| Recently, the ICS (industrial control system) security incidents broke out frequently.It effects all kinds of industrial organizations and national key infrastructures.Thedegree of maturity on security norms and assessment methods is far away from perfect.The APT (Advanced Persistent Threat) attack, which has large scale, multi-sidecooperation, well-organized and long-term attack, is the major pattern of ICS securityattack. The traditional security assessment method can’t met the need of ICS securityassessment. ICS security norm is scarce which can’t form a general system. Besides, thedata is limited, the information is incomplete, and the objectivity is low. All of theseissues lead to a hard implement on quantitative model of ICS security assessment.Moreover, there’s no quantized tool for ICS security assessment.This dissertation focuses on the shortcoming of ICS security assessment. The mainworks are as follows:1. The difference between ICS and traditional information system on property andsecuritywas been comparatively analyzed.2. SCIAM (Safety, Confidentiality, Integrality, Availability, Manageability)security property model was constructed. Combing with both here and abroad securitynorms, the Model emphasized on human beings and environment safety as well asnorms’ manageability. Based on AHP (Analytic Hierarchy Process) tree model, whichhad detailed assessment indicator system, was constructed for appraisers to have an ICSsecurity assessment.3. Objectively quantifying the appraisers’ assessment tables. Using greymulti-attribution group decision, the problems of less ICS security data and the low dataquantity was solved.Based on entropy weight decision-making method, everyattributions’ weight for every appraisers was computed. Then based on reliabilityanalysis method, every appraisers’ weight was computed.4. Combining with above-mentioned model,quantized method and SAL securitynorm method, this dissertation designed an ICS security assessment system, usingseveral design patterns. |
PDF Full Text Request