32
Int. J. Critical Infrastructures, Vol. 4, Nos. 1/2, 2008
Copyright ? 2008 Inderscience Enterprises Ltd.
The security of power systems and the role of information and communication technologies: lessons from the recent blackouts
Alberto Stefanini* and Marcelo Masera
Institute for the Protection and Security of the Citizen Joint Research Centre of the European Commission Via E. Fermi, 1, 21020 Ispra (VA), Italy E-mail: Alberto.Stefanini@jrc.it E-mail: Marcelo.Masera@jrc.it *Corresponding author
Abstract: This paper analyses the impact of information and communication technologies upon the security of networked infrastructures, making specific reference to the situation of the electric power sector. It discusses the lessons learnt from the recent blackouts, and concludes with the identification of the main technological security challenges faced in this field. In recent years, both Europe and the USA have experienced a significant number of huge blackouts, whose frequency and impact looks to be progressively growing. This paper shows that these events had common roots in the fact that current risk assessment methodologies and current system controls no longer appear to be adequate. Beyond the growing complexity of the electrical system as a whole, two main reasons can be listed: (1) system analysis procedures based on these methodologies did not identify security threats emerging from failures of critical physical components; and (2) online controls were not able to avoid system collapse.
Keywords: electric power infrastructure; security; risk assessment; control systems; standards; R&D issues.
Reference to this paper should be made as follows: Stefanini, A. and Masera, M. (2008) ‘The security of power systems and the role of information and communication technologies: lessons from the recent blackouts’, Int. J. Critical Infrastructures , Vol. 4, Nos. 1/2, pp.32–45.
Biographical notes: Alberto Stefanini graduated in Electronic Engineering at the University of Bologna in 1974. He is currently with the Joint Research Centre of the European Commission, Institute for the Protection and Security of the Citizen, where he is involved in studies on critical infrastructure vulnerabilities, and in the coordination of research activities EU-wide on this subject. Until September 2005, he was with CESI, an electrical engineering and research company based in Milan, where he coordinated research on power system security and diffusion of R&D results. His background includes marketing of engineering and software services in the energy sector, research in artificial intelligence, and design of telecommunications devices and micro systems. He is the author of over 30 scientific and technical publications and one book.
Marcelo Masera has been an Electronics and Electrical Engineer since 1980, and an Officer of the European Commission at the Joint Research Centre since November 2000. He is in charge of the Information Security of Critical Networked Infrastructures area within the Institute for the Security
The security of power systems and the role of ICTs 33
and Protection of the Citizen. His interests are in the dependability and
security of complex socio-technical systems, and specifically those related
to critical infrastructures, large-scale systems-of-systems, information and
communication technologies and the information society. He has published
more than 60 papers in the fields of dependability, security and risk.
The content of this paper is the sole responsibility of the authors and in no way
represents the view of the European Commission or its services.
1 The changing power infrastructure: the E+I paradigm
As discussed in Gheorghe et al. (2006), networked infrastructures, and in particular the power systems, are experiencing fundamental changes in the way they are controlled and monitored. One of the main factors behind this evolution is the pervasive and intensive use of Information and Communication Systems (ICS).
The application of electronic technologies to power systems began as soon as those technologies were available, because they appeared as an effective means of implementing control and protection mechanisms. The massive incorporation of digital solutions has changed the character of power systems. In Gheorghe et al. (2006), this industrial phenomenon is denominated the E+I paradigm: this designates the new reality of the power infrastructure characterised by the integration of two elements, namely, ‘Electricity plus Information’.
The use of ICS has two sides: on the one side it provides new means of improving the operational and monitoring capabilities, but on the other it opens up dangerous risks of cyber threats. Therefore, the assessment of the risks of the electricity infrastructure cannot ignore the information security aspects of ICS.
Taking as an example the evolution of the electricity systems in Europe, it is possible to appreciate how the two main structural changes of the last decade (i.e., unbundling of the generation, transmission and distribution sectors, and use of international interconnections for increasing flows supporting the electricity market) would not have been possible without the parallel application of ICS. Within each country, the application of the regulations over the infrastructure depends on the flow of information between actors: be it the application of connectivity rules or tariffs, electricity and information go together.
All aspects of the power infrastructure – from the commercial operations in electricity exchanges, to enhanced services to end users, to the assessment and management of risk and costs, etc. – all aspects of electric power are infused with information. The infrastructure will see the amalgamation of electricity and information. This is the emergence of an E+I scenario. Its reality is central to the understanding of the security risks, and the effective use of ICS. Four phases can be identified in the evolution towards the E+I paradigm (see Figure 1, Gheorghe et al. (2006)):
1 During the 1950s and 1960s, power systems worked on their own, evolving from
isolated systems to the first networks. The application of electronics and the first
analogue computer devices closely followed their availability (e.g., frequency relays and offline tools such as analogue simulators). E was isolated, and the loop with I
passed through human beings.
34 A. Stefanini and M. Masera
2 In the 1970s, digital electronics began to replace the functions that were previously
performed by electromechanical and analogue equipment, e.g., direct control over some functions. Analogue and digital equipment coexisted for some time. In parallel, computing centres were implemented for data storage and business administrative functions. Power systems evolved networking whole regions. E received direct
support from I, first at the equipment level, then linked to entire installations.
3 By the mid-1980s, power systems became wired and computerised, and the
possibility of having remote access to distant facilities pushed the development of communication networks. Power systems were nationally integrated and
international interconnections were developed. Dispatch centres rapidly developed their capabilities. The diffusion of the internet affected all business processes. I
transformed into an indispensable partner of E.
4 From the late 1990s onward, companies and national infrastructures became fully
digitalised. Data flows grew profusely between the industrial and the business sides of companies. Energy markets functioned online. International power networks
further developed and cross-border flows increased following the requirements of the markets. The vast interconnection among national grids was not just accompanied but also enabled by ICS. Sensors and actuators could be reached through a variety of communication means. On the other hand, the pervasiveness of information allowed new functions across systems. E and I became fused into a single reality: E+I.
Figure 1 Evolution towards E+I
Source:Derived from Gheorghe et al., 2006
The E+I scenario presents security challenges that are not only more numerous or more complex than in the previous periods, but are also different in nature. The E branch of security cannot be analysed or solved without consideration of the I branch. The E and I parts cannot be aggregated, but the compound infrastructure E+I requires a joint security approach.
The security of power systems and the role of ICTs 35 2 Networked infrastructure failures: lessons from the summer
2003 blackouts
Network-shaped, highly distributed infrastructures have to take into consideration a greater diversity of threats than single systems. For instance, in addition to local technical faults, human errors and natural disasters, one has to add systemic failures emerging from the topological and organisational structure of the infrastructure. Moreover, since infrastructural networks are typically geographically distributed, natural forces might affect them owing to the accumulation of dispersed events; and owing to the relevance of infrastructures to national security, deliberate attacks take on a new and important significance.
Threats against the electrical system are also growing from the point of view of its adequacy: demand is always growing, and, although this growth may be forecast, it cannot be easily faced anytime, also because the public often withstands construction of new power-generating plants and transmission lines (UCTE, 2004a). Interconnections among national power systems have been developed in the past 50 years so as to ensure mutual assistance between national subsystems, by allowing exchanges between these systems. Today’s market development, with its high level of cross-border exchanges, was out of the scope of the original system design. Transactions are increasing, following electrical system liberalisation, and this involves operating the whole infrastructure closer to security limits (Eurelectric, 2004). As discussed in Gheorghe et al. (2006), this discrepancy between the physical infrastructure and the requirements put to its operation has been described as ‘evolutionary unsuitability’ for emphasising this evolving mismatch.
In recent years, both Europe and the USA have experienced a significant number of huge blackouts, whose frequency and impact looks to be progressively growing. Summer 2003 especially was characterised by electricity supply disruption events that had a wide impact on a number of key economies; these events contributed to directing attention to how crucially modern societies depend upon the correct operation of the electric infrastructure. They evidenced the extent to which all technological infrastructures depend on electricity, although most interdependencies are usually not perceived, not only by the public at large, but also by most infrastructure operators. These events had common roots in the emerging vulnerabilities of electrical system controls (intended as the procedures for system management, and the related information and communication infrastructure, comprehensive of monitoring, actuation and protection devices). They also evidenced the inadequacy, in that respect, of current risk assessment methodologies. Most recent incidents arose from a pattern where an initial fault of the electrical infrastructure was not confined because protection systems acted on a purely local basis, and the monitoring equipment failed to alarm human operators in a timely manner:
? 14 August 2003 – Eastern North America
According to the joint US-Canada Task Force (2005), in a way this event was
induced and, above all, inappropriately managed because of some pending problems affecting the monitoring and control equipment. The state estimator used to preview the likely system evolution was out of order for approximately four hours and was restarted a few minutes before the blackout. Another fault in the SCADA server
36 A. Stefanini and M. Masera
put alarm management out of operation and slowed down the entire SCADA
functionality, to the effect of making control room operators almost totally blind
regarding the event.
? 28 August 2003 – South London, UK
The cause of this incident was the incorrect rating of a protection relay, undiscovered by the extensive quality control and commissioning procedures. Following an alarm caused by a low oil level in a shunt reactor, a transformer was disconnected from the distribution system, as is the normal practice in this case. Unexpectedly, automatic protection equipment interpreted the change in power flow due to the transformer disconnection as a fault, and disconnected 410 000 customers, including parts of the London Underground and Network Rail (National Grid, 2003).
? 23 September 2003 – Southern Sweden and eastern Denmark
The root cause of this incident was the combination of the initial loss of a large
nuclear unit with the double bus-bar fault in the substation on the West coast,
which drove the system beyond its security criteria (N-3 situation). Approximately five min after the initial fault (loss of a 1250 MW generation unit), a double
bus-bar fault in a substation on the west coast disconnected four out of five 400 kV transmission lines. Increasing flows on the remaining lines and low voltage in
southern Sweden caused protection relays to trip, and southern Sweden and eastern Denmark were completely disconnected after 90 seconds.
