随着网络技术的广泛应用,轨道交通行业关键基础设施面临着更为复杂的网络环境挑战;开展轨道交通行业网络空间安全发展研究,是实施网络强国战略的重要组成部分.本文阐述了轨道交通行业网络空间安全的基本概念与主要特征,从国外战略、国内战略、安全制度与规范等角度总结了轨道交通行业网络空间安全的宏观态势;着重从基础防护、强化防护、协同防护三方面梳理了轨道交通行业网络空间安全防护体系的发展现状,深入剖析了相应安全风险及成因,涉及传统网络威胁、数据攻击威胁的实际案例.研究认为,内外风险因素成为行业专网的双重威胁、传统网络架构制约安全与可靠性;研究建议,加强网络原创基础研究和体系化创新、构建行业网络安全自主可控产业链、深化行业网络安全运维管理、注重行业网络安全人才培养,以此提升轨道交通行业网络空间安全发展水平.
The wide application of network technologies has meanwhile brought about increasingly complex challenges regarding network environment for the key infrastructure of the rail transit industry.Therefore,deepening the research on cyberspace security in the rail transit industry becomes increasingly important.This study expounds on the basic concept and major characteristics of cyberspace security in the rail transit industry and summarizes its macro situation from the perspectives of strategies in China and abroad as well as security system and standards.It sorts out the development status of cyberspace security protection systems in the rail transit industry from three aspects:basic,enhanced,and collaborative protection.Moreover,the study analyzes the corresponding security risks and causes,involving practical cases of traditional network threats and data attack threats,and concludes that internal and external risk factors become the double threats to the industry's dedicated network and the traditional network architecture restricts network security and reliability in the rail transit industry.Furthermore,we propose the following suggestions:(1)strengthening the original basic research and systematic innovation of networks,(2)building an independent and controllable industrial chain of network security,(3)improving the operation and management of network security,and(4)enhancing talent cultivation for network security in the rail transit industry.