人工智能全生命周期安全风险综合评估方法

人工智能技术在不断发展的同时，其在各行业中的使用也越来越广泛。但是人工智能技术在为人们的生产生活带来便利的同时，也引入了新的安全风险。为了应对潜在的安全隐患，做到事前预防，保障人工智能的安全，提出了一种基于信息熵和马尔可夫链的人工智能全生命周期安全风险评估方法。一方面，该方法能够在对人工智能进行整体性的安全风险等级评估的同时，保留对各类安全风险的评估；另一方面，基于马尔可夫链形成各个风险类在稳定状态下的转移矩阵和概率分布，提供了一种面向全局的人工智能安全风险的展现方法。     

基于模糊算法的信息系统安全风险评估方法

文中结合信息系统存在的信息数据丢失、泄露等安全风险,应用模糊算法,提出了一种信息系统安全风险评估方法。首先,根据信息安全风险评估定义和风险度量方法,构建了信息系统安全风险分析模型和评估模型。其次,应用模糊算法,创建了基本概念赋值函数,并确定了基础指标与评估指标对应的模糊关系,确定了基本概率赋值函数。最后,以“电力信息系统风险评估”为例,验证该方法的有效性和可靠性。验证结果表明,该方法操作简单、有效、可行,不仅可以精确控制信息系统安全风险,还能提高信息系统的安全防御能力。     

基于模糊综合和AHP的内联网信息安全风险评估

随着信息化建设步伐的加快,信息安全面临的风险日益增加。为了对信息安全风险进行评估,提出一种基于模糊综合评判和AHP的信息系统安全风险评估方法,分析了系统面临的风险威胁,建立了评估指标体系,通过AHP确定指标权重,对某单位局域网信息系统安全进行了风险评估,确定了风险等级,指出了风险来源,结果表明,该方法能较好地量化评估信息系统安全风险。     

关于5G网络内生安全的思考

在数字经济时代,5G技术在为国家社会经济发展带来便捷的同时,也引发了新的安全挑战和风险。其中,5G网络风险防范成为各国政府、国际标准组织、电信运营和设备制造企业高度关注的焦点。文章系统回顾国际5G网络安全建设工作,对运营商5G安全防护现状和不足进行分析,并针对5G网络面临安全挑战,结合实践案例提出内生安全助力打造5G坚强网络的解决方案。     

基于层次分析法的广播电视 播控系统安全风险量化评估

本文应用层次分析法研究信息系统的安全风险量化评估问题。首先,基于信息系统安全风险的复杂诱因,提出了一套切合实际的风险相关要素,并对风险要素进行分类与组合,拓展了AHP方法的层次递阶模型。然后构建了信息系统的安全风险量化评估判断矩阵集。最后进行了层次单排序权向量、层次总排序权向量及其一致性检验分析。研究结果表明该方法对信息系统安全风险的量化评估有重要实践价值。     

基于Matlab软件的智能播控值班管理系统设计与应用

本文介绍了基于Matlab GUI智能播控值班管理系统的设计,阐述了其在重要保障期的应用案例,系统还在大屏综合信息区实现了值班信息可视化联动。该系统用户界面友好,操作简洁,具备完善的规则决策,为安全播出减少了交接班风险的同时降低了管理成本。     

5GMEC系统安全能力部署方案

多接入边缘计算(multi-access edge computing,MEC)作为5G网络的核心差异能力,是电信运营商为企业客户打造5G专网的关键技术。随着5G MEC节点数量的增多,安全风险和安全防护方案等问题也日益受到关注。首先介绍了5G MEC系统架构,对其潜在安全风险进行了分析。在此基础上,提出了5G MEC系统安全能力部署架构和方案,并介绍部署案例。最后,针对目前边缘计算安全能力部署存在的问题与挑战进行了讨论,为后续研究开发提供了参考。     

一个灰色信息安全风险评估应用模型

在信息系统安全风险评估研究方面,现有不少方法是非定量的或者抽象的,它们对系统安全风险只做出定性描述。目前缺乏能够对系统安全风险作出定量描述的评估模型。基于灰色层次模型提出了一个定量的信息系统安全风险评估模型,并结合熵权理论给出了相应的风险值计算方法,以消减主观因素的影响,提高评估结果实用性。最后通过一个应用实例对该模型的实用价值进行验证。     

信息安全风险评估要素量化方法

信息安全风险评估是保障信息系统安全的重要手段之一,也是信息系统安全体系建设的前提和基础。文中在分析信息安全风险评估要素和评估过程的基础上,结合实际经验针对定量风险评估讨论了定量风险评估要素的量化规则、量化方法和风险计算方法,该方法在定量风险评估过程中具有科学性、合理性和实用性特点。     

基于概率模型的多因素风险量化方法研究

电力行业是关系到国计民生的基础性行业。为防范电力信息系统风险,提出了一种基于概率模型的多因素风险量化方法。通过全面考虑资产、威胁、脆弱性、已有的安全防护措施等因素的内在关系,能够更准确评估安全风险;通过概率模型将资产风险量化为整体系统的风险,能够更准确地体现风险的含义。实际运行结果表明,该方法能够有效评估电力系统信息安全工作水平。     

Evaluate the orderings of risk for failure problems using a more general RPN methodology

Risk assessment is a preventive analysis task of product design and the production planning process. The purpose is to assign limited resources to the most serious risk items and ensure that the product can achieve its designed functions under specific operating conditions. Most current failure mode and effects analysis (FMEA) methods use the risk priority number (RPN) value to evaluate the risk of failure. However, conventional RPN methodology has not considered the situation parameter and the relationship between components of a system with respect to its type (direct/indirect) and severity. Therefore, a more general and efficient algorithm to evaluate the risk of failure is needed. This paper proposes a more general RPN methodology, which combines the ordered weighted geometric averaging (OWGA) operator and the decision-making trial and evaluation laboratory (DEMATEL) approach for prioritization of failures in a product FMEA. A case of a thin film transistor liquid crystal display (TFT-LCD) product that has been drawn from a professional liquid crystal display manufacturer is presented to further illustrate the proposed approach. The result of the proposed method is compared with the listing approaches of risk assessment methods.     

