{"title":"核电数字仪表控制平台NASPIC安全漏洞分析","authors":"Hua Liu, Xiaohua Yang, Zhaohui Liu, Meng Li, Zhi Chen, Zhigang Feng, Qingya Zhao","doi":"10.1115/ICONE26-81486","DOIUrl":null,"url":null,"abstract":"From the general industrial control system to the nuclear power plant control platform, the threat of information security has its own particularity more than continuity. The original dedicated system in general industrial area is gradually replaced by many common protocol, software and equipment. As a result, the security vulnerabilities are more likely to be used illegally. For a specific nuclear power plant digital control platform-NASPIC, the vulnerability analysis of platform is performed. Mainly two aspects of technology and management are to be carried out. For technical aspects, four categories problems-unauthorized execution, unauthorized write, unauthorized reading and reject service-are analyzed. Management is mainly about the lack of management strategy and strategy vulnerability. By analyzing the fragility of the instrument control platform, the key equipments, key channels and key modules are proposed. The qualitative and quantitative rules are deduced for evaluation of NASPIC information security.","PeriodicalId":65607,"journal":{"name":"International Journal of Plant Engineering and Management","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2018-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"The Security Vulnerability Analysis of Nuclear Power Digital Instrument Control Platform NASPIC\",\"authors\":\"Hua Liu, Xiaohua Yang, Zhaohui Liu, Meng Li, Zhi Chen, Zhigang Feng, Qingya Zhao\",\"doi\":\"10.1115/ICONE26-81486\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"From the general industrial control system to the nuclear power plant control platform, the threat of information security has its own particularity more than continuity. The original dedicated system in general industrial area is gradually replaced by many common protocol, software and equipment. As a result, the security vulnerabilities are more likely to be used illegally. For a specific nuclear power plant digital control platform-NASPIC, the vulnerability analysis of platform is performed. Mainly two aspects of technology and management are to be carried out. For technical aspects, four categories problems-unauthorized execution, unauthorized write, unauthorized reading and reject service-are analyzed. Management is mainly about the lack of management strategy and strategy vulnerability. By analyzing the fragility of the instrument control platform, the key equipments, key channels and key modules are proposed. The qualitative and quantitative rules are deduced for evaluation of NASPIC information security.\",\"PeriodicalId\":65607,\"journal\":{\"name\":\"International Journal of Plant Engineering and Management\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-07-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Plant Engineering and Management\",\"FirstCategoryId\":\"1089\",\"ListUrlMain\":\"https://doi.org/10.1115/ICONE26-81486\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Plant Engineering and Management","FirstCategoryId":"1089","ListUrlMain":"https://doi.org/10.1115/ICONE26-81486","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The Security Vulnerability Analysis of Nuclear Power Digital Instrument Control Platform NASPIC
From the general industrial control system to the nuclear power plant control platform, the threat of information security has its own particularity more than continuity. The original dedicated system in general industrial area is gradually replaced by many common protocol, software and equipment. As a result, the security vulnerabilities are more likely to be used illegally. For a specific nuclear power plant digital control platform-NASPIC, the vulnerability analysis of platform is performed. Mainly two aspects of technology and management are to be carried out. For technical aspects, four categories problems-unauthorized execution, unauthorized write, unauthorized reading and reject service-are analyzed. Management is mainly about the lack of management strategy and strategy vulnerability. By analyzing the fragility of the instrument control platform, the key equipments, key channels and key modules are proposed. The qualitative and quantitative rules are deduced for evaluation of NASPIC information security.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
