Affiliation:
1. Evaluation Center of Civil Aviation University of China, China
2. School of Computer Science and Technology, Civil Aviation University of China, China
3. Aeronautical Engineering Institute, Civil Aviation University of China, China
4. Department of Computer Science and Technology, Civil Aviation University of China, China
Abstract
Cybersecurity risk assessment is an important means of effective response to network attacks on industrial control systems. However, cybersecurity risk assessment process is susceptible to subjective and objective effects. To solve this problem, this paper introduced cybersecurity risk assessment method based on fuzzy theory of Attack-Defense Tree model and probability cybersecurity risk assessment technology, and applied it to airport automatic fuel supply control system. Firstly, an Attack-Defense Tree model was established based on the potential cybersecurity threat of the system and deployed security equipment. Secondly, the interval probability of the attack path was calculated using the triangular fuzzy quantification of the interval probabilities of the attack leaf nodes and defensive leaf nodes. Next, the interval probability of the final path was defuzzified. Finally, the occurrence probability of each final attack path was obtained and a reference for the deployment of security equipment was provided. The main contributions of this paper are as follows: (1) considering the distribution of equipment in industrial control system, a new cybersecurity risk evaluation model of industrial control system is proposed. (2) The experimental results of this article are compared with other assessment technologies, and the trend is similar to that of other evaluation methods, which proves that the method was introduced in this paper is scientific. However, this method reduces the subjective impact of experts on cybersecurity risk assessment, and the assessment results are more objective and reasonable. (3) Applying this model to the airport oil supply automatic control system can comprehensively evaluate risk, solve the practical problems faced by the airport, and also provide an important basis for the cybersecurity protection scheme of the energy industry.
Subject
Artificial Intelligence,General Engineering,Statistics and Probability
Reference34 articles.
1. Research progress on information security of industrial control systems [J];Yong;Journal of Tsinghua University (Science and Technology),2012
2. Abe S. , Fujimoto M. , Horata S. , Uchida Y. and Mitsunaga T. , Security threats of Internet-reachable ICS, 2016 55th Annual Conference of the Society of Instrument and Control Engineers of Japan (SICE), Tsukuba, 2016, pp. 750–755.
3. Common Reference Architecture and Standard System Fusion of Two Industries [J];Jian;Computer Integrated Manufacturing System,2019
4. The State Council printed and issued, Made in China 2025 [J], Automation of Electric Power Systems 39(12) (2015), 61.
5. Vulnerability analysis of industrial control systems based on attack graphs [J];Mengzhou;Journal of Zhejiang University (Engineering Science),2014
Cited by
8 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献