Research On Risk Assessment Of Industrial Cyber-Physical System Under Cyber-Attacks

With the continuous innovation of the Internet of Things,the digitization process of things and people is rapidly accelerating.The automation and intelligence level of industrial systems is constantly improving.The data processing no longer needs human intervention.These integrated sensing,driving,control,communication and computing systems are widely used in the Industrial field,forming the Industrial Cyber-Physical System(ICPS).In the ICPS,due to the network layer and physical layer of tightly coupled and complicated industrial environment,makes it vulnerable to attack from the physical world and the network world,among them,the cyber-attacks is the most frequent,complex and updates faster,which makes how to accurately and efficiently defense cyber-attacks become one of the key research direction of ICPS.Risk assessment is an integral part in ensuring ICPS security by providing a measure of the level of system security,which helps security professionals determine and identify areas of the system that are more vulnerable to cyber-attacks.In order to assess the risk of ICPS under cyber-attacks,this paper presents two qualitative and quantitative risk assessment methods.The main research contents are as follows:(1)To study the destruction of resources caused by cyber-attacks,establish a risk model to qualitatively evaluate the risk level of ICPS.Firstly,based on the attack spatial resource model,the disclosure resources,model knowledge and damage resources generated by cyber-attacks are studied.Kalman filter is designed to judge the detectability of cyber-attacks according to the change of residual value before and after the attack.According to the damage resources caused by cyber-attacks and detectability of attacks,a general risk model is established to determine the risk level of the system under cyber-attacks.(2)Study the dynamic changes of ICPS under cyber-attacks and provide a quantitative evaluation model for the dynamic performance of ICPS.Firstly,the bayesian network is used to model the invasion process of the attack in the network layer,and the probability of successful invasion is calculated.Second,under the premise of a successful invasion,adopt kalman state observer to ovserve the state of the controlled plant for studying the system's dynamic performance,and quantitative analyze the performance losses of a system.From the perspective of economic loss,quantify the effects on the system,and combined with the probability of a successful invasion attack,realize dynamic risk assessment.(3)Set up ICPS risk management system,and apply the risk assessment method to the system to realize the risk assessment,monitoring and management.According to the existing risks in the system,locate the area and equipments where they occur,give specific risk levels and influences.By using the vulnerability scanning tool of the third party to trace the the vulnerabilities of the system in real time.The probability of various risks can be estimated according to these vulnerabilities.The effectiveness and applicability of the risk assessment method presented in this paper are verified.Matlab is adopted as the experimental simulation tool,the four-capacity water tank model and the boiling-water power plant model are selected to evaluate the risk of ICPS according to the dynamic changes of the model under the cyber-attacks.The experimental results show that the risk assessment method presented in this paper can effectively assess the risks of industrial information physical systems and has strong applicability.