摘要
电力信息系统安全检测逐步受到重视。针对电力行业信息系统安全检测的现状和特点,结合软件全生命周期理论,提出一种面向电力行业信息系统全生命周期的测评服务体系。立足电力行业信息系统安全需求,系统化地研究信息系统从设计、建设到正式运行等各个阶段的安全问题及测评重点,建立一套贯穿信息系统全生命周期的安全测评服务体系,最终提供多种类型的测评服务,全方位地保障重要系统安全。
Information system security detection in power system is gradually gaining the attention.This paper focuses on the status quo and the feature of this issue.We propose a test and evaluation service architecture for the full life-cycle of power industry information system which is based on full life-cycle theory.Taking security requirements of information system in power sector as foothold,we carry out a systematic study on security problems and test and evaluation key points in various stages of information systems from design,construction to formal operation,and establish a security test and evaluation service architecture throughout the full life cycle of information system,eventually provide various types of test and evaluation services for protecting all-round the security of important system.
出处
《计算机应用与软件》
CSCD
北大核心
2012年第11期239-242,共4页
Computer Applications and Software
关键词
电力信息安全
全生命周期
软件测评
Information security of power system Full life-cycle Software testing and evaluation
