中图分类号： TP393.08
文献标识码： A
DOI： 10.19358/j.issn.2096-5133.2022.03.005
引用格式： 李实，万睿，周帅. 工控系统脆弱性分析研究[J].信息技术与网络安全，2022，41(3)：26-31.

Research on vulnerability analysis of industrial control system

Abstract： With the wide application of new industrial Internet technologies in the field of industrial control, the industrial control system has been transformed from the previous island model to an open system. Through the industrial control situation platform exposed on the Internet, it can be found that a large number of industrial control devices are exposed to the Internet, and the industrial control system is facing unprecedented security threat. Through the analysis of the security status and vulnerability of the industrial control system, this paper puts forward the attack threats faced by the industrial control system from the attacker′s point of view. Combined with the real nuclear power DCS system, the vulnerability of the system is summarized through safety tests, and the effectiveness and actual availability of the security protection strategy are comprehensively considered. It can make a protection plan by adding some safety equipment. Through the deployment and verification in the laboratory, the safety protection measures have reduced the vulnerability of the nuclear power DCS system and improved the security of the system.

Key words : industrial control system；penetration test；cyber security