Exploration and implementation of network security strategy for gas pipeline SCADA system: taking the China-Russia Eastern Gas Pipeline Project as an example

For the intrinsic safety and reliable operation of the SCADA system network of gas pipeline stations and the implementation of laws and regulations such as the People's Republic of China cyber security law, the network security protection scheme was designed and implemented during the construction of the SCADA control system of gas pipeline to ensure the safety control from boundary isolation, station network audit, firewall blocking, gatekeeper control, comprehensive analysis of situation awareness platform, etc. By virtue of the network audit, isolation and analysis functions of relevant equipment, combined with fall analysis, threat intelligence analysis, abnormal behavior analysis, unknown threat analysis, network anomaly analysis, domain name anomaly analysis, attack threat feature analysis, covert channel analysis and the rich overall security analysis and reporting functions, security threats such as external attacks, external threats, internal illegal connections, abnormal network session modes, etc. can be effectively detected. It is a perfection and improvement of the traditional security defense system and an integrated network security monitoring scheme from the station to the control center. The system adopts independent network transmission, which meets the protection and monitoring requirements of data communication between different systems, allows the access control between transnational control systems, and conforms to the management regulations of the national classified security protection evaluation, network security laws and industry security standards.