Recently, the 10 departments in accordance with the "guidance industrial development of the Internet" "on deepening the" Internet + deployment of advanced manufacturing, the Ministry of Industry and Information Technology jointly issued "to strengthen Internet security industry guidance," clearly the end of 2020, the Internet industry initially established security system. By 2025, improve and perfect the mechanism of the system, the ability to significantly improve the technical means, the security industry scale, basically established a relatively complete and reliable industrial Internet security system.
The current development of China's Internet industry to produce more and more intelligent, networked collaboration, customization and extension services of the direction of development, and always-plant network also means that ever-present threat risks. Recently, the Ministry of Education and other 10 departments issued guidelines to strengthen the industry of Internet security.
China Industry Internet Security Threat Status
Internet is the biggest pain point safety issues, whether it is industrial connectivity, or all things Internet, are not open around this bridge safety. Internet while providing great convenience for people, it also brings a lot of trouble and a loss of security, loss of privacy caused property damage is endless, and the Internet industry is related to industrial production, loss once the security problems, will cause greater. Comprehensive statistics on the industrial situation of Internet vulnerabilities, security incidents, platform security and application security and other aspects, the current major issues facing the Internet industry is these four areas:
Ø industrial terminals become the weakest link in security. Industrial terminals to maintain large, but the relative lack of security, following vulnerabilities blackmail virus, mining *** continue to simmer after 2017 appears to be the host terminal industry industrial network security.
Ø industrial control system security situation is still grim. 2018 since there were a lot of major industrial control system vulnerabilities affect many types of production systems.
Ø security industry Internet platform does not form a system. Security platform is still not formed security mechanisms of the system, on the one hand the platform itself and lack of security, on the other platform PaaS layer also lacks sound security API for SaaS layer calls.
Ø Industrial APP lack of security mechanisms. APP current industrial shapes, a wide range of security mechanisms and the lack of standard security API.
The Ministry of Industry jointly 10 departments issued by the Industrial Internet safety guidance, around equipment, control, network, platform, data security, and give enterprises the main responsibility, government regulation responsibilities interpretation given top-level design in the field of industrial Internet security, the author of its own in order to understand the integration of a security architecture:
Safety Management Plan
Security responsibility to implement: industrial companies to clear security responsibilities and department heads, a risk assessment before and after the sound device key equipment and systems platform connectivity, security auditing system and establish security event reporting and accountability mechanisms.
Construction safety management system: the Ministry of Industry will lead the Internet-related industry organizations in policy development, standards development and other integrated work, and Internet security industry to guide the industry in the field of management in charge of the equipment manufacturing, electronic information and communications industries.
Enterprise Protection means
For businesses, the Internet security industry has three major aspects of the segment down.
Safety equipment and control: industrial enterprises should deploy targeted protection measures to strengthen the protection and secure access equipment, equipment manufacturers, automation integrators to actively cooperate with the security company, to enhance the intrinsically safe equipment and control systems;
Network infrastructure security: in the process of upgrading industrial enterprises should implement safety standards and conduct security assessments, identity resolution system construction and operation unit synchronization strengthen the security capacity building protection technology;
Platforms and industrial APP security aspects: To carry out the construction in accordance with the relevant standards, safety assessment before the line, for the edge layer, IaaS layer (cloud infrastructure), the platform layer (industrial PaaS), application layer (industrial SaaS) hierarchical deployment of security measures and the establishment of security detection mechanisms.
Focus on promoting the work
Industrial Internet data security capabilities: not only to corporate explicitly link the data security requirements of collection, storage, processing, transfer, delete, etc., various production processes to improve the anti-theft data business, anti-tamper security measures and data backup, but also to establish Internet industry chain-wide data security management system and carry out important data to assess and monitor outbound security, improve the major industrial Internet data breaches trigger response mechanism.
