What are the security loopholes in industrial control system?

However, with the rapid development of information technology in recent years, industrial control systems have become more and more open, and more common operating systems, communication protocols and standards have been adopted, and the integration with information systems has become closer and closer. The problem of information security has become particularly prominent, and the "Shenzhen" virus incident has sounded the alarm for us. As early as 20 10, we submitted an Information Security Report of Industrial Control System and related management suggestions to the Information Security Coordination Department of the Ministry of Industry and Information Technology. Industrial control system has been widely used in all major industries and fields of China's national economy and has become an important part of the country's key infrastructure. However, most of them use foreign products, and once problems occur, the losses are often disastrous, so the safety of industrial control system is related to national economic security and strategic security.

There are many kinds of industrial control systems, which can be roughly divided into equipment level, field level and system level according to different application environments. Equipment-level and field-level systems mostly adopt embedded structure and use special real-time operating system and real-time database. Because of its limited computing resources, in order to ensure real-time and availability, the system design often cannot consider the requirements of information security too much, and there may be security loopholes from key chips to file systems, process scheduling, memory allocation and so on. As equipment and field-level systems become more and more intelligent and networked, they become key targets. Similar to the invasion and attack of "Shenzhen" virus on PLC, it is very purposeful and professional. Once the security loopholes of the system are mastered, the consequences and losses are often huge. At the system level, for the sake of human-computer interaction and interconnection with other production management systems and information systems, more and more general operating systems are adopted. For example, the operator station generally adopts WINDOWS platform. However, for the stable operation of the system, field engineers usually do not install any patches on the system platform after the system is put into operation, thus exposing the security loopholes of the general operating system.

On the network side, with the wider application of general protocols such as TCP/IP protocol and OPC protocol in industrial control networks, the problem of communication protocol vulnerabilities has become increasingly prominent. For example, OPC communication uses unfixed port numbers, which makes IT almost impossible to use traditional IT firewalls to ensure its security.

For application software, on the one hand, with more and more functional requirements, the scale and complexity of industrial software are getting higher and higher, and interrupts and priorities are widely used to meet the real-time requirements of the system, which brings the uncertainty of software process and increases the difficulty of software testing. On the other hand, due to the lack of unified security protection standards, industrial software generally has security design defects, and the loopholes generated by application software are most easily exploited by attackers to gain control of the controlled equipment, thus causing serious consequences.