[Retracted] Industrial Information Security Detection and Protection: Monitoring and Warning Platform Architecture Design and Cryptographic Antitheft Technology System Upgrade

Wang, Lijun; Guo, Xian; Zhang, Xiaofan; Gang, Zhanhui

doi:https://doi.org/10.1155/2022/1263330

Journal of Sensors

On this page

Abstract Introduction Materials Results and Discussion Conclusion Data Availability Conflicts of Interest References Copyright Related Articles

Research Article Retraction

!

This article has been Retracted. To view the article details, please click the ‘Retraction’ tab above.

Special Issue

Advanced Machine Learning Algorithms for Multi-Sensor Data Processing

View this Special Issue

Research Article | Open Access

Volume 2022 | Article ID 1263330 | https://doi.org/10.1155/2022/1263330

[Retracted] Industrial Information Security Detection and Protection: Monitoring and Warning Platform Architecture Design and Cryptographic Antitheft Technology System Upgrade

Lijun Wang,¹Xian Guo,¹Xiaofan Zhang,¹and Zhanhui Gang¹

Academic Editor: Yaxiang Fan

Received25 Jul 2022

Accepted13 Aug 2022

Published25 Aug 2022

Abstract

Industrial information security is an important part of the national security strategy that affects the economy and people’s lives. With the rapid development of automation and information technology, common protocols and common hardware and software based on information technology are increasingly used in industrial information control system products and are widely used in industries such as energy, metallurgy, water resource management, chemical, and production. Attacks on critical industrial information can not only cause accidents, losses, and local production pollution but also disrupt the balance of supply and demand of raw materials in the area covered by the system. Therefore, it is of great theoretical and practical importance to study industrial information security as an important measure to ensure the stable operation of the system. In this paper, we analyze the main industrial structure characteristics, external environment, and security requirements and propose a monitoring and warning platform architecture with cryptographic antitheft technology system based on hierarchical modeling and closed-loop control. It can prevent the spread of the attack and reduce its negative impact.

1. Introduction

With the rapid development of automation and information technology, common protocols and common hardware and software based on information technology are increasingly used in industrial information control system products and are widely used in industries such as energy, metallurgy, water resource management, chemical, and production. Meanwhile, in order to meet the data sharing needs of existing industrial management networks and improve production and operation efficiency, industrial management systems of remote physical facilities can be widely connected to the Internet or other public networks. With the development of information technology, threats such as viruses and Trojan horses are also spreading in the environment of industrial control [1]. The information security of industrial information control systems is getting more and more attention in the face of severe threats in the field of information technology applications due to the product characteristics and the network connection of industrial information control systems. Industrial information control systems are widely used in industries such as energy, water supply, energy, and transportation. These areas are important cornerstones for the development of our information infrastructure, and their security and social development are inseparable from the security of the general public. In recent years, industrial information control systems have been subject to frequent and serious security incidents. The security of industrial information control systems is a worldwide concern, and Chinese industrial enterprises are facing these serious security challenges. In China, many companies engaged in industrial controls have also experienced information security incidents such as virus infections and malicious attacks targeting transportation networks, chemical, power, oil, and other industries that are relatively dangerous and vulnerable to social unrest. These attacks can have a serious impact on production, weaken industrial information control systems, and cause incalculable economic losses or endanger people’s lives, causing various production accidents and affecting the overall stability of society. The information security risks in China’s industrial information control system have the following characteristics: first, the current industrial information control system in general lacks good security functions. China faces limitations in industrial control and information security for several reasons: the equipment and hardware widely used by industrial companies are mainly imported from developed countries such as Japan and Germany, and their security itself is unknown. Due to the borrowing of foreign products, its security is somewhat difficult; China’s industrial companies in general have information security problems, security technology lags behind, and the gap between security management and foreign countries is large. Industrial control system even has some general shortcomings, and repair requires a lot of human and material resources. Second, there are more and more attacks on industrial control networks [2]. Stuxnet is a very representative term in industrial history. It was the first virus that deliberately attacked industrial information networks. The impact of super viruses has brought real attention to the security of industrial information control systems. In recent years, with the rapid development of the Internet, cyberattacks on industrial information control systems have become more and more frequent, and the means to do so have become more and more frequent. These viruses can easily affect the entire industrial information control system, from production damage to serious security incidents to social instability. Third, industrial information control systems are often threatened by internal and external diversification. Today, it is typical for industrial information management systems to be hacked, and hacking attacks have the following characteristics: social influence, purpose, clarity, and destructive power. Most threats are caused by external natural factors such as cyber warfare between countries, attacks, hackers and other criminals, network attacks, and system disruptions. The problem of information security of industrial information control systems can hardly be solved by modernization. The main purpose of security protection of industrial information control systems is to ensure the stability and productivity of industrial production. On this basis, we must rely on core networks, industrial control networks, etc., and take some security measures. In addition, there are differences between traditional information systems and new industrial information control systems in terms of resource limits, operating systems, etc. In short, in terms of industrial security and security control, we must combine our own characteristics and the unique security requirements of different industries. We will gradually explore industrial information control systems with different security measures and solutions and gradually improve the comprehensive strength of information security of our industrial enterprises [3].

