水下系统高度依靠软件和IT密集型技术来实现其预期性能,并通过网络能力整合实现系统集成优化,在面对日益复杂的网络威胁时,单个系统运行产生的任何漏洞和威胁都可能对与其连接的其他系统构成威胁,显著扩大了其攻击面。结合水下系统面临的严峻安全形势,总结相关领域网络安全国内外研究现状,介绍水下系统的系统组成、网络架构和技术特征,梳理水下系统安全防护的薄弱环节,研究水下系统面临的潜在网络攻击与安全威胁,分析水下系统网络安全防护技术挑战,为水下系统网络安全防护研究提供参考和借鉴。
Underwater systems rely heavily on software and IT-intensive technologies to achieve their expected performance, as well as system integration and optimization through the integration of network capabilities. In the face of increasingly complex cyber threats, any vulnerabilities and threats generated by the operation of a single system can pose a threat to other connected systems, significantly expanding their attack surface. Combined with the severe security situation of underwater systems, this paper summarizes the current status of domestic and international research on cybersecurity in related fields, introduces the system composition, network architecture, and technical characteristics of underwater systems, sorts out the weak links of security protection of underwater systems, explores potential cyber attacks and security threats of underwater systems, and analyzes the challenges of cybersecurity protection technology of underwater systems, so as to provide references and guidance for research on cybersecurity protection of underwater systems.
2024,46(16): 130-135 收稿日期:2023-10-19
DOI:10.3404/j.issn.1672-7649.2024.16.021
分类号:U665.261
基金项目:国家重点研发计划课题资助项目(2022YFB3104601)
作者简介:吴建鲁(1985 – ),男,硕士,高级工程师,研究方向为网络设备及系统
参考文献:
[1] 刘爱明, 王璠. 加强军事信息安全装备建设管理的对策措施[J]. 网络安全技术与应用, 2020(8): 141-142.
LIU Aiming, WANG Fan. Countermeasures to strengthen the construction and management of military information security equipment[J]. Network security technology and application, 2020(8): 141-142.
[2] 裴晓黎. 舰载信息基础设施信息安全研究[J]. 计算机与数字工程, 2014, 42(8): 1436-1439.
PEI XiaoLi. Research on information security of shipborne information infrastructure[J]. Computer and Digital Engineering, 2014, 42(8): 1436-1439.
[3] 信息安全与通信保密杂志社. 美军武器系统面临的网络威胁[EB/OL]. [2021-10-9]. https://www.secrss.com/articles/34964.
[4] GAO. Weapon systems cybersecurity: DOD just beginning to grapple with scale of vulnerabilities [EB/OL]. [2018-10-9]. https://www.gao.gov/products/gao-19–128
[5] GAO. Weapon systems cybersecurity: guidance would help DOD programs better communicate requirements to contractors[EB/OL]. [2021-3-4]. https://www.gao.gov/products/gao-21–179
[6] 网安思考. 从近五年《国防授权法案》看美网络空间作战投入和能力发展[EB/OL]. [2021-2-12]. https://www.secrss.com/articles/29272
[7] Naval Association of Canada. Cyber security and the RCN [EB/OL]. [2020-12-9]. https://www.navalassoc.ca/wp-content/uploads/2020/12/bn34-cyber-1.pdf
[8] 网安思考. 武器系统现代化面临的网络空间安全威胁[EB/OL]. [2020-11-19]. https://www.secrss.com/articles/27216.
[9] LV Yunfei, CHEN Yuanbao, WANG Xuan, et al. A framework of cyber-security protection for warship systems[C]//2015 Sixth International Conference on Intelligent Systems Design and Engineering Applications (ISDEA), Guiyang, China, 2015, 17–20, doi:10.1109/ISDEA.2015.14.
[10] 殷虎. 潜艇信息系统信息安全与纵深防护策略研究[J]. 指挥控制与仿真, 2016, 38(2): 24-28.
YIN Hu. Research on information security and depth protection strategy of submarine information system[J]. Command and Control and Simulation, 2016, 38(2): 24-28.
[11] 黄双, 陈源宝, 黄金, 等. 舰艇电子信息系统信息安全问题研究[J]. 舰船电子工程, 2017, 37(11): 6-10.
HUANG Shuang, CHEN Yuanbao, HUANG Jin, et al. Research on Information Security of Ship Electronic Information System[J]. Ship Electronic Engineering, 2017, 37(11): 6-10.
[12] 储忠涛. 基于工作流的舰艇系统信息安全脆弱性评估方法研究[D]. 武汉: 华中科技大学, 2017.
[13] 陈召坤. 舰船系统多尺度信息安全脆弱性评估系统设计与实现[D]. 武汉: 华中科技大学, 2019.
[14] 章清亮. 基于指标体系的舰船系统信息安全脆弱性评估研究与软件开发[D]. 武汉: 华中科技大学, 2017.
[15] 储忠涛, 周纯杰, 秦元庆, 等. 基于工作流的舰艇系统脆弱性定量评估方法研究[J]. 信息安全研究, 2017, 3(3): 270-276.
CHU Zhongtao, ZHOU Chunjie, QIN Yuanqing, et al. Research on quantitative vulnerability assessment method of warship system based on workflow[J]. Information security research, 2017, 3(3): 270-276.
[16] 陈才军, 贺卫东. 关于海军信息网络安全体系建设的思考[J]. 网络安全技术与应用, 2020(8): 139-141.
CHEN Caijun, HE Weidong. Thoughts on the construction of naval information network security system[J]. Network security technology and application, 2020(8): 139-141.
[17] 江小平. 舰载通信系统及其关键技术研究[D]. 武汉: 华中科技大学, 2007.
[18] 罗浩, 张剑锋, 宁云晖, 等. 潜艇作战系统数字孪生体应用需求分析[J]. 数字海洋与水下攻防, 2021, 4(3): 233-237.
LUO Hao, ZHANG Jianfeng, NING Yunhui, et al. Demand analysis of digital twin in submarine combat system[J]. Digital Ocean and Underwater Attack and Defense, 2021, 4(3): 233-237.
[19] 吕云飞, 王旋, 张军. 基于DDS技术的舰船平台综合管理系统[J]. 舰船科学技术, 2011, 33(5): 47-52+62.
LV Yunfei, WANG Xuan, ZHANG Jun. Integrated management system of ship platform based on DDS technology[J]. Ship Science and Technology, 2011, 33(5): 47-52+62.
[20] Combined Joint Operations from the Sea. NAVAL OPERATIONS - CYBER SECURITY AFLOAT [EB/OL]. [2020-5]. http://www.cjoscoe.org/infosite/wp-content/uploads/2020/05/Naval-Operations-Cyber-Security-Afloat_20May2020.pdf
[21] 李晨, 周正. 舰基网络空间安全评估体系框架设计[J]. 网络空间安全, 2017, 8(Z4): 73-76.
LI Chen, ZHOU Zheng. Framework design of ship-based cyberspace security assessment system[J]. Cyberspace Security, 2017, 8(Z4): 73-76.
[22] 百度文库. 潜艇类型及航行状态[EB/OL]. [2016-1-1]. https://wenku.baidu.com/view/2e23bbffde3383c4bb4cf7ec4afe04a1b071b0c2.html?_wkts_=1679814171160
