As a national basic industry clo水子sely related to the national econom現城ic lifeline and people's life, the en就暗ergy industry has always been t用但he pioneer of China's information co樂都nstruction, and information equipment h廠東as also become the main production動算 equipment in the energy industry.空音 Information equipment stores the e到船nterprise's core production data, run笑就s the core business system, and carrie還跳s the energy dispatching command. 少刀The operation safety and work safe店時ty of information equipment have bec電藍ome the top priority of safe prod吃和uction in the energy industry.
The energy industry covers a wide白很 range. As an important branch of t低我he whole energy industry, electric pow刀司er plays an important role in nationa湖到l production and life. In order to stan說作dardize and unify the planning, impleme頻時ntation and supervision of China市可's power grid and power plant co相場mputer monitoring system and dispa員拿tching data network security protecti白花on, In order to prevent the at間上tacks on the power grid, power plant c路場omputer monitoring system and 家還dispatching data network and the res村山ulting power system accidents, 看信ensure the safe, stable and economi電志c operation of China's power system,弟煙 and protect the safety of imp件身ortant national infrastructure銀公, the overall security protection sch子工eme of power secondary system came in著錯to being, This puts forward a higher技知 standard for the management and se影購curity protection of power sys草光tem. The regulations on security pro劇票tection of power secondary syste銀了m (Order No. 5) and the overall schem唱習e for security protection of power醫用 secondary system define the specif紙坐ic measures for information se服請curity construction from the le為姐vel of policies and regulations and tec到店hnical scheme. The scheme follows 明城the 16 character policy of "sec制海urity zoning, network dedicated,樂答 horizontal isolation and vertica錢制l certification". With the rapid develo東愛pment of power system informati做在zation, production and business sys體從tems are becoming richer and more comp志舊lex. Large area production con木司trol system, such as electric ene得黃rgy management system, electric開黑 energy measurement system, wide ar和科ea vector measurement system, etc; M金答anagement information area, such a謝媽s power trading system, ERP syst雪可em, production system, financial contro章車l system, power marketing system, 白文etc. Many business systems have cro區藍ss regional data exchange, which puts f間年orward very high requirements for月慢 the management of many informatio窗話n equipment. The comprehensive d聽分evelopment of network security le事影vel protection evaluation and ris綠事k assessment also puts forward 雜用more specific requirements for th來的e security management and oper站器ation and maintenance of informat錯大ion equipment in the power industr慢相y.

Industry demand

In the power industry, the ope煙書ration status of information equipm什制ent needs to be monitored in tim短爸e and inspected regularly to ensure th分件at problems are found in time and rel兒知evant faults are eliminated in tim刀人e. At the same time, any operatio腦亮n of information equipment dir了通ectly affects the safety produ又照ction of the enterprise, so it高光 is necessary to conduct safety monit快學oring throughout the process and keep知習 the original records.
In view of the wide variety and large哥志 number of information equipment in th媽空e power industry, we list the common se下日curity status in the power industry:
1. There are many servers, networks店能, databases and information applica銀東tion systems. Each administrator nee在暗ds to manage multiple devices, and 照路the management interfaces are di北我verse. Single sign on (SSO) ca西醫nnot be realized, and the accoun拿暗t and password are easy to be cracked房物;
2. Third party maintenance personnel她劇, system administrators, netwo年了rk administrators and equipmen空身t supplier personnel cannot control厭水 and audit the operation of equi劇喝pment and system; Unable to assess 舊著whether the third-party service pers業我onnel have operated beyond their au長可thority on the power secondary inf少電ormation equipment, and unable大紅 to monitor the whole operation proce制務ss;
3. The unified management policy ca輛資nnot be set, and the remote ac慢吧cess behavior of managers to s車到ervers and network devices cannot 員花be authenticated, authorized, 木農audited and managed.