? 28 September 2003 – Italy
The root cause of the event was the trip of the Lukmanier line in Switzerland, due to
a tree flashover. In that situation, the Swiss operator had to rely on countermeasures
available outside Switzerland, but lacked a sense of urgency regarding the overload of a second line connecting the Swiss system to Italy, and called for inadequate
countermeasures in Italy (UCTE, 2004a). According to the Italian Authority (AEEG, 2003; 2004), the subsequent degradation of the Italian system and its long restoration were mostly due to either inadequate or inappropriate performance of protection
equipment. All three categories of protection systems – critical section control, load relief equipment and load rejection equipment – failed for different reasons. It is also remarkable that 21 out of 52 power plants failed to compensate for the lack of
imported power, because most of them rejected load at about 49 Hz, well above the stated threshold of 47.5 Hz (AEEG, 2003; 2004).
3 Open questions
Market liberalisation and the creation of a single European market have changed the conditions for ensuring a secure electricity supply. The European grid is hosting the transit of commercial flows over long distances, driving system operators to become more and more interdependent, while at the same time substantial commercial interests have appeared and the number of market actors has significantly increased. The major political question raised by recent power outages is whether liberalisation did trigger a
The security of power systems and the role of ICTs 37 process of mismanagement of the electrical infrastructure, whose final outcome is an increase in the frequency and severity of power outages. As pointed out by the authoritative Eurelectric (2004) report ‘Power Outages in 2003’:
“major power outages are viewed by consumers as a failure of the whole
electricity industry, irrespective of the actual reasons and contributing factors
(…) The power outage events may increase scepticism to liberalisation in
citizens, and have already done so in some officials both at national and
European levels.”
The main lesson implied by the blackouts is that neither electrical system management, nor its operating procedures, nor system automation was revised so as to adequately cope with the liberalisation scenario. By comparing the two major events discussed in Section 2, the Eastern North America and the Italian blackout, we may recognise a common pattern:
? Regarding the Italian case, the UCTE (2004a) report points out that, as an accident originating in Switzerland, it required the timely intervention by the Italian operator to be adequately dealt with. However, the Italian operator did not have direct
visibility on the events that happen in other countries, and therefore had to be
warned on the phone by the Swiss operator (!).
? Similarly, the US system lacks a governing body that may effectively coordinate operators’ activities. Although NERC (2005a), the North American coordinating
body, did advance a proposal to that effect, this initially met the opposition of several regional operators.1 Moreover, the malfunction of critical supervisory equipment, which were to act as a common reference for the operators involved in the triggering event, was a crucial factor, in that it deceived operators on the likely progression of events.
? In the Italian case, restoration was further compounded by critical infrastructure interdependency. After two hours, the emergency supply to several vital information and communication equipment ceased to work, hence the equipment could no longer operate. This required turning to a backup satellite facility for communication with on-site personnel, who had to manually operate all the remotely controlled
equipment, thus making restoration far longer and more cumbersome (AEEG, 2004). ? In the US case, restoration was even longer and more cumbersome, owing to the inherent complexity and the extension of the crisis, the plethora of actors
involved, and inadequacies of automation and support equipment (US-Canada
Task Force, 2005).
The Italian case clearly outlines how the two basic attributes of power service reliability, i.e., adequacy and security, could in some cases be somewhat contrasting. During the summer crisis of 26 June 2003, owing to exceptional weather conditions, the Italian operator was unable to meet demand requirements (failure to provide adequate service), while the September blackout scenario is one where the Italian system, crucially dependent on power imports, failed when this import was suddenly cut off owing to a fault, thus showing a lack of overall security. The system operator was driven to crucially rely on imports for several reasons, among them pressure from public opinion after the summer crisis, thus operating the system closer to its capacity and security limits. Also, the deployment of the Italian crisis is largely due to premature tripping of protection
38 A. Stefanini and M. Masera
relays, made to protect specific assets, like power plants, transformers and lines; in this case, security in asset protection prevailed over adequacy, i.e., caused a total failure to meet demand.
In conclusion, there is a drive towards integration of the European electricity market, huge opportunities for advanced ICS in this domain and a need to address new vulnerabilities. The main open questions appear to be twofold, as discussed next.
3.1 Inadequacy of the current practices to assess power system reliability
Many incidents arise from a pattern where the initial fault of a power system is compounded by the failure of monitoring equipment and/or incorrect tripping of automatic protection devices (CIGRé, 2001). The general industry practice for security assessment has been to use a deterministic approach (CIGRé, 2005): the power system is designed and operated to withstand a set of contingencies referred to as ‘normal contingencies’, selected on the basis that they have a significant likelihood of occurrence. This is usually referred to as the N-1 criterion because it examines the behaviour of an N-component grid following the loss of any one of its major components (UCTE, 2004b). Techniques such as load flow analysis are then applied to evaluate the resulting grid conditions. There is no holistic methodology, however, for evaluating risks arising from the power system failures and the automation system together, so as to join physical power system risk assessment with testing/compliance control procedures for automation and protection equipment.
3.2 Vulnerabilities of power systems controls
Market liberalisation involves multiple operators exchanging critical information so as to jointly operate the system; hence a number of key control systems need drastic reviews in order to be fit for operation in a market context. The electrical system depends substantially and increasingly upon its supporting information and communication infrastructure, because almost all vital system functions are remotely controlled, so that an increased control systems complexity, required for secure system operation, may in turn raise system vulnerability, owing to both accidental faults and malicious attacks. Critical infrastructures, and primarily the electrical system, are well-known to be a privileged target in warfare, as well as of terrorist attacks. Unless appropriate measures are taken, this risk will increase with the adoption of open and public information and communication infrastructures for automation support.
4 Non-holistic approach to power system reliability assessment
As discussed in the previous section, many incidents arise from a pattern where the initial fault of a power system is compounded by the failure of monitoring equipment and/or incorrect tripping of automatic protection devices. However, there is no way to join the assessment of risks arising from physical system failures with those arising from failures or attacks to system controls. On the contrary, even the conceptual framework concerning systems security and reliability of power system engineering appears to be quite different from the control systems one.
The security of power systems and the role of ICTs 39 Computer systems security was defined by Laprie (1992) as “dependability with respect to the prevention of unauthorised access and/or handling of information”. Computer science views dependability as a global concept, encompassing such properties as availability, reliability, safety, confidentiality, integrity and maintainability. The widespread use of information and communication technologies made the above terminology to be accepted in many sectors of industry, starting from the safety-critical ones – automotive, aerospace, railways, ships, etc., – so that it may be considered a global concept nowadays in control system engineering.
Unfortunately, this conceptual framework was not accepted in the power sector, where a different perspective emerged long before the introduction of computer systems to practical applications. Reliability is basically defined in terms of continuity of correct service in power systems engineering, while dependability has no formal meaning, although some authors take it as a synonym of reliability. Power system security is defined as “the ability to withstand sudden disturbances such as electric short circuits or non-anticipated loss of system components” IEEE/CIGRé (2004).
The practical consequence of these different conceptions is that there exists no holistic approach to risk assessment in power systems, able to evaluate the impact of control system failures together with the impact of physical failures. “Devices used to protect individual equipment may respond to variations in system variables and cause tripping of the equipment, thereby weakening the system and possibly leading to system instability” IEEE/CIGRé (2004), thus making automated protection equipment a key vulnerability factor in power systems. However, risk assessment methods in power systems disregard control systems failures: the N-1 criterion takes into account only failures of major electrical components.
5 Revision of electrical system controls may increase their vulnerabilities An electric system comprising interconnected power grids (regional, national and supernational) needs complex controls, intended as the procedures for system management, and the related information and communication infrastructure, comprising monitoring, actuation and protection devices, to ensure that the delivery of electrical power anywhere in the system meets certain specified criteria (IEC, 2003). As discussed in the Introduction, such infrastructure has grown together with the electrical system since the 1950s, and in most respects it did not go through a thorough revision after liberalisation to cope with the new security challenges. In summary, these controls appear to be no longer adequate because:
? Alarms are not displayed on the screen of the operators who would have to manage them, owing to inappropriate procedures and jurisdictional issues (e.g., along
frontiers, as in the Switzerland/Italy case, (CRE AEEG, 2004)).
? Critical apparatuses are not duplicated so as to remove the effects of their malfunction (North America).
? The defence plans of both the North American and the European systems failed.
Automatic protection devices were not able to avoid system collapse.
40 A. Stefanini and M. Masera
? In the Italian case, restoration was made long and cumbersome by inadequacies of the supporting information and communication infrastructure, as far as emergency supply systems are concerned.
As a result, there is now a growing consensus about the inadequacy of the European system controls:
“The lack or inadequacy of communication, coordination and/or data exchange
between system operators seems to have played a major role in the escalation
of some of the examined events. (…) Binding rules for coordination among
system operators both in normal operation and in other situations are desirable.
These rules must take account of the new challenges imposed by the
liberalisation and integration of the European markets. (...) Tools and means to
intensify collection and availability of real-time data should be examined and
established.” (Eurelectric, 2004)
In the aftermath of the 2003 events, the former UC(P)TE non-binding recommendations were transformed into the standards and requirements of the UCTE Operation Handbook and were made binding to all UCTE members via an inter-TSOs Multilateral Agreement signed on 1 July 2005 (UCTE, 2005b). The North American operational procedures alike are being revised by NERC (2005b). In summary, blackouts have triggered a rather hastened overhauling of the whole control system, which may in turn bring about new vulnerabilities. Power systems are multi-jurisdictional infrastructures; hence the real challenge is how to design and implement such a substantial amendment, which involves most of the various private and state entities that participate in some way or another in the operation of the electrical system. In most of the affected countries, particularly the USA and Italy, such process is already in progress so as to reflect changes in the regulatory agreements between TSOs.
