Research On CPS Hazard Analysis Method Based On Dynamic Fault-attack Graph Model

With the development and application of information technology,the structure and functions of safety-critical embedded systems have also undergone major changes.Embedded systems have developed into embedded system networks based on information control,that is,Cyber-Physical System(CPS).The hazards of embedded systems mainly come from the faults and failures of the software and hardware inside the systems.The application of network technology destroys the closedness of the system,and thus introduces a new hazard event,that is,attacks from outside the system on security.CPS safety and security related hazard events,which will occur independently or interactively,constitute a hazard scenario of the CPS.These hazard events may cause unimaginable bad consequences for society and the environment.Therefore,analyzing and preventing the occurrence of CPS hazards has become a current research hotspot.Traditional system hazard analysis methods mainly focus on the impact of software and hardware failures on system hazards.However,under the interaction of physical space and information space,the CPS may be threatened by malicious attacks from outside the system.Because traditional system hazard analysis methods do not consider the impact of security threats,there is a problem that the analysis results are not accurate enough.In view of the above problems,based on the existing hazard analysis methods,this paper considers the impact of security threats on the CPS,and also proposes a dynamic fault-attack diagram hazard analysis model to represent the correlation between failures and attack behaviors in CPS.The logical element mapping rules are used to identify the source of system hazards,and the Dynamic Fault-Attack Graph model is quantitatively analyzed based on statistical model checking.The research work of the paper is as follows:(1)Construction of CPS hazard analysis model: A Dynamic Fault-Attack Graph of a CPS hazard analysis model is proposed based on the Dynamic Fault Tree of the safety analysis model and the description of system security threats in the security analysis method.It can model safety and security hazard events that may lead to CPS hazards.At the same time,based on the model,a method framework for hazard analysis of CPS is proposed.(2)Identification of the hazard source of the CPS: A logical element mapping rule based on a Dynamic Fault-Attack Graph model is proposed.Through the mapping of rules,the dynamic relationship of the model is reduced to the logical structure between events,and the hazard source sequence of each event is identified from the bottom up through approximate post-order traversal.(3)Quantitative analysis of the CPS hazards related attributes: Firstly,this thesis converts the Dynamic Fault-Attack Graph model into a Stochastic Hybrid Automaton network,and do the properties specification using Weighted Metric Temporal Logic.Next,this thesis calculates important properties such as the probability of system hazards and the criticality of hazard events through Statistical Model Checking.Finally,the comparison of the hazard analysis results of the automatic pipeline control system shows that the CPS hazard analysis method based on the Dynamic Fault-Attack Graph model proposed in this paper is more accurate and effective than the individual system safety analysis.