As industry plays a pivotal role in China’s national economy and people’s livelihood and China’s industrial information security has unavoidable risk factors and faces great risk challenges, so in order to prevent industrial information leakage and risk events such as hacker attacks, this paper designs a monitoring and warning platform with password antitheft technology, hoping to prevent criminals to a certain extent in the industrial information control system This paper designs a monitoring and warning platform and password theft prevention technology, hoping to prevent criminals from invading industrial enterprises after causing damage to industrial information control systems to a certain extent, so as to develop scientific and effective security policies.

2. Research Background

According to the industrial information system security reports in recent years, the number of industrial information leakage is increasing year by year. Security incidents of industrial control information systems are becoming more and more serious and frequent in areas such as power supply, basic production, and public transportation. Through the analysis of industrial information security incidents in recent years, it is concluded that industrial information control system attacks have new features with previous industrial control network attacks [4]. They directly damage hardware resources, use computer Internet viruses or industrial information management systems against viruses to connect and disconnect devices. In addition, due to the technology associated with the Internet in recent years through the Internet into the work monitoring network, Trojan horse virus has become a new means of attack. The economic losses caused by industrial information security incidents are increasingly serious, and their additional negative impact is incalculable. The most representative industrial information security breaches in recent years include the attack on the industrial control components of the Bushehr power plant and the major damage to the national nuclear power plant [5]. In 2011, hackers penetrated the operation management system of the Shinkansen. In 2015, Baku Energy Company received constant high-level threats due to the ongoing attacks on the power supply in several regions of Ukraine, which led to total blackouts; on October 21, 2016, hacker groups used the Internet and hacked webcams that provided domain analysis services to a number of U.S. companies. This information attack included tens of millions of IP addresses, and over 1 million devices connected to the network were compromised. Asif et al. propose a data collection method for assessing the state of network security using MEDA. First, the system is used to collect a large amount of network attack data, then the alarm information is classified, correlations between the data are analyzed, and system state mapping is completed. This method can summarize the current intrusion information of the defense system and draw the corresponding state diagram, but the process data only comes from the network intrusion information, and the data sources are relatively independent. It is difficult to make a complete and accurate description of the overall security situation of the network because many other elements are missing [6]. Yongho and Boyoung proposed a network security status assessment method based on a data storage security incident database system. The method not only captures system alarm logs but also analyzes other security data to ensure that all data are securely connected. Alarm log correlation analysis allows independent detection of new security events. However, the security coefficients considered in the method are not comprehensive, and there is no specific quantitative analysis, so accurate results cannot be obtained [7]. Kota et al. proposed an integrated state analysis combining modeling; aggregation and game theory improves the prediction efficiency but is very demanding on the network attack and defense model. There are too many factors to be considered to design more complex models. To address these problems, Yuan and Iftekhar improved the adaptability of this approach and developed attack models and analyzed possible variations using a Bayesian network approach, but this approach still requires preparation to obtain the appropriate parameters, and the labeled data must be retrieved for ranking [8]. In China, Chen et al. proposed a quantitative cybersecurity assessment model based on data from multiple sources. Considering the impact of host and network on network security, the network security index is divided into host security index and channel security index. The test data such as records and alerts in summary logs are summarized using the improved D-S evidence theory to obtain a simplified set of host security events and related security events. Based on the information of related services, the node security status and connection security are calculated, and the network security status is quantitatively evaluated. A network security evaluation model based on traffic estimation is proposed. The integration of services, hosts, and information systems is of importance in a network based on signals and information flow from intrusion prevention systems, bottom-up, and local-to-whole network system security model. The degree of damage of different types of network threats is determined based on the degree of degradation of connectivity performance to secure information systems. Niraj et al. introduced a state estimation model based on empty network information and real network parameters. The model first collects system hacker information into the network, analyzes host room information, and then connects it to the threat index of nodes. Feedback is given to change the threat index based on the actual index parameter information collected by the system. Finally, network device parameter information, host protocol and system characteristics, calculated system security state information, and security state analysis results are used. The prediction of the future state of the system is given. The model is effective in the estimation and prediction of network errors, but the range of selected indicators is not wide enough; there is a lack of clear connection between them, the algorithm is not widely applied, and the prediction accuracy needs to be improved [9]. A comparison of the current status of domestic and foreign research shows that foreign researchers tend to develop specific system models for specific scenarios, which are then used to evaluate or predict the target scenario. This approach works well for a given target situation, but each model has high specificity for a given situation and does not have sufficiently broad coverage and reliability. In contrast to dynamic prediction, sufficient domestic research has been conducted to propose various state estimation methods, which have some practical value in some aspects. However, in general, the selection of dynamic indicators and the combination of weighted data in the process of condition evaluation are highly subjective and random. However, there are no formally agreed evaluation criteria for the results of condition evaluation, which makes it difficult to quantify specific methods and is not conducive to comparative analysis of different scenarios. In contrast to condition evaluation, the unexpectedness and uncertainty of network operation complicate the situation. Most of the current research is theoretical, and in practical applications, many optimized machine learning algorithms are commonly used to build prediction models for network security situations, but most of them have accuracy problems and require some measures to optimize the prediction accuracy [10].

