《中国工程科学》 >> 2023年 第25卷 第6期 doi: 10.15302/J-SSCAE-2023.06.005
轨道交通行业网络空间安全现状与未来发展
北京交通大学电子信息工程学院,北京 100044
下一篇 上一篇
摘要
随着网络技术的广泛应用,轨道交通行业关键基础设施面临着更为复杂的网络环境挑战;开展轨道交通行业网络空间安全发展研究,是实施网络强国战略的重要组成部分。本文阐述了轨道交通行业网络空间安全的基本概念与主要特征,从国外战略、国内战略、安全制度与规范等角度总结了轨道交通行业网络空间安全的宏观态势;着重从基础防护、强化防护、协同防护三方面梳理了轨道交通行业网络空间安全防护体系的发展现状,深入剖析了相应安全风险及成因,涉及传统网络威胁、数据攻击威胁的实际案例。研究认为,内外风险因素成为行业专网的双重威胁、传统网络架构制约安全与可靠性;研究建议,加强网络原创基础研究和体系化创新、构建行业网络安全自主可控产业链、深化行业网络安全运维管理、注重行业网络安全人才培养,以此提升轨道交通行业网络空间安全发展水平。
参考文献
[ 1 ]
刘大为. 铁路网络安全面临的严峻形势和主要对策研究 [J]. 铁道通信信号, 2023, 59(1): 1‒5.
Liu D W. Analysis of the challenges and countermeasures in railway cybersecurity protection [J]. Railway Signalling & Communication, 2023, 59(1): 1‒5.
[ 2 ]
崔伟健.基于改进Apriori算法的铁路网络安全风险分析方法研究 [D]. 北京: 中国铁道科学研究院 (硕士学位论文), 2021.
Cui W J. Research on railway network security risk analysis method based on improved Apriori algorithm [D]. Beijing: China Academy of Railway Sciences Corporation Limited (Master´s thesis), 2021.
[ 3 ]
赵小军, 黄天天, 马金鑫. 列控系统信息安全风险分析与防护技术探讨 [J]. 铁路通信信号工程技术, 2022, 19(9): 46‒50.
Zhao X J, Huang T T, Ma J X. Information security risk analysis and protection technology of Chinese train control system [J].Technology Innovation, 2022, 19(9): 46‒50.
[ 4 ] Li L, Xu K, Wang D, et al. A longitudinal measurement study of TCP performance and behavior in 3G/4G networks over high speed rails [J]. IEEE/ACM Transactions on Networking, 2017, 25(4): 2195‒2208.
[ 5 ] Huang X J, Chen Y L, Bian T, et al. Analysis and research on vehicle-ground communication failure of CBTC system [C]. Chongqing: 2019 IEEE 11th International Conference on Communication Software and Networks (ICCSN), 2019.
[ 6 ] Kane K. IBM X-force report: Ransomware doesn´t pay in 2018 as cybercriminals turn to cryptojacking for Profit [EB/OL].(2019-02-26)[2023-08-10]. https://newsroom.ibm.com/2019-02-26-IBM-X-Force-Report-Ransomware-Doesnt-Pay-in-2018-as-Cybercriminals-Turn-to-Cryptojacking-for-Profit.
[ 7 ]
耿幸福, 崔联云.城市轨道交通运营安全(第3版) [M]. 北京: 人民交通出版社, 2022.
Geng X F, Cui L Y. Urban rail transit operation safety (3rd edition) [M]. Beijing: China Communication Press, 2022.
[ 8 ]
王平, 陈嵘, 安博洋. 铁路轨道工程长寿命安全保障战略探讨 [J]. 中国工程科学, 2017, 19(6): 66‒71.
Wang P, Chen R, An B Y. Discussion on long-life security strategies for railway track engineering [J]. Strategic Study of CAE, 2017, 19(6): 66‒71.
[ 9 ]
孙远运. 筑牢网络安全防线, 保障铁路数字化升级转型 [J]. 铁路计算机应用, 2021, 30(11): 3.
