ISO/IEC 24392:2023 网络安全 工业互联网平台的安全参考模型（SRM-IIP）

标准编号：ISO/IEC 24392:2023

中文名称：网络安全 工业互联网平台的安全参考模型（SRM-IIP）

英文名称：Cybersecurity — Security reference model for industrial internet platform (SRM- IIP)

发布日期：2023-07

标准范围

ISO/IEC 24392:2023本文档介绍了工业互联网平台(IIP)的具体特征，包括相关的安全威胁、特定上下文的安全控制目标和安全控制。本文档涵盖了工业环境中的特定安全问题，从而补充了通用安全标准和参考模型。特别是，该文档包括工业设备之间的安全数据收集和传输、工业云平台的数据安全以及与各种行业利益相关者的安全协作。本文档的用户是开发、运营或使用IIPs任何组件的组织，包括向上述利益相关者提供服务的第三方。本文档为用户提供了如何保护IIP免受IIP特定威胁的建议。

ISO/IEC 24392:2023 This document presents specific characteristics of industrial internet platforms (IIPs), including related security threats, context-specific security control objectives and security controls.
This document covers specific security concerns in the industrial context and thus complements generic security standards and reference models. In particular, this document includes secure data collection and transmission among industrial devices, data security of industrial cloud platforms, and secure collaborations with various industry stakeholders.
The users of this document are organizations who develop, operate, or use any components of IIPs, including third parties who provide services to the abovementioned stakeholders.
This document provides recommendations for users on how to protect IIPs against IIP-specific threats.

标准预览图