Meanwhile, new control technologies (Anderson and LeReverend, 1996) are emerging (adaptive protection systems (Jonsson, 2003; Wilks, 2002; Zima,2002), dynamic security assessment (Kundur et al., 2000; Kamwa et al., 2003), wide area measurement systems (Kamwa and Grondin, 2003)). All these systems are inherently based on collecting data in different places, and possibly over an extended period of time, so as to detect an impending malfunction affecting a large portion of the overall system; hence, they are inherently based on fast processing and communication techniques (Naduvathuparambil et al., 2002). Although most of these technologies started to be introduced in the mid-1980s, they are not yet fully mature:
? Several issues specifically concerning technology performance are to be addressed, like the criteria for PMU positioning, the reliability of their synchronisation process, the performances of the algorithms (Kamwa and Grondin, 2003).
? The potential of innovative technologies for smart local control at the substation level, like adaptive relaying (Phadke and Horowitz, 1990), need to be fully exploited.
Their appropriate integration into a multi-level/multi-area hierarchical control
structure must be investigated.
According to a recent workshop among experts of the sector (Stefanini and Servida, 2005), the main challenges implied by the current review of the control systems can be summarised as follows:
The security of power systems and the role of ICTs 41? To what extent can future control systems be automated? One key factor for the blackouts was that current controls relied too much on the role of human beings, who are fallible and cannot cope with real-time constraints. On the other hand, human
beings cannot be removed from the loop, because they are extremely good at dealing with unforeseen situations, such as those that might arise from malicious attacks.
Humans should play a more strategic role in supervisory control, while enhancing, wherever possible, fast automated response at a local level.
? Need to address weak areas of the EU grid, especially cross-border ones – much work has to be done regarding decomposition and allocation of control functions, especially cross-border ones, e.g., Switzerland/France/Italy and France/Spain.
Moreover, the legal framework among neighbouring countries is very different;
hence it is difficult to assign this task to somebody.
? Need for non-intrusive technology migration paths – new technologies should come with an evolutionary approach to upgrade existing legacy control systems, so as to resolve concerns related to communication, resilience and the integration of new
technologies in the control loop. This upgrade is made even more complex because legacy systems are full of bugs, they were often developed without any
methodology, and their development and support tools are outdated.
? The complexity of the new technologies, which are highly ICS intensive, may bring about new vulnerabilities. Next-generation systems will require a high-performance, secure and high-quality service infrastructure, to support flexibility, restore systems and recover data. In this context, cyber vulnerability is becoming a major challenge. ? Need for comprehensive methodologies to assess vulnerabilities, threats and risk – installations of many ICT systems are being made today without a thorough
consideration of the security implications. It is not clear which could be the
appropriate (feasible, affordable, efficient) ways of identifying and analysing
vulnerabilities and threats, and therefore of evaluating the cyber risks to which the electricity system is subject, in a context where boundaries are fading (between
control and communication, business and control, etc.).
6 Conclusion
This paper provides an overview of the crucial factors involved in most of the recent huge blackouts, together with an analysis of the reasons why existing weaknesses in power system controls could result in such dramatic outcomes. It has also outlined the gap between innovative control technologies and the limitation of present-day methodologies for designing and validating distributed control systems. If this gap is not reduced, there is little chance that the new advanced control schemes will become a reality. Awareness of this challenge was the main motivation for a recent workshop on the subject (Stefanini and Servida, 2005), aimed at fostering discussion among stakeholders and the research community on the role of pervasive information and communication technologies applied to power systems.
42 A. Stefanini and M. Masera
The main challenges and concerns that are apparent in power systems controls will affect all other infrastructures that rely on a pervasive use of information and communication technologies. Large, distributed infrastructures, operated by a multitude of operators, need to decentralise and distribute intelligence. Distributed control and protection systems connected to global supervision networks by means of internet technologies, whilst providing opportunities for enhanced control and efficiency, also increase the exposure of the power infrastructure to accidental and malicious failures. Stronger integration between control and communication, the fading of boundaries and the convergence of corporate and control networks also increase the cyber vulnerability of control systems.
Infrastructures are changing dramatically, owing to both the technological evolution and to the restructuring of the related markets. This is particularly evident in Europe, where the evolution of the internal market has forced great changes in the organisation and property of the infrastructural assets: previous national monopolies (mainly in the hands of governments) have been unbundled, and services are now evolving towards a pure offer-and-demand arrangement.
In particular, the European power infrastructure has experienced an increase in the amount of distributed generation and of international flows, along with a widening of the mix among power sources. Therefore, the panorama has changed from one characterised by a few players dominating local markets and in full control of their systems, to infrastructures composed of an increasing number of players and rising interdependencies with neighbouring systems.
All these aspects have to be considered in a thorough security risk assessment, which integrates the short-term physical and cyber aspects (mainly influenced by the technical and topological weakness of a system), and the long-term adequacy (which depends upon the investments and technical evolution, as required for satisfying the power demand in terms of both quantity and quality).
As discussed in Section 4, a key issue for integrated security is that electrical engineering and control systems engineering keep a different conception of security. The practical consequence of these different conceptions is that there exists no holistic approach to risk assessment in power systems. A way out might be to root such an approach on a conception of security such as the one that is being proposed by the IEC/EN 61508 (2003) standard. Although conceived for industrial process control instrumentation, this standard encompasses generic methodologies, which may be applied to the functional safety2 of other sectors where specific methodologies are not available, e.g., power grid controls. While functional safety addresses the negative impact (i.e., the damage) of a plant/equipment on the surrounding environment, security addresses primarily the damages that the surrounding environment may cause the plant. This broad definition may include both physical disturbances (due to adverse weather conditions, tree contact, etc.) and control equipment malfunction induced by component faults or cyber attacks (Ciapessoni and Cortina, 2006).
On the other hand, for ensuring the implementation of the needed security functions, power infrastructure evolution will require more flexible and distributed future controls, more robust control strategies and innovative SCADA. Operational control should move towards higher speed, more intelligent local control and protection. However, this transition towards more intelligent control needs to be smooth and evolutionary, so as to take into account the legacy of existing control architectures and currently deployed systems.
The security of power systems and the role of ICTs 43 Another factor to consider in the discussion of security issues is the cost of potential solutions. Security costs might be high and difficult to justify from the operational viewpoint. Moreover, it is not clear to what extent society is prepared to bear it (see Amin (2005) for an account of the current debate in the USA on the topic).
In conclusion:
? Security must be seen as a systemic property – the top challenge is to understand and accept the risk, in particular for interconnected infrastructures. Security
cannot be ensured by local measures; it must be taken into account in all phases of
the life cycle of a system, from requirement analysis to design, runtime control
implementation, verification and testing, and must apply to all system components.
? Security depends on the availability and proper use of technologies – the never-ending flow of innovative ICS provides functionality, whose secure use
and application to security solutions needs to be rationally justified. The inadequate
appropriation of new technologies by infrastructures might pave the way to
dangerous vulnerabilities. The understanding of complex systems, and furthermore
of their non-functional behaviour (as regards security, for instance), requires the
availability of systematic and rigorous methodologies.
? The decision and costs of security have to be shared among all stakeholders – the balance between the business and societal perspectives will have to find an
equilibrium based on a rational justification of security expectations and the overall
costs required for satisfying them.
References
AEEG (2003) ‘Sintesi dell’Istruttoria Conoscitiva sulle Interruzioni del Servizio Elettrico del 26 Giugno 2003’, Autorità per l’energia elettrica e il gas 6 Dicembre 2003, http://www.autorita .energia.it/com_stampa/index.htm.
AEEG (2004) ‘Resoconto dell’Attività Conoscitiva in Ordine alla Interruzione del Servizio Elettrico Verificatasi il Giorno 28 Settembre 2003’, Autorità per l’energia elettrica e il gas,
9 Giugno 2004, http://www.autorita.energia.it/com_stampa/index.htm.
Amin, M. (2005) ‘Powering the 21st century: we can – and must – modernize the grid’, IEEE Spectrum, April.
Anderson, P.M. and LeReverend, B.K. (1996) ‘Industry experience with special protection schemes’, IEEE Transactions on Power Systems, August, Vol. 11, No. 3.
Ciapessoni, E. and Cortina, R. (2006) La sicurezza funzionale nel sistema elettrico di potenza: stato della normativa tecnica applicabile, E. Ciapessoni and R. Cortina, Gennaio Febbraio 2006 – 1 Rivista AEIT, ‘Sicurezza dei Sistemi’.
CIGRé (2001) ‘System protection schemes in power networks’, CIGRé’ Task Force 38.02,
19 June.
CIGRé (2005) ‘Cybersecurity considerations in power system operations’, CIGRé Joint Working Group D2-B3-C2.01, Electra, n. 218, February.
CRE AEEG (2004) ‘The joint conclusions of the inquiry of the Italian and French regulatory authorities on the international causes of the September black out’, Press Release Dated 04/23/04, http://www.cre.fr/uk/ressources/communiquesdepresse/ communiquesdepresse_consultation.jsp?idDoc=1864.
Eurelectric (2004)‘Power outages in 2003’, Eurelectric Task Force Power Outages, June, https://www.doczj.com/doc/f118903259.html,/Content/Default.asp?PageID=173.
44 A. Stefanini and M. Masera
Gheorghe, A.V., Masera, M., Weijnen, M. and De Vries, L.J. (2006) Critical Infrastructures at Risk. Securing the European Electric Power System, Springer V., ISBN: 1-4020-4306-6.
IEC (2003) ‘Power system control and associated communications – data and communication security’, IEC Technical Report TR 62210, May, http://www.iec.ch/.
IEC/EN 61508 (2003) Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems.
IEEE/CIGRé (2004) ‘Definition and classification of power system stability’, IEEE/CIGRé Joint Task Force on Stability Terms and Definitions, IEEE Transactions on Power Systems, Vol. 19, No. 3, August, pp.1387–1401, ISSN: 0885-8950.
Jonsson, M. (2003) Protection Schemes to Mitigate Major Power Systems Breakdowns, Dissertation, G?teborg.