In summary, for the seriousness of industrial information leakage, domestic experts have made very adequate examination and prediction and designed relevant system prediction models to circumvent the situation of network and other hacker invasion of industrial information management system; this article is based on this theory to develop the design of detection architecture and antitheft system upgrade design.

3. Research Methods and Materials

3.1. Analysis of System Design Elements

3.1.1. The Security Needs of Industrial Information Systems

Due to the continuity of industrial production, industrial information control systems have very strict requirements for standardization and rapid response from operators. In case of emergency, specific measures must be taken, and replacement plans must be made quickly to ensure the continuity of production. Industrial information control systems have tightly controlled access to the system, and unauthorized persons are not free to access the system and usually have only limited access to the system. Industrial information control systems should regularly test the existing security facilities to ensure that they are functioning properly at all times and in all environments to cope with the needs of industrial production. Information security process control requirements are relatively lenient, and IT security systems are relatively developed, although many improvements are needed, such as intrusion prevention systems, logging, and security checks [11].

3.1.2. Security Threats to Industrial Information Systems

Security threats to industrial information control systems generally come from software systems, such as industrial information control software and special industrial control protocols. In the early stages of development, most of these systems and protocols are in closed environments where information security considerations are often inadequate. For example, the problem of poor industrial technology design of platform architecture. These components are usually more vulnerable and relatively susceptible to external attacks, such as the Modbus TCP protocol, which was not considered for security in the early stages of development. In industrial information control systems, communication includes both periodic and acyclic communication modes, but the amount of information transmitted during communication is small and the demand for network flows is not high. The entire management and control process of the system is usually determined at the first configuration [12].

