工业控制系统动态网络安全保护中基于多模型的事件预测与风险评估

Multimodel-Based Incident Prediction and Risk Assessment in Dynamic Cybersecurity Protection for Industrial Control Systems

IEEE Transactions on Systems, Man, and Cybernetics: Systems · 2015
被引 134
ABS 3

中文导读

针对工业控制系统特点,提出多级贝叶斯网络模型,设计基于多模型的事件预测和动态风险评估方法,能评估未知攻击风险,并通过仿真验证有效性。

Abstract

Currently, an increasing number of information/communication technologies are adopted into the industrial control systems (ICSs). While these IT technologies offer high flexibility, interoperability, and convenient administration of ICSs, they also introduce cybersecurity risks. Dynamic cybersecurity risk assessment is a key foundational component of security protection. However, due to the characteristics of ICSs, the risk assessment for IT systems is not completely applicable for ICSs. In this paper, through the consideration of the characteristics of ICSs, a targeted multilevel Bayesian network containing attack, function, and incident models is proposed. Following this proposal, a novel multimodel-based hazardous incident prediction approach is designed. On this basis, a dynamic cybersecurity risk assessment approach, which has the ability to assess the risk caused by unknown attacks, is also devised. Furthermore, to improve the accuracy of the risk assessment, which may be reduced by the redundant accumulation of overlaps amongst different consequences, a unified consequence quantification method is presented. Finally, to verify the effectiveness of the proposed approach, a simulation of a simplified chemical reactor control system is conducted in MATLAB. The simulation results can clearly demonstrate that the proposed approach has the ability to dynamically calculate the cybersecurity risk of ICSs in a timely manner. Additionally, the result of a different comparative simulation shows that our approach has the ability to assess the risk caused by unknown attacks.

工业控制系统网络安全风险评估贝叶斯网络事件预测