Quantitative evaluation model for dynamic performance analysis of security risk in industrial cyber physics systems

被引：0

作者：

Sun Z.-W. ^{[1
,2
]}

Zhang S.-G. ^{[1
]}

机构：

[1] School of Internet of Things Engineering, Jiangnan University, Wuxi

[2] Engineering Research Center of Internet of Things Technology Applications of Ministry of Education, Wuxi

来源：

Kongzhi yu Juece/Control and Decision | 2021年 / 36卷 / 08期

关键词：

Attack influence; Bayesian network; Dynamic analysis; Industrial cyber physical systems; Network attacks; Risk assessment;

D O I：

10.13195/j.kzyjc.2019.1479

中图分类号：

学科分类号：

摘要：

In view of the fact that current safety risk assessment models for industrial cyber physical systems (ICPS) rarely consider the impact of dynamic process of the system on the accuracy of the assessment, this paper proposes a quantitative evaluation model for the dynamic performance analysis of security risk in the ICPS. Firstly, the Bayesian network is used to model the intrusion process of the attack in the cyber layer, and the probability of the successful intrusion of the network attack is calculated. Then, under the premise of successful attack, the Kalman state observer is used to observe the state of the controlled object in real time, the dynamic performance of the system is studied, the performance loss of the system is quantitatively analyzed, the impact of the attack on the system from the perspective of economic loss is quantified, and the dynamic assessment of system security risk based on the probability of successful attack is realized. Finally, the running state of the boiling water power plant model under attack is simulated using Matlab. The results show that the model can effectively assess the risk of ICPS. Copyright ©2021 Control and Decision.

引用

页码：1939 / 1946

页数：7

共 15 条

[1] Mahmoud M S, Hamdan M M, Baroudi U A., Modeling and control of cyber-physical systems subject to cyber attacks: A survey of recent advances and challenges, Neurocomputing, 338, pp. 101-115, (2019)
[2] Kure H, Islam S, Razzaque M., An intergrated cyber security risk management approach for a cyber-physical system, Applied Sciences, 8, 6, pp. 898-927, (2018)
[3] Cherdantseva Y, Burnap P, Blyth A, Et al., A review of cyber security risk assessment methods for SCADA systems, Computer & Security, 56, pp. 1-27, (2016)
[4] Wu W B, Kang R, Li Z., Cyber security risk assessment method of cyber physics system based on attack graph, Journal of Computer Application, 36, 1, pp. 203-206, (2016)
[5] Zhang Q, Zhou C J, Xiong N X, Et al., Multimodel-based icident prediction and risk assessment in dynamic cybersecurity protection for industrial control systems, IEEE Transactions on Systems, Man, and Cybernetics: Systems, 46, 10, pp. 1-16, (2015)
[6] Gao N, Gao L, He Y Y, Et al., Dynamic security risk assessment model based on Bayesian attack graph, Journal of Sichuan University: Engineering Science Edition, 48, 1, pp. 111-118, (2016)
[7] Hamed O, Mohammad A A., Evaluating the complexity and impacts of attacks on cyber-physical systems, Symposium on Real-Time and Embedded Systems and Technologies (RTEST), pp. 1-8, (2015)
[8] Huang K X, Zhou C J, Tian Y C., Assessing the physical impact of cyberattaon industrial cyber-physical systems, IEEE Transactions on Industrial Electronics, 65, 10, pp. 8153-8162, (2018)
[9] Orojloo H, Azgomi M A., A stochastic game model for evaluating the impacts of security attacks against cyber-physical systems, Journal of Network and Systems Management, 26, 4, pp. 929-965, (2018)
[10] Orojloo H, Azgomi M A., A method for evaluating the consequence propagation of security attacks in cyber-physical systems, Future Generation Computer Systems, 67, pp. 57-71, (2017)

← 1 2 →