3.1.3. Objectives of the System Design

From the point of view of the three information security elements—confidentiality, integrity, and potential—the main objective of the industrial information control system is to ensure the smooth operation and production of industry. Therefore, the main objective of the industrial information control system is capability. The main task is to ensure the availability of information from industrial facilities and the proper functioning of the system. Secondly, since industrial production requires production processes and control accuracy, information integrity is critical to industrial information control systems. Because there are relatively few requirements for information integrity and accessibility, confidentiality, integrity, and availability of the three elements of information security in information systems are critical [13], as shown in Figure 1.

3.1.4. Implementation of Protection Functions

Protection functions can be divided into two levels, from low to high, i.e., other matters in terms of data protection industrial information control system to ensure the security of data during the operation of the power plant, including the state and operating process parameters; the system pays more attention to the security of data storage [14]. The process of storing data on the server requires more, and data protection measures are more stringent. Although industrial information control systems place higher demands on the timeliness, security, and reliability of communications, they tend to be oriented toward routine communications in networks, i.e., in networks. Network security systems are mainly concerned with technical security and product security. To ensure the security of the system, industrial control focuses more on the security of access to devices, especially the communication between devices and unauthorized access to devices, while industrial information control systems are more concerned about the vulnerability of computers and other operating systems and unauthorized access to resources, as shown in Figure 2.

3.2. Forms of Information Security Intrusion

(1)Although industrial firewalls are usually located between corporate office networks and industrial information management systems, violators can penetrate through firewalls by means of bouncing, mediation, spoofing, and eventually accessing industrial information management systems [15](2)Wireless transmission technology is usually widely used to access industrial information control systems in wireless communication networks, with the central control node acting as a repeater to provide remote communication between multiple device nodes. The openness of wireless network access also contributes to the increase in intrusion and information theft [16](3)Some industrial control equipment manufacturers require remote connections to install, maintain, and update equipment. They can access industrial information control systems through remote PCs using modem dial-up networks, and intruders can use weak passwords and other vulnerabilities to gain access to industrial information control systems. It is also possible to access the industrial information control system indirectly by hacking into the remote host [17](4)“Reliable” connection to the user to create a “trusted channel” to access remote service support provided by the control system vendor or third party. The trusted channel may not follow the appropriate security policy or the third party may lack the necessary security policy, leading to external intrusion [18](5)Remote end-unit access means are used in public places, usually unattended, and can be easily detected and exploited by intruders as a direct path to the site of damage [19](6)Other public communication facility system connection as part of the industrial control communication system. In addition, due to the high cost of network construction, higher systems are required; these facilities rely heavily on public communication facilities. Intruders can infiltrate the main terminal or remote terminal through some communication relays [20], as shown in Figure 3

3.3. Information Protection

(1)Firewall technology protects the internal network of the computer network from illegal access to the external network. It restricts access between internal and external networks by setting a set of security policies in the security settings options. Industrial information management systems often use powerful dedicated firewalls. Compared with firewalls commonly used in traditional IT networks, dedicated firewalls are more reliable and stable, can support a wide range of industrial protocols and in-depth data analysis, and can also perform many functions comparable to those of industrial information control systems, such as deep process-specific security and safety, custom settings, process control, auditing, and the ability to filter and block messages(2)Intrusion detection methods are used to determine whether a system is subject to attack by collecting critical information about the system and a method that uses a predefined security policy. In the field of industrial control, antitheft systems are more complex, and their configuration often requires close integration with actual industrial production. For example, in industrial production, when an emergency occurs, all devices must be shut down immediately by defining an intrusion detection policy. After the system detects the intrusion in question and finds that it has caused damage to the system equipment, it can lock out certain equipment or complete the production process according to a predetermined processing sequence. Of course, theft prevention methods do not usually respond directly to theft, but the cooperation of field personnel is required to complete the process. In most cases, a burglary prevention system will detect a burglary in a room, sound an alarm, and respond to field personnel(3)Intrusion detection methods of active defense technology can detect systematic intrusions and cooperate with personnel to respond but do not have the ability to actively defend against intrusions by themselves. The tactics for defending against intrusions are usually predetermined and then recorded in the system. Such defense tactics can remain in place for a long period of time, making the means of network detection more easily detectable. These shortcomings can be overcome by active defense techniques. Active defense technology not only detects burglaries but also takes appropriate protective measures depending on the burglary. Active defense equipment has a self-learning function. It can reconsider its defense strategy based on previously discovered intrusion intelligence in order to more accurately associate it with similar intrusions. In addition, an active defense system has specific predictive capabilities that enable it to analyze its own vulnerabilities and threats, predict possible attacks, and prevent them by taking comprehensive countermeasures against discovered attacks. Industrial control systems can use preemptive protection techniques such as “whitelisting,” establishing reliable security networks and conducting regular security assessments. (4) Security verification method is a professional method to verify the most important information in the network using certain evaluation rules. In industrial management systems, it is often necessary to examine operational information, management log information, system file information and error log information, production log information, security policy information, and system operation information and to perform a series of information security checks. By evaluating and analyzing the above information, you can identify potential system vulnerabilities and security risks and then take targeted improvement or corrective measures. In technical control systems, depending on the requirements of real-time control systems, security inspection methods are typically used for real-time control; the collection of alarm information and equipment performance data in real-time data acquisition systems, processing and analyzing the data and identifying security risks in the control system. Employees are alerted and then use this information to perform the following operations

