摘要： 随着信息化和工业化深度融合，工业信息安全相关概念逐渐涌现，包括工业控制系统、工业互联网、工业云等，概念之间交叉重叠，导致企业在实际建设应用中存在“摸不清，理不透”的问题。此外，当前工业信息安全标准化工作已经逐步开展，但是由概念交叉等引发的标准缺失、滞后、体系化不足等问题依然存在。为解决以上问题，进一步贯彻落实《网络安全法》《加强工业互联网安全工作的指导意见》等法规政策的要求，本文研究界定了工业信息安全相关概念之间的关系，全面分析了当前工业信息安全标准化工作中存在的问题，并梳理总结了国内外工业信息安全相关的标准情况。在此基础上，提出了工业信息安全标准体系框架。

关键词： 工业信息安全；标准化；体系化

Abstract: With the deep integration of information technology and industrialization,the concepts of industrial information security gradually emerge,including industrial control system,industrial Internet,industrial cloud,etc.These concepts are overlapped,leading to the problem of "unclearness and incomprehension" in the actual construction and application for enterprises.In addition,the standardization of industrial information security has been gradually carried out,but problems of lack of standards,lagging behind and lack of systematization caused by concept crossing still exist.In order to solve the problems above and further implement the requirements of laws and policies such as The Sybers Security Law of the People's Republic of China and The Guidance on Strengthening Industrial Internet Security,this article clearly defines the relationship among the relevant concepts in industrial information security for the first time,comprehensively analyzes the existing problems in the current standardization of industrial information security,and summarizes the situation of relevant standards of industrial information security at home and abroad.On this basis,the framework of industrial information security standard system has been proposed.

Keywords： Industrial Information Security；Standardization；Systematization /98TPb98vZvCdb5/F7tYiMX3dl5hGpy+dF7fuK9CXQt6O3BIXXv0mUdCvdu7VtmI