I kēia makahiki ua hoʻomaka mākou i kahi papahana nui e hoʻokumu i kahi kahua hoʻomaʻamaʻa cyber - he kahua no nā hoʻomaʻamaʻa cyber no nā hui ma nā ʻoihana like ʻole. No ka hana ʻana i kēia, pono ia e hana i nā ʻōnaehana virtual e "like me nā mea kūlohelohe" - no laila e hoʻohālikelike lākou i ke ʻano o loko o kahi waihona, ʻoihana ikehu, a me nā mea ʻē aʻe. . Ma hope aʻe e kamaʻilio mākou e pili ana i ka waihona kālā a me nā ʻoihana ʻē aʻe o ka pae cyber, a i kēia lā e kamaʻilio mākou e pili ana i ka hoʻoponopono ʻana i kēia pilikia e pili ana i ka ʻāpana ʻenehana o kahi ʻoihana ʻoihana.
ʻOiaʻiʻo, ʻaʻole i kū mai ke kumuhana o nā hoʻomaʻamaʻa cyber a me nā kahua hoʻomaʻamaʻa cyber i nehinei. Ma ke Komohana, ua hoʻokumu ʻia kahi pōʻai o nā noi hoʻokūkū, nā ala like ʻole i ka hoʻomaʻamaʻa cyber, a me nā hana maikaʻi loa. ʻO ka "ʻano maikaʻi" o ka lawelawe palekana ʻike e hoʻomaʻamaʻa i kēlā me kēia manawa i kona mākaukau e pale aku i nā hoʻouka kaua ma ka hana. No Rūsia, he kumuhana hou kēia: ʻae, aia kahi lako liʻiliʻi, a ua kū mai i kekahi mau makahiki i hala aku nei, akā ua hoʻomaka ka noi, ʻoi aku hoʻi i nā ʻoihana ʻoihana, i kēia manawa wale nō. Ke manaʻoʻiʻo nei mākou ʻekolu kumu nui o kēia - he mau pilikia hoʻi i ʻike ʻia.
Ke loli wikiwiki nei ka honua
ʻO 10 mau makahiki i hala aku nei, ua hoʻouka nui nā mea hackers i kēlā mau hui i hiki ai iā lākou ke wehe koke i ke kālā. No ka ʻoihana, ʻaʻole kūpono kēia hoʻoweliweli. I kēia manawa ke ʻike nei mākou i ke ʻano o nā ʻoihana o nā hui aupuni, ka ikehu a me nā ʻoihana ʻoihana ke lilo nei i kumuhana o kā lākou makemake. Eia mākou e pili pinepine ana i ka hoʻāʻo ʻana i ka spionage, ʻaihue ʻikepili no nā kumu like ʻole (ka naʻauao hoʻokūkū, blackmail), a me ka loaʻa ʻana o nā wahi o ka ʻoihana no ke kūʻai hou aku i nā hoa hoihoi. ʻAe, ʻo nā mea hoʻopunipuni banal e like me WannaCry ua hopu i kekahi mau mea like a puni ka honua. No laila, pono nā mea ʻike hou i nā loea palekana ʻike e noʻonoʻo i kēia mau pilikia a hana i nā kaʻina hana palekana ʻike hou. ʻO ka mea kūikawā, e hoʻomaikaʻi mau i kāu mau koina a hoʻomaʻamaʻa i nā mākau hana. Pono nā limahana ma nā pae āpau o ka hoʻokele hoʻouna ʻana i nā ʻoihana ʻoihana e ʻike maopopo i nā hana e hana ai i ka wā o ka hoʻouka kaua cyber. Akā no ka hoʻokō ʻana i nā hoʻomaʻamaʻa cyber ma kāu ʻoihana ponoʻī - e kala mai, ʻoi aku ka nui o nā pilikia ma mua o nā pono kūpono.
ʻAʻole maopopo i ka hiki maoli o nā mea hoʻouka kaua e hack i nā ʻōnaehana kaʻina hana a me nā ʻōnaehana IIoT
Loaʻa kēia pilikia ma nā pae āpau o nā hui: ʻaʻole maopopo nā loea āpau i ka mea e hiki mai i kā lākou ʻōnaehana, he aha nā mea hoʻouka kaua e loaʻa iā ia. He aha kā mākou e ʻōlelo ai e pili ana i ke alakaʻi?
Hoʻopiʻi pinepine ka poʻe loea palekana i ka "air gap", i manaʻo ʻia ʻaʻole ia e ʻae i ka mea hoʻouka e hele ma mua o ka ʻoihana pūnaewele, akā hōʻike ka hoʻomaʻamaʻa ʻana ma 90% o nā hui aia kahi pilina ma waena o nā ʻāpana hui a me nā ʻenehana. I ka manawa like, ʻo nā mea pono o ke kūkulu ʻana a me ka hoʻokele ʻana i nā ʻenehana ʻenehana i loaʻa pinepine i nā nāwaliwali, a mākou i ʻike ai i ka wā e nānā ai i nā mea hana. и .
