广义收益信息物理系统脆弱性评估方法

doi:10.3785/j.issn.1008973X.2016.06.015

浙江大学学报(工学版)

自动化技术、通信工程

广义收益信息物理系统脆弱性评估方法

黄家辉, 冯冬芹

浙江大学控制科学与工程学院,浙江杭州 310027

Method for vulnerability evaluation of Cyberphysical system based on generalized profit

HUANG Jia hui, FENG Dong qin

State Key Laboratory of Industrial Control Technology, Zhejiang University, Hangzhou 310027, China

全文: PDF(686 KB) HTML

摘要：

提出一种基于广义收益的信息物理系统脆弱性的量化评估方法.从网络的角度分析系统的脆弱性,结合物理设备验证该评估方法的合理性.考虑网络中组件的收益和物理层面的收益,根据信息物理系统网络的拓扑结构,结合链路的失效来评估整个系统的脆弱性.将理想网络和实际网络进行对比,采用传输成本函数、网络平衡条件、网络连通性能、链路重要度等相关指标量化收益最大的传输链路.基于攻防博弈模型,从攻击策略集和防御策略集两方面对各个组件的收益进行量化.借鉴国内外脆弱性标准对物理收益进行量化.综合链路收益、组件收益和物理收益计算广义收益的值.以变电站系统网络为背景进行案例分析和脆弱性仿真.仿真结果表明,该方法能够较全面地分析网络中各条路径的脆弱性,得到广义收益最大（即脆弱性最高）的传输路径.

Abstract:

A method for quantitatively vulnerability evaluation of Cyberphysical system based on generalized profit was proposed. The vulnerability was analyzed from the network point of view, and physical devices were used to access the rationality. Component profit, physical profit and link profit, which can be calculated based on the topological structure of Cyberphysical system, were combined to evaluate the vulnerability of the whole system. By comparing ideal network with real network, some indicators, such as transmission cost function, network equilibrium condition, network connectivity performance and link importance, were used to calculate link profit. Later, component profit was quantified by offensive and defensive game model. Attack strategy set and defense strategy set should be both considered. The quantification of physical profit was based on vulnerability criteria. Generalized profit was calculated after quantifying the link profit, component profit and physical profit. Finally, a case of substation system network was analyzed and simulated to verify the rationality of this method. The experimental results show that this method can analyze the vulnerability of each path more comprehensively and obtain a path with the largest generalized profit (i.e. highest vulnerability).

出版日期: 2016-06-01

基金资助:

国家自然科学基金资助项目（61223004）；工控网络安全研究（2015XZZX00503）.

通讯作者: 冯冬芹,男,教授,博导.ORCID: 0000000230340933. E-mail: dqfeng@iipc.zju.edu.cn

作者简介: 黄家辉（1990—）,男,硕士生,从事工业网络通信工作.ORCID: 0000000269608159.E-mail: elninohjh@163.com

	服务
	把本文推荐给朋友
	加入引用管理器
	E-mail Alert
	RSS
	作者相关文章

引用本文:

黄家辉, 冯冬芹. 广义收益信息物理系统脆弱性评估方法[J]. 浙江大学学报(工学版), 10.3785/j.issn.1008973X.2016.06.015.

HUANG Jia hui, FENG Dong qin. Method for vulnerability evaluation of Cyberphysical system based on generalized profit. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 10.3785/j.issn.1008973X.2016.06.015.

链接本文:

http://www.zjujournals.com/eng/CN/10.3785/j.issn.1008973X.2016.06.015 或 http://www.zjujournals.com/eng/CN/Y2016/V50/I6/1119

