基于多目标决策的工控系统设备安全评估方法研究

目前的工业控制系统(Industrial control systems, ICS) 安全评估方法中,往往利用专家经验对系统设备受攻击的可能性进行赋值, 主观性较强.针对这个问题,本文提出了一种系统设备受攻击可能性的量化计算方法. 工控系统设备受攻击的可能性与两个因素有关,该设备受攻击后, 造成系统损害的严重程度与异常检测算法发现异常的时间长短.因此, 通过对工控系统中的各个设备发动相同攻击,记录各个设备受攻击后系统敏感指标的变化情况与异常检测算法发现异常的时间, 将敏感指标变化情况与发现异常时间作为量化指标,提出基于多目标决策的量化计算方法, 计算出各个设备受攻击的可能性.本文以田纳西--伊斯曼过程(Tennessee-Eastman process, TEP)为例,验证了计算方法的可行性,得到了设备受攻击可能性的量化计算结果.

Industrial Control System Devices Security Assessment with Multi-objective Decision

In security assessment of industrial control systems, it is considered too subjective to evaluate the possibility of attack on industrial control systems (ICS) devices using expert experience. So a quantitative assessment is proposed for the possibility of attack on ICS devices. The weight of ICS devices depends on two factors, the severity of damage to the system and the time of anomaly detection after the devices being attacked. Thus, a record is made to keep both the variation of critical system parameters and the time when the anomaly is detected after the same attack against each device is launched in the industrial control system. This record is regarded as the quantitative parameter. Moreover, a quantitative method with multi-objective decision is proposed, meanwhile the possibility of each device's being attacked is then obtained. At last, the Tennessee-Eastman process (TEP) is set as an example to verify the feasibility of the method, and get the quantitative result of the possibility of attack on ICS devices.