列车通信网络安全现状分析及应对方案研究

邹智荣; 陈超群; 陈勃; 唐品

doi:10.13890/j.issn.1000-128X.2023.01.011

您当前的位置：

首页 >

文章列表页 >

列车通信网络安全现状分析及应对方案研究

电力牵引与控制 | 更新时间：2024-08-02

- 列车通信网络安全现状分析及应对方案研究
- Current status analysis and countermeasure exploration for train communication network security
- 机车电传动 2023年第1期页码：78-85
- 作者机构：
  
  中车株洲电力机车研究所有限公司，湖南株洲 412001
- 作者简介：
  
  陈超群（1987—），女，硕士，工程师，主要从事轨道交通列车通信网络技术及网络安全关键技术研究与应用； E-mail: chencq@csrzic.com
- 基金信息：
- DOI：10.13890/j.issn.1000-128X.2023.01.011
  中图分类号： TP393
- 纸质出版日期：2023-01-10，
  
  收稿日期：2022-04-08，
  
  修回日期：2022-12-08，
- 稿件说明：
扫描看全文
邹智荣, 陈超群, 陈勃, 等.列车通信网络安全现状分析及应对方案研究[J]. 机车电传动, 2023(1): 78-85.

ZOU Zhirong, CHEN Chaoqun, CHEN Bo, et al. Current status analysis and countermeasure exploration for train communication network security[J]. Electric Drive for Locomotives, 2023(1): 78-85.
邹智荣, 陈超群, 陈勃, 等.列车通信网络安全现状分析及应对方案研究[J]. 机车电传动, 2023(1): 78-85. DOI： 10.13890/j.issn.1000-128X.2023.01.011.

ZOU Zhirong, CHEN Chaoqun, CHEN Bo, et al. Current status analysis and countermeasure exploration for train communication network security[J]. Electric Drive for Locomotives, 2023(1): 78-85. DOI： 10.13890/j.issn.1000-128X.2023.01.011.

摘要

随着以太网技术在列车网络控制系统中的深入应用，列车通信网络面临的安全挑战日益增加。文章结合列车网络控制系统的业务特点及网络架构，对列车通信网络中存在的各种网络安全隐患和风险进行了分析，同时参考GB/T 22239《信息安全技术网络安全等级保护基本要求》和IEC 62443《工业过程测量、控制和自动化网络与系统信息安全》系列标准中的安全要求，研究了适合列车网络控制系统的网络安全防护方案，为后续列车通信网络安全体系建设提供指导。

Abstract

With the in-depth application of Ethernet technology in the train networked control system

the train communication network is facing increasing cybersecurity challenges. Based on the analysis on various cybersecurity vulnerabilities and risks in the train communication network

considering the service characteristics and network architecture of the train networked control system

this paper explored a cybersecurity protection solution tailored to the train networked control system

referring to the security requirements specified in the

Information Security Technology-Baseline for Classified Protection of Cybersecurity

(GB/T 22239) and IEC 62443 series of standards for

industrial process measurement/control automatic network and system information security

as a guidance for the subsequent security system construction over the train communication network.

关键词

列车通信网络网络安全安全风险安全防护

Keywords

train communication networkcybersecuritycybersecurity riskcybersecurity protection

references

全国信息安全标准化技术委员会(SAC/TC260). 信息安全技术网络安全等级保护基本要求: GB/T 22239—2019[S]. 北京: 中国标准出版社, 2019.

National Information Security Standardization Technical Committee (SAC/TC260). Information security technology—Baseline for classified protection of cybersecurity: GB/T 22239—2019[S]. Beijing: Standards Press of China, 2019.

全国信息安全标准化技术委员会(SAC/TC260). 信息安全技术网络安全等级保护测评要求: GB/T 28448—2019[S]. 北京: 中国标准出版社, 2019.

National Information Security Standardization Technical Committee (SAC/TC260). Information security technology—Evaluation requirement for classified protection of cybersecurity: GB/T 28448—2019[S]. Beijing: Standards Press of China, 2019.

全国信息安全标准化技术委员会(SAC/TC260). 信息安全技术网络安全等级保护安全设计技术要求: GB/T 25070—2019[S]. 北京: 中国质检出版社, 2019.

National Information Security Standardization Technical Committee (SAC/TC260). Information security technology—Technical requirements of security design for classified protection of cybersecurity: GB/T 25070—2019[S]. Beijing: China Quality Inspection Press, 2019.