Kamwa, I. and Grondin, R. (2003)‘PMU configuration for system dynamic performance measurement in large multiarea power systems’, IEEE Transactions on Power Systems, Vol. 17, No. 2, May.
Kamwa, I., Grondin, R., Henniche, A., Trudel, G. and Riverin, L. (2003) ‘Rapid stability assessment of extreme contingencies based on wide-area severity indices’, CIGRé/IEEE Int.
Symposium on Quality and Security of Electric Power Delivery Systems, Montreal.
Kundur, P., Morison, G.K. and Wang, L. (2000) ‘Techniques for online transient stability assessment and control’, IEEE Power Engineering Society Winter Meeting.
Laprie, J.C. (1992) Dependability: Basic Concepts and Terminology, Vienna, Austria: Springer Verlag.
Naduvathuparambil, B., Valenti, M.C. and Feliachi, A. (2002) ‘Communication delays in wide area measurement systems’, Proc. Southeastern Symp. on System Theory, Huntsville, AL, 18–19 March, pp.118–122.
National Grid (2003) Investigation Report into the Loss of Supply Incident Affecting Parts of South London at 18:20 on Thursday, 28 August 2003 (Executive Summary), National Grid Transco.
10 September 2003, http://195.92.225.33/uk/library/documents/pdfs/London28082003.pdf. NERC (1997) NERC Planning Standards, North American Electric Reliability Council, September, https://www.doczj.com/doc/f118903259.html,/~filez/pss-psg.html.
NERC (2005a) ERO Implementation, North American Electric Reliability Council, March–August, https://www.doczj.com/doc/f118903259.html,.
NERC (2005b) NERC Version 0 Reliability Standards, North American Electric Reliability Council, February, https://www.doczj.com/doc/f118903259.html,/~filez/standards/Version-0.html.
Phadke, A.G. and Horowitz, S.H. (1990) ‘Adaptive relaying’, IEEE Computer Applications in Power, July, Vol. 3, No. 3, pp.47–51.
Stefanini, A. and Servida, A. (Eds.) (2005) ‘The future of ICT for power systems: emerging security challenges’, Report of the Consultation Workshop, Brussels, 3–4 February, https://rami.jrc.it/workshop_05/Report-ICT-for-Power-Systems.pdf.
UCTE (2004a) Final Report of the Investigation Committee on the 28 September 2003 Blackout in Italy, UCTE Ad-hoc Investigation Committee, 27 April, https://www.doczj.com/doc/f118903259.html,/pdf/News/ 20040427_UCTE_IC_Final_report.pdf.
UCTE (2004b) ‘UCTE issues new system adequacy report 2003 with an overview of congestions on the UCTE interconnected system’, UCTE Press Release, 23 June, https://www.doczj.com/doc/f118903259.html,/pdf/ News/20040623_SAR2003.pdf.
UCTE (2005a) Operation Handbook – Policy 3, Appendix 1, https://www.doczj.com/doc/f118903259.html,/ohb/ cur_status.asp.
UCTE (2005b) ‘UCTE inter-TSO multilateral agreement entered into force on 1 July 2005’, UCTE Press Release, 19 July, https://www.doczj.com/doc/f118903259.html,/pdf/News/20050701_MLA_in_force_v5.pdf.
US-Canada Task Force (2005) US-Canada Power System Outage Task Force, Final Report on the
14 August 2003 Blackout in the United States and Canada: Causes and Recommendations,
5 April 2004, https://www.doczj.com/doc/f118903259.html,/~filez/blackout.html.
The security of power systems and the role of ICTs 45 Wilks, J. (2002) ‘Developments in power system protection’, Annual Conf. of Electric Energy Assoc. of Australia, Canberra, AUT, 9–10 August.
Zima,M. (2002) Special Protection Schemes in Electric Power Systems – Literature Survey, ETH Zürich, CH, June.
Notes
1 Only in the aftermath of the blackout (March 2005) did the US systems make substantial
progress towards implementing an Electricity Reliability Organisation (NERC, 1997).
2 Functional safety is that part of the overall safety which depends on a system or equipment
operating correctly in response to inputs. Functional safety is achieved when every specified safety function is carried out and the level of performance required of each safety function is met.