4. Results and Discussion

4.1. Monitoring and Warning Platform Architecture Design and Password Antitheft Technology System Design

Based on the above theory, the framework of monitoring and alerting platform architecture design and password antitheft technology system design is proposed, and the whole process includes four stages: system testing, attack risk testing, system risk assessment, and strategic decision making, as shown in Figure 4. (1)Detecting abnormalities and attacks during system operation: placing detectors and monitors in the information and physical layers to collect information on equipment operation and system performance to determine whether there are intrusions or abnormalities in physical equipment and uploading relevant information to the risk assessment module for detecting abnormalities in the physical process, using the equipment operation parameters collected in the physical space to determine the equipment based on the characteristics of the equipment itself and its properties. Perform anomaly assessment and determine the equipment failure or fault type and its location. Intrusion detection: combining the collected asset state data with the information on the abnormal state of the physical process, analyze whether the information equipment is under information attack, and determine the type and location of the attack(2)Assessment of attack danger with location information: predict the possibility of different attack parameters based on physical device abnormality information and test engine data, calculate the loss of different attack modes, and quantify the potential impact of information attacks on the site. Analysis of the attack information propagation process: build a model to describe the relationship between information attacks, device access rights and attack environment real-time attack data use, location information, structural information gap data and equipment communication model for prediction, and the type and likelihood of attacks. Site prediction: determine the process and accident model of the module physical cut model, describe the outline of the abnormal exposure of equipment, and calculate the value of accidental damage in various attack scenarios based on physical equipment and environmental anomaly information. Information attack risk calculation: combine the damage values in different attack scenarios and calculate the corresponding information attack risk values based on determining the risk and probability of various confirmed attack scenarios(3)System risk assessment: collecting site state information, modeling and describing physical network attributes, and deriving anomalies in the physical network distribution process. Based on the social attributes of the basic industrial infrastructure, the negative impact of the facility anomaly distribution process is quantitatively evaluated. Cascade effect analysis: a model describing the physical network topology properties and their dependencies was developed. The throughput of anomalous nodes is maintained, and the loops of the entire physical network are derived. Risk assessment: quantifying anomalous logistic losses considering the revenues of major industrial infrastructure owners, consumer demand for services, and market conditions(4)Security strategy decision: coordinate security strategy decisions with system strategic planning based on information triggered by information attacks, the location and risk of damage to the system, combined with the system’s own protective measures, and use cost-benefit assessment models as the basis for the most effective security strategy decisions. Develop potential site security strategies: multiple potential site security strategies have been developed to address information attacks during internal site communications, keeping the risk of information attacks below the “security threshold.” Develop potential system scheduling strategies: global scheduling strategies are developed to prevent anomalous proliferation in the physical network and to ensure that the damage from system attacks is below certain “security” thresholds by accessing various potential system scheduling strategies. Develop optimal security strategies: analyze the coordination process between decision-makers and field systems, taking into account the operation of major industrial infrastructures, a combination of potential field security strategies, and a set of potential system planning strategies to maintain optimal security management strategies

