Please wait a minute...
浙江大学学报(工学版)
浙江大学学报(工学版)
自动化技术、电信技术     
基于模糊层次分析法的工控系统安全评估
贾驰千, 冯冬芹
浙江大学 工业控制技术国家重点实验室,浙江 杭州 310027
Security assessment for industrial control systems based on fuzzy analytic hierarchy process
JIA Chi qian, FENG Dong qin
State Key Laboratory of Industrial Control Technology, Zhejiang University, Hangzhou 310027, China
 全文: PDF(983 KB)   HTML
摘要:

提出基于模糊层次分析法(FAHP)的工业控制系统(ICS)安全评估方法,对工控系统设备与具体攻击方式进行分析,建立层次分析化安全评估模型,以期对工控系统的安全状况有更全面的评估,对工控系统中的易受攻击设备能够采取有针对性的防范措施.以典型化工控制系统为例,从信息安全评估原理到工控系统安全评估原理进行迁移,完善了工控系统层次化建模的合理性与逻辑性;建立层次化分析模型,引入模糊一致矩阵,给出模糊层次法的评估步骤;根据攻击方式,采用统一评语集,利用模糊综合评价计算各个子目标安全值,判断系统脆弱性所在,即工控系统中的易受攻击设备,得到系统的整体安全状态值.评估结果显示,该工控系统中最脆弱的部分为工程师站和PLC,需要重点加强安全防护措施,而整个工控系统处于“基本安全”偏向“比较危险”的状态.
Abstract:

A security assessment for industrial control systems (ICS) based on fuzzy analytic hierarchy process (FAHP) was proposed in order to comprehensively assess the ICS security condition and provide targeted measurement for the equipment which is vulnerable in ICS. The analytic hierarchy model of security assessment was established with the analysis of equipment in ICS and specific attacks. The FAHP method was implemented taking a typical chemical industrial control system for example. The principle of information security assessment was transferred to the principle of security assessment for ICS, and the rationality and logicality of the hierarchical modeling for ICS was improved. The proposed assessment established an analytic hierarchy model, introducing fuzzy consistent matrix and making the step of FAHP. According to the attack method, the sub goal security value was calculated with fuzzy comprehensive evaluation using unified assessment set in order to determine the vulnerability of ICS. The vulnerability of ICS refers to the vulnerable equipment in ICS. Then the overall security situation for ICS was obtained. The assessment results show that the vulnerable equipment in this ICS is engineer station and PLC, which need highly protective measures in particular. The security level of the control system is ‘basically secure’.
出版日期: 2016-04-01
:  TP 273  
基金资助:

国家自然科学基金资助项目(61433006).
通讯作者: 冯冬芹,男,教授,博导. ORCID: 0000 0002 3034 0933.     E-mail: dqfeng@iipc.zju.edu.cn
作者简介: 贾驰千(1992—),男,硕士生,从事工业控制系统安全的研究. ORCID: 0000 0001 8944 182X. E-mail: cqjay2010@163.com
服务  
把本文推荐给朋友
加入引用管理器
E-mail Alert
RSS
作者相关文章  

引用本文:

贾驰千, 冯冬芹. 基于模糊层次分析法的工控系统安全评估[J]. 浙江大学学报(工学版), 10.3785/j.issn.1008-973X.2016.04.022.

JIA Chi qian, FENG Dong qin. Security assessment for industrial control systems based on fuzzy analytic hierarchy process. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 10.3785/j.issn.1008-973X.2016.04.022.

链接本文:

http://www.zjujournals.com/eng/CN/10.3785/j.issn.1008-973X.2016.04.022        http://www.zjujournals.com/eng/CN/Y2016/V50/I4/759