无线电通信技术的应用现状与发展趋势 发表时间:2018-12-18T11:43:54.620Z 来源:《基层建设》2018年第31期作者:张斌 [导读] 摘要:随着经济社会的快速发展,加快了信息化的脚步,在社会的各个领域无线通信技术也被广泛的使用,它让人们的生活效率更高、质量更好、内容更充实。 陕西烽火电子股份有限公司陕西宝鸡 721006 摘要:随着经济社会的快速发展,加快了信息化的脚步,在社会的各个领域无线通信技术也被广泛的使用,它让人们的生活效率更高、质量更好、内容更充实。无线电通信技术和有线电通信相比,具有不用架设传输线路线、脱离传输距离限制、传输距离远、通信灵活等优点,备受市场的青睐。现在人们生活的方方面面都离不开无线通信技术。无线电通信在高科技信息化时代拥有更大的发展机会。本文主要从无线电波的来源开始,对无线电通信技术目前的情况及其发展进行了论述。 关键词:无线电通信技术;应用;现状;趋势 随着当前无线电通信过程中的各个发展阶段,其在发展中的各种应用使得其成为当前信息技术发展过程中的主要手段和应用过程。随着当前人们对信息技术的要求不断增加,无线电通信技术的普及已成为社会发展的必然趋势,其在发展过程中的普及化只是一个时间问题。在通信方法随着当前科学技术不断的变化过程中,无线电通信技术愈来愈成为当前社会发展过程中的主要通信手段,拥有者广阔的市场。因此,在无线电通信技术通信方法应用开发的发展潜力无穷,这就使得我们在研究和开发的过程中对其展开全方位的施工方式,为无线电通信技术创新出谋划策,为全球信息化及经济全球化的通信事业贡献力量。 1.无线通信技术 无线通信技术包括无线基站、无线终端、应用管理服务器三部分组成,按照传输距离可以分为基于IEEE802.15 的无线个域网(WPAN)、基于IEEE802.11 的无线局域网(WLAN)、基于IEEE802.16 的无线城域网(WMAN)、基于IEEE802.20 的无线广域网(WWAN)等四类。无线通信技术按照不同的要求,可以划分为不同的类型。例如,按照移动性可以划分为移动接入式和固定接入式;按照带宽可以分为宽带无线接入和窄带无线接入;按照传输距离可以分为长距离无线接入和短距离无线接入等。 2.无线通信技术的历史 随着经济和社会的不断发展,对信息化技术的要求越来越高。无线通讯技术的创新不断涌现,并在社会中得到广泛应用。从而促进人们生活方式、工作方式、沟通方式、管理方式等发生重大改变,对人们生活质量的提高起到了很大的促进作用。通信技术从固定方式发展到移动方式,在移动通信发展过程中,大致经历了五个重要阶段: 第一阶段:20世纪20年代初至50年代初,移动通信技术主要应用于军用装备,这个阶段的移动通信设备是采用短波频及电子管技术,在50年代初,才出现了150MHZ VHF 单工汽车公用移动电话系统MTS。 第二阶段:20世纪50年代到60年代,这个时期的移动通信设备器件已开始向半导体过渡,频段扩展至UHF450MHZ,并形成了移动环境中的专用系统。同时,也很好的解决了移动通信网络与公用电话网的融合问题。 第三阶段:20世纪70年代初至80年代初,这个阶段提出了蜂窝移动通信系统,并在70年代末开始进行AMPS试验。频段扩展至800MHZ。 第四阶段:20世纪80年代初至90年代中,是第二代数字移动通信大发展时期,移动通信技术开始逐步向个人通信业务方向转变; 第五阶段:20世纪90年代中至今,适应移动数据、移动计算及移动多媒体运作需要的第三代移动通信技术开始兴起并应用,全球移动通信技术标准化工作加速推进,样机研制和现场试验蓬勃发展,第二代至第三代移动通信的平滑过渡,数据通信与多媒体业务需求不断增加。 3.无线电通信技术的发展现状 现今,无线通信产业两个重要特点是:1.大众移动通信发展十分强劲,新技术应用更新不断加快。但在一些国家和地区,存在发展不均衡问题。2.无线宽带通信技术的研究、应用不断发展。 全球移动市场呈总体增长,不均衡增长的趋势。北美、欧洲等发达国家的新增用户日益减少;而在亚洲、非洲等地区的发展中国家,用户数增长迅猛。从数据新业务市场的增长来看,韩国、日本呈现爆发态势,已成为全球移动通信发展的新热点。移动通信仍是发展最为迅速的领域,移动通信用户超过30亿人,四大3G标准(WCDMA、CDMA2000、TD - SCDMA、WiMAX)演进技术不断出现,商用进程加速,全球有10亿人被3G网络覆盖。光通信已成为电信业务传输的主要手段,近年来得到了高速发展。在超长距离传输方面,也已达到了4000km无中继的技术水平。源于移动电话对固定电话的巨大冲击,固网主导运营商开始寻求各种形式的FMC(Fixed Mobility Convergence,固定移动融合)整合服务。IMS(IP多媒体子系统)为网络融合提供了一个统一的结构,极大地促进了网络融合的进程,三网融合进程加速。 4 无线电通信技术的发展趋势 3.1 不同通信技术相互补充与融合 无线通信技术的种类使得他们在一些方面存在着很多的差异,主要表现在覆盖范围、使用领域、传输速率、技术水平等方面,但是也都有自身的优势和不足。因此,把不同的无线通信技术有机地融合起来,构成一体化的无线通信网络,达到优势互补的目的,从而提高无线通信技术的服务水平与服务领域,为人类社会带来更多的便捷。 3.2 无线通信技术和宽带无线接入技术有效结合 将这两个相结合,能够扩大无线通信技术的覆盖范围,并极大提高无线通信技术的数据传输速率。宽带无线接入技术基本应用于固定环境中的高速接入。要实现两种技术的融合,开发商应充分结合二者的技术特性以及应用范围,实现二者的有机结合,达到优势互补、资源整合的目的。 3.3 无线通信技术和网络NGN的有机融合 就NGN技术的发展趋势而言,固定网络会朝着信息化、高宽带化的信息通信方向发展。因此,基于这一发展背景,无线通信技术的相关传输方式便会得到广泛地应用,从而促进NGN技术的发展。实现系统化的技术整合,促进固定无线通信技术一体化的形成,充分发挥出不同无线通信技术的优势作用。不过,这个发展趋势要经历极为漫长的过程,需要在技术、资金、人力方面的投入。
浅析电力系统信息网络安全 【摘要】 随着电力行业信息化不断发展,信息安全的重要性日渐突显,所面临的考验也日益严峻。全文分析了威胁电力系统安全的几个主要来源及局域网安全管理所涉及的问题,并从信息安全技术与管理上提出了自己的几点思路和方法,增强智能电网信息安全防护能力,提升信息安全自主可控能力 【关键词】电力系统网络安全计算机 随着计算机信息技术的发展,电力系统对信息系统的依赖性也逐步增加,信息网络已成为我们工作中的重要组成部分。电力的MIS系统、电力营销系统、电能电量计费系统、SAP 系统、电力ISP业务、经营财务系统、人力资源系统等,可以说目前的电力资源的整合已经完全依赖计算机信息系统来管理了。因此在加强信息系统自身的稳定性同时,也要防范利用网络系统漏洞进行攻击、通过电子邮件进行攻击解密攻击、后门软件攻击、拒绝服务攻击等网络上带来诸多安全问题。 如何应对好网络与信息安全事件。要把信息安全规划好,就要从软件和硬件两个方面下功夫。 首先我们来谈谈软件这块,其实这块主要是指安全防护意识和协调指挥能力和人员业务素质。 作为企业信息网络安全架构,最重要的一个部分就是企业网络的管理制度,没有任何设备和技术能够百分之百保护企业网络的安全,企业应该制定严格的网络使用管理规定。对违规内网外联,外单位移动存储介质插入内网等行为要坚决查处,绝不姑息。企业信息网络安全架构不是一个简单的设备堆加的系统,而是一个动态的过程模型,安全管理问题贯穿整个动态过程。因此,网络安全管理制度也应该贯穿整个过程。 通过贯彻坚持“安全第一、预防为主”的方针,加强网络与信息系统突发事件的超前预想,做好应对网络与信息系统突发事件的预案准备、应急资源准备、保障措施准备,编制各现场处置预案,形成定期应急培训和应急演练的常态机制,提高对各类网络与信息系统突发事件的应急响应和综合处理能力。 按照综合协调、统一领导、分级负责的原则,建立有系统、分层次的应急组织和指挥体系。组织开展网络与信息系统事件预防、应急处置、恢复运行、事件通报等各项应急工作。
随着我国信息化建设步伐的逐渐加快,国内众多高校和研究院所越来越重视有关信息、网络、通信方面的学科建设。信息与通信工程作为其中最主要的分支,被关注的程度越来越高。现在,全国招收信息与通信工程专业硕士研究生的院校有160多所,其中既有以信息与通信专业为主的专门院校,也有综合实力强劲、信息与通信专业实力也不俗的综合性大学,还有信息与通信工程专业实力不错但容易被考生忽视的院校。在名专业和名校的分岔路口,向左走还是向右走,是考生必须面对的问题。 向左走:专精研究造就传统强势 全国以信息与通信专业为主的专门院校有北京邮电大学、西安电子科技大学、电子科技大学、南京邮电大学、重庆邮电大学、杭州电子科技大学、西安邮电学院、桂林电子科技大学等。其中除了北京邮电大学、西安电子科技大学、电子科技大学外,其他院校的综合实力排名并不靠前,但不能因此低估这些院校在信息与通信工程方面的实力。毕竟这些院校在成立之初大多专攻电子信息与通信工程,悠久的历史成就了它们在专业领域的传统强势。 北京邮电大学 光纤通信、宽带通信、移动通信以及信号处理都是北邮的强势专业。学校拥有一个程控交换技术与通信网国家重点实验室,目前国内广泛应用的智能网就是其研究成果,这也是中国互联网研究能与国际先进水平接轨的成果之一。学校还与许多知名通信类企业如华为、中兴、思科(CISCO)、IBM、朗讯等有项目合作。 招生信息:北邮的院系划分较细,有几个院系和科研单位均招收信息与通信工程相关专业的研究生。2011年计划招生数为计算机学院391人,信息与通信工程学院724人,电子工程学院239人,信息光子学与光通信研究院188人,网络技术研究院346人,总计招生1800人左右。除去一些电子专业,估计信息与通信工程类专业招生人数不少于1000人。 报考指南:北邮每年招生人数较多,约有一半以上是外校学生。除了某些实力特别强的实验室或特别有名的导师录取分数较高外,分数线一般都在各院的院线左右。需要强调的是,北邮的初试专业课参考书《通信原理》是由本校教师编写的,不同于大部分学校选用的樊昌兴教授主编的《通信原理》。 西安电子科技大学
目录 一、引言 (2) 二、无线通信的分类 (2) 1.GSM接入技术 (2) 2.CDMA接入技术 (2) 3.GPRS接入技术 (2) 4.蓝牙技术 (3) 5.WCDMA接入技术 (3) 6.3G通信技术 (4) 7.无线局域网 (4) 三、无线通信技术在不同领域的应用 (4) 1.无线通信技术在变电站中的应用 (4) 2、现代无线通信技术在海洋地质调查中的应用 (4) 3.无线通信技术在调度通信中的应用 (5) 4.第三代移动通信技术在消防中的运用 (6) 5.激光无线通信技术在宽带接入中的应用 (7) 6.无线通信技术在远程医疗系统中的应用 (8) 四、无线通信技术特点及发展趋势 (9) 1.技术分析 (10) 2 .无线通信技术的发展趋势 (11) 五、结束语 (12) 参考目录
无线通信技术在不同领域的应用 一、前言 无线通信主要包括微波通信和卫星通信。微波是一种无线电波,它传送的距离一般只有几十千米。但微波的频带很宽,通信容量很大。微波通信每隔几十千米要建一个微波中继站。卫星通信是利用通信卫星作为中继站在地面上两个或多个地球站之间或移动体之间建立微波通信联系。 二、无线通信的分类 1.GSM接入技术 GSM是一种起源于欧洲的移动通信技术标准,是第二代移动通信技术。该技术是目前个人通信的一种常见技术代表。它用的是窄带TDMA,允许在一个射频即‘蜂窝’同时进行8组通话。GSM数字网具有较强的保密性和抗干扰性,音质清晰,通话稳定,并具备容量大,频率资源利用率高,接口开放,功能强大等优点。 2.CDMA接入技术 CDMA即code-division multiple access的缩写,译为“码分多址分组数据传输技术”。CDMA手机具有话音清晰、不易掉话、发射功率低和保密性强等特点,发射功率只有GSM手机发射功率的160,被称为“绿色手机”。CDMA数字网具有以下几个优势:高效的频带利用率和更大的网络容量、简化的网络规化、通话质量高、保密性及信号覆盖好,不易掉话等。另外,CDMA系统采用编码技术,其编码有4.4亿种数字排列,每部手机的编码还随时变化,这使得盗码只能成为理论上的可能。 3.GPRS接入技术 GPRS是分组交换技术。GPRS的用途十分广泛,包括通过手机发送及接收电子邮件,在互联网上浏览等。GPRS的最大优势在于:它的数据传输速度非WAP所能比拟。目前的GSM移动通信网的数据传输速度为每秒9.6K字节,而GPRS达到了115Kbps 此速度是常用56Kmodem理想速率的两倍。除了速度上的优势,GPRS还有'永远在线'的特点,即用户
