Automatic Technology, Communication Engineering |
|
|
|
|
Method for vulnerability evaluation of Cyberphysical system based on generalized profit |
HUANG Jia hui, FENG Dong qin |
State Key Laboratory of Industrial Control Technology, Zhejiang University, Hangzhou 310027, China |
|
|
Abstract A method for quantitatively vulnerability evaluation of Cyberphysical system based on generalized profit was proposed. The vulnerability was analyzed from the network point of view, and physical devices were used to access the rationality. Component profit, physical profit and link profit, which can be calculated based on the topological structure of Cyberphysical system, were combined to evaluate the vulnerability of the whole system. By comparing ideal network with real network, some indicators, such as transmission cost function, network equilibrium condition, network connectivity performance and link importance, were used to calculate link profit. Later, component profit was quantified by offensive and defensive game model. Attack strategy set and defense strategy set should be both considered. The quantification of physical profit was based on vulnerability criteria. Generalized profit was calculated after quantifying the link profit, component profit and physical profit. Finally, a case of substation system network was analyzed and simulated to verify the rationality of this method. The experimental results show that this method can analyze the vulnerability of each path more comprehensively and obtain a path with the largest generalized profit (i.e. highest vulnerability).
|
Published: 01 June 2016
|
|
广义收益信息物理系统脆弱性评估方法
提出一种基于广义收益的信息物理系统脆弱性的量化评估方法.从网络的角度分析系统的脆弱性,结合物理设备验证该评估方法的合理性.考虑网络中组件的收益和物理层面的收益,根据信息物理系统网络的拓扑结构,结合链路的失效来评估整个系统的脆弱性.将理想网络和实际网络进行对比,采用传输成本函数、网络平衡条件、网络连通性能、链路重要度等相关指标量化收益最大的传输链路.基于攻防博弈模型,从攻击策略集和防御策略集两方面对各个组件的收益进行量化.借鉴国内外脆弱性标准对物理收益进行量化.综合链路收益、组件收益和物理收益计算广义收益的值.以变电站系统网络为背景进行案例分析和脆弱性仿真.仿真结果表明,该方法能够较全面地分析网络中各条路径的脆弱性,得到广义收益最大(即脆弱性最高)的传输路径.
|
|
[1] VENKATASUBRAMANIAN K K. Security solutions for Cyberphysical systems [D]. Phoenix: Arizona State University, 2009.
[2] LAPRIE J C, KANOUN K, KANICHE M. Modelling interdependencies between the electricity and information infrastructures [J]. Lecture Notes in Computer Science, 2008, 4680: 54-67.
[3] VALENTE J, BARRETO C, CRDENAS A A. Cyberphysical systems attestation [C]∥ IEEE International Conference on Distributed Computing in Sensor Systems. Marina Del Rey: IEEE, 2014: 354-357.
[4] SWILER L P, PHILLIPS C, GAYLOR T. A graphbased networkvulnerability analysis system [J]. Sandia National Laboratories Albuquerque New, 1970: 973010.
[5] YAMANE S, NAKAMURA K. Modelchecking method based on binary decision diagram for realtime systems [J]. Technical Report of Ieice, 1997, 96: 18.
[6] OROJLOO H, AZGOMI M A. A method for modeling and evaluation of the security of cyberphysical systems [C]∥ 11th International ISC Conference on Information Security and Cryptology. Tehran: IEEE, 2014: 131-136.
[7] BINDA L, MOLINA C. Building materials durability: semimarkov approach [J]. Journal of Materials in Civil Engineering, 2014, 2(4):223-239.
[8] RASS S, SCHARTNER P. A unified framework for the analysis of availability, reliability and security, with applications to quantum networks [J]. IEEE Transactions on Systems Man and Cybernetics Part C Applications and Reviews, 2011, 41(1):107-119.
