protection 52 Figure A.5 Typical deployment method of chemical plant network boundary security protection 53 Figure A.6 Typical deployment methods of municipal gas network border security protection 54 Figure A.7 Typical deployment method of water plant network boundary security protection 55 Figure B.1 Schematic diagram of data security protection objects 56 Figure C.1 Typical deployment method of centralized management and control of the system 57 Figure D.1 ICS security protection test evaluation flowchart 58

Foreword

This document is in accordance with the provisions of GB/T 1.1-2020 "Guidelines for Standardization Work Part 1.Structure and Drafting Rules of Standardization Documents" Drafting. Please note that some of the contents of this document may involve patents. The issuing agency of this document is not responsible for identifying patents. This document was proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260). Drafting organizations of this document. Shanghai Three Zero Guard Information Security Co., Ltd., China Information Security Evaluation Center, China Electronic Technology Standardization Research Institute, China Cyber Security Review Technology and Certification Center, Third Research Institute of Ministry of Public Security, Sinopec Shanghai Gaoqiao Petrochemical Co., Ltd., Shanghai Institute of Industrial Automation Instrumentation Co., Ltd., China Mobile (Hangzhou) Information Technology Co., Ltd., National Information Technology Security Research Center, Shanghai Nuclear Engineering Research and Design Institute Co., Ltd., Beijing Tianrongxin Network Security Technology Co., Ltd., Beijing Hollysys System Engineering Co., Ltd., Shanghai Information Security Evaluation and Certification Center, Beijing Shengborun High-tech Co., Ltd., Shaanxi Province Network and Information Security Evaluation Center, Beijing Winut Technology Co., Ltd., China Electronics Technology Network Information Security Co., Ltd., China Electronics Technology Group Corporation Fifteenth Research Institute, Southwest Jiaotong University, National Industrial Information Security Development Research Center, National Application Software Product Quality Supervision and Inspection Center, China Aviation Oil Group Co., Ltd., China Electronics Technology Group Corporation Electronic Science Research Institute, Chengdu Weishitong Information Industry Co., Ltd., Beijing Qiqi Tiger Technology Co., Ltd., Qi'anxin Technology Group Co., Ltd., China Electric Power Research Institute Co., Ltd., Jiangsu Agile Technology Co., Ltd. Co., Ltd., Casco Signal Co., Ltd., Shanghai Shentong Metro Group Co., Ltd., Qingdao Metro Group Co., Ltd., Shanghai Electric Thales Tong Automation System Co., Ltd., Beijing Jiaotong University, Smart Patrol Password (Shanghai) Detection Technology Co., Ltd., Beijing Metro Operation Co., Ltd. Communication Signal Branch, Global Energy Internet Research Institute Co., Ltd., Jilin Province Electronic Information Product Inspection and Research Institute, Sangfor Technology Co., Ltd. Co., Ltd., China University of Mining and Technology (Beijing), State Grid Xinjiang Electric Power Co., Ltd. Electric Power Research Institute, China Huadian Group Co., Ltd., China Ping An Insurance (Group) Co., Ltd., China National Engineering Research Center for Information Security Common Technology Co., Ltd., Shanghai Industrial Control Security Innovation Technology Co., Ltd., East China Normal University, Beijing Hezhongning Information Technology Co., Ltd., China Huaneng Group Co., Ltd., Liuzhou Dongke Smart City Investment and Development Co., Ltd., China National Petroleum Corporation Northwest Sales Branch, China National Petroleum Corporation The company's Changqing Petrochemical Branch, Beijing Zhongyou Ruifei Information Technology Co., Ltd. The main drafters of this document. Zhang Yi, Gan Lu, Li Xuguo, Rao Zhihong, Li Bin, Li Song, Gu Jian, Gao Yang, Li Lin, Shen Yongbo, Lu Zhen, Zou Chunming, Xu Guozhong, Wang Ying, Lu Wei, Guo Xu, Yuan Zhuan, Mao Lei, An Gaofeng, Liu Ying, Xu Tonghai, Zhao Yu, Yang Fan, Yang Xiangdong, Feng Quanbao, Tang Lin, Lan Kun, Dong Jingjing, Wang Danchen, Chen Xuehong, Wang Kun, Zhao Zhenxue, Si Ruibin, Li Rui, Zhang Yi, Wang Tao, Li Ling, Ni Haiyan, Cui Ke, Li Jianquan, Wang Daqing, Zuo Xutao, Gao Xiang, Tang Tao, Guo Zheng, Guo Yili, Liang Xiao, Hua Yantao, Ye Runguo, Tan Bo, Li Feng, Shu Fei, Li Hui, Yu Jingtao, Meng Yuan, Hu Jianxun, Pu Geguang, Liu Hong, Chen Mingsong, Ji Lu, Yang Shuo, Shi Yongjie, Yu Huichao, Wang Fei, Zhang Xing, Wang Xiaohong, Zhao Peng.