无线通信系统的发展历程与趋势 现代无线通信系统中最重要的两项基础是多址接入(Multiple Access)和双工(Multiplexing)。从1G到4G的无线通信系统演进史基本上就是在这两项技术上进行不断改进。 多址接入技术为不同的用户同时接入无线通信网提供了可能性。给出了三种最典型的多址接入技术:FDMA、TDMA和CDMA的比较。 双工技术为用户同时接收和发送数据提供了可能性。两种最典型的双工技术:FDD模式和TDD模式。 中国无线通信科技发展史和未来走向范文 当今,全球无线通信产业的两个突出特点体现在:一是公众移动通信保持增长态势,一些国家和地区增势强劲,但存在发展不均衡的现象;二是宽带无线通信技术热点不断,研究和应用十分活跃。 1 无线通信技术的发展历程 随着国民经济和社会发展的信息化,人们要通信息化开创新的工作方式、管理方式、商贸方式、金融方式、思想交流方式、文化教育方式、医疗保健方式以及消费与生活方式。无线通信也从固定方式发展为移动方式,移动通信发展至今大约经历了五个阶段:第一阶段为20年代初至50年代初,主要用于舰船及军有,采用短
波频及电子管技术,至该阶段末期才出现150MHZ VHF单工汽车公用移动电话系统MTS。 第二阶段为50年代到60年代,此时频段扩展至UHF450MHZ,器件技术已向半导体过渡,大都为移动环境中的专用系统,并解决了移动电话与公用电话网的接续问题。 第三阶段为70年代初至80年代初频段扩展至800MHZ,美国Bell研究所提出了蜂窝系统概念并于70年代末进行了AMPS试验。 第四阶段为80年代初至90年代中,为第二代数字移动通信兴起与大发展阶段,并逐步向个人通信业务方向迈进;此时出现了D-AMPS、TACS、ETACS、GSM/DCS、cdmaOne、PDC、PHS、DECT、PACS、PCS等各类系统与业务运行。 第五阶段为90年代中至今,随着数据通信与多媒体业务需求的发展,适应移动数据、移动计算及移动多媒体运作需要的第三代移动通信开始兴起,其全球标准化及相应融合工作与样机研制和现场试验工作在快速推进,包括从第二代至第三代移动通信的平滑过渡问题在内。 2 第一代无线通信系统 采用频分多址(Frequency Division Multiple Access)技术组建的模拟蜂窝网也被称为第一代(First Generation,下称1G)无线通信系统。这些系统中,话务是主要的通信方式。由于采用模拟调制,这些
网络入侵检测系统在电力行业的应用(解决方案) 电力行业关系到国计民生,是我国经济快速发展的重要基石。信息安全建设作为保障生产的一个重要组成 部分,越来越多地受到重视并被提到议事日程上来。 电力行业关系到国计民生,是我国经济快速发展的重要基石。电力系统的信息化建设有力地推动了电力行业生产、办公、服务水平,随着电力系统网络规模的不断发展和信息化水平的不断提高,信息安全建设作为保障生产的一个重要组成部分,越来越多地受到重视并被提到议事日程上来。 据来自有关部门的资料,目前电力系统存在的一些信息安全问题已明显地威胁到电力系统的安全和稳定,,影响着“数字电力系统”的实现进程。研究电力系统信息安全问题、开发相应的应用系统、制定电力系统信息遭受外部攻击时的防范与系统恢复措施,是电力行业当前信息化工作的重要内容。电力系统信息安全已经成为电力企业生产、经营和管理的重要组成部分。 榕基入侵检测系统(RJ-IDS)是榕基网安公司除了漏洞扫描系统外的一条全新产品线,该产品是一种动态的入侵检测与响应系统,除了能对高速网络上的数据包捕获、分析、结合特征库进行相应的模式匹配外,还具有强大的行为和事件统计分析功能,能够自动检测可疑行为,及时发现来自网络外部或内部的攻击,并可以实时响应,切断攻击方的连接,帮助企业最大限度的保护公司内部的网络安全。 网络构架描述 国内电力行业某省级公司,随着业务需求的进一步扩展,原有的网络及系统平台已经不能满足应用需求,从保障业务系统高效、稳定和安全运行等方面考虑,必须升级优化现有系统,其中提高网络的安全性 是重中之重。 该公司信息系统基础设施包括电力系统网络、局域网和互联网三个部分。电力系统网络是承载该公司与各个子公司内部业务交流的核心平台,局域网是该公司内部日常办公的主要载体,外部信息的获取和发 布通过互联网来完成。 该公司的局域网于2001年建成并投入运行,核心交换机为Cisco Catalyst 6509。以千兆下联十多台设在各部门的百兆交换机,均为Cisco Catalyst 3524XL/3550系列交换机,并划分了多个VLAN;在网络出口处,该公司通过Cisco 7401交换机与Internet连接,Internet接入边界有最基本的安全设备,一台硬件 防火墙和一台VPN设备。 公司提供包括WWW、SMTP、FTP等互联网应用服务,目前开设了一个内部信息发布、员工交流站点和一个对外展示企业形象的站点,公司还架设了一个供300多人使用的邮件系统。同时公司还拥有很多的重要应用系统,其中包括企业OA系统和各种信息管理系统。 目前大流量的应用主要集中在局域网内,因此局域网的压力很大;大部分的应用必须跨广域网,但由于应用刚刚起步,因此跨广域网的流量不很大,随着信息化建设的逐步深入,广域网潜在的瓶颈将会严重影 响应用的普及;公司与各个子公司之间以VPN相连。 安全需求分析
电子信息工程与通信工程的区别: 电子信息工程专业培养具备电子技术和信息系统的基础知识,能从事各类电子设备和信息系统的研究、设计、制造、应用和开发的高等工程技术人才。 通信工程专业学习通信技术、通信系统和通信网等方面的知识,能在通信领域中从事研究、设计、制造、运营及在国民经济各部门和国防工业中从事开发、应用通信技术与设备。 职业通路:研发员→研发工程师→高层市场或管理人员 电子信息工程专业是跨学科的复合型专业,口径宽、适应面较广。本专业以就业导向为理念,以培养职业素质优良,具有较高创新能力的人才为目标。本专业强调学科交叉,重在培养宽泛的知识面,加强了电子背景的学生在人机工程、人机交互、界面美学等知识的学习。毕业生应具备的能力有:掌握典型的信息系统、电子产品与系统的工作原理、设计方法、维护与营运技能;掌握信息系统的原理和设计、调试能力;掌握信息获取、处理、传输的基本理论和应用技术;掌握电子产品和信息系统的计算机辅助设计的技能;运用计算机进行信息处理、工程设计和应用软件开发的能力。 本专业毕业生适应面很广,可在电子信息领域相关研究所、设计院、学校从事科研、教学或管理工作;可到机关事业单位、工矿企业、能源交通、电力、家电、智能仪器、计算机应用等领域工作;也可在电子与计算机领域从事电子产品界面设计、外观设计、系统设计、辅助
设计和测试工作;还可以进一步深造攻读相关专业的硕士研究生。 主要课程:电路原理、电子电路基础、数字系统基础、软件基础、电子系统设计、电子产品设计基础、人机工程学、人机界面设计、电子产品设计与案例、电子产品可用性测试等。其中电子产品设计与案例为专业特色课程。 通信工程专业是21世纪高新技术的主体和前沿。本专业的目标是培养具有通信领域内的通信技术、通信系统和通信网等方面的基本理论与专业知识,具备综合的创新实践能力,能在国民经济各部门中从事各类通信电子设备和通信系统的研究、设计、开发、制造、测试和技术维护等方面的高级技术人才。本专业设置数字通信技术和网络通信技术两个专业方向。数字通信技术方向是侧重于通信系统中数字通信、移动通信、光通信等方向的基本理论与实践技能的人才培养,掌握通信设备的研究、设计、开发、测试与维护,熟悉通信的基本方针、政策与法规。通信网络技术方向是侧重于通信网络的构建、通信网络分析与设计方法、网络的运行、安全与维护等方面技术人员的培养。本专业是杭州市首批重点专业,毕业生深受社会的青睐,就业率均在95%以上,并且主要分布在沿海经济发达城市。本专业就业前景十分广阔、就业质量名列各行业前茅,毕业生可在通信企业的各知名公司从事设计与研发工作,如华为、贝尔、东方通信、UT斯达康等;也可以进入电信、移动、铁通、网通、数据交换局、广播电视部门以及相关研究所、设计院、学校从事科研、教学与管理等各方面工作;还
一、技术服务方案 1、通则 1、贯彻“预防为主、防抢结合”的方针,坚持“预检预修”的原则,精心维护、科学管理,积极主动采取有效措施,消除隐患,保持线路设施完整、良好。 2、光缆线路维保工作的目的是及时发现和处理通信线路运行中存在的缺陷或安全隐患,从而保障光缆线路状况安全稳定运行。 3、光缆线路的维护工作可分为维护方案编制、日常巡查、定期测试、光缆防护措施、障碍处理、光缆线路突发事件处理、光缆线路迁移改造、光缆线路割接、维护报表等。 4、光缆线路的维护工作基本要求: 严格按照操作规程进行; 当维护工作涉及到其他部门时,应主动与相应部门联系,制 定出具体实施方案后方可进行; 光缆线路维保工作应按照光缆线路维保处理程序进行; 对于比较复杂容易引起通信业务中断的操作,应事先制订工 作计划和预防发生障碍的措施,编写处理方案,经审核批准 后方可执行; 维修工作前应做好相关安全措施,维修中应认真执行“安全 操作规程”以及其它有关安全操作的规定,防止发生人身伤 害和设备仪表损坏事故;
维护工作中应做好原始记录,遇到重大问题应及时请示并及 时处理; 光缆抢修、迁改及割接后,应进行详细的检查和妥善处理, 并由客户对光缆线路的传输质量予以验证; 对重要线路及重要通信期间要加强维护,保证通信; 因地制宜切实做好季节性维护工作。在雷雨、台风季节到来 之前,对易遭受洪水冲刷、台风破坏的地段进行认真的检查, 关键部位和薄弱环节应重点检查;对防护设施进行认真的检 修。 2、日常和技术维护 日常维护 光缆线路日常维护的主要方法是巡线。巡线是光缆线路日常维护中一项经常性的工作,是预防线路发生障碍的重要措施,是维护人员的主要任务。巡线可分为线路巡查和徒步全巡两种方式。 (1)、日常维护巡线的目的、要求和方法 通过巡线了解沿线地形、地貌及变化情况,了解险情及交通情况,熟悉路由走向,检查光缆设备,消除故障隐患,以避免事故的发生。因此,要求维护人员必须按照规定定期巡线。大雨过后及其他特殊情况应增加巡线次数。必要时,可派人驻守主要线路区段,确保光缆线
