參?考?文?獻

[1] GB/T 30976.1-2014工業控制系統信息安全 第1部分 評估規范

[2] GB/T 30976.2-2014工業控制系統信息安全 第2部分 驗收規范

[3] GB/T 31167-2014 信息安全技術 云計算服務安全指南

[4] GB/T 31168-2014 信息安全技術 云計算服務安全能力要求

[5] YDB 101-2012 物聯網安全需求

[6] YD/T 2437-2012 物聯網總體框架與技術要求

[7] YD/T 2694-2014 移動互聯網聯網應用安全防護要求

[8] YD/T 2695-2014 移動互聯網聯網應用安全防護檢測要求

[9] ISA/IEC 62443 Industrial communication networks-Network and system security-2012.12

[10] NIST Special Publication 800-30 Revision 1：Guide for Conducting Risk Assessments-2012.9

[11] NIST Special Publication 800-37 Revision 1：Guide for Applying the Risk Management Framework to Federal Information Systems-2010.2

[12] NIST Special Publication 800-53 Revision 4：Security and Privacy Controls for Federal Information Systems and Organizations-2013.4

[13] NIST Special Publication 800-53A Revision 4：Assessing Security and Privacy Controls in Federal Information Systems and Organizations-2014.12

[14] NIST Special Publication 800-82 Revision 2：Guide to Industrial Control Systems (ICS) Security v2.0-2015.5

[15] NIST Special Publication 800-144：Guidelines on Security and Privacy in Public Cloud Computing-2011.12

[16] OCTAVE Method Implementation Guide v2.0