GB/T 20986-2023在PSS民航旅客服务系统业务场景下的应用实践
Application Practice of GB/T 20986-2023 for PSS Civil Aviation Passenger Service System Business Scenarios
杨京煜 1李恩哲 1王宇 1王明 1高健媛 1陈平1
作者信息
摘要
围绕PSS(Passengers Services System)民航旅客服务系统在需求、设计、编码、测试、部署、应急预案及应急演练等软件开发生命周期的需求,遵循GB/T 20986-2023《信息安全技术 网络安全事件分类分级指南》国家标准,通过将标准核心内容应用于业务场景进行实践,有效支撑了网络安全相关法律法规政策标准的落地实施,促进了企业内部各相关方达成共识,统一了对网络安全事件的认知,提升了软件开发生命周期各环节的安全合规能力,提高了软件安全能力和应急处理效率.
Abstract
Based on the software development life cycle requirements of the PSS civil aviation passenger service system,including requirements,design,coding,testing,deployment,emergency plans and emergency drills,and in accordance with the GB/T 20986-2023"Information security technology-Guidelines for category and classification of cybersecurity incidents"national standard,the core content of the standard is applied to business scenarios for practice,effectively supporting the implementation of network security related laws,regulations,and policy standards,It has promoted consensus among various stakeholders within the enterprise,unified their understanding of network security incidents,improved the security and compliance capabilities of all aspects of the software development life cycle,and improved software security capabilities and emergency response efficiency.
关键词
GB/T20986-2023/网络安全事件/民航旅客服务系统/软件开发生命周期Key words
GB/T 20986-2023/cybersecurity incidents/civil aviation passenger service system(PSS)/software development life cycle引用本文复制引用
出版年
2024
NETL
NSTL
万方数据