JB/T 11961-2014
Industrial communication networks.Network and system security.Terminology, concepts and models (English Version)

Standard No.

JB/T 11961-2014

Language

Chinese, Available in English version

Release Date

2014

Published By

Professional Standard - Machinery

Latest

JB/T 11961-2014

Scope

Overview This standard is a technical specification that defines terms, concepts and models for information security in Industrial Automation and Control Systems (IACS) and is the basis for other standards in the series of standards. In order to comprehensively and clearly express the systems and components of this standard, the scope of coverage can be defined and understood from several aspects, including the following: 　——Scope of included functionality; 　——Specific systems and interfaces; 　——Selection of included activities Criteria for selecting included assets; 　——Criteria for selecting included assets. The following sections are an introduction to these. Contained functionality The scope of this standard can be described as the scope of functionality within an organization's information and automation systems. The functionality may typically be described in terms of one or more models. This standard mainly focuses on industrial automation and control, which is described in the reference model (see Chapter 6). Although the exchange of data integrity between business and industrial systems is considered, business continuity and logistics systems are not within the scope of this technical specification. Industrial automation and control includes the supervisory control components typically found in process automation, as well as SCADA (Supervisory Control and Data Acquisition) systems, which are often used by organizations to operate critical enterprise infrastructure. Enterprise critical infrastructure includes but is not limited to: 　——Power transmission and distribution; 　——Gas supply and water supply pipeline network; 　——Oil and gas production operations; 　——Gas and liquid transmission pipelines. SCADA systems can also be used in other critical and non-critical infrastructure of the enterprise. Systems and interfaces are included in all IACS, and this standard covers functional safety, information security and reliable operation of systems that may change or affect industrial processes. These include, but are not limited to: a) Industrial control systems and their related communication networks, including distributed control systems (DCS), programmable controllers (PLC), remote terminal units (RTU), intelligent electronic devices, SCADA systems, Networked electronic sensing and control, oil delivery monitoring and metering systems, and monitoring and diagnostic systems [In this standard, industrial control systems include basic process control systems and safety instrumented systems (SIS), regardless of whether they are physically separated or integrated]. b) Systems related to layer 3 or lower in the reference model described in Chapter 6. Such as advanced or multi-variable controls, online optimizers, dedicated equipment monitors, graphical interfaces, process historians, production execution systems, pipeline leak detection systems, work management, outage management, and electrical energy management systems. c) Relevant internal interfaces, human-machine interfaces, network interfaces, software interfaces, machine or equipment interfaces used to provide control, functional safety, production or remote operation functions to realize continuous, batch, discrete and other processes. Activity-based guidelines IEC 62443-2-1 provides guidelines for defining activities related to production operations. There are already similar lists that determine the scope of this technical specification. Systems shall be considered within the scope of this standard if the activities performed are necessary for: a) foreseeable process operation; b) process or personnel safety; c) process reliability or availability; d ) Process efficiency; e) Process operability; f) Product quality; g) Environmental protection; h) Compliance with regulations; i) Product sales or closed transfer. Asset-Based Criteria This standard includes those systems in an asset that meet any of the following criteria, or whose information security is necessary to protect other assets that meet these criteria. a) The asset has economic value in the manufacturing or operating process; b) The asset performs necessary functions to enable the manufacturing or operating process to operate; c) The asset represents intellectual property in the manufacturing or operating process; d) The asset has a significant impact on the manufacturing or operating process; Information security is necessary to operate and maintain; e) The asset is necessary to protect employees, contractors and visitors during manufacturing or operation; f) The asset is necessary to protect the environment; g) The asset must protect the public from Impact of incidents caused during manufacturing or operating processes; h) Assets that comply with legal requirements refer to information security purposes used in manufacturing or operating processes; i) Assets required for disaster recovery; j) Assets required to record information security incidents assets. Systems covered in scope employ a compromise approach that avoids causing public danger, personal health or safety, loss of public confidence, conflict with regulations, loss or failure of assets or confidential information, environmental contamination and/or economic loss, or Affects the entity's or local or national information security.

JB/T 11961-2014 history

• 2014 JB/T 11961-2014 Industrial communication networks.Network and system security.Terminology, concepts and models