Please wait a minute...
浙江大学学报(工学版)
JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE)
Automatic Technology, Telecommunication Technology     
Security assessment for industrial control systems based on fuzzy analytic hierarchy process
JIA Chi qian, FENG Dong qin
State Key Laboratory of Industrial Control Technology, Zhejiang University, Hangzhou 310027, China
Download:   PDF(983KB) HTML
Export: BibTeX | EndNote (RIS)      

Abstract  

A security assessment for industrial control systems (ICS) based on fuzzy analytic hierarchy process (FAHP) was proposed in order to comprehensively assess the ICS security condition and provide targeted measurement for the equipment which is vulnerable in ICS. The analytic hierarchy model of security assessment was established with the analysis of equipment in ICS and specific attacks. The FAHP method was implemented taking a typical chemical industrial control system for example. The principle of information security assessment was transferred to the principle of security assessment for ICS, and the rationality and logicality of the hierarchical modeling for ICS was improved. The proposed assessment established an analytic hierarchy model, introducing fuzzy consistent matrix and making the step of FAHP. According to the attack method, the sub goal security value was calculated with fuzzy comprehensive evaluation using unified assessment set in order to determine the vulnerability of ICS. The vulnerability of ICS refers to the vulnerable equipment in ICS. Then the overall security situation for ICS was obtained. The assessment results show that the vulnerable equipment in this ICS is engineer station and PLC, which need highly protective measures in particular. The security level of the control system is ‘basically secure’.

Published: 01 April 2016
CLC:  TP 273  
Service
E-mail this article
Add to my bookshelf
Add to citation manager
E-mail Alert
RSS
Articles by authors
Cite this article:

JIA Chi qian, FENG Dong qin. Security assessment for industrial control systems based on fuzzy analytic hierarchy process. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 2016, 50(4): 759-765.

URL:

http://www.zjujournals.com/eng/10.3785/j.issn.1008-973X.2016.04.022     OR     http://www.zjujournals.com/eng/Y2016/V50/I4/759


基于模糊层次分析法的工控系统安全评估

提出基于模糊层次分析法(FAHP)的工业控制系统(ICS)安全评估方法,对工控系统设备与具体攻击方式进行分析,建立层次分析化安全评估模型,以期对工控系统的安全状况有更全面的评估,对工控系统中的易受攻击设备能够采取有针对性的防范措施.以典型化工控制系统为例,从信息安全评估原理到工控系统安全评估原理进行迁移,完善了工控系统层次化建模的合理性与逻辑性;建立层次化分析模型,引入模糊一致矩阵,给出模糊层次法的评估步骤;根据攻击方式,采用统一评语集,利用模糊综合评价计算各个子目标安全值,判断系统脆弱性所在,即工控系统中的易受攻击设备,得到系统的整体安全状态值.评估结果显示,该工控系统中最脆弱的部分为工程师站和PLC,需要重点加强安全防护措施,而整个工控系统处于“基本安全”偏向“比较危险”的状态.

