Game Model And Vulnerability Analysis Strategy For Risk Assessment Of Industry Cyber Physical System

With the development of science and technology and the progress of the times,the digitization process of things and people is rapidly accelerating,and the level of intelligence of industrial systems is increasing.The monitoring and analysis of data no longer requires human operation,but the physical space is controlled by the decision-making system through the complex network.These systems,which integrate modern sensor,network and computing technologies,are widely used in industry and form the Industrial Cyber Physical System(ICPS).In ICPS,industrial components are highly coupled with network components,and the design of the industrial control system does not consider the closeness of the connection with the external network,making it extremely vulnerable to attacks from both the physical world and the network world,and how to accurately and efficiently defend against external attacks has become one of the key research directions of ICPS.Security risk assessment is an integral part of securing ICPS,which measures the security level of the system and helps professional security staff to quickly identify the weaker areas of the system.To assess the risk of ICPS under external attacks,this paper combines qualitative and quantitative security risk assessment methods to determine the risk level of ICPS and find the system vulnerability nodes through the minimum attack cost algorithm of attack graph,the main research content is as follows:(1)The connection relationship of physical components in ICPS is studied to build an attack tree model to determine the risk level of ICPS through a hybrid offense-defense game.First,the overall attack tree model is established based on the "with" and "or" relationships of each physical component in ICPS,and the mixed game strategy of attack and defense is added to the leaf nodes of the attack tree to give the gain functions of attack and defense methods,and solve for the probability of occurrence of different defense methods.Then,the risk value of each defense method is obtained by using the gain function of the defense method and the probability of occurrence,and the risk value of the leaf nodes is obtained by using the comprehensive weighting of the hierarchical analysis and entropy method,so that the risk value of the root node can be obtained to determine the risk level of the system.MATLAB was used to simulate the boiling water power plant and determine its risk level.The simulation results show that the risk assessment method given in this paper can effectively evaluate the risk values of industrial information physical systems.(2)The attack graph model of ICPS is studied to find the system vulnerability nodes with minimum attack cost algorithm.To find the system vulnerability nodes,first,the attack graph is used to visualize the attacker’s attack path and define the node weights in the attack graph as the attack cost;the probability of a component being successfully attacked and the quantified loss of the system after the attack are used as the attack cost,and the system vulnerability node is obtained as the physical component corresponding to the attacker’s minimum attack cost;the attack graph is transformed into an equivalent conjunctive normal form,and the multinomial tree pruning algorithm is used for the conjunctive normal form to solve for the minimum attack cost and the corresponding vulnerability nodes to facilitate subsequent enhancements.A subsequent risk assessment is taken for boiling water power plants to solve the vulnerability nodes of the system with the minimum attack cost algorithm.The simulation results show that the method given in this paper can effectively find the vulnerability nodes of the system and provide guidance for the enhancement scheme of ICPS.(3)A boiling water power ICPS risk management system based on attack tree and attack graph is designed,which consists of three modules: risk assessment,inspection calendar and weekly risk report.The risk assessment module scans and displays vulnerabilities in the system through vulnerability scanning tools Nesuss and Mc Afee to determine the risk level of the system,visualizes the output of the attack graph through Graohviz software,and solves the vulnerability nodes of the system;the inspection calendar module adds maintenance plans for the vulnerability nodes and adds them to the inspection calendar,and displays the information of inspection personnel and inspection reports;the weekly risk report module is mainly used to count the changes in the number of vulnerabilities,alarms and maintenance plans in different areas within a week.