4.2. Formulas and Algorithms

The monitoring and warning platform architecture design process is divided into three levels: the information attack level, the information flow level, and the management policy level. In order to describe the causal relationship between these three levels, Bayesian networks are established in conjunction with the definition of Bayesian networks. These processes include the following: (1)Attack level information: the attacker scans the hardware vulnerability information and uses these vulnerabilities to access the device. Depending on the device access, the attacker uses the vulnerabilities of the target device to launch subsequent attacks. Create a description of the attack distance, as follows:where describes the conditional relationship between information attacks and denotes the conditional probability of any information attack (2)Current layer: the single subproject control module is designed as a fixed information flow structure that connects all subproject sensors into a single observation function. All management mechanisms consist of decision-making functions, and all execution mechanisms consist of execution functions. As a result, anomalous devices usually lead to failures and affect convection performance. For example, a Bayesian network describes the relationship between information attack attributes and streams as follows:

Specifically, we use information flows that contain multiple elements, change the content of information, prevent information transmission, etc. (3)Control strategy layer is shown as follows:

According to the above analysis, the attacker uses the information layer device as an attack object to undermine the website management policy. In this regard, the information propagation process model of information layer attack is introduced, including the attack level information, current layer, and control policy layer. The Bayesian network is shown as follows:

4.3. System Suitability Test

According to the construction of the above system algorithm system, the monitoring and warning platform architecture design and password antitheft technology system upgrade were carried out with the following comparative analysis: (1)System optimization before and after the stability analysis: Simulation experiments are conducted on the system to analyze the stability of the system, assuming that the stability of the system is scored out of 100, the horizontal axis indicates the number of simulated intrusions, and the vertical axis indicates the stability score. When the number of intrusions is 15, the stability score of the system is 75.9; after system optimization, when the number of intrusions is 5, the stability score of the system is 98.95, when the number of intrusions is 10, the stability score of the system is 98, when the number of intrusions is 15, the stability score of the system is 97.38, when the number of intrusions is 20, the stability score of the system is 96. This shows that the stability of the system has been significantly improved after optimization. Therefore, in the field of industrial information protection, this system can play the ability of identifying risks very stably, as shown in Figure 5(2)System detection security analysis: for the system simulation experiment, use network hacking and other means to analyze the stability of the system, assuming the system security out of 100 points, the horizontal axis indicates the number of intrusions, and the vertical axis indicates the security score, from the data provided: before the system optimization, when the number of intrusions is 5 times, the security score of the system is 88.5 points; when the number of intrusions is 10 times, the stability score of the system is 85 points. When the number of intrusions is 15, the stability score of the system is 83.65; when the number of intrusions is 20, the stability score of the system is 80.86; after system optimization, when the number of intrusions is 5, the security score of the system is 99.25; when the number of intrusions is 10, the stability score of the system is 98.75. When the number of intrusions is 15, the stability score of the system is 98.65, and when the number of intrusions is 20, the stability score of the system is 97.75. It can be seen that when the number of intrusions is more after system optimization, the security score of the system is lower, but the scores are above 95, so the security of the system is very reliable, so in the field of industrial information protection, this system can play a very safe ability to identify risks, as shown in Figure 6(3)System detection effectiveness analysis: Simulation experiments are conducted on the system, and the horizontal axis in the figure indicates the number of simulated intrusions and the vertical axis indicates the number of effective identifications: before the system optimization, when the number of intrusions is 5 times, the system effectively recognized 3 times; when the number of intrusions is 10 times, the system effectively recognized 9 times; when the number of intrusions is 15 times. After system optimization, when the number of intrusions is 5, the system effectively recognizes 5 times; when the number of intrusions is 10, the system effectively recognizes 10 times; when the number of intrusions is 15, the system effectively recognizes 15 times; when the number of intrusions is 20, the system effectively recognizes 19 times. The more the number of intrusions, the system’s basic can be effectively identified; only a very small number of cases can not be identified, so the supervision system is more effective, as shown in Figure 7(4)Analysis of the proportion of the three major functions: according to the data analysis, the three major functions are stability accounted for 35.65%, security accounted for 30.25%, and effectiveness accounted for 34.1%; it can be seen the proportion of the three major functions in a balanced posture; the system design and functional testing deployment have a very important position, as shown in Figure 8

