摘要：通過融合信息物理系統特征，創新工控系統動態重構與可信增強技術，構建多層次多維度深度防御體系，實現內生安全的主動防御。本報告主要研究ICS脆弱性分析與威脅態勢感知技術、動態防護主動防御技術、安全增強技術及控制裝備研制與安全測評方法與標準；構建結合功能安全、信息安全、操作安全，覆蓋ICS管理層、監控層、控制層、器件（部件）層，貫穿控制工程的設計、運行、服務等全生命周期，全面保障ICS的安全性、可靠性、實時性、可用性的主動防御內生安全的核心技術體系；研制相關組件、工具與控制裝備；形成ICS深度安全防護整體解決方案。

Abstract：By integrating the characteristics of cyber-physical systems, innovative the dynamic reconfiguration and credible enhancement technology of industrial control system and construct a multi-layer and multi-dimensional deep defense system to achieve active defense of endogenous security. Research mainly focused on ICS vulnerability analysis and threat situation awareness technology, dynamic protection active defense technology, enhanced safety technology, and control equipment development and security assessment methods and standards. Building combination of functional security, information security, operation security, and cover ICS management layer, monitoring layer, control layer, device (component) layer. Through the entire life cycle of control engineering design, operation, service, etc., and comprehensively guarantee the security, reliability, real-time, availability of ICS, the core of proactive endogenous security technical system. Develop related components, tools and control equipment, and form an overall solution for ICS deep security protection.

key words: Industrial control system security; Dynamic defense; Enhanced safety