［1］ VENKATASUBRAMANIAN K K. Security solutions for Cyberphysical systems ［D］. Phoenix: Arizona State University, 2009.
［2］ LAPRIE J C, KANOUN K, KANICHE M. Modelling interdependencies between the electricity and information infrastructures ［J］. Lecture Notes in Computer Science, 2008, 4680: 54-67.
［3］ VALENTE J, BARRETO C, CRDENAS A A. Cyberphysical systems attestation ［C］∥ IEEE International Conference on Distributed Computing in Sensor Systems. Marina Del Rey: IEEE, 2014: 354-357.
［4］ SWILER L P, PHILLIPS C, GAYLOR T. A graphbased networkvulnerability analysis system ［J］. Sandia National Laboratories Albuquerque New, 1970: 973010.
［5］ YAMANE S, NAKAMURA K. Modelchecking method based on binary decision diagram for realtime systems ［J］. Technical Report of Ieice, 1997, 96: 18.
［6］ OROJLOO H, AZGOMI M A. A method for modeling and evaluation of the security of cyberphysical systems ［C］∥ 11th International ISC Conference on Information Security and Cryptology. Tehran: IEEE, 2014: 131-136.
［7］ BINDA L, MOLINA C. Building materials durability: semimarkov approach ［J］. Journal of Materials in Civil Engineering, 2014, 2(4):223-239.
［8］ RASS S, SCHARTNER P. A unified framework for the analysis of availability, reliability and security, with applications to quantum networks ［J］. IEEE Transactions on Systems Man and Cybernetics Part C Applications and Reviews, 2011, 41(1):107-119.
［9］ ASHOK A, HAHN A, GOVINDARARASU M. Cyberphysical security of widearea monitoring, protection and control in a smart grid environment ［J］. Journal of Advanced Research, 2014, 5(4):481-489.
［10］ KEARNS M, LITTMAN M L, SINGH S. Graphical mjodels for game theory ［J］. Uai, 2013: 253-260.
［11］ YU JX, MAO A J, GUO Z Z. Vulnerability assessment of cyber security in power industry ［C］∥ IEEE PES Power Systems Conference and Exposition. Piscataway: IEEE, 2006: 2200-2205.
［12］ PIGGIN R S H. Development of industrial cyber security standards: IEC 62443 for SCADA and Industrial Control System security ［C］∥ Conference on Control and Automation: Uniting Problems and Solutions. Birmingham: IET, 2013: 16.
［13］ YOUNES M, KHERFANE R L. A new hybrid method for mulitiobjective economic power/emission dispatch in wind energy baased power system \[J\]. International Journal of System Assurance Engineering and Managament. 2014,5(4): 577-590.
［14］ HUANG X, ZHANG T, MA Y, et al. Reinforced protection design forr replay attack of intelligent substation GOOSE/SMV Based on IEC62351 ［C］∥ International Conference on Chemical, Material and Food Engineering. Kunming: Atlantis Press, 2015: 49-55.
［15］ KHALILI A, SAMI A, AZIMI M, et al. Employing secure coding practices into industrial applications: a case study ［J］. Empirical Software Engineering, 2016,21(1):1-13.
［16］ HOLME P. Epidemiologically optimal static networks from temporal network data ［J］. Plos Computational Biology, 2013, 9(7):3529-3546.
［17］ DORON K W, BASSETT D S, GAZZANIGA M S. Dynamic network structure of interhemispheric coordination ［J］. Proceedings of the National Academy of Sciences, 2012, 109(46): 18661-18668.
［18］ PERELMAN L, AMIN S. A network interdiction model for analyzing the vulnerability of water distribution systems ［C］∥ Proceedings of the 3rd international conference on High confidence networked systems. Berlin: ACM, 2014: 135-144.
［19］ LATORA V, MARCHIORI M. Efficient behavior of smallworld networks ［J］. Physical review letters, 2001, 87(19): 198701.
［20］ BLANCKAERT K, VRIEND H J. Nonlinear modeling of mean flow redistribution in curved open channels ［J］. Water Resources Research, 2003, 39(12):21-26.
［21］ RICHARD L, MARIA P, RICHARD S. Identifying critical infrastructure: the median and covering facility interdiction problems ［J］. Annals of the Association of American Geographers, 2004, 94(3):491-502.
［22］ NAGURNEY A, QIANG Q. A network efficiency measure with application to critical infrastructure networks ［J］. Journal of Global Optimization, 2008, 40(13):261-275.
［23］ JIA L, THOMAS R J, TONG L. Malicious data attack on realtime electricity market ［C］∥ 2011 IEEE International Conference on Acoustics, Speech and Signal Processing. Prague: IEEE, 2011: 5952-5955.
［24］ MA C Y T, YAU D K Y, LOU X, et al. Markov game analysis for attackdefense of power networks under possible misinformation ［J］. IEEE Transactions on Power Systems, 2013,28(2): 1676-1686.
［25］ LIU Y, SHAO C H, YAN C Z, et al. Dynamic game theory with incomplete information in opinion dynamic ［J］. Journal of Convergence Information Technology, 2012, 7(1):297-306.
［26］徐漪楠, 朱荣旭. 从上海电力网络试论大城市供电网络的若干基本原则［J］. 华东电力, 1981, 12: 002.
XU Yinan, ZHU Rongxu. Some basic principles of power network based on Shanghai power network ［J］. East China Power, 1981, 12: 002.