Introduction

This document combines the laws and regulations, policy documents and standards that have been issued by the country, and focuses on The Basic Requirements for Full-Technical Network Security Level Protection" adds and refines security protection technical indicators, control points and control items, and develops for related parties Industrial control system safety level protection and daily safety protection work provide a more operational basis. Standardized documents related to this document include. ---GB/T 22239-2019 "Basic Requirements for Information Security Technology Network Security Level Protection"; ---GB/T 28448-2019 "Information Security Technology Network Security Level Protection Evaluation Requirements"; ---GB/T 36323-2018 "Information Security Technology Industrial Control System Security Management Basic Requirements"; ---GB/T 36324-2018 "Information Security Technology Industrial Control System Information Security Classification Specification"; ---GB/T 37980-2019 "Guidelines for Information Security Inspection of Industrial Control Systems in Information Security Technology". Information Security Technology Industrial Control System Safety protection technical requirements and test evaluation methods

1 Scope

This document specifies the safety protection technical requirements, guarantee requirements and test evaluation methods of industrial control systems. This document is applicable to the construction, operation and maintenance of industrial control systems.

2 Normative references

The content of the following documents constitutes an indispensable clause of this document through normative references in the text. Among them, dated quotations Only the version corresponding to the date is applicable to this document; for undated reference documents, the latest version (including all amendments) is applicable to This document. GB/T 7353-1999 Industrial automation instrument panel, cabinet, table, box GB/T 22239-2019 Information Security Technology Network Security Level Protection Basic Requirements GB/T 25069-2010 Information Security Technical Terms GB/T 36324-2018 Information Security Technology Industrial Control System Information Security Classification Specification GB/T 37933-2019 Information security technology industrial control system special firewall technical requirements

3 Terms and definitions

As defined by GB/T 22239-2019, GB/T 25069-2010, GB/T 36324-2018 and GB/T 37933-2019 and The following terms and definitions apply to this document. 3.1 Industrialcontrolasset Valuable software and hardware resources and data in the process of industrial production control. Note. Including control equipment, industrial hosts, network equipment, applications, industrial data, etc. 3.2 Centralcontrolroom Located in the organization, it is a comprehensive place with functions such as production operation, process control, safety protection, instrument maintenance and production management. 3.3 Fieldcontrolroom Located at the production site within the organization, a place with functions such as production operations, process control, and safety protection. 3.4 Fieldauxiliaryroom It is located at the production site in the organization and is used to install industrial control system cabinets and other equipment. 3.5 Control equipment A device used to control actuators and collect sensor data during industrial production. Note. Including DCS field control unit, PLC and RTU and other unit equipment for production process control.

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of GB/T 40813-2021_English be delivered?

Answer: Upon your order, we will start to translate GB/T 40813-2021_English as soon as possible, and keep you informed of the progress. The lead time is typically 5 ~ 8 working days. The lengthier the document the longer the lead time.

Question 2: Can I share the purchased PDF of GB/T 40813-2021_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 40813-2021_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.