| 电力CPS信息网络脆弱性及其评估方法 |
| |
| 引用本文: | 杨国泰,王宇飞,罗剑波,陈汹,李俊娥,刘剑,茹叶棋,吴亦贝.电力CPS信息网络脆弱性及其评估方法[J].中国电力,2018,51(1):83-89. |
| |
| 作者姓名: | 杨国泰 王宇飞 罗剑波 陈汹 李俊娥 刘剑 茹叶棋 吴亦贝 |
| |
| 作者单位: | 1. 武汉大学 电气工程学院, 湖北 武汉 430072;
2. 空天信息安全与可信计算教育部重点实验室, 湖北 武汉 430072;
3. 全球能源互联网研究院, 北京 102209;
4. 国网电力科学研究院, 江苏 南京 211100 |
| |
| 基金项目: | 国家自然科学基金资助项目(51377122);国家电网公司科技项目(XXB17201400056)。 |
| |
| 摘 要: | 电力信息网络是电力CPS的有机组成部分,电力信息网络的脆弱性威胁评估是电力CPS风险评估的重要基础之一。针对通用信息网络脆弱性威胁评估技术的局限性,在通用弱点评价体系(CVSS)的基础上提出了一种适用于电力信息网络的脆弱性威胁评估方法。选取了漏洞分布威胁度、访问途径和利用复杂度3组安全漏洞评估要素;采用层次分析法建立了脆弱性威胁度评估模型,给出了参数构造方法;在定量评估的基础上,将评估结果定义了脆弱性威胁等级。最后给出了一个评估实例,并与CVSS系统进行了比较。评估结果表明基于层次分析法的信息网络脆弱性评估反映了信息与物理的耦合关系。
|
| 关 键 词: | CPS 电力信息网络 脆弱性 威胁评估 层次分析法 |
| 收稿时间: | 2016-09-13 |
| 修稿时间: | 2017-05-22 |
Electric CPS Information Network Vulnerability and Assessment Method |
| |
| YANG Guotai,WANG Yufei,LUO Jianbo,CHEN Xiong,LI Jun'e,LIU Jian,RU Yeqi,WU Yibei.Electric CPS Information Network Vulnerability and Assessment Method[J].Electric Power,2018,51(1):83-89. |
| |
| Authors: | YANG Guotai WANG Yufei LUO Jianbo CHEN Xiong LI Jun'e LIU Jian RU Yeqi WU Yibei |
| |
| Affiliation: | 1. School of Electrical Engineering, Wuhan University, Wuhan 430072, China;
2. Key Laboratory of Aerospace Information Security and Trusted Computing of Ministry of Education, Wuhan 430072, China;
3. Global Energy Interconnection Research Institute, Beijing 102209, China;
4. State Grid Electric Power Research Institute, Nanjing 211100, China |
| |
| Abstract: | Electric power information network is an integral part of electric CPS, and its threat assessment of vulnerability is one of the important basis for the risk assessment of the electric CPS. In view of the limitations of the existing vulnerability threat assessment technology of general information network, a new vulnerability threat assessment method is proposed for electric power information network based on the common vulnerability scoring system (CVSS). Three assessing elements are selected including vulnerability distribution threat, access vector and utilization complexity. The analytic hierarchy process (AHP) is adopted to build a vulnerability threat assessment model, and the way of forming parameters is given. The assessment results are defined into vulnerability threat levels on the basis of quantitative assessment. A case study of the assessment is made and the results are compared with the CVSS system. The assessment results show that the AHP-based vulnerability assessment of information network reflects the coupling relationship between information and physics. |
| |
| Keywords: | CPS electric power information network vulnerability threat assessment AHP |
| 本文献已被 CNKI 等数据库收录! |
| 点击此处可从《中国电力》浏览原始摘要信息 |
|
点击此处可从《中国电力》下载全文 |
|