几种无线通信技术的比 较 The manuscript was revised on the evening of 2021
几种无线通信技术的比较 摘要:随着电子技术、计算机技术的发展,近年来无线通信技术蓬勃发展,出现了各种标准的无线数据传输标准,它们各有其优缺点和不同的应用场合,本文将目前应用的、无线通信方式进行了分析对比,并总结和预见了它们今后的发展方向。 关键词:Zigbee Bluetooth UWB Wi-Fi NFC Several Wireless Communications Technology Comparison Abstract:As the development of electronic technology,computer technology, wireless communication technology have a rapid development in recent years,emerged wireless data transmission standard,they have their advantages and disadvantages,and different applications,the application of various wireless communication were analyzed and compared,and summarized and foresee their future development. 一.几种无线通讯技术 (一)ZigBee 1.简介: Zigbee是基于标准的低功耗个域网。根据这个规定的技术是一种短距离、低功耗的技术。其特点是近距离、低复杂度、自组织、低功耗、低数据速率、低成本。主要适合用于自动控制和远程控制领域,可以嵌入各种设备。 ZigBee是一种高可靠的无线数传网络,类似于和网络。ZigBee数传模块类似于移动网络。通讯距离从标准的75m到几百米、几公里,并且支持无限扩展。ZigBee是一个由可多到65000个无线数传模块组成的一个无线数传网络平台,在整个网络范围内,每一个ZigBee网络数传模块之间可以相互通信,每个网络节点间的距离可以从标准的75m无限扩展。与的CDMA网或GSM网不同的是,ZigBee网络主要是为工业现场自动化控制数据传输而建立,因而,它必须具有简单,使用方便,工作可靠,价格低的特点。而移动通信网主要是为语音
认知无线电的发展历程与现状 认知无线电的发展历程与现状 摘要:认知无线电是一种通过与其运行环境交互而改变其发射参数从而提高频谱利用率的新的智能技术,其核心思想是CR具有学习能力,能与周围环境交互 信息,以感知和利用在该空间的可用频谱,并限制和降低冲突的发生,认知无线电就是通过频谱感知(Spectrum Sensing )和系统的智能学习能力,实现动态频谱分配(DSA dynamic spectrum allocation )和频谱共享(Spectrum Shari ng )。本文主要分析认知无线电的起源,认知无线电的关键技术概要,认知无线电的相关标准化进程以及认知无线电的应用场景等多个方面,对认知无线电进行一个概述,从而加深对无线电的认知与了解。关键字:认知无线电、起源、关键技术、标准化、应用 随着无线通信需求的不断增长,对无线通信技术支持的数据传输速率的要求越来越高。根据香农信息理论,这些通信系统对无线频谱资源的需求也相应增长,从而导致适用于无线通信的频谱资源变得日益紧张,成为制约无线通信发展的新瓶颈。另一方面,已经分配给现有很多无线系统的频谱资源却在时间和空间上存在不同程度的闲置。为解决无线频谱资源紧张的问题,出现了许多先进的无线通信理论与技术,如链路自适应技术、多天线技术等。这些技术虽然能提高频谱效率,但仍受限于Sha nnon理论。 美国联邦通信委员会的大量研究表明:ISM频段以及适用于陆地移动通信的2GHz 左右授权频段过于拥挤,而有些授权频段却经常空闲。因而提出了认知无线电。认知无线电是一种智能频谱共享技术。它通过感知频谱环境、智能学习并实时调整其传输参数,实现频谱的再利用,进而显著地提高频谱的利用率,通过从时间和空间上充分利用那些空闲的频谱资源,从而有效解决上述难题。 1. 认知无线电的发展历程
学科专业代码:0810 学科专业代码:信息与通信工程 类型:学术研究型 一、研究方向 1. 宽带通信理论与技术 2. 信息传输理论与编码技术 3. 移动通信与卫星通信技术 4. 新体制雷达理论与技术 5. 现代信号处理理论与技术 6. 雷达成像与目标识别技术 7. 数字图象处理理论与技术 8. 信息对抗理论与技术 9. 数据采集理论与应用 10.遥感信息处理与应用技术
说明: 1. 学术研究型硕士研究生必须修满35学分。其中公共学位课(GXW)9学分,学科基础课(XW)8学分,学科专业课(XW)6学分,选修课(X)6.5学分,专题课(ZT)2学分,实践课(ZX)3.5学分,学术活动1学分,外语学术论文1学分。 2. 学生选课应在教师指导下进行,并经过院系主管负责人确认,对于选课人数不超过10人的选修课原则上不允许开设。 3. 学术活动要求在导师的指导下,在课题组范围内进行一次学术报告,或者在研究生论坛活动中进行一次学术报告。 4. 外语学术论文的要求毕业前发表或投稿一篇外文学术论文。
学科专业代码:0810 学科专业代码:信息与通信工程 类型:应用研究型 一、研究方向 1.通信系统设计与优化 2.数字信号传输技术 3.移动通信系统 4.雷达信号处理技术 5.信号处理技术及应用 6.软件无线电技术及应用 7.数字图象处理与应用 8.信息安全与对抗技术 9.高速数据采集与大容量存储技术 10.遥感信息处理与应用技术 二、课程设置
说明: 1. 应用研究型硕士研究生必须修满31学分。其中公共学位课(GXW)9学分,学科基础课(XW) 4学分,学科专业课(XW)4学分,选修课(X)7学分,专题课(ZT)2学分,实践课(ZX)3学分,人文管理课2学分。 2. 学生选课应在教师指导下进行,并经过院系主管负责人确认,对于选课人数不超过10 人的选修课原则上不允许开设。 3. 人文管理类课程由研究生院统一设置,供学生选修。 4. 实践课可以是软件或硬件设计类课程(也可以通过在校外企业及研究所参加实习或论文工作获得实践课学分)。
中国通信技术服务行业的发展现状与趋势分析 摘要:本文通过对我国通信行业的发展现状进行总结与分析,描述了通信技术服务行业的行业背景与下游需求特征。同时,通过对通信技术服务行业的细分市场、发展现状、市场规模、技术趋势等方面进行分析,论述了该行业的市场化程度、发展特点、行业结构,以及行业的未来演进方向等重要内容。 关键词:通信技术服务网络实施网络维护网络优化 1、全国通信行业发展现状 通信行业是一个技术导向型的行业,随着TD-SCDMA/WCDMA/CDMA等3G技术、ADSL/EPON/GPON等宽带接入技术的发展和大规模商用,我国的通信行业得到了高速发展。特别是在2008年5月,中国移动、中国联通、中国电信三个运营商宣布了重组方案,标志着中国通信行业新格局的产生,整个通信行业迎来了高速发展阶段。2009年全国电话用户增长到106,107.2万户,移动电话用户在电话用户总数中所占的比重达到70.4%,电信用户数在4年间的复合增长率达到42.64%。纵观整个电信行业,2009年累计完成电信业务总量25680.6亿元,同比增长14.4%;实现电信主营业务收入8424.3亿元,同比增长3.9%;完成电信固定资产投资3724.9亿元,同比增长26.1%;实现电信增加值5012.2亿元,同比增长7.0%。随着3G牌照的发放,三大运营商开始大规模部署3G网络,如下图所示为中国电信业固定资产投资: 但是,随着运营商的建设投资规模持续增长,国内的通信基础设施越来越完善,通信网
络已经形成为一个多厂商、多网络技术制式的复杂通信网络,融合了核心网、传输网、接入网、支撑网等各种功能子网,设备规模庞大,如图所示为中国电信网络的资产净值: 注:固定资产净值按照每年固定资产投资累计扣除资产折旧计算而得 面对日益庞大复杂的通信网络,运营商的运营管理难度越来越大,同时,运营商为了更专注于自己的核心业务,如客户关系管理、业务开发、品牌建设,运营商逐渐将通信网络的重要支撑环节交由专业的技术服务提供商代管。随着通信行业的近几年来的高速发展,通信技术服务行业也逐渐走向专业化分工,专业技术服务商的规模也逐步壮大。通信技术服务商的服务范围主要包括网络实施建设、网络维护与网络优化,这些技术服务内容由于对专业技术要求较高,同时,需要更高的成本控制与运营管理水平,独立的第三方技术服务商在该领域内拥有较大的优势。 随着中国通信体制改革继续深入,电信业务种类不断分化,通信网络技术服务走向市场化。电信工程公司、设计院等单位逐步转制为公司,成为独立于电信运营商和通信主设备供应商,专注于通信网络技术服务的公司,并形成了自身专业的服务领域。随着市场的发展,设备厂商竞争激烈,产品的价格下降幅度巨大,利润渐渐透明化并降低,设备厂商也逐渐将其为运营商提供的技术服务分包出去。随着通信技术服务市场化程度逐步提高,通信技术服务的外包比例也将逐渐提高,技术服务商将越来越多的占据主导地位。 2、全国通信技术服务行业市场规模 我国电信市场经过了几次变革,现形成了三家全业务运营商为主体的市场格局。随着人民生活水平的提高,客户需求也日益多样化,从最初较为单一的通话及短信业务发展到现有