He paʻakikī ke kūkulu ʻana i kahi kumu hoʻoweliweli kūpono
I nā makahiki i hala iho nei, aia kahi hana mau o ka hoʻonui ʻana i ka paʻakikī o ka ʻike a me nā ʻōnaehana automated, a me ka hoʻololi ʻana i nā ʻōnaehana cyber-physical e pili ana i ka hoʻohui ʻana i nā kumuwaiwai computing a me nā lako kino. Ke lilo nei nā ʻōnaehana i mea paʻakikī a hiki ʻole ke wānana i nā hopena āpau o ka hoʻouka ʻana i ka cyber me ka hoʻohana ʻana i nā ʻano analytical. ʻAʻole wale mākou e kamaʻilio e pili ana i ka pōʻino o ka hoʻokele waiwai i ka hui, akā e pili ana i ka loiloi ʻana i nā hopena i hiki ke hoʻomaopopo ʻia no ka ʻenehana a me ka ʻoihana - undersupply o ka uila, no ka laʻana, a i ʻole kekahi ʻano huahana, inā mākou e kamaʻilio e pili ana i ka aila a me ke kinoea. a i ʻole nā petrochemical. A pehea e hoʻonohonoho ai i nā mea nui i kēlā kūlana?
ʻOiaʻiʻo, ʻo kēia mau mea a pau, i ko mākou manaʻo, ua lilo i mea pono no ka puka ʻana o ka manaʻo o nā hoʻomaʻamaʻa cyber a me nā kahua hoʻomaʻamaʻa cyber ma Russia.
Pehea ka hana ʻana o ka ʻāpana ʻenehana o ka laulā cyber
ʻO kahi kahua hoʻāʻo cyber he paʻakikī o nā ʻōnaehana virtual e hoʻopili i nā ʻōnaehana maʻamau o nā ʻoihana i nā ʻoihana like ʻole. Hiki iā ʻoe ke "hoʻomaʻamaʻa i nā pōpoki" - e hoʻomaʻamaʻa i nā mākau hana o nā loea me ka ʻole o ka pilikia e hele ʻole kekahi mea e like me ka hoʻolālā, a ʻo nā hoʻomaʻamaʻa cyber e hōʻino i nā hana o kahi ʻoihana maoli. Ke hoʻomaka nei nā hui cybersecurity nui e hoʻomohala i kēia wahi, a hiki iā ʻoe ke nānā i nā hoʻomaʻamaʻa cyber like ma kahi ʻano pāʻani, no ka laʻana, ma Positive Hack Days.
ʻO ke kiʻikuhi maʻamau no ka ʻoihana nui a i ʻole ka hui ʻo ia kahi hoʻonohonoho maʻamau o nā kikowaena, nā kamepiula hana a me nā ʻenehana pūnaewele like ʻole me kahi pūʻulu maʻamau o nā polokalamu ʻoihana a me nā ʻōnaehana palekana ʻike. ʻO kahi kahua hoʻāʻo cyber ʻoihana like ʻole a pau, me nā kikoʻī koʻikoʻi e hoʻopiʻi nui i ke kumu hoʻohālike.