国家工业互联网安全技术手段:工信部将统筹建设国家工业互联网安全技术保障平台并在工业基础较好的地区先行试点;建设工业互联网资产目录库、工业协议库、安全漏洞库、恶意代码病毒库和安全威胁信息库等基础资源库;搭建面向机械制造、电子信息、航空航天等行业的工业互联网安全***演练环境。
工业互联网安全公共服务能力:企业可以依托产业联盟、行业协会等第三方机构为工业互联网企业持续开展安全能力评测评估服务,对于电信企业、互联网企业、系统解决方案提供商等来说,可以依托自身专业技术优势为工业企业输出安全保障服务。
工业互联网安全科技创新与产业发展:国家层面将加大对工业互联网安全技术研发和成果转化的支持力度,支持工业互联网安全科技创新;同时,充分利用安全产业园等形式整合相关资源,促进工业互联网安全产业发展。
政策保障措施
加强组织领导,健全工作机制。在工业互联网专项工作组的统一指导下,加强统筹协调,强化部门协同、部省合作,构建各负其责、紧密配合、运转高效的工作机制。
加大支持力度,优化创新环境。指导意见指出,各地相关部门要结合本地工业互联网发展现状,优化政府支持机制和方式,加大对工业互联网安全的支持力度,鼓励企业技术创新和安全应用,加快建设工业互联网安全技术手段,推动安全产业集聚发展。
发挥市场作用,汇聚多方力量。指导意见要求,将充分发挥市场在资源配置中的决定性作用,汇聚政产学研用多方力量,逐步建立覆盖决策研究、公共研发、标准推进、联盟论坛、人才培养等的创新支撑平台,形成支持工业互联网安全发展合力。
加强宣传教育,加快人才培养。开展工业互联网安全宣传教育、网络安全演练、安全竞赛等,培养选拔不同层次的工业互联网安全从业人员。依托国家专业机构等,打造技术领先、业界知名的工业互联网安全高端智库。
在平台方面,目前已经形成了工业互联网平台蓬勃发展的良好局面,全国各类型平台数量总计已有数百家之多,具有一定区域、行业影响力的平台数量也超过 50 多家,平均工业设备连接数近 60万台/套,沉淀了行业知识并孵化出一批新型工业 APP。工业互联网平台的建设及推广是一项长期而艰巨的系统性工程,工业互联网平台总体仍处于高研发投入、长周期回报的产业培育期。
当前,云计算、大数据与工业互联网融合应用步伐加快,互联网龙头企业在工业互联网领域加快布局。腾讯将工业互联网作为其战略重点之一;网易布局“产业数字化”,全年扶持 2000余家企业;浪潮工业互联网平台“1+N”战略发布,浪潮云广东节点正式落地;中国通信服务集团成立了工业互联网推进小组,并将工业互联网作为重要的战略部署。
近日,国家工信部对外公示2019年十大跨行业跨领域工业互联网平台清单,榜上有名的有海尔COSMOPlat平台、用友精智工业互联网平台、树根互联根云平台、航天云网INDICS平台、浪潮云In-Cloud平台、华为FusionPlant工业互联网平台、富士康BEACON平台、徐工信息汉云工业互联网平台、阿里巴巴supET工业互联网平台,那么还有哪些值得我们关注的涉及到工业互联网的物联网平台?
美的集团—MeiCloud:美的集团是一家老字号的消费电器科技集团,世界500强,MeiCloud是美的集团内部孵化的产品,基于自身多年的制造业行业积累,结合国内制造业特点研发的工业互联网平台,将美的集团智能制造、大数据运营、业务移动化等企业SaaS云服务成果与制造业合作伙伴分享。
中国通信服务集团—CCS开放物联网平台:中国通信服务是和中国铁塔同为国内通信基础设施的建设商,也是千亿级的上市央企,在通信基础设施建设、设备联网方面有着多年的行业沉淀,中国通服将自身的通用能力剥离出来打造成了CCS开放物联网平台。该平台最大的特色也是中国通服的特色,从规划、设计、实施到后期运维保障提供一体化的服务。
Network security, industrial security is the process of industrial development of the Internet can not be ignored, industrial Internet security system road resistance and long, and now the Internet has been the top-level industrial design at the national level, as long as they implement the main tasks will be able to accelerate the construction of industrial Internet security system, improve the security capabilities of Internet industry, Internet industry to promote high-quality