基于攻击图的信息物理系统信息安全风险评估方法

震网病毒等事件实证了信息攻击能对信息物理系统(CPS)带来严重的物理影响。针对这类跨域攻击问题,提出了基于攻击图的风险评估方法。首先,对信息物理系统中的信息攻击行为进行了分析,指出可编程逻辑控制器(PLC)等物理设备中存在的漏洞是信息攻击实现跨域攻击的关键,并给出了信息物理系统中漏洞的利用模式及影响后果;其次,建立风险评估模型,提出攻击成功概率和攻击后果度量指标。综合考虑漏洞固有特性和攻击者能力计算攻击成功概率,根据主机重要程度和漏洞利用模式计算攻击后果。该方法能够将信息域与物理域作为一个整体进行建模,综合考虑多个跨域攻击对系统风险的影响。数值案例表明,多个跨域攻击组合下的风险值是单一攻击下的5倍,计算得到的风险值更为准确。

Attack graph based risk assessment method for cyber security of cyber-physical system

Recent incidents such as the Stuxnet worm have shown that cyber attacks can cause serious physical damage of Cyber-Physical System (CPS). Aiming at this problem, a risk assessment method based on attack graph was proposed. Firstly, the attack behavior of CPS was analyzed and the result showed that the vulnerabilities in physical devices such as Programmable Logic Controller (PLC) were the keys of cross-domain attack. Then the utilization modes and impact of vulnerabilities were described. Secondly, the risk assessment model was proposed as well as the successful-attack-probability index and the attack-impact index. Furthermore, the successful-attack-probability index was calculated considering the intrinsic characteristics of vulnerabilities and the ability of attacker. The attack-impact index was calculated considering the host importance and the utilization mode of vulnerabilities. The method was developed to assess the cyber layer and physical layer as a whole system and the impact of multiple cross-domain attacks on system risk was considered. The numerical examples show that the risk of combined attack is five times the risk of a single attack and the risk value obtained is more accurate.