| 引用本文: |
-
马叶桐,丁云杰,刘圃卓,吕世超,潘志文,孙利民.工业控制系统功能安全和信息安全一体化风险评估方法[J].信息安全学报,已采用 [点击复制]
- MA Yetong,DING Yunjie,LIU Puzhuo,LV Shichao,PAN Zhiwen,SUN Limin.Integrated Risk Assessment Algorithm for Functional Safety and Information Security of Industrial Control Systems[J].Journal of Cyber Security,Accept [点击复制]
|
|
| 摘要: |
| 信息化与工业化的深度融合打破了工业控制系统封闭的网络边界,导致传统信息系统网络攻击威胁渗透至工业控制系统网络。工业控制系统除了需要考虑传统功能安全风险外,还需要关注信息安全风险。本文提出了一种工业控制系统功能安全和信息安全一体化风险评估模型,包括安全一体化风险数据收集、风险分析和风险评价三个步骤。该模型从风险数据来源的角度入手,同时收集功能安全和信息安全风险数据,在风险分析步骤中生成可分析信息物理协同攻击路径的扩展攻击树模型,在计算安全事件风险时同时考虑事件导致的功能安全损失和信息安全损失等,从而实现功能安全和信息安全的一体化风险评估。本文介绍工业控制系统安全一体化风险评估模型和算法,在搭建的燃气管网测试系统中验证了本方法的有效性,并将评估结果与故障树、攻击树、攻击树与蝴蝶结结合(AT-BT)等现有风险评估方法的评估结果进行对比。实验结果表明,本文提出的安全一体化风险评估方法不仅可以分析出系统中最有可能发生的安全事件,也在一定程度上解决了现有风险评估方法无法识别物理域与信息域相互影响情况下的安全风险问题。 |
| 关键词: 功能安全 信息安全 安全一体化 风险评估 攻击树 工业控制系统 |
| DOI:10.19363/J.cnki.cn10-1380/tn.2024.02.14 |
| 投稿时间:2022-01-13修订日期:2022-03-08 |
| 基金项目:国家重点研发计划,国家自然科学基金 |
|
| Integrated Risk Assessment Algorithm for Functional Safety and Information Security of Industrial Control Systems |
|
MA Yetong1,2, DING Yunjie1,2, LIU Puzhuo1,2, LV Shichao1,2, PAN Zhiwen1,2, SUN Limin1,2
|
| (1.School of Cyber Security,University of Chinese Academy of Sciences;2.Institute of Information Engineering) |
| Abstract: |
| The deep integration of informatization and industrialization has broken the closed network boundaries of industrial con-trol systems, leading to the penetration of traditional information system network attack threats into the industrial control system networks. Industrial control systems not only need to consider traditional functional safety risks in them, but also need to pay attention to their information security risks. This paper proposes an integrated risk assessment algorithm for functional safety and information security of industrial control systems. The algorithm includes three steps, safety and security integration risk data collection, risk analysis and risk evaluation. This algorithm starts from the perspective of the source of risk data, collects functional safety and information security risk data at the same time, generates the extended attack tree model which can analysis cyber-physical coordinated attack paths in the risk analysis step, and considers the functional safety loss and information security loss caused by safety events and security events when calculating event risks, etc., so as to realize the integrated risk assessment of functional safety and information security. This paper intro-duces the integrated risk assessment model and algorithm for functional safety and information security of industrial control systems, verifies the effectiveness of the risk assessment algorithm in the built gas pipeline network test system, and then compare the result with the evaluation results of existing risk assessment methods such as fault tree, attack tree, attack tree and bow-tie combination (AT-BT) method. The experimental result shows that the safety and security integra-tion risk assessment algorithm proposed in this paper can not only analyze the most likely safety events and security events in the system, but also solve the problem that the existing risk assessment methods cannot identify the type of safety and security risks when the physical domain and the information domain interact with each other to some extent. |
| Key words: functional safety information security safety and security integration risk assessment attack tree industrial control system |
