縱(zong)觀網(wang)絡(luo)安(an)(an)(an)全(quan)(quan)(quan)(quan)發展幾(ji)十年，安(an)(an)(an)全(quan)(quan)(quan)(quan)威(wei)脅依然隨處可見(jian)(jian)，正(zheng)所謂，“你見(jian)(jian)或(huo)者不見(jian)(jian)，我就在(zai)(zai)那里，只增不減”。從傳統網(wang)絡(luo)安(an)(an)(an)全(quan)(quan)(quan)(quan)三劍客“入侵防(fang)御(yu)、防(fang)火(huo)墻(qiang)、防(fang)病(bing)毒、”到下一代防(fang)火(huo)墻(qiang)，從傳統網(wang)絡(luo)安(an)(an)(an)全(quan)(quan)(quan)(quan)到工(gong)業(ye)控(kong)制系(xi)統安(an)(an)(an)全(quan)(quan)(quan)(quan)，都離不開(kai)(kai)安(an)(an)(an)全(quan)(quan)(quan)(quan)保(bao)護(hu)、離不開(kai)(kai)安(an)(an)(an)全(quan)(quan)(quan)(quan)保(bao)護(hu)產品(pin)。尤其(qi)是在(zai)(zai)國(guo)家安(an)(an)(an)全(quan)(quan)(quan)(quan)的(de)大(da)形勢下，公共基礎設施(shi)安(an)(an)(an)全(quan)(quan)(quan)(quan)已(yi)列入國(guo)家安(an)(an)(an)全(quan)(quan)(quan)(quan)范疇中，工(gong)業(ye)控(kong)制系(xi)統安(an)(an)(an)全(quan)(quan)(quan)(quan)更是保(bao)障(zhang)民(min)生安(an)(an)(an)全(quan)(quan)(quan)(quan)的(de)基礎。在(zai)(zai)如(ru)此重要的(de)區域，誰來保(bao)護(hu)工(gong)控(kong)系(xi)統安(an)(an)(an)全(quan)(quan)(quan)(quan)？

　　國內工(gong)業(ye)控(kong)(kong)制(zhi)自(zi)動化和智(zhi)能(neng)化進(jin)程的深入，工(gong)業(ye)控(kong)(kong)制(zhi)網(wang)(wang)絡(luo)(luo)(luo)(luo)與外(wai)部(bu)互(hu)聯網(wang)(wang)或企業(ye)辦公網(wang)(wang)絡(luo)(luo)(luo)(luo)的信息交(jiao)互(hu)日(ri)趨頻(pin)繁，使得工(gong)業(ye)控(kong)(kong)制(zhi)網(wang)(wang)絡(luo)(luo)(luo)(luo)不斷面臨(lin)著(zhu)來自(zi)外(wai)部(bu)互(hu)聯網(wang)(wang)的惡意攻擊和內部(bu)人員的誤操作等威(wei)脅(xie)。早期工(gong)控(kong)(kong)設備使用環境相對封(feng)閉，工(gong)業(ye)控(kong)(kong)制(zhi)系統(tong)在開發時往往更重(zhong)視(shi)功能(neng)的實現，而缺(que)少對工(gong)控(kong)(kong)網(wang)(wang)絡(luo)(luo)(luo)(luo)自(zi)身安(an)(an)全(quan)(quan)的關注，導致工(gong)業(ye)控(kong)(kong)制(zhi)系統(tong)中不可避免的存(cun)在安(an)(an)全(quan)(quan)缺(que)陷。目前，傳統(tong)防火(huo)墻已無法完全(quan)(quan)解決(jue)這些問題(ti)，無法將工(gong)控(kong)(kong)網(wang)(wang)絡(luo)(luo)(luo)(luo)置于安(an)(an)全(quan)(quan)的保(bao)護之下。匡恩網(wang)(wang)絡(luo)(luo)(luo)(luo)通(tong)過自(zi)主研(yan)發，深入市場細分(fen)領域，在公共基礎設施安(an)(an)全(quan)(quan)層面率先推(tui)出工(gong)控(kong)(kong)網(wang)(wang)絡(luo)(luo)(luo)(luo)IAD（Intelligent APT defense）智(zhi)能(neng)保(bao)護平(ping)臺，以(yi)此來解決(jue)工(gong)控(kong)(kong)網(wang)(wang)絡(luo)(luo)(luo)(luo)潛在威(wei)脅(xie)。

