5437-1081Zero trust represents a new generation of network security protection concept, the key is to break the default “trust”, through “continuous verification, never trust” to ensure network security. Zero-trust concept and framework has attracted much attention at home and abroad, and in the “Guiding Opinions on Promoting the Development of Network security Industry (Draft for Comment)” issued by the Ministry of Industry and Information Technology, “zero-trust security” is included in one of the “key technologies to break through network security”.
“Industrial Zero Trust Exploration” was once one of the innovative topics of the “Win for Success Plan” co-sponsored by the International Economic and Technological Cooperation Center of the Ministry of Industry and Information Technology and Schneider Electric. Through user research, the project has identified the needs, o5437-1081rganically integrated the zero-trust architecture and industrial control system in the laboratory PoC, and verified the industrial zero-trust architecture based on multi-factor authentication to enhance identity governance and micro-isolation protection based on key equipment through cooperation with multiple industries and users. And in the project of “Zero Trust and Isoassurance 2.0 Network Security Transformation of Storage and Transportation automation System Industry in a tank farm of an energy Group, the three architectures of zero trust – SDP (software-defined boundary), IAM (Enhanced identity governance) and MSG (micro-isolation) are integrated into the tank farm automation and management system. Solve the user remote operation and maintenance, third-party operation and maintenance, multiple external IT system terminal access and critical control equipment patch repair and other pain points.
The application of industrial zero-trust architecture can effectively cope with industrial information security risks, ensure the continuous, stable, efficient and reliable operation of the user OT system, provide a solid guarantee for the user’s digital and intelligent transformation, and escort Schneider Electric’s products, system solutions and services. At the product level, Schneider Electric’s R&D system fully complies with and is certified by IEC 62443-4-1, and adopts SDL (Full life cycle Safety development) to ensure the overall safety of product demand, development, testing, delivery a5437-1081nd maintenance. At the same time, Schneider Electric fully complies with and has obtained ISO27001 and IEC 62443-2-4 certification, as well as the information security service qualification certification issued by CCRC (China Network Security Review Technology and Certification Center), in the process of system delivery and full life cycle service, to provide comprehensive protection for users’ industrial information security.
Based on its excellent performance in the field of industrial information security services, Schneider Electric was also awarded the “2023 Annual Quality Industrial Security Service Provider in the field of Automation in China” by the Chinese Society of Automation.
