Cyber Security Risk Assessment For Industrial Control System Based On Analytic Hierarchy Process And Attack Graph

Due to the deep integration of information and industrialization,information for industrial control system(ICS)has been developed rapidly.The continuous opening up of ICS network and the continuous development of the external connection make the traditional information security threat spread to ICS,and cyber security of ICS is becoming increasingly important.The widespread application of ICs in the field of industrial production and public services,such as power plants,water plants and aviation plants,makes nation key infrastructures strongly rely on ICS.Cyber security of ICS is an important part of national security.Therefore,the approaches implemented to ICS have received considerable attention.Today,risk assessment is the main research direction of cyber security of ICS.Risk assessment can not only determine the vulnerability of system,but also can help researchers to take scientific guidance which can perform effective defensive measures to protect security of system.Therefore,the main work of this dissertation that concentrates on risk assessment for ICS is given below:Firstly,two aspects are used to analysis the difference between ICS and information system,which are system essence and security goal.One recognition method based on structure of ICS network is proposed here.The assets and threats are identified respectively and the risk level of the corresponding factors are defined qualitatively.Secondly,in the perspective of mathematical modeling,a risk assessment model is constructed based on ICS network security and security threats.Then,a risk assessment method based on analytic hierarchy process(AHP)and information entropy is proposed.To solve the problem concerning a certain degree of fuzzy and uncertainty for risk factors quantification,fuzzy theory is used for quantitative analysis.Meanwhile,the membership matrix of security threat is built and the corresponding risk judgment language is given.Subsequently,the relative weight of each risk factor is calculated by information entropy and AHP respectively.Furthermore,the weighted average method is utilized to solve the problem that the subjective difference is too large.The risk of each risk factors are integrated,which could conduct a security assessment of system.Finally,from the network modeling's point of view,the system risk is analyzed based on security vulnerabilities and industrial Ethernet.A risk assessment method for ICS based on attack graph is put forward.To solve the problem related to expert's experience to assign the possibility of the attacked host,a scientific and reasonable scenario related to assignment is introduced.However,two aspects are used to measure the probability of host which are the probability of maximal risk and the probability of cumulative risk.Likewise,to figure out the difficulty in quantifying the consequence caused by security incident,the gray correlation analysis method is utilized to normalize the multi indexes,and the ICS security is ultimately assessed by combining the importance of the host.