Sun Y Y. Building a strong defense line for network security and ensuring the digital upgrading and transformation of railways [J]. Railway Computer Application, 2021, 30(11): 3.
[10]
陈燕申, 陈思凯, 李昂.美国《公共交通安全标准纲要》中城市轨道交通安全标准法规体系结构及其启示 [J]. 城市轨道交通研究, 2019, 22(5): 16‒21.
Chen Y S, Chen S K, Li A. Architecture of urban rail transit safety standards and regulations in the compendium of public safety standards of US and the enlightenment [J]. Urban Mass Transit, 2019, 22(5): 16‒21.
[11]
新华网. 中华人民共和国国民经济和社会发展第十四个五年规划和2035年远景目标纲要 [EB/OL]. (2021-03-13)[2023-04-20].http://www.xinhuanet.com/politics/2021lh/2021-03/13/c_1127205564. htm.
Xinhuanet. The outline of the 14th Five-Year Plan for national economic and social development and the long-range objectives through the year 2035 [EB/OL]. (2021-03-13)[2023-04-20]. http://www.xinhuanet.com/politics/2021lh/2021-03/13/c_1127205564.htm.
[12]
中华人民共和国国家发展和改革委员会. "十四五"现代综合交通运输体系发展规划 [EB/OL]. (2021-03-13)[2023-03-25]. https://www.ndrc.gov.cn/fggz/fzzlgh/gjjzxgh/202203/t20220325_1320208.html.
National Development and Reform Commission of the People´s Republic of China. Development plan for modern comprehensive transportation system during the 14th Five-Year Plan [EB/OL]. (2021-03-13)[2023-03-25]. https://www.ndrc.gov.cn/fggz/fzzlgh/gjjzxgh/202203/t20220325_1320208.html.
[13]
中华人民共和国网络安全法 [J]. 中华人民共和国全国人民代表大会常务委员会公报, 2016 (6): 899‒907.
Cybersecurity law of the People´s Republic of China [J]. Gazette of the Standing Committee of the National People´s Congress of the People´s Republic of China, 2016 (6): 899‒907.
[14]
马力, 陈广勇, 祝国邦. 网络安全等级保护2.0国家标准解读 [J]. 保密科学技术, 2019 (7): 14‒19.
Ma L, Chen G Y, Zhu G B. Interpretation of baseline for classified protection of cybersecurity 2.0 [J]. Secrecy Science and Technology, 2019 (7): 14‒19.
[15]
李继元. 铁路通信网络安全防护研究 [J]. 中国铁路, 2022 (6): 94‒98.
Li J Y. Research on protection of railway communication network security [J]. China Railway, 2022 (6): 94‒98.
[16]
朱广劼. 对依法依规筑牢铁路网络安全屏障的思考与展望 [J]. 铁路计算机应用, 2021, 30(11): 5‒10.
Zhu G J. Thinking and prospect of building solid railway network security barrier in accordance with law and regulations [J]. Railway Computer Application, 2021, 30(11): 5‒10.
[17]
国铁集团关于发布《铁路通信网络安全技术要求第1部分: 总体技术要求》等30项技术标准的通知 [J]. 铁道技术监督, 2022, 50(1): 83‒85.
Notice of China Railway Group on issuing 30 technical standards, including technical requirements for railway communication network security part 1: Overall technical requirements [J]. Railway Quality Control, 2022, 50(1): 83‒85.
[18]
国家市场监督管理总局, 国家标准化管理委员会. 信息安全技术 关键信息基础设施安全保护要求: GB/T 39204—2022 [S].
State Administration for Market Regulation, Standardization Administration. Information security technology—Cybersecurity requirements for critical information infrastructure protection: GB/T 39204—2022 [S].
[19]
王丹识, 韩鹏军, 王荣博, 等. 我国煤炭企业网络安全现状、问题分析研究与建议 [J]. 中国煤炭, 2022, 48(7): 34‒40.
Wang D S, Han P J, Wang R B, et al. Research and suggestions on the current situation and problems of network security in China´s coal enterprises [J]. China Coal, 2022, 48(7): 34‒40.