Pehea mākou i hoʻokokoke aku ai i ka pūnaewele cyber i ka ʻoiaʻiʻo
ʻO ka manaʻo, ke ʻano o ka ʻāpana ʻenehana o ka pūnaewele hoʻāʻo cyber e pili ana i ke ʻano i koho ʻia e hoʻohālike i kahi ʻōnaehana cyber-physical paʻakikī. ʻEkolu mau ala nui e hoʻohālike ai:
Loaʻa i kēlā me kēia o kēia mau ala i kona mau pono a me nā hemahema. Ma nāʻano likeʻole, e pili ana i ka pahuhopu hope a me nā palena i kēia manawa, hiki ke hoʻohanaʻia nāʻano hana hoʻohālikeʻekolu a pau. I mea e hoʻomaʻamaʻa ai i ke koho ʻana o kēia mau ʻano, ua hōʻuluʻulu mākou i kēia algorithm:
Hiki ke hōʻike ʻia nā pōmaikaʻi a me nā pōʻino o nā ʻano hana hoʻohālike like ʻole ma ke ʻano o kahi kiʻi, kahi o ka axis y ka uhi ʻana o nā wahi o ke aʻo ʻana (ʻo ia hoʻi, ka maʻalahi o ka mea hana hoʻohālike i manaʻo ʻia), a ʻo ka x-axis ka pololei. o ka simulation (ke degere o ka pili ana i ka pūnaewele maoli). ʻO kahi kokoke i kahi Gartner square:
No laila, ʻo ke kaulike maikaʻi loa ma waena o ka pololei a me ka maʻalahi o ka hoʻohālikelike ʻana ʻo ia ka mea i kapa ʻia he semi-natural modeling (hardware-in-the-loop, HIL). I loko o kēia ala, ua hoʻohālikelike ʻia ka ʻōnaehana cyber-physical me ka hoʻohana ʻana i nā mea hana maoli, a me ka hoʻohana ʻana i nā hiʻohiʻona makemakika. No ka laʻana, hiki ke hōʻike ʻia kahi substation uila e nā mea microprocessor maoli (nā pahu pale pale relay), nā kikowaena o nā ʻōnaehana mana automated a me nā mea hana lua ʻē aʻe, a me nā kaʻina hana kino e kū nei i loko o ka pūnaewele uila e hoʻohana ʻia me ka hoʻohana kamepiula. ʻAe, ua hoʻoholo mākou i ke ʻano hoʻohālike. Ma hope o kēia, pono e hoʻomohala i ka hoʻolālā o ka pae cyber. I mea e pono maoli ai ka hoʻomaʻamaʻa cyber, pono e hana hou ʻia nā pilina āpau o kahi ʻōnaehana cyber-physical paʻakikī e like me ka hiki ma ka pae hoʻāʻo. No laila, i ko mākou ʻāina, e like me ke ola maoli, ʻo ka ʻāpana ʻenehana o ka pae cyber he nui nā pae pili. E hoʻomanaʻo wau iā ʻoe i kahi ʻenehana ʻoihana ʻenehana maʻamau ka pae haʻahaʻa loa, ʻo ia hoʻi ka mea i kapa ʻia ʻo "mea hana mua" - ʻo ia ka fiber optical, kahi pūnaewele uila, a i ʻole kekahi mea ʻē aʻe, e pili ana i ka ʻoihana. Hoʻololi ia i ka ʻikepili a mālama ʻia e nā mea hoʻokele ʻenehana kūikawā, a ʻo ia hoʻi, e nā ʻōnaehana SCADA.
Hoʻomaka mākou i ka hana ʻana i ka ʻāpana ʻenehana o ka pūnaewele pūnaewele mai ka māhele ikehu, ʻo ia kā mākou mea nui (ʻo ka ʻaila a me ke kinoea a me nā ʻoihana kemika i kā mākou hoʻolālā).
ʻIke ʻia ʻaʻole hiki ke hoʻokō ʻia ke kiʻekiʻe o nā mea hana mua ma o ka hoʻohālike piha ʻana me ka hoʻohana ʻana i nā mea maoli. No laila, i ka pae mua, ua hoʻomohala mākou i kahi hiʻohiʻona makemakika o ka hale mana a me ka ʻāpana pili o ka ʻōnaehana mana. Aia kēia kŘkohu i nā lako mana āpau o nā substation - nā laina mana, nā mea ho'ololi, a me nā mea'ē a'e, a ua ho'okō 'ia i loko o kahi pū'olo lako polokalamu RSCAD kūikawā. Hiki ke hana 'ia ke kŘkohu i hana 'ia ma keia 'ano e ka pa'akikī o ka helu 'ike maoli - 'o kona hi'ohi'ona nui 'o ia ka 'ano like 'ole o ka manawa ka'ina hana i loko o ka 'ōnaehana maoli a me ka manawa ka'ina hana i loko o ke kŘkohu. ʻelua kekona, e hoʻohālikelike ʻia ia no ka manawa like ma RSCAD). Loaʻa iā mākou kahi ʻāpana "ola" o ka ʻōnaehana mana uila, e hana ana e like me nā kānāwai āpau o ka physics a me ka pane ʻana i nā hopena o waho (e like me ka hoʻāla ʻana o ka pale relay a me nā terminal automation, tripping of switch, etc.). Ua hoʻokō ʻia ka launa pū ʻana me nā ʻaoʻao o waho me ka hoʻohana ʻana i nā pilina kamaʻilio kūikawā kūikawā, e ʻae ana i ke ʻano makemakika e launa pū me ke kiʻekiʻe o nā mea hoʻokele a me ka pae o nā ʻōnaehana automated.