[1]	董凯, 赖俊英, 钱晓倩, 詹树林, 阮方. 夏热冬冷地区居住建筑水平式外遮阳节能效果[J]. 浙江大学学报(工学版), 2016, 50(8): 1431-1437.
[2]	李佳琦, 范利武, 俞自涛. 超亲水表面在淬火冷却过程中的沸腾传热特性[J]. 浙江大学学报(工学版), 2016, 50(8): 1493-1498.
[3]	江衍铭, 张建全, 明焱. 集合神经网络的洪水预报[J]. 浙江大学学报(工学版), 2016, 50(8): 1471-1478.
[4]	钟崴, 彭梁, 周永刚, 徐剑, 从飞云. 基于小波包分析和支持向量机的锅炉结渣诊断[J]. 浙江大学学报(工学版), 2016, 50(8): 1499-1506.
[5]	夏玉峰, 任莉, 叶彩红, 王力. 基于RSM的立柱加强板定位布局多目标优化[J]. 浙江大学学报(工学版), 2016, 50(8): 1600-1607.
[6]	李林玉, 吴张华, 余国瑶, 戴巍, 罗二仓. 直线压缩机电声转换特性的实验[J]. 浙江大学学报(工学版), 2016, 50(8): 1529-1536.
[7]	曲巍崴, 唐伟, 毕运波, 李少波, 罗水均. 避免强迫装配和提升效率的预连接工艺规划[J]. 浙江大学学报(工学版), 2016, 50(8): 1561-1569.
[8]	胡小东, 顾临怡, 张范蒙. 应用于数字变量马达的高速开关阀[J]. 浙江大学学报(工学版), 2016, 50(8): 1551-1560.
[9]	杨姝, 刘国平, 亓昌, 王大志. 金属空心球梯度泡沫结构抗冲击特性仿真与优化[J]. 浙江大学学报(工学版), 2016, 50(8): 1593-1599.
[10]	杨章, 童根树, 张磊. 对称布置2根单侧加劲肋的有效刚度[J]. 浙江大学学报(工学版), 2016, 50(8): 1446-1455.
[11]	蒋翔, 童根树, 张磊. 耐火钢-混凝土组合梁抗火性能试验[J]. 浙江大学学报(工学版), 2016, 50(8): 1463-1470.
[12]	单华峰, 夏唐代, 俞峰, 胡军华, 潘金龙. 地下增层开挖托换桩的屈曲稳定临界荷载分析[J]. 浙江大学学报(工学版), 2016, 50(8): 1425-1430.
[13]	辜天来,张帅,郑耀. 咽式进气道/等直隔离段的反压特性[J]. 浙江大学学报(工学版), 2016, 50(7): 1418-1424.
[14]	程时伟, 陆煜华, 蔡红刚. 移动设备眼动跟踪技术[J]. 浙江大学学报(工学版), 2016, 50(6): 1160-1166.
[15]	郑成志, 高金良, 何文杰. 基于FastICA算法的物理漏损流量分析模型[J]. 浙江大学学报(工学版), 2016, 50(6): 1031-1039.

Viewed

Full text

Abstract

Cited

Shared

Discussed