[1] HRISTOVA A, SCHLEGEL R, OBERMEIER S.Security assessment methodology for industrial control system products [C]∥The 4th Annual IEEE International Conference on Cyber Technology in Automation, Control and Intelligent Systems. [S.l.]: IEEE, 2014: 264-269.
[2] RALSTON P A S, GRAHAM J H, HIEB J L. Cyber security risk assessment for SCADA and DCS networks [J]. ISA Transaction, 2007, 46(4): 583-594.
[3] WANG L J, WANG B, PENG Y J. Research the information security risk assessment technique based on Bayesian network [C]∥2010 3rd International Conference on Advanced Computer Theory and Engineering. Chengdu: [s.n.], 2010: V3 600 V3 604.
[4] BIAN N Y, WANG X Y, MAO L. Network security situational assessment model based on improved AHP_FCE [C]∥2013 6th International Conference on Advanced Computational Intelligence. Hangzhou: [s.n.], 2013: 200-205.
[5] 卢慧康,陈冬青,彭勇.工业控制系统信息安全风险评估量化研究[J].自动化仪表,2014,35(10): 21-25.
LU Hui kang, CHEN Dong qing, PENG Yong. Quantitative research on risk assessment for information security of industrial control system [J]. Process Automation Instrumentation,2014,35(10): 21-25.
[6] 秦晨,陈晓方,杨玉婷.基于FAHP IE算法的尾矿库安全性三级评估研究及应用[J].控制工程,2014,21(6): 995-1000.
QIN Chen, CHEN Xiao fang, YANG Yu ting. Research on safety three level evaluation of tailings reservoir based on FAHP IE method [J]. Control Engineering of China, 2014, 21(6): 995-1000.
[7] 元云丽.基于模糊层次分析法(FAHP)的建设工程项目 风险管理研究[D].重庆:重庆大学,2013.
YUAN Yun li. The research on the construction engineering  project risk management based on fuzzy analytic hierarchy process [D]. Chongqing: Chongqing University, 2013.
[8] GB/T 20984 2007,信息安全风险评估规范\[S].北京:中国标准出版社,2007.
[9] GB/T 26333 2010,工业控制网络安全评估规范\[S].北京:中国标准出版社,2010.
[10] 张吉军.模糊一致判断矩阵3种排序方法的比较研究[J].系统工程与电子技术,2003,25(11): 1370-1372.
ZHANG Ji jun. Comparison of three ranking methods for the fuzzy consistent judgement matrix [J]. Journal of System Engineering and Electronics, 2003,25(11): 1370-1372.
[11] 吕跃进.基于模糊一致矩阵的模糊层次分析法的排序[J].模糊系统与数学,2002,16(2): 79-85.
LV Yue jin. Weight calculation method of fuzzy analytical hierarchy process [J]. Fuzzy Systems and Mathematics,2002,16(2): 79-85.
[1] WANG Qing, YU Xiao guang, Qiao Ming jie, ZHAO An an, CHENG Liang, LI Jiang xiong, KE Ying lin. Rapid calibration based on SQP algorithm for coordinate frame of localizers[J]. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 2017, 51(2): 319-327.
[2] ZHOU Feng, GU Lin yi, LUO Gao sheng, CHEN Zong heng. Adaptive backstepping sliding mode control for electro hydraulic proportional propulsion system[J]. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 2016, 50(6): 1111-1118.
[3] JIN Xin, LIANG Jun. Multivariable offset free model predictive control in dynamic PLS framework[J]. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 2016, 50(4): 750-758.
[4] FEI Shao hua, LIU Dan, QIAO Ming jie, ZHANG Ming,FANG Qiang. Synchronous control system design of dual drive end frame executed platform[J]. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 2016, 50(1): 85-92.
[5] SONG Zhi qiang, ZHOU Xian zhong, LI Hua xiong. Coordinated stalking tracking for multiple unmanned ground vehicles[J]. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 2015, 49(12): 2349-2354.
[6] QIU Xiang, SONG Hai yu, YU Li. Bullwhip effect control based on average dwell time method[J]. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 2015, 49(10): 1909-1915.
[7] WANG Ri jun, BAI Yue, XU Zhi jun, GONG Xun, ZHANG Xin, TIAN Yan tao. Fuzzy self adjusting tracking control based on disturbance observer for airborne platform mounted on multi rotor unmanned aerial vehicle[J]. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 2015, 49(10): 2005-2012.
[8] QIN Zhan-bin, CHEN Fei-fei, JIN Bo, ZHANG Lu-lu. PID auto tuning method for spool position control of electro hydraulic proportional valve[J]. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 2015, 49(8): 1503-1508.
[9] SUN Wen-da, LI Ping, FANG Zhou. Time-delay uncertain robust optimal control on unmanned helicopter based on dynamic inversion[J]. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 2015, 49(7): 1326-1334.
[10] TAO Guo-liang, ZUO He, LIU Hao. Structure design and motion control of parallel platform driven by pneumatic muscles and air cylinder[J]. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 2015, 49(5): 821-828.
[11] DOU Ya-dong, WANG Qing, LI Jiang-xiong, KE Ying-lin. Data integration for aircraft digital assembly system[J]. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 2015, 49(5): 858-865.
[12] LUO Zhong-hai, MENG Xiang-lei, BA Xiao-fu, FEI Shao-hua, FANG Qiang. Design on hybrid force position control of large aircraft components posture alignment platform[J]. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 2015, 49(2): 265-274.
[13] LUO Gao-sheng, GU Lin-yi, LI Lin. Robust adaptive control of elbow based on robust observer[J]. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 2014, 48(10): 1758-1766.
[14] QU Wei-wei, SHI Xin, DONG Hui-yue, FENG Pu-jia,ZHU Ling-sheng, KE Ying-lin. Simulation and test on process of percussive Impact riveting[J]. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 2014, 48(8): 1411-1418.
[15] FANG Qiang, ZHOU Qing-hui, FEI Shao-hua, MENG Xiang-lei, BA Xiao-fu, ZHANG Yan-ni, KE Ying-lin. Pneumatic servo control system design for pressure foot of an end-effector[J]. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 2014, 48(8): 1442-1450.