Akā, hiki ke hana ʻia nā pae o nā mea hoʻokele a me nā ʻōnaehana hoʻokele automated o kahi hale mana me ka hoʻohana ʻana i nā mea ʻenehana maoli (ʻoiai, inā pono, hiki iā mākou ke hoʻohana i nā hiʻohiʻona virtual). Ma kēia mau pae ʻelua, aia nā mea hoʻokele a me nā lako automation (pale relay, PMU, USPD, mika) a me nā ʻōnaehana hoʻokele automated (SCADA, OIK, AIISKUE). Hiki i ka hoʻohālikelike piha piha ke hoʻonui nui i ka ʻoiaʻiʻo o ke kumu hoʻohālike a, no laila, hoʻomaʻamaʻa ka cyber iā lākou iho, no ka mea, e hui pū nā hui me nā lako ʻoihana maoli, nona nā ʻano ponoʻī, nā pōpoki a me nā nāwaliwali.
Ma ke kolu o ka pae, ua hoʻokō mākou i ka launa pū ʻana o nā ʻāpana makemakika a me nā ʻāpana kino o ke kŘkohu me ka hoʻohana ʻana i nā lakohana kūikawā a me nā polokalamu polokalamu a me nā mea hoʻonui hōʻailona.
ʻO ka hopena, ʻike ʻia ka ʻōnaehana penei:
Hoʻopili nā lako kahua hoʻāʻo a pau me kekahi i ke ʻano like me ka ʻōnaehana cyber-kino maoli. ʻOi aku ka kikoʻī, i ke kūkulu ʻana i kēia ʻano hoʻohālike, ua hoʻohana mākou i nā mea hana a me nā mea hana kamepiula:
- Ka helu ʻana i nā RTDS paʻakikī no ka hoʻokō ʻana i nā helu i ka "manawa maoli";
- ʻO ke kahua hana automated (AWS) o kahi mea hoʻohana me nā lako polokalamu i hoʻonohonoho ʻia no ka hoʻohālikelike ʻana i ke kaʻina hana ʻenehana a me nā mea hana mua o nā substation uila;
- ʻO nā keʻena me nā lako kamaʻilio, ka pale relay a me nā pahu automation, a me nā mea hoʻokele kaʻina hana maʻalahi;
- Hoʻolālā ʻia nā keʻena Amplifier e hoʻonui i nā hōʻailona analog mai ka papa hoʻololi kikohoʻe-a-analog o ka simulator RTDS. Loaʻa i kēlā me kēia keʻena amplifier kahi ʻokoʻa o nā poloka hoʻonui i hoʻohana ʻia no ka hoʻopuka ʻana i nā hōʻailona hoʻokomo o kēia manawa a me ka uila no nā pahu pale relay e aʻo ʻia nei. Hoʻonui ʻia nā hōʻailona hoʻokomo i ke kiʻekiʻe e pono ai no ka hana maʻamau o nā pahu pale relay.
ʻAʻole kēia wale nō ka hopena hiki, akā, i ko mākou manaʻo, ʻoi aku ka maikaʻi no ka hoʻokō ʻana i nā hoʻomaʻamaʻa cyber, ʻoiai e hōʻike ana i ka hoʻolālā maoli o ka hapa nui o nā substation hou, a i ka manawa like hiki ke hoʻoponopono ʻia i mea e hana hou ai. pololei i kekahi mau hiʻohiʻona o kekahi mea.
I ka hopena
He papahana nui ka laula o ka cyber, a he nui ka hana ma mua. Ma kekahiʻaoʻao, ke aʻo nei mākou i kaʻike o kā mākou mau hoa hana o ke Komohana, ma kekahiʻaoʻao, pono mākou e hana nui ma muli o kā mākouʻike o ka hana kūikawā me nāʻoihanaʻoihana Lūkini, no ka mea,ʻaʻole wale nāʻoihana likeʻole, akā, he mau kiko'ī nā'āina likeʻole. He kumuhana paʻakikī a hoihoi kēia.
Eia nō naʻe, ke manaʻoʻiʻo nei mākou ua hōʻea mākou ma Rūsia i ka mea i kapa ʻia ʻo "level of maturity" i ka wā e maopopo ai ka ʻoihana i ka pono o nā hoʻomaʻamaʻa cyber. ʻO ia ke ʻano e loaʻa koke i ka ʻoihana kāna mau hana maikaʻi loa, a manaʻolana mākou e hoʻoikaika i ko mākou pae palekana.
Authors
ʻO Oleg Arkhangelsky, ka mea hoʻopuka alakaʻi a me ke ʻano o ka papahana ʻoihana Cyber Test Site.
ʻO Dmitry Syutov, ka ʻenekinia nui o ka papahana Industrial Cyber Test Site;
ʻO Andrey Kuznetsov, ke poʻo o ka papahana "Industrial Cyber Test Site", hope poʻo o ka Cyber Security Laboratory of Automated Process Control Systems for Production.
Source: www.habr.com