He rapid development of high-speed railway and urban rail transit has pushed forward the equipmentmanufacturing industry. The key control systemin the field of rail transit is closely relatedto its operational security and the hard destruction of physical system.
Y&D has leading basics advantages in developing security technology for industrial control system, for it has previously obtained support from National Development and Reform Commission to build the "Rail Transit Industrial Safety Assessment Service Center" and obtained the support from innovation program for "National Engineering Laboratory for Urban Rail Transit System Security".
Passive diagnostics in empirical failure modeThe security service, whose detection modes are based on faulty and abnormal priori characteristics, can not deal with the risk of unknown failures, and it’s security principle is based on "defense/prevent".
Yong Da has studied the active defense technology of rail transit industrial control system (ICS). From the perspective of real-time control of behavior safety, Y&D builds a core control equipment that combines functional safety, information security, operational safety and covers controller, transmitter, actuator, workstation and network facilities. The autonomous controllable security system throughout the entire life cycle can effectively defense unknown threats that crosse information physical space, so as to ensure the security, availability, reliability and stability of ICS through its full life cycle. Its essence lies in the known normal, the recognition of the abnormal, and the overall control of the entire life cycle, full functional behavior, and full operation instructions of the industrial control system.
The difficulty lies in how to dissect the mechanism principle based on the external performance data in a close system, so as to judge whether the control logical calculation and the instruction transfer conform to the set control mechanism, and if not, that is where the security problem lies. Therefore, security = setting security mechanism + identifying security risk + achieving security control. Reverse mechanism = traverse the behavior of the instance or use as much data modeling as possible to force the mechanism.
Software defined recording
For industrial control system, we record its usage habit data of its full life cycle on-line in the application scenario, and mirror its physical signal data on the premise of not interfering the integrity of its system functions.
Recording compression test
Conduct off-line compression playback with the customary physical signal data of this user and complete in-the-loop test of control logic, and generate ergodic output big data of control function.
Test dual correlation
Based on the above input and output big data, conduct modelling control function types and the the corresponding instruction signal modes, so as to build a security benchmark pattern base.
correlation match risk
Judge the input and output consistency of control system behaviors through the security benchmark pattern base, so as to measure the security risk, and support standard compliance verification of control functions of all levels.