　　你永(yong)遠(yuan)不(bu)能保(bao)(bao)證(zheng)你沒看見的(de)(de)(de)(de)(de)(de)東西處于安全(quan)(quan)狀(zhuang)態。工(gong)(gong)業控制系(xi)(xi)統(tong)(tong)(tong)邏輯范圍廣，應(ying)用(yong)軟(ruan)件多(duo)，涉及硬件復雜，生產(chan)設備與生產(chan)環境多(duo)樣，一(yi)旦遭到破(po)壞(huai)，可能對物理世界造成直接(jie)的(de)(de)(de)(de)(de)(de)巨大傷害(hai)。標準IEC62443對工(gong)(gong)控系(xi)(xi)統(tong)(tong)(tong)信(xin)息安全(quan)(quan)的(de)(de)(de)(de)(de)(de)定義：“保(bao)(bao)護(hu)系(xi)(xi)統(tong)(tong)(tong)所(suo)采取的(de)(de)(de)(de)(de)(de)措(cuo)施；由建立(li)和維護(hu)保(bao)(bao)護(hu)系(xi)(xi)統(tong)(tong)(tong)的(de)(de)(de)(de)(de)(de)措(cuo)施所(suo)得到的(de)(de)(de)(de)(de)(de)系(xi)(xi)統(tong)(tong)(tong)狀(zhuang)態；能夠免于對系(xi)(xi)統(tong)(tong)(tong)資源的(de)(de)(de)(de)(de)(de)非授(shou)權(quan)(quan)訪問(wen)(wen)和非授(shou)權(quan)(quan)或(huo)意外(wai)的(de)(de)(de)(de)(de)(de)變更、破(po)壞(huai)或(huo)者(zhe)損失；基于計算機系(xi)(xi)統(tong)(tong)(tong)的(de)(de)(de)(de)(de)(de)能力(li)，能夠保(bao)(bao)證(zheng)非授(shou)權(quan)(quan)人員和系(xi)(xi)統(tong)(tong)(tong)既(ji)無法(fa)修(xiu)改軟(ruan)件及其數(shu)據，也無法(fa)訪問(wen)(wen)系(xi)(xi)統(tong)(tong)(tong)功能，確(que)保(bao)(bao)授(shou)權(quan)(quan)人員和系(xi)(xi)統(tong)(tong)(tong)不(bu)被阻止；防(fang)止對工(gong)(gong)業控制系(xi)(xi)統(tong)(tong)(tong)的(de)(de)(de)(de)(de)(de)非法(fa)或(huo)有害(hai)入侵(qin)，或(huo)者(zhe)干擾其正確(que)和計劃的(de)(de)(de)(de)(de)(de)操作。”總結為物理安全(quan)(quan)、功能安全(quan)(quan)以及信(xin)息安全(quan)(quan)，強調不(bu)同于傳(chuan)統(tong)(tong)(tong)IT安全(quan)(quan)的(de)(de)(de)(de)(de)(de)需(xu)求，首先保(bao)(bao)證(zheng)整(zheng)個系(xi)(xi)統(tong)(tong)(tong)的(de)(de)(de)(de)(de)(de)可用(yong)性(xing)(xing)和可靠性(xing)(xing)，其次才是保(bao)(bao)證(zheng)控制平(ping)臺的(de)(de)(de)(de)(de)(de)可靠性(xing)(xing)與存儲其中數(shu)據的(de)(de)(de)(de)(de)(de)機密性(xing)(xing)。