工业控制系统安全评估的分析与设计

发布时间：2018-04-19 15:31

本文选题：工业控制系统 + 安全评估模型　；参考：《辽宁科技大学》2016年硕士论文

【摘要】：随着工业控制系统(Industry Control System,ICS)越来越复杂,安全要求越来越高,传统的安全评价系统遇到了瓶颈,已经不能满足现代工业安全评估的要求。由于ICS安全攻击大多为大规模、各系统相互协作、持续长时间的高级威胁(Advanced Persistent Threat,APT)攻击,传统的系统安全评估方法已经不能够满足。目前,无论是国内还是国际,ICS评估指标较少,所以很难对ICS安全进行评估与指导。除此之外,受实际数据少、主观性太强等因素的限制,工业控制系统安全评估的模型量化实现困难。本文针对ICS安全评估领域的缺陷,进行了如下工作:(1)对ICS安全评估系统与传统信息系统进行了对比,找到了二者的差异,为后面的系统方案设计奠定了基础。对信息安全属性模型进行了研究,构造了以SCIAM(安全性、机密性、完整性、可用性以及可管性)为基础框架的安全评估指标体系。(2)基于SCIAM安全属性模型,通过使用熵权分析法获得指标体系中每个指标的权重,采用了灰色多属性群决策方法对评估结果进行量化分析。该工作能够在一定程度上排除安全评估过程中评估人员主观因素的影响,在实际工程中有重要意义。(3)结合国内外ICS安全评估准则及上述评估模型及评估方法,给出了ICS安全评估系统的设计方案,并且对方案进行了分析,保证了方案的可行性和可靠性。通过上述研究,从工业控制安全的实际情况出发,对各个系统模块进行了理论分析和创新。该工作对工业控制安全领域系统的设计参考具有重要意义。
[Abstract]:With the increasing complexity and high safety requirements of the industrial control system (Control), the traditional safety evaluation system has encountered a bottleneck and can no longer meet the requirements of modern industrial safety assessment.Because most of the ICS security attacks are large-scale, the systems cooperate with each other, and the advanced Persistent threat (Advanced Persistent threat) attacks persist for a long time, the traditional methods of system security evaluation can not be satisfied.At present, it is difficult to evaluate and guide the security of ICS because of the lack of evaluation indexes both at home and abroad.In addition, due to the limitation of less actual data and too much subjectivity, it is difficult to quantify the safety evaluation model of industrial control system.Aiming at the defects in the field of ICS security evaluation, this paper makes the following work: 1) compares the ICS security assessment system with the traditional information system, finds out the difference between them, and lays a foundation for the design of the system scheme.In this paper, the information security attribute model is studied, and the security evaluation index system based on SCIAM (security, confidentiality, integrality, usability and manageability) is constructed, which is based on SCIAM security attribute model.The weight of each index in the index system is obtained by using entropy weight analysis, and the evaluation results are analyzed quantitatively by grey multi-attribute group decision making method.This work can eliminate the influence of subjective factors in the process of safety assessment to a certain extent, and is of great significance in practical engineering. It combines the ICS safety assessment criteria at home and abroad and the above evaluation models and methods.The design scheme of ICS security evaluation system is given, and the scheme is analyzed to ensure the feasibility and reliability of the scheme.Through the above research, the theoretical analysis and innovation of each system module are carried out based on the practical situation of industrial control safety.This work is of great significance to the design reference of industrial control safety system.
【学位授予单位】：辽宁科技大学
【学位级别】：硕士
【学位授予年份】：2016
【分类号】：TP273;TP309

【参考文献】