[20]
陶伟. 城市轨道交通信号系统信息安全问题研究 [J]. 城市轨道交通研究, 2018, 21(z1): 20‒23.
Tao W. Research on the information security for urban rail transit signal system [J]. Urban Mass Transit, 2018, 21(z1): 20‒23.
[21]
牛爱成. 对机务段布置形式的探讨 [R]. 北京: 第十届世界轨道交通发展研究会年会, 2013.
Niu A C. Discussion on the layout form of locomotive depot [R]. Beijing: The 10th Annual Conference of World Railway Development and Research Society, 2013.
[22]
柯向喜.铁路车务段运输安全系统分析方法与应用 [D]. 长沙: 中南大学 (硕士学位论文), 2013.
Ke X X. Transport safety system analysis methods and application in railway train operation depot [D]. Changsha: Central South University (Master´s thesis), 2013.
[23]
赵文芳, 孙美. 高速铁路智慧工务安全生产管理模型研究 [J]. 管理现代化, 2015, 35(1): 103‒105.
Zhao W F, Sun M. Research on the safety production management model of intelligent works in high speed railways [J]. Modernization of Management, 2015, 35(1): 103‒105.
[24]
杨帅. 安全双重预防机制在铁路电务段的应用研究 [D]. 北京: 中国铁道科学研究院 (硕士学位论文), 2023.
Yang S. Research on the application of safety double prevention mechanism in railway telecommunication depot [D]. Beijing: China Academy of Railway Sciences Corporation Limited (Master´s thesis), 2023.
[25]
蒋一凡. 地铁车辆段检修工艺设备管理分析探讨 [J]. 中国设备工程, 2021 (24): 90‒91.
Jiang Y F. Analysis and discussion on the management of maintenance process equipment in subway depot [J]. China Plant Engineering, 2021 (24): 90‒91.
[26]
关键基础设施安全应急响应中心. CNCERT: 城市轨道交通行业网络安全态势分析报告 [EB/OL]. (2020-11-05)[2023-11-15]. https://www.secrss.com/articles/26791.
CISRC. CNCET: Analysis report on network security situation of urban rail transit industry [EB/OL]. (2020-11-05)[2023-11-15].https://www.secrss.com/articles/26791.
[27]
颉新春. 网络化控制系统的异常检测及安全控制 [D]. 上海: 上海大学 (博士学位论文), 2023.
Jie X C. Anomaly detection and security control of networked control systems [D]. Shanghai: Shanghai University (Doctoral dissertation), 2023.
[28]
石魏. 网络数据动态流动刑事规制的现状审视、反思与探索 [J]. 法律适用, 2022 (11): 98‒106.
Shi W. Review, reflection and exploration of the criminal regulation for the dynamic flow of network data [J]. Journal of Law Application, 2022 (11): 98‒106.
[29]
周泽岩, 程鹏, 方付生, 等. 基于机器学习的牵引供电远动系统异常攻击检测技术研究 [J]. 软件工程, 2022, 25(2): 1‒5.
Zhou Z Y, Cheng P, Fang F S, et al. Research on abnormal attack detection technology of traction power supply SCADA system based on machine learning [J]. Software Engineering, 2022, 25(2): 1‒5.
[30]
钟章队, 官科, 陈为, 等. 铁路新一代移动通信的挑战与思考 [J]. 中兴通讯技术, 2021, 27(4): 44‒50.
Zhong Z D, Guan K, Chen W, et al. Challenges and perspective of new generation of railway mobile communications [J]. ZTE Technology Journal, 2021, 27(4): 44‒50.
[31]
罗丹. GSM-R系统在既有高速铁路上的应用 [D]. 广州: 华南理工大学 (硕士学位论文), 2012.
Luo D. The applications of GSM-R system in high-speed railway [D]. Guangzhou: South China University of Technology (Master´s thesis), 2012.
