Information security integration construction of Cylun Group

 

Status of industry

In recent years, the automotive tire industry in China and globally has been experiencing rapid growth. However, during this development, the security issue of industrial control systems has become a bottleneck restricting the industry's progress. To prevent and reduce safety accidents in the production process of the tire manufacturing industry and to ensure the safety of employees' lives and the property of enterprises, effective safety protection measures for comprehensively controlling the occurrence of accidents during the manufacturing process have been proposed. Typical safety issues:

  • There is a lack of necessary isolation control measures between the management network and the production network, between the production area and the control area of the production network, and among various production areas. Urgent security protection is needed for these.
  • The mainframes such as the engineer station and the operator station may be invaded by malicious software such as viruses, worms and Trojans.
  • It is impossible to achieve real-time detection and recording of malicious attack behaviors and operational errors in industrial networks.

 

Solution

While ensuring the availability of the system, protective measures are taken for industrial control systems, achieving "vertical layering, horizontal zoning. Boundary control, internal monitoring".

  • "Vertical stratification and horizontal zoning" means that the industrial control system is vertically divided into four layers: the field equipment layer, the field control layer, the supervision control layer, and the production management layer. Horizontal zoning refers to the fact that each industrial control system should be isolated from each other on the network and be located in different security zones.
  • "Boundary control, internal monitoring" refers to the control and monitoring of the system boundaries, namely the various operation stations, the connection points of industrial control systems, etc.
  • Wireless networks, etc. need to implement boundary protection and access control measures. For the internal systems of industrial control, network traffic data should be monitored to detect intrusions, abnormal operations, abnormal access relationships, and abnormal traffic issues.
  • Deploy an industrial firewall between the management network core switch and the production network core switch. Implement cold backup for A network and B network, and combine it with the existing traditional firewalls to form a comprehensive boundary security isolation measure, thereby enhancing the security protection at the network boundary.
  • Deploy an industrial firewall between the virtual server and the production server, and set an external read-only control policy for the production server to prevent the production server data from being maliciously tampered with.

 

 

Scheme value

By implementing security measures for its production network and industrial control system, the risk of industrial data loss, leakage, and shutdown caused by viruses and malware within the industrial control network has been effectively reduced, thereby significantly enhancing the production efficiency of the industrial control system.

Implement network boundary division, logical isolation and access control to meet industry policies, regulations and technical requirements

Prevent PLC from being maliciously attacked, which could lead to major production accidents, casualties and social impacts.

Provide a comprehensive three-dimensional defense system that covers both inside and outside, and from top to bottom.

Prevent the office network from being attacked, which could lead to the spread of viruses, resulting in failure of the operation instructions being issued to the industrial control hosts and monitoring delays.