工业信息物理系统安全风险动态表现分析量化评估模型  被引量：7

作　　者：孙子文[1,2] 张书国 SUN Zi-wen;ZHANG Shu-guo(School of Internet of Things Engineering,Jiangnan University,Wuxi 214122,China;Engineering Research Center of Internet of Things Technology Applications of Ministry of Education,Wuxi 214122,China)

机构地区：[1]江南大学物联网工程学院,江苏无锡214122 [2]物联网技术应用教育部工程研究中心,江苏无锡214122

出　　处：《控制与决策》2021年第8期1939-1946,共8页Control and Decision

基　　金：国家自然科学基金项目(61373126);中央高校基本科研业务费专项资金项目(JUSRP51510);江苏省自然科学基金项目(BK20131107)。

摘　　要：针对当前工业信息物理系统的安全风险评估模型极少考虑系统的动态进程对评估准确性的影响,给出一种工业信息物理系统安全风险动态表现分析量化评估模型.首先,运用贝叶斯网络对攻击在网络层的入侵过程建模,计算网络攻击成功入侵的概率;然后,在攻击成功入侵的前提下,采用卡尔曼状态观测器实时观测被控对象的状态,研究系统的动态表现,定量分析系统的表现损失,从经济损失的角度量化攻击对系统造成的影响,并结合攻击成功入侵的概率,实现对系统安全风险的动态评估.最后,通过Matlab对攻击下沸水发电厂模型的运行状态进行仿真,结果表明所提模型能有效地评估工业信息物理系统的风险.In view of the fact that current safety risk assessment models for industrial cyber physical systems(ICPS)rarely consider the impact of dynamic process of the system on the accuracy of the assessment,this paper proposes a quantitative evaluation model for the dynamic performance analysis of security risk in the ICPS.Firstly,the Bayesian network is used to model the intrusion process of the attack in the cyber layer,and the probability of the successful intrusion of the network attack is calculated.Then,under the premise of successful attack,the Kalman state observer is used to observe the state of the controlled object in real time,the dynamic performance of the system is studied,the performance loss of the system is quantitatively analyzed,the impact of the attack on the system from the perspective of economic loss is quantified,and the dynamic assessment of system security risk based on the probability of successful attack is realized.Finally,the running state of the boiling water power plant model under attack is simulated using Matlab.The results show that the model can effectively assess the risk of ICPS.

关 键 词：工业信息物理系统 风险评估 动态分析 贝叶斯网络 网络攻击 攻击影响 

分 类 号：TP273[自动化与计算机技术—检测技术与自动化装置]