[32]
程学庆, 邓一维, 唐于, 等. 基于GSM-R的列控通信系统安全防控 [J]. 铁道科学与工程学报, 2015, 12(6): 1289‒1295.
Cheng X Q, Deng Y W, Tang Y, et al. Safety analysis of communication system in train control system based on GSM-R [J]. Journal of Railway Science and Engineering, 2015, 12(6): 1289‒1295.
[33] Ai B, Molisch A F, Rupp M, et al. 5G key technologies for smart railways [J]. Proceedings of the IEEE, 2020, 108(6): 856‒893.
[34]
董平, 尹晨洋, 张宇阳, 等. 轨道交通中异构智融车载网络发展综述 [J]. 交通运输工程学报, 2022, 22(2): 41‒58.
Dong P, Yin C Y, Zhang Y Y, et al. Review on development of heterogeneous smart cooperative vehicular networks in rail transit [J]. Journal of Traffic and Transportation Engineering, 2022, 22(2): 41‒58.
[35] Zhang H K, Quan W, Chao H C, et al. Smart identifier network: A collaborative architecture for the future internet [J]. IEEE Network, 2016, 30(3): 46‒51.
[36]
支婷, 刘颖, 周华春, 等. 智慧标识网络服务机理研究进展及安全性分析 [J]. 电子学报, 2021, 49(8): 1653‒1664.
Zhi T, Liu Y, Zhou H C, et al. Research progress and security analysis of the service mechanism in smart identifier network [J]. Acta Electronica Sinica, 2021, 49(8): 1653‒1664.
[37]
江凌云, 穆晏如, 朱洪波. 物联网命名和寻址技术研究 [J]. 物联网学报, 2018, 2(3): 44‒50.
Jiang L Y, Mu Y R, Zhu H B. Research on naming and addressing technology of the Internet of things [J]. Chinese Journal on Internet of Things, 2018, 2(3): 44‒50.
[38]
缪静莹. 面向多维标识体系的标识解析映射系统的设计与实现 [D]. 北京: 北京交通大学 (硕士学位论文), 2022.
Miu J Y. Design and implementation of identifier resolution and mapping system for multi-dimensional identifier architecture [D]. Beijing: Beijing Jiaotong University (Master´s thesis), 2022.
[39]
黄兵, 谭斌, 罗鉴, 等. 面向业务和网络协同的未来IP网络架构演进 [J]. 电信科学, 2021, 37(10): 39‒46.
Huang B, Tan B, Luo J, et al. Future IP network architecture evolution for service and network collaboration [J]. Telecommunications Science, 2021, 37(10): 39‒46.
[40] Wang Z R, Xie X Z, Chen L, et al. Intrusion detection and network information security based on deep learning algorithm in urban rail transit management system [J]. IEEE Transactions on Intelligent Transportation Systems, 2023, 24(2): 2135‒2143.
[41] Mikhailova U, Lukyanov G, Kalugina O. Intelligent and secure wireless network management of a railway transportation [C]. Istanbul: 2020 International Conference on Electrical, Communication, and Computer Engineering (ICECCE), 2020.
[42]
李义岭, 喻彦喆, 姚克民. 城市轨道交通智能化及可持续发展现状分析与展望 [J]. 现代城市轨道交通, 2021 (11): 90‒94.
Li Y L, Yu Y Z, Yao K M. Status analysis and prospect of intelligent and sustainable development of urban rail transit [J]. Modern Urban Transit, 2021 (11): 90‒94.
[43] Sedjelmaci H, Hadji M, Ansari N. Cyber security game for intelligent transportation systems [J]. IEEE Network, 2019, 33(4): 216‒222.
[44] Deng J, Song L Q, Liang L. Comprehensive information security risk assessment model for transportation industry [C]. Bhubaneswar: 2021 Smart City Challenges & Outcomes for Urban Transformation (SCOUT), 2021.
[45] Sarowa S, Bhanot B, Kumar V, et al. Review of smart transportation and challenges: Cyber security perspective [C]. Gharuan: 2023 International Conference on Advancement in Computation & Computer Technologies (InCACCT), 2023.