标准摘要
[中文适用范围]: 本文件介绍了工业互联网平台(IIP)的具体特征,包括相关的安全威胁、特定环境的安全控制目标和安全控制。本文件涵盖了工业环境中的特定安全问题,从而补充了通用安全标准和参考模型。具体内容包括工业设备之间的数据安全采集和传输、工业云平台的数据安全以及与各行业利益相关者的安全协作。本文件的用户是开发、运营或使用国际投资头寸任何组件的组织,包括为上述利益相关者提供服务的第三方。本文档为用户提供有关如何保护 IIP 免受 IIP 特定威胁的建议。 [外文原描述]: This document presents specific characteristics of industrial internet platforms (IIPs), including related security threats, context-specific security control objectives and security controls. This document covers specific security concerns in the industrial context and thus complements generic security standards and reference models. In particular, this document includes secure data collection and transmission among industrial devices, data security of industrial cloud platforms, and secure collaborations with various industry stakeholders. The users of this document are organizations who develop, operate, or use any components of IIPs, including third parties who provide services to the abovementioned stakeholders. This document provides recommendations for users on how to protect IIPs against IIP-specific threats.
英文名称Cybersecurity - Security reference model for industrial internet platform (SRM- IIP)