[1] HRISTOVA A, SCHLEGEL R, OBERMEIER S.Security assessment methodology for industrial control system products [C]∥The 4th Annual IEEE International Conference on Cyber Technology in Automation, Control and Intelligent Systems. [S.l.]: IEEE, 2014: 264-269.
[2] RALSTON P A S, GRAHAM J H, HIEB J L. Cyber security risk assessment for SCADA and DCS networks [J]. ISA Transaction, 2007, 46(4): 583-594.
[3] WANG L J, WANG B, PENG Y J. Research the information security risk assessment technique based on Bayesian network [C]∥2010 3rd International Conference on Advanced Computer Theory and Engineering. Chengdu: [s.n.], 2010: V3 600 V3 604.
[4] BIAN N Y, WANG X Y, MAO L. Network security situational assessment model based on improved AHP_FCE [C]∥2013 6th International Conference on Advanced Computational Intelligence. Hangzhou: [s.n.], 2013: 200-205.
[5] 卢慧康,陈冬青,彭勇.工业控制系统信息安全风险评估量化研究[J].自动化仪表,2014,35(10): 21-25.
LU Hui kang, CHEN Dong qing, PENG Yong. Quantitative research on risk assessment for information security of industrial control system [J]. Process Automation Instrumentation,2014,35(10): 21-25.
[6] 秦晨,陈晓方,杨玉婷.基于FAHP IE算法的尾矿库安全性三级评估研究及应用[J].控制工程,2014,21(6): 995-1000.
QIN Chen, CHEN Xiao fang, YANG Yu ting. Research on safety three level evaluation of tailings reservoir based on FAHP IE method [J]. Control Engineering of China, 2014, 21(6): 995-1000.
[7] 元云丽.基于模糊层次分析法(FAHP)的建设工程项目 风险管理研究[D].重庆:重庆大学,2013.
YUAN Yun li. The research on the construction engineering  project risk management based on fuzzy analytic hierarchy process [D]. Chongqing: Chongqing University, 2013.
[8] GB/T 20984 2007,信息安全风险评估规范\[S].北京:中国标准出版社,2007.
[9] GB/T 26333 2010,工业控制网络安全评估规范\[S].北京:中国标准出版社,2010.
[10] 张吉军.模糊一致判断矩阵3种排序方法的比较研究[J].系统工程与电子技术,2003,25(11): 1370-1372.
ZHANG Ji jun. Comparison of three ranking methods for the fuzzy consistent judgement matrix [J]. Journal of System Engineering and Electronics, 2003,25(11): 1370-1372.
[11] 吕跃进.基于模糊一致矩阵的模糊层次分析法的排序[J].模糊系统与数学,2002,16(2): 79-85.
LV Yue jin. Weight calculation method of fuzzy analytical hierarchy process [J]. Fuzzy Systems and Mathematics,2002,16(2): 79-85.
[1] 王青, 余小光, 乔明杰, 赵安安, 程亮, 李江雄, 柯映林. 基于序列二次规划算法的定位器坐标快速标定方法[J]. 浙江大学学报(工学版), 2017, 51(2): 319-327.
[2] 周锋, 顾临怡, 罗高生, 陈宗恒. 电液比例式推进系统的自适应反演滑模控制[J]. 浙江大学学报(工学版), 2016, 50(6): 1111-1118.
[3] 金鑫, 梁军. 基于动态PLS框架的多变量无静差预测控制[J]. 浙江大学学报(工学版), 2016, 50(4): 750-758.
[4] 费少华,刘丹,乔明杰,章明,方强. 端框移动平台双驱同步控制系统设计[J]. 浙江大学学报(工学版), 2016, 50(1): 85-92.
[5] 宋志强, 周献中, 李华雄. 多地面无人平台协同尾随跟踪[J]. 浙江大学学报(工学版), 2015, 49(12): 2349-2354.
[6] 仇翔, 宋海裕, 俞立. 基于平均驻留时间方法的牛鞭效应稳定化控制[J]. 浙江大学学报(工学版), 2015, 49(10): 1909-1915.
[7] 王日俊, 白越, 续志军, 宫勋, 张欣, 田彦涛. 基于扰动观测器的多旋翼无人机机载云台模糊自适应跟踪控制[J]. 浙江大学学报(工学版), 2015, 49(10): 2005-2012.
[8] 覃展斌, 陈飞飞, 金波, 张璐璐. 电液比例阀阀心位置控制PID自整定方法[J]. 浙江大学学报(工学版), 2015, 49(8): 1503-1508.
[9] 孙文达, 李平, 方舟. 无人直升机动态逆时滞不确定鲁棒最优控制[J]. 浙江大学学报(工学版), 2015, 49(7): 1326-1334.
[10] 陶国良,左赫,刘昊. 气动肌肉-气缸并联平台结构设计及位姿控制[J]. 浙江大学学报(工学版), 2015, 49(5): 821-828.
[11] 窦亚冬,王青,李江雄 柯映林. 飞机数字化装配系统数据集成技术[J]. 浙江大学学报(工学版), 2015, 49(5): 858-865.
[12] 罗中海, 孟祥磊, 巴晓甫, 费少华, 方强. 飞机大部件调姿平台力位混合控制系统设计[J]. 浙江大学学报(工学版), 2015, 49(2): 265-274.
[13] 罗高生, 顾临怡, 李林. 基于鲁棒观测器的肘关节鲁棒自适应控制[J]. 浙江大学学报(工学版), 2014, 48(10): 1758-1766.
[14] 曲巍崴, 石鑫, 董辉跃, 封璞加, 朱灵盛, 柯映林. 气动锤铆过程仿真分析与试验[J]. 浙江大学学报(工学版), 2014, 48(8): 1411-1418.
[15] 方强, 周庆慧, 费少华, 孟祥磊, 巴晓甫, 张燕妮, 柯映林. 末端执行器压脚气动伺服控制系统设计[J]. 浙江大学学报(工学版), 2014, 48(8): 1442-1450.