A Risk-Based Approach to Advanced Reactor Design

This paper describes an investigation of an optimization-with-constraints method, which uses a hypothetically acceptable level of risk as a constraint, for use in design of liquid metal fast breeder reactor (LMFBR) nuclear power generating stations. No attempt was made during the investigation to define the level of the acceptable risk. Major problems inherent in development of an optimization-with-constraints approach to risk-based design are discussed. Further development of the approach should be along two lines (both of which would require a computer program capable of handling about 50 decision variables): 1. develop a tool for use by product engineers in plant conceptual design; 2. develop a combined risk allocation/optimization-with-constraints methodology.     

Parameter selection for health monitoring of electronic products

This paper presents an approach for selecting precursor parameters for health monitoring of electronic products. The approach includes failure modes, mechanisms, and effects analysis (FMMEA) and life cycle profile analysis of a product. The criticality of the failure mechanisms is established using a risk priority number (RPN), where the RPN for each failure mechanism is calculated as a product of the occurrence and the severity of each mechanism. Performance parameters that can be associated with the critical failure mechanisms should be selected for health monitoring of the product. These parameters could be used for diagnostic purposes. A case study is presented to demonstrate the parameter selection approach for a computer server system. FMMEA was performed on the server, and precursor parameters of the server were selected for monitoring based on the failure modes and mechanisms that posed the highest risk. The utilization of identified parameters for fault detection is presented through a diagnostic algorithm. This approach can be used to select parameters for health monitoring of any system.     

基于扩展粗糙集理论的信用风险分析

在对传统信用风险等级评价模型总结的基础上,提出了一种基于扩展粗糙集理论的评价方法.该方法首先将信用风险等级评价抽象成一个多准则分类问题,然后使用DRSA法直接从历史数据中提取决策规则,所得到的规则不仅可以用于企业的信用等级评价,还可以反映各指标与信用等级之间的关系.通过一组上市公司的实际数据验证了该方法的有效性.     

动态访问控制及其应用

介绍了基于Petri网工作流的动态访问控制的概念。文中描述的方法可把访问控制矩阵从二维扩展到三维,并使之动态化,从而降低数据滥用的风险。     

An Attack Modeling Based on Colored Petri Net

1 Attack Modeling A typical attack contains the following elements: 1) Objects attacked. These objects belong to the victims or can be regarded as public resource, such as networking bandwidth. 2) Attacker. These objects contain the hacker’s information, attacking tools and other states of attacker. 3) Attack processes. The stages of an attack and attack processes are used to depict the attacking action. 4) Control actions. These actions can be classified into response actions and defensiv…     

Formulating and solving sequential decision analysis models withcontinuous variables

This paper presents a new decision analysis approach for modeling decision problems with continuous decision and/or random variables, and applies the approach to a research and development (R&D) planning problem. The approach allows for compact, natural formulation for classes of decision problems that are less appropriately addressed with standard discrete-variable decision analysis methods. Thus it provides a useful alternative analysis approach for problems that are often addressed in practice using simulation risk analysis methods. An illustrative application is presented to energy system R&D planning. The continuous-variable version of this model more directly represents the structure of the decision than a discrete approximation, and the resulting model can be efficiently solved using standard nonlinear optimization methods     

智能电能表计量故障原因分析

本文对智能电能表计量故障产生的常见原因进行分析,以采取实际方法进行有效的应对策略,降低智能表计量产生故障的几率.     

Event-tree analysis using binary decision diagrams

This paper is concerned with ETA (event-tree analysis) where the branch point event causes are defined using fault trees. Attention is on the nontrivial situation where there are dependencies amongst the branch point events. The dependencies are due to component-failures in more than one of the fault trees. In these situations the analysis methods based on traditional FTA (fault-tree analysis) are inaccurate and inefficient. The inaccuracies are not consistent across the outcome events. If frequency predictions calculated in this way are then used in a risk assessment then the relative risks would be distorted and could lead to resources being used inappropriately to reduce the overall risk. A new approach using BDD (binary decision diagram) is described which addresses these deficiencies     

Emergency Readmission Criterion: A Technique for Determining the Emergency Readmission Time Window

A frequently chosen time window in defining readmission is 28 days after discharge. Yet in the literature, shorter and longer periods such as 14 days or 90–180 days have also been suggested. In this paper, we develop a modeling approach that systematically tackles the issue surrounding the appropriate choice of a time window as a definition of readmission. The approach is based on the intuitive idea that patients who are discharged from hospital can be broadly divided in to two groups—a group that is at high risk of readmission and a group that is at low risk. Using the national data (England), we demonstrate the usefulness of the approach in the case of chronic obstructive pulmonary disease (COPD), stroke, and congestive heart failure (CHF) patients, which are known to be the leading causes of early readmission. Our findings suggest that there are marked differences in the optimal width of the time window for COPD, stroke, and CHF patients. Furthermore, time windows and the probabilities of being in the high-risk group for COPD, stroke, and CHF patients for each of the 29 acute and specialist trusts in the London area indicate wide variability between hospitals. The novelty of this modeling approach lies in its ability to define an appropriate time window based on evidence objectively derived from operational data. Therefore, it can separately provide a unique approach in examining variability between hospitals, and potentially contribute to a better definition of readmission as a performance indicator.