中华人民共和国网络安全法[EB/OL]. (2016-11-07)[2022-11-27]. http://www.npc.gov.cn/npc/c30834/201611/270b43e8b35e4f7ea98502b6f0e26f8a.shtmlhttp://www.npc.gov.cn/npc/c30834/201611/270b43e8b35e4f7ea98502b6f0e26f8a.shtml.

Network Security Law of the People's Republic of China[EB/OL]. (2016-11-07)[2022-11-27]. http://www.npc.gov.cn/npc/c30834/201611/270b43e8b35e4f7ea98502b6f0e26f8a.shtmlhttp://www.npc.gov.cn/npc/c30834/201611/270b43e8b35e4f7ea98502b6f0e26f8a.shtml.

中国共产党中央委员会办公厅, 中华人民共和国国务院办公厅. 国家信息化领导小组关于加强信息安全保障工作的意见[EB/OL]. (2003-09-07) [2022-11-21]. https://www.zhuangpeitu.com/article/47756632.htmlhttps://www.zhuangpeitu.com/article/47756632.html.

General Office of the Central Committee of the CPC, General Office of the State Council of the People's Republic of China. Opinions of national informatization leading group on strengthening information security insurance work[EB/OL]. (2003-09-07) [2022-11-21]. https://www.zhuangpeitu.com/article/47756632.htmlhttps://www.zhuangpeitu.com/article/47756632.html.

中国城市轨道交通协会. 智慧城市轨道交通信息技术架构及网络安全规范第1部分: 总体需求: T/CAMET 11001.1—2019[S]. 北京: 中国铁道出版社有限公司, 2019.

China Association of Metros. Smart urban rail transit—Specification for information technical architecture and cybersecurity-Part1: General requirement: T/CAMET 11001.1—2019[S]. Beijing: China Railway Publishing House Co., Ltd., 2019.

IEC/TC9. Electronic railway equipment - Train communication network (TCN) - Part 1: General architecture: IEC 61375-1: 2012[S]. Geneva: International Electrotechnical Commission, 2012.

李蕾. 列车通信网络拓扑结构及采用技术初探[J]. 铁道技术监督, 2009, 37(6): 42-45.

LI Lei. Discussion on the topological structure of train communication network and the technologies adopted[J]. Railway Quality Control, 2009, 37(6): 42-45.

邓箴, 谷萧君. 城市轨道交通网络系统中信息安全的评估方法研究[J]. 价值工程, 2016, 35(10): 229-231.

DENG Zhen, GU Xiaojun. Research on the evaluation method of information security for urban rail transportation network system[J]. Value Engineering, 2016, 35(10): 229-231.

CLC/TC 9X. Railway applications - Cybersecurity: CLC/TS 50701: 2021[S]. Brussels: European Committee for Electrotechnical Standardization, 2021.

王建, 王天屹, 翟亚红, 等. IEC 62443系统安全要求与等级保护基本要求对比研究[J]. 华电技术, 2021, 43(2): 72-76.

WANG Jian, WANG Tianyi, ZHAI Yahong, et al. Comparative study on IEC 62443 and the baseline for classified protection of cybersecurity[J]. Huadian Technology, 2021, 43(2): 72-76.

IEC/TC65. Industrial communication networks - Network and system security - Part 1-1: Terminology, concepts and models: IEC TS 62443-1-1: 2009[S]. Geneva: International Electrotechnical Commission, 2009.

IEC/TC65. Industrial communication networks - Network and system security - Part 3-1: Security technologies for industrial automation and control systems: IEC/TR 62443-3-1: 2009[S]. Geneva: International Electrotechnical Commission, 2009.

IEC/TC65. Security for industrial automation and control systems - Part 4-1: Secure product development lifecycle requirements: IEC 62443-4-1: 2018[S]. Geneva: International Electrotechnical Commission, 2018.

IEC/TC65. Security for industrial automation and control systems - Part 4-2: Technical security requirements for IACS components: IEC 62443-4-2: 2019[S]. Geneva: International Electrotechnical Commission, 2019.

浏览量

下载量

CSCD

CNKI被引量

文章被引用时，请邮件提醒。

提交

工具集

关联资源

面向列车通信网络的轻量化加密方案

基于以太网的列车通信网络安全脆弱性定性分析

基于以太网列车通信网的交换机测试方法

高速列车总线式与交换式网络控制系统重联设计

基于云模型和组合赋权法的列车通信网络性能评估