5. Conclusion

Industrial information security is an important part of the national security strategy that affects the economy and people’s lives. It is a new area of occupational security that is very modern, complex, and promising. It covers many areas of information security of industrial information control systems. Its main task is to ensure infrastructure security and industrial automation, as well as to provide economic and social benefits to people in key sectors such as transportation and energy. In recent years, with the rapid development of industrial information technology, cybersecurity threats have grown, and cyberattacks have become more frequent. We are alarmed by many attacks. Once attacked, there is a high potential for catastrophic consequences. In recent years, the development of industrial security around the world has also made people feel alarmed about how to ensure industrial information security. The current industrial information security monitoring system is a large and complex system development process. As the connection expands, security risks increase, and attack opportunities and channels increase.

First, there are security gaps in industry regulation. As a result of the convergence and development of these two technologies, malicious attacks have been perpetrated using system vulnerabilities, remote access theft, and phishing as important means in the design of industrial information control systems (SRP). Traditional defense products are unable to effectively respond to today’s complex and diverse security threats.

Second, the operating environment has become more open and networked. The primary target of virus attacks is the host computer, which is largely separated, the industrial environment lacks basic protection, and operators lack the necessary hostile knowledge and threat awareness.

Third, supply chain risks have increased. In China, the independence of key technologies, software, and hardware in cyberspace is weak, especially due to the increased risk of storing and deploying new technologies and the increased threats and pressures from cyberspace.

Fourth, attacks are minimal. Due to the emergence of various hackers, there are large gaps in the hardware used in industrial information control systems that can be found through different network channels, as well as through different network channels. There are many dangers of virus entry and illegal access.

Fifth, as geopolitical competition intensifies, industrial information control systems are easy targets for interstate cyber confrontation and hacking. The cybersecurity situation is becoming increasingly complex, and industrial networks have become the most important area of geopolitics. In recent years, China’s rapid industrial development and information technology development face serious security threats and the urgent need for information security. The gradual increase in national demand and support for occupational safety management systems has led to a shift from production management systems to the information security industry and the sustainable development of the industrial control and information security industry. In this new paradigm, we must upgrade the existing industrial cybersecurity system, establish a wide range of industrial cybersecurity technology system, and build an industrial cyber protection system based on sensing, early warning, monitoring, and emergency response. It is a strategic choice for infrastructure-first industries to jointly develop cybersecurity network coordination mechanisms between government and social organizations, enterprises, and research institutions and to build government, industrial, educational, scientific, and industrial ecosystems using integrated industries.

Data Availability

The dataset is available upon request.

Conflicts of Interest

The authors declare no conflicts of interest.

