适用于城市轨道交通CBTC系统的网络安全态势感知系统
刘懂懂1周星宇2朵建华1王向阳1韩涛2朱锁明2
Cybersecurity Situational Awareness System Applicable for Urban Rail Transit CBTC System
LIU Dongdong1ZHOU Xingyu2DUO Jianhua1WANG Xiangyang1HAN Tao2ZHU Suoming2
-
作者信息:1.宁波市轨道交通集团有限公司智慧运营分公司,315101,宁波
2.卡斯柯信号有限公司,200072,上海
-
Affiliation:1.Smart Operation Branch of Ningbo Rail Transit Group Co., Ltd., 315101, Ningbo, China
2.CASCO Signal Ltd., 200072, Shanghai, China
-
关键词:
-
Key words:
-
DOI:10.16037/j.1007-869x.2024.10.058
-
中图分类号/CLCN:U231.7
-
栏目/Col:产学研视窗
摘要:
[目的]城市轨道交通CBTC(基于通信的列车控制)系统面临复杂且多样化的网络安全问题。既有网络安全设备误报率高且与CBTC系统适配度低,对业务数据缺乏深度分析及多系统融合分析,无法主动感知网络安全威胁。为提高CBTC系统网络安全运营水平,有效保障CBTC系统的业务连续性,需构建适用于城市轨道交通CBTC系统的网络安全态势感知系统。[方法]结合相关标准中的通用技术要求,提出了适用于城市轨道交通CBTC系统的网络安全态势感知系统架构,阐述了该系统架构中前端数据源的数据内容及核心组件的具体功能。介绍了面向CBTC系统的日志规范化技术、安全威胁分析技术和态势可视化技术等关键技术。[结果及结论]适用于城市轨道交通CBTC系统的网络安全态势感知系统架构与CBTC系统架构高度适配,系统功能与CBTC系统运行场景高度融合;采用该系统,可实现业务高效联动,降低既有网络安全系统设备的误报率,提高CBTC系统网络安全水平,有效保障CBTC系统的业务连续性。
Abstracts:
[Objective] Urban rail transit CBTC (communication-based train control) systems face complex and diverse cybersecurity challenges. Existing cybersecurity tools feature high false alarm rates and poor adaptation to CBTC systems, lacking in-depth analysis of business data and integration across multiple systems, thus uncapable to proactively detect cybersecurity threats. To enhance the cybersecurity operations of CBTC systems and ensure the continuity of CBTC system business operations, it is necessary to develop a cybersecurity situational awareness system applicable for urban rail transit CBTC systems. [Method] Based on general technical requirements outlined in relevant standards, a cybersecurity situational awareness system architecture tailored to urban rail transit CBTC systems is proposed. The data content from front-end data sources and the specific functions of core components in the system architecture is expounded. Key technologies, including log normalization techniques, security threat analysis methods, and situational visualization techniques for CBTC systems are introduced. [Result & Conclusion] The cybersecurity situational awareness system architecture applicable for urban rail transit CBTC system is highly compatible with CBTC system architecture, and its functions are deeply integrated with CBTC operational scenarios. The implementation of this system enables efficient business coordination, reduces the false alarm rates of existing cybersecurity equipment, enhances the cybersecurity levels of CBTC systems, effectively ensuring the continuity of CBTC system business operations.
- 上一篇: 高铁物流运输模式及其可行性
- 下一篇: 规划引领,立足实际,助力城市轨道交通高质量发展
过刊浏览
资料下载
友情链接