[9] ASHOK A, HAHN A, GOVINDARARASU M. Cyberphysical security of widearea monitoring, protection and control in a smart grid environment [J]. Journal of Advanced Research, 2014, 5(4):481-489.
[10] KEARNS M, LITTMAN M L, SINGH S. Graphical mjodels for game theory [J]. Uai, 2013: 253-260.
[11] YU JX, MAO A J, GUO Z Z. Vulnerability assessment of cyber security in power industry [C]∥ IEEE PES Power Systems Conference and Exposition. Piscataway: IEEE, 2006: 2200-2205.
[12] PIGGIN R S H. Development of industrial cyber security standards: IEC 62443 for SCADA and Industrial Control System security [C]∥ Conference on Control and Automation: Uniting Problems and Solutions. Birmingham: IET, 2013: 16.
[13] YOUNES M, KHERFANE R L. A new hybrid method for mulitiobjective economic power/emission dispatch in wind energy baased power system \[J\]. International Journal of System Assurance Engineering and Managament. 2014,5(4): 577-590.
[14] HUANG X, ZHANG T, MA Y, et al. Reinforced protection design forr replay attack of intelligent substation GOOSE/SMV Based on IEC62351 [C]∥ International Conference on Chemical, Material and Food Engineering. Kunming: Atlantis Press, 2015: 49-55.
[15] KHALILI A, SAMI A, AZIMI M, et al. Employing secure coding practices into industrial applications: a case study [J]. Empirical Software Engineering, 2016,21(1):1-13.
[16] HOLME P. Epidemiologically optimal static networks from temporal network data [J]. Plos Computational Biology, 2013, 9(7):3529-3546.
[17] DORON K W, BASSETT D S, GAZZANIGA M S. Dynamic network structure of interhemispheric coordination [J]. Proceedings of the National Academy of Sciences, 2012, 109(46): 18661-18668.
[18] PERELMAN L, AMIN S. A network interdiction model for analyzing the vulnerability of water distribution systems [C]∥ Proceedings of the 3rd international conference on High confidence networked systems. Berlin: ACM, 2014: 135-144.
[19] LATORA V, MARCHIORI M. Efficient behavior of smallworld networks [J]. Physical review letters, 2001, 87(19): 198701.
[20] BLANCKAERT K, VRIEND H J. Nonlinear modeling of mean flow redistribution in curved open channels [J]. Water Resources Research, 2003, 39(12):21-26.
[21] RICHARD L, MARIA P, RICHARD S. Identifying critical infrastructure: the median and covering facility interdiction problems [J]. Annals of the Association of American Geographers, 2004, 94(3):491-502.
[22] NAGURNEY A, QIANG Q. A network efficiency measure with application to critical infrastructure networks [J]. Journal of Global Optimization, 2008, 40(13):261-275.
[23] JIA L, THOMAS R J, TONG L. Malicious data attack on realtime electricity market [C]∥ 2011 IEEE International Conference on Acoustics, Speech and Signal Processing. Prague: IEEE, 2011: 5952-5955.
[24] MA C Y T, YAU D K Y, LOU X, et al. Markov game analysis for attackdefense of power networks under possible misinformation [J]. IEEE Transactions on Power Systems, 2013,28(2): 1676-1686.
[25] LIU Y, SHAO C H, YAN C Z, et al. Dynamic game theory with incomplete information in opinion dynamic [J]. Journal of Convergence Information Technology, 2012, 7(1):297-306.
[26] 徐漪楠, 朱荣旭. 从上海电力网络试论大城市供电网络的若干基本原则[J]. 华东电力, 1981, 12: 002.
XU Yinan, ZHU Rongxu. Some basic principles of power network based on Shanghai power network [J]. East China Power, 1981, 12: 002. |
|
Viewed |
|
|
|
Full text
|
|
|
|
|
Abstract
|
|
|
|
|
Cited |
|
|
|
|
|
Shared |
|
|
|
|
|
Discussed |
|
|
|
|