如何解决电力系统的信息安全问题 引言 电力行业是关系到国计民生的基础性行业。目前,我国电力行业正朝着市场化运作逐渐过渡,围绕着“厂网分开、竞价上网”的指导思想,电力行业新的市场竞争机制正在逐步建立。在这种格局中,电力信息化的建设也将在新环境下面临新的变化。随着电子技术的发展,信息化使公司的管理更加高效,使产品的成本可有效控制。但是同时,信息化系统的安全问题日益成为管理者必须面对的重要问题。电子签名法的出台,为网络安全认证及信息安全传输提供了法律的保障,也为电力信息安全系统的建设带来了新的契机。 电力信息化是指计算机技术、信息技术及自动化技术等现代科学技术在电力工业应用全过程的统称。电力信息化建设主要分为三个方向:1)用于对外招标采购的电子商务平台;2)用于办公和管理的管理信息系统;3)用于电力生产和电网管理的软件系统。其中任何一个方向的信息化建设都离不开安全稳定的网络安全系统。 我国电力行业的信息化建设从二十世纪六十年代初开始到目前已经成为电力生产、建设、经营、管理、科研、设计等领域的重要组成部分,在电力安全生产、节能降耗、降低成本、缩短工期、提高劳动生产率等方面取得了明显的经济效益和社会效益。 二十世纪六十年代初至七十年代,我国电力工业的信息技术应用从电力生产过程自动化起步,主要是为了提高电力生产过程的自动化程度,改进电力生产和输变电监测水平,提高工程设计计算速度,缩短电力工程设计的周期。从八十年代起,我国电力信息化进入专项业务应用阶段。电网调度自动化、电力负荷控制、计算机辅助设计、计算机仿真系统等的建设与应用深入开展,管理信息系统(MIS)的建设则刚刚起步。九十年代以后,我国电力信息化进入到加速发展时期,由操作层向管理层延伸,从单机、单项目向网络化、整体型和综合型应用发展。为了实现管理信息化,各级电力企业也建立了管理信息系统。 1.我国电力信息化建设现状 目前,我国电力系统信息化建设硬件环境已经基本构建完成,硬件设备数量和网络建设状况良好,电力系统的规划设计、基建、发电、输电、供电等各环节均有信息技术的应用。 电力信息化的具体应用主要包括电网调度自动化系统、厂站自动控制、电力市场技术支持系统、电力营销信息系统、电力负荷管理系统、企业ERP、管理信息系统(MIS)等。办公自动化系统、财务管理信息系统、客户服务支持系统、远程教育培训系统、供应链管理(SCM)系统等应用信息系统也在建设之中。 在电力信息化建设的推动下,我国电力行业的电网管理水平、企业管理水平、发电生产管理信息化水平、电力规划设计能力和电力营销管理信息化都得到了显著提高。 2.电力信息化发展中的信息安全问题 2.1电力系统信息安全概述 电力系统是一个复杂的网络系统,其安全可靠运行不仅可以保障电力系统的正常运营与供应,避免安全隐患所造成的重大损失,更是全社会稳定健康发展的基础。随着我国电力信息化建设的不断推进,对于电力安全建设中的信息安全问题国家有关部门给予了高度重视。2003年,国家电网公司将国家电力信息网络的安全运行纳入到电力安全生产管理的范畴,把信息网络的安全管理纳入电力安全生产体系,实行了信息网络安全运行报表制度和监督管理制度。2004年3月9日,国家电力监管委员会颁布实施的《电力安全生产监管办法》中,对于电力安全生产信息报送做了明确的规定,要求“各电网经营企业、供电企业、发电企业要按照电监会关于电力安全生产信息报送的规定报送电力安全生产信息;当发生重大、特大人身事故、电网事故、设备损坏事故、电厂垮坝事故和火灾事故时,要立即向电监会报告,时间不得超过24小时,同时抄报国家安全生产监督管理局和所在地政府有关部门;电力安全生产信息的报送应当及时、准确,不得隐瞒不报、谎报或者拖延不报”。
0810信息与通信工程一级学科简介 一级学科(中文)名称:信息与通信工程 (英文)名称:Information and Communication Engineering 一、学科概况 从1864年麦克斯韦在理论上预言了电磁波的存在,到1888年赫兹实验验证电磁场理论,再到1896年马可尼发明无线电报,人类进入了电信时代。从20世纪上半叶人类发明电子管、晶体管、雷达、广播、电视等,到20世纪中叶香农提出信息论、维纳提出控制论,再到20世纪后期以来的集成电路、移动通信、互联网、智能终端、社交网络等技术的大规模普及和应用,信息与通信工程学科得到了长足发展,并推动了世界信息科学技术的高速发展以及人类社会的巨大进步。 未来社会将是高度信息化的社会,信息与通信工程的发展前景广阔。进入21世纪以来,随着全球信息化进程的加速,信息与通信工程学科的各个研究分支呈现出相互渗透与融合的趋势,沿着多媒体化、普及化、多样化、个性化和全球化的方向发展,并逐步向网络化﹑融合化、智能化的方向拓展。另一方面,信息与通信科学技术正向生物、纳米、认知等其它传统及新兴学科和领域渗透,成为发展交叉学科的重要纽带,必将促进多个学科的交叉融合发展,孕育诸多重大科学问题的发现和原理性的突破,并且将引发新的信息科技革命。 二、学科内涵 信息与通信工程学科是一个涉及应用数学、物理学、计算机科学等学科的基础知识完整,关联工业、农业、生物、医疗、航空航天、军事、金融业、服务业等行业的应用领域广泛的学科,主要研究对象包括信息的获取、存储、传输、处理和应用,以及信息与通信设备及系统的研究、分析、设计、开发、维护、测试、集成和应用。 信息与通信工程学科一方面以信息传输和交换研究为主体,涉及国民经济和国防应用的电信、广播、电视、声纳、导航、遥感、遥测遥控、互联网等领域,研究各类信息与通信网络及系统的组成原理、体系构架、功能关联、应用协议、性能评估等内容;另一方面以信号与信息处理研究为核心,研究各类信息系统中的信息获取、变换、存储、传输、应用等环节中的信号与信息处理,包括各种形式信号与信息处理的算法与体制、物理实现、性能评估、系统应用等内容。 信息与通信工程学科的主要理论包括:电路与系统、信号处理、电磁场与电磁波、信息理论、控制与优化、通信理论、雷达理论、网络理论、导航定位理论、遥感遥测理论、信息对抗理论、智能信息处理理论、网络安全理论等。 本学科的研究方法包括理论研究与实验研究。理论研究主要是依据理论分析设计目标模型,再通过逻辑推理或实验验证相关的科学结论。实验研究主要通过探测和采集目标数据、以及构建目标物理模型或系统,获得相关实证数据并借助数学与统计方法进行数据分析,由此提出或验证科学结论。理论研究与实验研究过程中均可运用形象思维、逻辑思维等方法,以及系统论、信息论、控制论等蕴涵的基础科学方法。 三、学科范围 信息与通信工程主要包括“通信与信息系统”和“信号与信息处理”两个研究方向。 “通信与信息系统”方向的主要研究内容包括: l 信息理论 l 通信信号处理 l 信源、信道编码以及网络编码 l 通信网络与协议 l 通信与信息系统架构与体系 l 信息安全与通信对抗
一、选择题:(每题2分,共20分) 1、在操作客户设备过程中,未经客户许可,不得修改__________________。该许可必须是可追溯的记录。( ABCD ) A、客户设备程序 B、配置文件 C、数据 D、日志等 2、华为技术有限公司《工程施工行为规范 V1.0》总则以__________为基本原则( ABD ) A、《华为人行为准则》 B《全球技术服务部员工行为规范》 C、《华为基本法》 D《通信工程安全生产手册》 3、在施工过程中与客户沟通应() A、首问负责,言而有信 B、尊重客户,注意倾听,不轻易打断客户谈话,不随意转移话题 C、无论如何切忌与客户争执 D、不恶意贬低华为的竞争友商和客户的竞争友商 4、工程师(合作方)在系统调测过程中,严格按各产品_________和_________进行操作。对《现场调测记录表》的每一项内容进行内部测试,做好记录,并由客户随工人员签字确认,为工程验收做好准备( A C ) A、《数据设定规范》 B、《现场调测记录表》 C、《开局调测指导书》 D、设计文件 5、工程督导、TD在现场要先进行自我定位和排查,不轻易判断为友商、对端问题,对于需要向客户答复为友商和对端问题的口径,需要经过和共同确认后方可正式答复客户( A C ) A、项目经理 B、产品经理 C、TD D、服务经理 6、不得恶意收集客户设备的重要信息(如______),不得泄漏客户设备的重要信息,所持有的客户设备信息须在工作完成后及时删除和销毁。( ABCD ) A、网络拓扑结构 B、IP地址 C、设备口令 D、最终用户帐户信息等 7、工程督导必须对硬件安装质量和文档进行检查,要注意检查以下几个方面:( ABCD ) A、安装工艺 B、机房的整洁卫生 C、地线连接方式及地阻 D、整机试通电 8、了解《工程文件》的相关信息,并审核其正确性。如要更改设计文件,需填写《设计方案修改申请表》传递给原设计人员,让其确认、修改。特别注意以下部分内容:( ABCDEF ) A、客户安装环境准备情况 B、组网方式和机房平面布局 C、局数据、计费数据 D、电缆长度和布放规则 E、工程界面 F、客户联系人、联系电话等 9、工程督导的更换:一般情况下,不允许更换工程督导。一般工程的工程督导更换由工程经理批准,重大工程的工程督导更换由项目经理批准,合作工程的工程督导更换由合作单位工程主管重新填写《工程委托书》回执发合作部,由合作部批准。原工程督导需要与新工程督导做好工作交接,需完成:( ABCD )
信息安全培训及教育管理办法
第一章总则 第一条为了加强公司信息安全保障能力,建立健全公司的安全管理体系,提高整体的信息安全水平,保证网络通信畅通和业务系统的正常运营,提高网络服务质量,在公司安全体系框架下,本策略主要明确公司信息安全培训及教育工作的内容及相关人员的职责。对公司人员进行有关信息安全管理的理论培训、安全管理制度教育、安全防范意识宣传和专门安全技术训练;确保公司信息安全策略、规章制度和技术规范的顺利执行,从而最大限度地降低和消除安全风险。 第二条本策略适用于公司所有部门和人员。 第二章信息安全培训的要求 第三条信息安全培训工作需要分层次、分阶段、循序渐进地进行,而且必须是能够覆盖全员的培训。 第四条分层次培训是指对不同层次的人员,如对管理层(包括决策层)、信息安全管理人员,系统管理员和公司人员开展有针对性和不同侧重点的培训。 第五条分阶段是指在信息安全管理体系的建立、实施和保持的不同阶段,培训工作要有计划地分步实施;信息安全培训要采用内部和外部结合的方式进行。 一、管理层(决策层) 第六条管理层培训目标是明确建立公司信息安全体系的迫切性和重要性,获得公司管理层(决策层)有形的支持和承诺。
第七条管理层培训方式可以采用聘请外部信息安全培训、专业公司的技术专家和咨询顾问以专题讲座、研讨会等形式。 二、信息安全管理人员 第八条信息安全管理人员培训目标是理解及掌握信息安全原理和相关技术、强化信息安全意识、支撑公司信息安全体系的建立、实施和保持。 第九条信息安全管理人员培训方式可以采用聘请外部信息安全专业资格授证培训、参加信息安全专业培训、自学信息安全管理理论及技术和公司内部学习研讨的方式。 三、公司系统管理员 第十条公司系统管理员培训目标是掌握各系统相关专业安全技术,协助公司和各部门信息安全管理人员维护和保障系统正常、安全运行。 第十一条公司系统管理员培训方式可以采用外部和内部相结合的培训以及自学的方式。 四、公司人员 第十二条公司人员培训目标是了解公司相关信息安全制度和技术规范,有安全意识,并安全、高效地使用公司信息系统。 第十三条公司人员培训方式应主要采取内部培训的方式。