References

L. Lanfranco, “Cryptographic pointers for fine-grained file access security,” Information Security Journal: A Global Perspective, vol. 31, no. 3, pp. 359–375, 2022.
View at: Publisher Site | Google Scholar
Y. Wang, C. Tingyu, Z. Xiaohu, Z. Tao, Z. Kai, and H. Xiaofei, “A blockchain-based privacy information security sharing scheme in Industrial Internet of Things,” Sensors, vol. 22, no. 9, p. 3426, 2022.
View at: Publisher Site | Google Scholar
“Terminal security monitoring based on power consumption information,” Journal of Physics: Conference Series, vol. 2242, no. 1, p. 012038, 2022.
View at: Publisher Site | Google Scholar
M. J. Mihaljević and W. Lianhai, “An approach for security enhancement of certain encryption schemes employing error correction coding and simulated synchronization errors,” Entropy, vol. 24, no. 3, p. 406, 2022.
View at: Publisher Site | Google Scholar
N. Andreea and Z. Eduard, “Analysis and estimation of economic influence of IoT and telecommunication in regional media based on evolution and electronic markets in Romania,” Telecom, vol. 3, no. 1, pp. 195–217, 2022.
View at: Publisher Site | Google Scholar
M. Asif, I. Ali, S. Ahmad et al., “Industrial automation information analogy for smart grid security,” Cmc-Computers Materials & Continua, vol. 71, no. 2, pp. 3985–3999, 2022.
View at: Publisher Site | Google Scholar
K. Yongho and K. Boyoung, “The effective factors on continuity of corporate information security management: based on TOE framework,” Information, vol. 12, no. 11, p. 446, 2021.
View at: Publisher Site | Google Scholar
C. B. Yuan and S. Iftekhar, “Investigating deep learning approaches on the security analysis of cryptographic algorithms,” Cryptography, vol. 5, no. 4, p. 30, 2021.
View at: Publisher Site | Google Scholar
K. Niraj, M. V. Mohan, and K. Adesh, “Smart grid and nuclear power plant security by integrating cryptographic hardware chip,” Engineering and Technology, vol. 53, no. 10, pp. 3327–3334, 2021.
View at: Publisher Site | Google Scholar
L. V. Astakhova, “Transformation of strategic models for managing human risks of information security of an enterprise as an imperative of the digital industry,” Scientific and Technical Information Processing, vol. 48, no. 2, pp. 71–77, 2021.
View at: Publisher Site | Google Scholar
C. Joel and D. Naailah, “Exploring information systems security implications posed by BYOD for a financial services firm,” Business Information Review, vol. 38, no. 3, pp. 115–126, 2021.
View at: Publisher Site | Google Scholar
T. Wen, D. Miao, J. Xiaopeng, L. Guangjie, D. Yuewei, and H. Zhu, “Contract-based incentive mechanisms for honeypot defense in advanced metering infrastructure,” IEEE Transactions on Smart Grid, vol. 12, no. 5, pp. 4259–4268, 2021.
View at: Publisher Site | Google Scholar
D. Denis and J. Tibor, “On the tight security of TLS 1.3: theoretically sound cryptographic parameters for real-world deployments,” Journal of Cryptology, vol. 34, no. 3, 2021.
View at: Publisher Site | Google Scholar
Z. Zhun, X. Wang, H. Qiang et al., “High-efficiency parallel cryptographic accelerator for real-time guaranteeing dynamic data security in embedded systems,” Micromachines, vol. 12, no. 5, p. 560, 2021.
View at: Publisher Site | Google Scholar
A. K. Yadav, M. G. Ritika, and M. Garg, “Cryptographic solution for security problem in cloud computing storage during global pandemics,” International Journal of Safety and Security Engineering, vol. 11, no. 2, pp. 193–199, 2021.
View at: Publisher Site | Google Scholar
S. Priya, “Security research of internet of things equipment based on cryptographic analysis,” Journal of Research in Science and Engineering, vol. 3, no. 3, 2021.
View at: Google Scholar
L. Yang, L. Cheng, L. Yi et al., “Cryptographic key generation and in situ encryption in one-transistor-one-resistor memristors for hardware security,” Advanced Electronic Materials, vol. 7, no. 5, p. 2001182, 2021.
View at: Publisher Site | Google Scholar
C. H. Yu, W. Z. Yu, C. T. Long, H. Y. Min, and L. C. Hui, “Security privacy and policy for cryptographic based electronic medical information system,” Sensors, vol. 21, no. 3, p. 713, 2021.
View at: Publisher Site | Google Scholar
V. Noel, P. L. O. Bonerge, N. Harold et al., “Information security in WSN applied to smart metering networks based on cryptographic techniques,” Journal of Intelligent & Fuzzy Systems, vol. 39, no. 6, pp. 8499–8506, 2020.
View at: Publisher Site | Google Scholar
B. Alexandra, B. Titus, C. Marcian, and S. Florin, “A PUF-based cryptographic security solution for IoT systems on chip,” EURASIP Journal on Wireless Communications and Networking, vol. 2020, 22 pages, 2020.
View at: Publisher Site | Google Scholar

Copyright

Copyright © 2022 Lijun Wang et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

PDF Download Citation

Download other formats

Order printed copies